xss_check.pl v1.0 (C) Copyleft 2007 - By Mandingo at http://www.yoire.com Usage: perl xss_check.pl <url|-i <file>> [postData] [OPTIONS] Overview: XSS_Check performs various Cross-Site Scripting (XSS) against provided URLs in order to detect this kind of vulnerability. It's possible to pass an URL as first parameter in commandline, or a list of URLs using the option -i <file> Options: -x server Check XSS using a proxy server -c cookie Use this cookie on connections -o file Output results to XML file -i file Read URLs from file -v Verbose output -h This help
./xss_check.pl http://testasp.acunetix.com/Search.asp?tfsearch= [f] http://testasp.acunetix.com/Search.asp?tfsearch="'>XSS_HERE [f] http://testasp.acunetix.com/Search.asp?tfsearch=<H1>XSS_HERE</H1>
./xss_check.pl http://testasp.acunetix.com/Search.asp?tfsearch= -v [f] http://testasp.acunetix.com/Search.asp?tfsearch="'>XSS_HERE [-] http://testasp.acunetix.com/Search.asp 'tfsearch="'>XSS_HERE' [-] http://testasp.acunetix.com/Search.asp?tfsearch="'%253EXSS_HERE [-] http://testasp.acunetix.com/Search.asp 'tfsearch="'%253EXSS_HERE' [f] http://testasp.acunetix.com/Search.asp?tfsearch=<H1>XSS_HERE</H1> [-] http://testasp.acunetix.com/Search.asp 'tfsearch=<H1>XSS_HERE</H1>' [-] http://testasp.acunetix.com/Search.asp?tfsearch=%253CH1%253EXSS_HERE%253C/H1%253E [-] http://testasp.acunetix.com/Search.asp 'tfsearch=%253CH1%253EXSS_HERE%253C/H1%253E'
./xss_check.pl -i checks.txt [f] http://testphp.acunetix.com/guestbook.php 'text=<H1>XSS_HERE</H1>&submit=add message&name=anonymous user' [f] http://testphp.acunetix.com/guestbook.php 'name=anonymous user<H1>XSS_HERE</H1>&text=&submit=add message' [f] http://testphp.acunetix.com/showimage.php?file=.%2Fpictures%2F1.jpg<H1>XSS_HERE</H1> [f] http://testphp.acunetix.com/showimage.php?file=.%2Fpictures%2F1.jpg<H1>XSS_HERE</H1>&size=160 [f] http://testphp.acunetix.com/userinfo.php 'uname="'>XSS_HERE&pass=' [f] http://testphp.acunetix.com/userinfo.php 'uname=<H1>XSS_HERE</H1>&pass='
http://testphp.acunetix.com/artists.php?artist=1 http://testphp.acunetix.com/comment.php?aid=1 http://testphp.acunetix.com/guestbook.php 'text=&submit=add message&name=anonymous user' http://testphp.acunetix.com/listproducts.php?cat=1 http://testphp.acunetix.com/product.php?pic=1 http://testphp.acunetix.com/redir.php?r=http://www.eclectasy.com/Fractal-Explorer/index.html http://testphp.acunetix.com/search.php?test=query http://testphp.acunetix.com/search.php?test=query 'gobutton=go&searchfor=' http://testphp.acunetix.com/showimage.php?file=.%2Fpictures%2F1.jpg http://testphp.acunetix.com/showimage.php?file=.%2Fpictures%2F1.jpg&size=160 http://testphp.acunetix.com/userinfo.php 'uname=&pass=
There are 31,328 total registered users.
[+] expand
Printer Friendly ...
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}