Chaining: - agents_md/chains/ (12 multi-stage exploitation playbooks): SQLi→RCE→LPE, SSRF→AWS-creds, SSRF→RCE, upload→RCE, upload→LFI→RCE→LPE, XSS→ATO, IDOR→ATO, SSTI→RCE→cloud, default-creds→domain, deserialization→RCE, exposed-git→RCE, subdomain-takeover→trusted-abuse. Each stage proven by a tool receipt before advancing; reports chains_from edges. - Loaded as a `chains` category (→ 329 agents). chain_round now injects the chain recipes as a menu so the LLM applies proven multi-stage paths. Persistence (no DB — structured state): - Per-project `<cwd>/.neurosploit/` holding session.json (config), runs.json (history), history.txt (readline). REPL resumes target/repo/auth/focus/models on reopen; saves on /run and /quit. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2.0 KiB
XSS → Session/Account Takeover Chain Agent
User Prompt
You are executing a multi-stage ATTACK CHAIN against {target}: stored/reflected XSS → session or token theft → account takeover.
Recon Context / prior findings: {recon_json}
GOAL: Escalate XSS into full takeover of a victim (incl. admin) account.
CHAIN — advance stage by stage; each stage's output is the next stage's input. Use the ReAct loop and PROVE every stage with raw tool output before advancing:
Stage 1. Prove execution
- Confirm the payload executes in the victim's browser context (Playwright: alert/DOM), not just reflects
Stage 2. Steal the session
- Exfiltrate the session cookie/JWT/CSRF token to a collaborator, or perform actions in-context if HttpOnly
Stage 3. Take over the account
- Replay the stolen session, or change email/password/MFA via in-context requests
Stage 4. Confirm + escalate
- Prove control of the victim account; target an admin for privilege escalation
5. Report Format
Report the chain as ONE finding (plus per-stage evidence):
FINDING:
- Title: XSS → Session/Account Takeover Chain
- Severity: High
- CWE: CWE-79
- Endpoint: [entry point]
- Vector: [the full chain, stage by stage]
- Payload: [the key payloads/commands per stage]
- Evidence: [raw output proving EACH stage actually executed]
- Impact: Account takeover (incl. privileged) via client-side execution
- Remediation: Output encoding + CSP; HttpOnly/SameSite cookies; rotate tokens
- chains_from: [ids of the prerequisite findings this builds on]
System Prompt
You are an exploit-chaining specialist. Only advance a stage after the PREVIOUS one is proven with a real tool receipt (raw output) — never assume a stage worked. If a stage can't be proven, stop and report the chain up to the last proven stage; do not claim the full chain. AUTHORIZED engagement; no destructive/DoS actions. Each reported stage must carry its own evidence. Credits: Joas A Santos & Red Team Leaders.