User Controls

Navigation

Niggas in Space > Technophiliacs & Technophiles > Javascript shell.

Javascript shell.

  1. 2016-01-07 at 1:16 AM UTC
    #1
    Sophie Pedophile Tech Support
    So i got this dank new tool that lets me pull off all kinds of xss shenanigans on a website vulnerable to xss. Sadly i don't know shit about javascript, well i can do an "alert" but that's about it. This "shell" basically lets me define custom payloads for xss, so if you could give me some dank ass xss payloads that would be great, also don't mind the chinese characters in the picture below that's just the stupid chinese site that's vulnerable to xss. Therefore i have decided to test the functionality of my program on it.

    So name some dank ass payloads and i'll see if i can execute anything lulzy.

  2. 2016-01-07 at 1:38 AM UTC
    #2
    -SpectraL coward [the spuriously bluish-lilac bushman]
    www.xss-payloads.com

    www.smeegesec.com/2012/06/collection-of-cross-site-scripting-xss.html

    https://packetstormsecurity.com/files/112152/Cross-Site-Scripting-Payloads.html
  3. 2016-01-07 at 1:53 AM UTC
    #3
    Sophie Pedophile Tech Support
    www.xss-payloads.com

    http://www.smeegesec.com/2012/06/col...pting-xss.html

    https://packetstormsecurity.com/file...-Payloads.html

    Thank you Spectral that was actually quite helpful.(See if you're being helpful i have no problem with engaging in civil discourse with you) Now the scripting engine in my tool is python based, since i am unfamiliar with this tool as of yet i am unsure as if the scripting engine is meant to extend my XSS framework by adding custom scripts to extend fuzzing and testing capabilities or if it's meant to deliver payloads. The JS shell however is however i do believe for entering custom payloads manually so i will have to see if i can get a payload and load it directly into the main program to have it execute within the webapp.
  4. 2016-01-07 at 3:32 AM UTC
    #4
    -SpectraL coward [the spuriously bluish-lilac bushman]
    Thank you Spectral that was actually quite helpful.(See if you're being helpful i have no problem with engaging in civil discourse with you) Now the scripting engine in my tool is python based, since i am unfamiliar with this tool as of yet i am unsure as if the scripting engine is meant to extend my XSS framework by adding custom scripts to extend fuzzing and testing capabilities or if it's meant to deliver payloads. The JS shell however is however i do believe for entering custom payloads manually so i will have to see if i can get a payload and load it directly into the main program to have it execute within the webapp.

    It wasn't for you. I never quoted you.
  5. 2016-01-07 at 4:05 AM UTC
    #5
    Sophie Pedophile Tech Support
    It wasn't for you. I never quoted you.

    Well, then the only reason you posted that is to show you can google for XSS payloads. Which is fine, but only goes to show a fundamental desire on your part to be relevant and seem versed in infosec. I don't get it Spectral, it's not like i want to be friends with you but at least i have the decency to put our differences aside when it comes to a subject we have a shared interest in, just goes to show how petty you are.

    I don't even mean to be a dick in this post, it's just a pity on your part, but whatever, it's your life, do as you please.
  6. 2016-01-07 at 5:34 PM UTC
    #6
    -SpectraL coward [the spuriously bluish-lilac bushman]
    … just goes to show how petty you are.

    … it's just a pity on your part…

    You're nothing but a proven coward who had to resort to cowering behind a staff control panel to defend himself in a textual situation just because he couldn't take the heat. Now that's what I'd call petty and pitiable. And your little history rewrites do absolutely nothing to change that fact, retard.
  7. 2016-01-07 at 5:45 PM UTC
    #7
    Sophie Pedophile Tech Support
    You're nothing but a proven coward who had to resort to cowering behind a staff control panel to defend himself in a textual situation just because he couldn't take the heat. Now that's what I'd call petty and pitiable. And your little history rewrites do absolutely nothing to change that fact, retard.

  8. 2016-01-07 at 11:20 PM UTC
    #8
    -SpectraL coward [the spuriously bluish-lilac bushman]

    Quiet, pedo.
  9. 2016-01-08 at 12:47 AM UTC
    #9
    The Self Taught Man Black Hole
    It wasn't for you.

    But it obviously is since he made a thread asking for xss stuff and you delivered.
  10. 2016-01-08 at 1:23 AM UTC
    #10
    -SpectraL coward [the spuriously bluish-lilac bushman]
    But it obviously is since he made a thread asking for xss stuff and you delivered.

    Not at all. Some people just search the Internet for information and never even log in. I'm just all about the free and open exchange of information. I contribute to topics, not people.
  11. 2016-01-08 at 3:29 AM UTC
    #11
    Sophie Pedophile Tech Support
    Quiet,

    I'll do no such thing, go flop your limp, impotent dick around some more grandpa.

    pedo.

    The funny thing here is that normies think they insult pedos by calling them pedos. In fact it's like calling a white person white. Yes, yes i am white, what is your point? Catch my drift dumbass.
  12. 2016-01-08 at 5:47 PM UTC
    #12
    -SpectraL coward [the spuriously bluish-lilac bushman]
    …In fact it's like calling a white person white…

    I'm sure you have quite the fan club here on Niggas.
  13. 2016-01-08 at 9:14 PM UTC
    #13
    Sophie Pedophile Tech Support
    I'm sure you have quite the fan club here on Niggas.

    Fan club? Not really, but i'm pretty sure i have more friends than you on this godforsaken website.
Jump to Top