Hi guys, I found a tool which serves to establish a "reverse shell" in cases of detection of stored XSS.
JSSHELL, enables navigation within the container that hosts the XSS vulnerability, which in turn allows the inspection of various files, domains and users present in that environment, thanks to this tool is that we can display messages in the victim's browser, steal session cookies (to perform a cookie hijacking) and run Javascript code.
I hope you find it useful, greetings
JSSHELL, enables navigation within the container that hosts the XSS vulnerability, which in turn allows the inspection of various files, domains and users present in that environment, thanks to this tool is that we can display messages in the victim's browser, steal session cookies (to perform a cookie hijacking) and run Javascript code.
I hope you find it useful, greetings