XSS Check v1.0
Alberto M. (mandingo) <mandingoyoirecom> Tuesday, November 27 2007 04:17.40 CST


XSS_Check may allow us to detect potentially "Cross-Site Scripting" (XSS) vulnerable URLs.

Help

The current version of "XSS_Check" showns the following help:

xss_check.pl v1.0 (C) Copyleft 2007 - By Mandingo at http://www.yoire.com    

Usage: perl xss_check.pl <url|-i <file>> [postData] [OPTIONS]

Overview:

XSS_Check performs various Cross-Site Scripting (XSS) against provided URLs in order to detect this kind of vulnerability.

It's possible to pass an URL as first parameter in commandline, or a list of URLs using the option -i <file>                                          


Options:          

    -x server      Check XSS using a proxy server
    -c cookie      Use this cookie on connections
    -o file        Output results to XML file
    -i file        Read URLs from file
    -v            Verbose output
    -h            This help


Usage examples

Example 1, detecting XSS in a single URL:

./xss_check.pl http://testasp.acunetix.com/Search.asp?tfsearch=

[f] http://testasp.acunetix.com/Search.asp?tfsearch="'>XSS_HERE
[f] http://testasp.acunetix.com/Search.asp?tfsearch=<H1>XSS_HERE</H1>

Example 2, detecting XSS in a single URL, the option "-v" will shown all the requests done:

./xss_check.pl http://testasp.acunetix.com/Search.asp?tfsearch= -v

[f] http://testasp.acunetix.com/Search.asp?tfsearch="'>XSS_HERE
[-] http://testasp.acunetix.com/Search.asp 'tfsearch="'>XSS_HERE'
[-] http://testasp.acunetix.com/Search.asp?tfsearch="'%253EXSS_HERE
[-] http://testasp.acunetix.com/Search.asp 'tfsearch="'%253EXSS_HERE'
[f] http://testasp.acunetix.com/Search.asp?tfsearch=<H1>XSS_HERE</H1>
[-] http://testasp.acunetix.com/Search.asp 'tfsearch=<H1>XSS_HERE</H1>'
[-] http://testasp.acunetix.com/Search.asp?tfsearch=%253CH1%253EXSS_HERE%253C/H1%253E
[-] http://testasp.acunetix.com/Search.asp 'tfsearch=%253CH1%253EXSS_HERE%253C/H1%253E'

Example 3: Detecting XSS using an input file with URLs

./xss_check.pl -i checks.txt

[f] http://testphp.acunetix.com/guestbook.php 'text=<H1>XSS_HERE</H1>&submit=add message&name=anonymous user'
[f] http://testphp.acunetix.com/guestbook.php 'name=anonymous user<H1>XSS_HERE</H1>&text=&submit=add message'
[f] http://testphp.acunetix.com/showimage.php?file=.%2Fpictures%2F1.jpg<H1>XSS_HERE</H1>
[f] http://testphp.acunetix.com/showimage.php?file=.%2Fpictures%2F1.jpg<H1>XSS_HERE</H1>&size=160
[f] http://testphp.acunetix.com/userinfo.php 'uname="'>XSS_HERE&pass='
[f] http://testphp.acunetix.com/userinfo.php 'uname=<H1>XSS_HERE</H1>&pass='

Where "checks.txt" is a text file with the following URLs:

http://testphp.acunetix.com/artists.php?artist=1
http://testphp.acunetix.com/comment.php?aid=1
http://testphp.acunetix.com/guestbook.php 'text=&submit=add message&name=anonymous user'
http://testphp.acunetix.com/listproducts.php?cat=1
http://testphp.acunetix.com/product.php?pic=1
http://testphp.acunetix.com/redir.php?r=http://www.eclectasy.com/Fractal-Explorer/index.html
http://testphp.acunetix.com/search.php?test=query
http://testphp.acunetix.com/search.php?test=query 'gobutton=go&searchfor='
http://testphp.acunetix.com/showimage.php?file=.%2Fpictures%2F1.jpg
http://testphp.acunetix.com/showimage.php?file=.%2Fpictures%2F1.jpg&size=160
http://testphp.acunetix.com/userinfo.php 'uname=&pass=

Note: The information that should be sent using POST must be enclose between simple quotes.

Download

Download XSS_Check.pl



Comments
Posted: Wednesday, December 31 1969 18:00.00 CST