????HTML5 ????????? HTML??HTML5????????????????????????????????????RDFa???????????????????????????????????????????м??????????????Web??????HTML5?????????APP??и????????????????????????????????????HTML5??????????????μ?????в??
???????CORS(Cross-Origin Resource Sharing) ???????????
?????????????????????????????????????????????HTML5???SOP???????????????Щ???????????????????????????????????????????????????????????????????????????????????????????HTML5???????Щ?????XMLHttpRequest Level 2?????????CORSЭ?飬????Ajax?????????????????????????????????????????????????????????????????????Javascript????????????Щ????????????????????????л??????
????COR??????ε????????????????????????????‘Access-Control-Allow-Origin’??HTTP??????????????????????????????????????????????????????????COR???У???????????????????濪????????У????????????????????????濪???????д?????????????????????????
??????????b.com?????a.com???????ajax???A?????????????????о???Lava Kumar???????????“Shell of the future”??
????Shell of the Future ?????????Web Shell???????(Reverse Web Shell handler)??????????????????????????????javascript???Shell of the Future????н????? ????????HTML5????Cross Origin Requests??????????Щ???????????????HTTP-Only?????cookie????IP??????ID??
??????????ù????
????1???????????ù???????“Shell of the Future.exe”??????????????

????2????????????????“Start”??