Andrew Horton (urbanadventurer) presented Clickjacking for Shells at the OWASP Wellington, New Zealand Chapter Meeting on September 20th, 2011 :
Exploit code
Security-Assessment.com WordPress Clickjacking Exploit.zip Download
The ZIP file contains the following files:
clickjack.php – The final clickjacking exploit
index-1.html – Tutorial 1 of how to exploit clickjacking
index-2.html – Tutorial 2 of how to exploit clickjacking
index-2-inner.html – Part of Tutorial 2
README – Description
wordpress-add-admin-payload.js – Cross Site Scripting (XSS) Payload
wordpress-upload-shell-payload.js – Cross Site Scripting (XSS) Payload
clickjack.php – The final clickjacking exploit
index-1.html – Tutorial 1 of how to exploit clickjacking
index-2.html – Tutorial 2 of how to exploit clickjacking
index-2-inner.html – Part of Tutorial 2
README – Description
wordpress-add-admin-payload.js – Cross Site Scripting (XSS) Payload
wordpress-upload-shell-payload.js – Cross Site Scripting (XSS) Payload
Presentation
Clickjacking for Shells PDF (Without video demos) Download
©2012, copyright BLACK BURN
0 comments:
Post a Comment