Bt5r2 Environment + Xssing

 

II. Introduction to Xssing

 

========================================================== ======================================

====Name: Xssing 1.3 -- Funny and easy xss platform====

========================================================== ======================================

=== Qq group: 209546692 ===

==== Project: http://code.google.com/p/xssing/ http://yaseng.me/xssing-1.html ====

========================================================== ======================================

==== Author: Yaseng "WwW. Yaseng. Me" Yaseng@UAUC.NET ====

==== Date: 01:35:00 ====

========================================================== ======================================

 

Xss utilization platform http://xssing.sinaapp.com based on php + mysql

 

Project publishing address http://yaseng.me/xssing-1.html

Introduction to Article http://yaseng.me/bind-xss-tutorial.html

Google managed http://code.google.com/p/xssing/

Demo http://v.youku.com/v_show/id_XNDYzODM5MDcy.html

Chat QQ Group 209546692

Author Weibo http://t.qq.com/uaucya

We would like to thank Yaseng for its open-source support!

[My understanding]

1. Like xsser. me extension:Use of xsser. me (illustrated)

2. bemo-xss http://code.google.com/p/bemo-xss/

Bemo-XSS-basic functions of the simplest and most effective XSS tool: 1. cookies theft 2. Basic Authentication phishing

 

Iii. Xssing Installation

1. Download the package and read readme.txt. You must read it first and understand the general idea.

Install

 

Importing xssing. SQL In the download http://code.google.com/p/xssing/ or http://yaseng.me/xssing-1.html to mysql config/mysql. php delete/apps/running/uauc. php can run

Note: the installation instructions here are not very good, which may lead to ambiguity. We recommend that you modify yaseng.

A ox in a QQ group told me.

1. Import xssing. SQL to mysql

2. Configure config/mysql. php

3. Change the value of 1 in the fourth line of config/config. php to 0, define ('debug _ mode', 0 );

4. replace uauc/define. the URL in php line 1 is the actual platform URL ("/" must end with the URL) define ('site _ root', "http: // 127.0.0.1 /");

5. generate an invitation code to add a management account:

 

 

2. xsing is mostly used for sae deployment at the beginning, but this article simulates the xssing environment on the Bt5 host. There are some differences with the deployment of sae. The following describes the problems and solutions I encountered during the process.

 

3. Configure the xing. SQL database first.

Note: use xing first, and then source/var/www/xssing/xing. SQL

See the tables:

4. Configure config/mysql. php in step 2

7 define ("DB_PASS", ''); configure mysql secrets

 

5. Replace uauc/define. the URL in php line 1 is the actual platform URL ("/" must end with the URL) define ('site _ root', "http: // 127.0.0.1 /");

Define ('site _ root', "http: // w/epp/xing/"); // deploy with sae

Changed to this:

Define ('site _ root', "http: // 192.168.0.5/xssing /");

 

6. generate an invitation code to add a management account:

Open IE and copy the URL: http: // 192.168.0.5/xssing /? M = user & a = get_incode & token = admin & n = 5

Note that for the first time, the above URL is required. Otherwise, you will enter the index. php interface with five input boxes, which is not acceptable.

Then you will get an address with 5 invitation codes.

For example:

Http: // 192.168.0.5/xssing /? I = 2f4e9f32221

Http: // 192.168.0.5/xssing /? I = a8560261385

Http: // 192.168.0.5/xssing /? I = acab48222ed

Http: // 192.168.0.5/xssing /? I = 5a4ff37f0ac

Note that the operation at this time is: Open the link from the address of this invitation code to register an account.

Source code description of the interface for generating invitation codes:

There is nothing to do here. When you enter, there will be no menu bar in the browser operation list. The intermediate content is missing. Okay, let's see my second sequencer.

II. Introduction to Xssing

 

Iii. XSSing installation troubleshooting

7. Problems in the previous article

 

[Problem description ]. There is no menu bar interface and the form has no content.

 

[Solution]

1. Enable php error display first. By default, BT5 disables error display.

# Dispaly error On in vi/etc/php5/apache2/php. ini do not forget to restart apache/etc/init. d/apache2 restart

2. log on to xssing again.

3. Observe the error display content

The following is my error:

Waring can be ignored for the time being. When I reinstall xssing later, I did not delete apps/index/running/uauc. php, so no error is reported.

[Crux of the problem] the error is reported in Short URL: 126. This function is added later. I also set up xssing1.2 and the result shows that there is no Short URL. The form content is displayed successfully. It can be inferred that the cause of the error is that the source URL is shortened by 126. Deploy the service on the public network. It is necessary to shorten the 126 website.

Figure after success:

 

I solve this problem:

1. Know the error content in the 126 short URL source code and comment it out.

2. Modify the following source code and comment it out. This function is not required for local networks. Do not comment out, and subsequent functions cannot be used.

 

File Path/var/www/xssing/apss/index/view/project/show. tpl. php 61st rows // comment

 [Note] I suggest you cache your browser for cleanup.

 

8. The following configuration adds an email reminder (sae compatibility)

Path/var/www/apps/lib/common. php

Email Configuration

Apps \ index \ lib \ common. php modify the information of send_mail (send_sae_mail) to update the cache, you know

 

The following code send_sae_mail () also gave me ambiguity, I was surprised, are all xssing_@163.com. the sender and receive mail address confused. For bemo-xss configuration mailboxes, you only need to enter the sender's email password once. Here, you need to enter the password twice.

I asked Nan ke Yimeng of the QQ Group later. Configuration

$ Titile enter the sender password.

 

Iv. XSSing Test

[Method]

Copy the address provided by the Demo to the location where the XSS vulnerability exists. I am using xss reflected of DVWA.

Demonstration of storage-type XSS attacks, followed by the Demo of yaseng Xss for blind hitting. ZipThe documentation and video descriptions are very clear.

Note]

What I want to add:Its simple php background First Login Password File in common. php. ID: yaseng pasword: ri

What I found:Create a project. After Xssing is successfully created, only the first email is sent. (If you are in the same project, there are only the first Xssing in multiple places, and no email is sent by default, but the form data will be updated. I stumbled on this place. During the initial installation and testing, I was surprised and received only one email. I am always struggling with the problem of dvwa or Xssing1.3. I suddenly cannot receive emails .)

The graph after successful execution.

 

 

What's wrong with my personal opinions. Luolired