XSS Tunnel | Content

Wed, 02 Apr 2008 15:12:53 GMT

What Is XSS Tunnelling?

XSS Tunnelling is the tunnelling of HTTP traffic through an XSS Channel to use virtually any application that supports HTTP proxies.

What Is XSS Tunnel?

XSS Tunnel is a standard HTTP proxy which sits on an attacker’s system. Any tool that is configured to use it will tunnel its traffic through the active XSS Channel on the XSS Shell server. The XSS Tunnel converts the request and responds transparently to validate the HTTP responses and XSS Shell requests.

Refer to XSS Tunnelling paper to read details.

Demonstration Video

Download XSS Tunnelling demonstration video. Video shows how to use XSS Tunnel to bypass NTLM by exploiting an example permanent XSS.

Download

Download package includes following files :

Binary Release of XSS Tunnel v1.0.8
.NET Solution + Source Code for XSS Tunnel v1.0.8
XSS Tunnelling White Paper
XSS Shell v0.6.2 Release (ASP files, database and documentation)

XSS Tunnelling | Document

Wed, 02 Apr 2008 10:25:00 GMT

XSS Tunnelling is the tunnelling of HTTP traffic through an XSS Channel to use virtually any application that supports HTTP proxies. This paper explains the idea and the real world implementation.

Download Paper

Tools mentioned in the paper:

Portcullis Labs - Proxy