This video will demonstrate how a simple XSS vulnerability can be leveraged to gain complete control of your web-browser and eventually lead to a complete system compromise.
1. We will use a cross-site scripting vulnerability as the initial attack vector

2. Exploit XSS by redirecting the user’s browser to the Evil_IP with a JavaScript loop (every 2 secs)

3. Exploit the victim’s browser to gain system ‘root’ or ‘shell’ access

4. Elevate our privileges to system-level

5. Dump the memory contents from an active SSH session and steal the SSH password from the victim’s computer

GAME OVER!

http://bit.ly/ntztkh