NorthStar C2 agent RCE via stored XSS
Agent RCE PoC for CVE-2024-28741, a stored XSS vulnerability in NorthStar C2
This exploit works by sending multiple malicious agent registration requests to the teamserver to incrementally build a functioning javascript payload in the logs web page This XSS can be leveraged to execute commands on NorthStar C2 agents
Full explanation: http