Author Archives: Brute Logic

XSS to RCE in CMS

May 23rd, 2017 📆 | 3209 Views ⚑

Performing XSS emulation in console with jQuery.getScript() to achieve RCE in 3 different up-to-date CMSes: WordPress 4.7.5, Joomla! 3.7.2 and




The Genesis of an XSS Worm

July 6th, 2016 📆 | 5441 Views ⚑

Watch an XSS worm infecting users of a social network coded from scratch. For more info check: http://brutelogic.com.br/blog/genesis-xss-worm-part-i http://brutelogic.com.br/blog/genesis-xss-worm-part-ii http://brutelogic.com.br/blog/genesis-xss-worm-part-iii

Tagged with:




Cerberus XSS Payload

February 6th, 2015 📆 | 8507 Views ⚑

Cerberus*, a triple XSS payload against the sites “law.com”, “worldcat.org” and “bnf.fr”. The last one (“bnf.fr”) required a little change,

Tagged with: