TP-Link router brute force XSS Payload

  TP-Link router brute force XSS Payload Based on the WebRTC mechanism to gather IP addresses, this script attempts to perform a dictionnary attack against TP-Link routers login and password. It just requires to define a more realistic dictionary. Payload Author: Kamil Vavra [php]function detectFirefox() { if (navigator.userAgent.toLowerCase().indexOf(‘firefox’) > -1) { //Do Firefox-related activities getLocalIP(); … Read more

Hacking WordPress Website with Malicious Plug-in

Welcome back today we will talk about how we could compromise a WordPress website for a reverse meterpreter shell though use of malicious WordPress addons. This will allow us to create a malicious WordPress plugin to use as a payload and achieve a reverse shell back to the attacking machine. Requirements: Linux Python Metasploit malicious-wordpress-plugin … Read more

Exploit XSS with an Image: Force download

Welcome back today we will talk about Injecting some malicious XSS code into a Image. We will be using Kali Linux for this tutorial however you can use an operating system of your choice. We recommend using Linux. If you don’t already have Linux you can download Kali Linux from here. Cross Site Scripting is … Read more