Videos
Published on November 16th, 2016 📆 | 6603 Views ⚑
0Joomla – From XSS to RCE 2.5 – Black Hat Europe Arsenal 2016
TTS
This video demonstrates how to utilise Cross-Site Scripting (XSS) to inject a new super user into Joomla, and subsequently upload a custom Joomla extension manually which allows executing code on the server.
Toolkit:
https://github.com/Varbaek/xsser
Presented at Black Hat Europe Arsenal 2016:
https://www.blackhat.com/eu-16/arsenal.html#hans-michael-varbaek
Music:
Fatkids - Albion Prelude
Credits:
Hans-Michael Varbaek
InterN0T
Thanks to:
Black Hat
Toolswatch
2016-11-16 00:52:30
source
Gloss