Monday, January 20, 2014

Exploiting any network device using XSS Framework (Tested on Android 4.1)

Exploiting using XSSF working for exploit any network device. I created video demonstration about exploiting Android 4.1 using latest Chrome for Android.
OK, first of all you need to insert XSSF in Metasploit, thats not hard, just DOWNLOAD zip package, extract it and add files in metasploit modules/plugins… you can see details in Video.
After that you need to type “load xssf” to load script, once it’s loaded you need to type “xssf_urls” to show URL for victim and all other urls you need, you will see “XSSF test page” – that’s URL for your Victim.
Once your victim opened URL you need to type “xssf_victims” to show victims that opened that link, then you need to specify ID and select victims ID to see more about victim and collect cookie or inject code in his browser, you can see more in video:

No comments:

Post a Comment