In this report we will cover how to exploit XSS and how to benefit from it. Among many things, we’ll examine the most important JS objects, the specifics of writing a payload and several examples of XSS use to upload a shell and ultimately compromise the router. In addition to that, we’re going to look at some real cases of Ethereum theft from local cryptowallets using this very vulnerability.