Home / Unlabelled / XSSF - Cross-Site Scripting Framework

XSSF - Cross-Site Scripting Framework


XSSF is an amazing tool that is designed to make the XSS vulnerability exploitation an easy task. 

It provides a powerful documented API, which facilitates the development of modules and attacks. Its integration into the Metasploit Framework allows users to launch MSF browser based exploits very easily.

XSSF allows creating a communication channel with the targeted browser (from an XSS vulnerability).

Installation Instructions

1. Download the latest Metasploit Framework (MSF) release.

2. Install Metasploit Framework.

3. Update Ruby if not already done.

4. Download XSSF (download links are at the end of this article).

5. Copy and paste all downloaded files into the Metasploit folder.


XSSF Basics: Install (Kali-1.0) & Use:


Simple XSSF attack (Stealing file on Xperia X10):


Launching MSF exploit through XSSF (CVE-2010-2568):


XSSF Tunnel (Surfing through targeted browser):



Download XSSF 3.0.zip

Download XSSF 2.3.zip

Download XSSF 2.2.zip

Download XSSF 2.1.tar

Download XSSF 2.0.tar

Download XSSF 1.0.zip



Source: www.effecthacking.com
XSSF - Cross-Site Scripting Framework XSSF - Cross-Site Scripting Framework Reviewed by Anonymous on 7:57 AM Rating: 5

Tags