stamparm / dsxs Goto Github PK
View Code? Open in Web Editor NEWDamn Small XSS Scanner
Damn Small XSS Scanner
Hi Miroslav @stamparm, it would be great if you can join to developers of https://github.com/s0md3v/XSStrike
It use some code of sqlmap and will be great if xsstrike will be develop amazing pro coder like you
Hello stamparm! I have some questions when I read your project.
that's all, look forward to your reply, thanks.
File "dsxs.py", line 66, in scan_page
for regex, condition, info, content_removal_regex in XSS_PATTERNS:
NameError: global name 'XSS_PATTERNS' is not define
can you support find xss in href?
egg:
<?php
$input= str_replace("\"", """ ,$_GET['xss']);
$input=str_replace(">","<",$input);
$input=str_replace("<",">",$input);
echo '<a href="';
print($input);
echo '">click<a/>';
?>
http://127.0.0.1/2.php?xss=javascript:alert(1) when click it will has xss vuls。
but DSXS can't find this。
Hello, hope you're well, i would like to discuss about one case that is not triggered by DSXS. Example of php code:
<?php
echo "<input type=\"text\" name=\"test\" name=\"".str_replace('"','\\"',$_GET['param'])."\"></input>";
?>
The backslash is not interpreted as an escape character in this html context and leads to XSS. Do you agree that this kind of pattern deals with the following regexp in your code:
(r"<[^>]*=\s*'[^>']*%(chars)s[^>']*'[^>]*>", ('\'',), "\"<.'.xss.'.>\", inside the tag, inside single-quotes, %(filtering)s filtering", r"(?s)<script.+?</script>|<!--.*?-->"),
(r'<[^>]*=\s*"[^>"]*%(chars)s[^>"]*"[^>]*>', ('"',), "'<.\".xss.\".>', inside the tag, inside double-quotes, %(filtering)s filtering", r"(?s)<script.+?</script>|<!--.*?-->"),
If you confirm i can pull request to avoid the mandatory chars to go through the re.sub
function for these cases (N.B: _contains
function).
Cheers mate.
for example, when using <!--[^>]*%abc|abc[^<]*-->
to search <!-- abc--> xxxabc-->
, this regex can capture the last abc-->
, but abc-->
is not in comment.
root@kali:~/DSXS# python dsxs.py -u "http://www.ccjt.net/search/tosearch.aspx?searchname=hiyoufu&searchtype=1"
Damn Small XSS Scanner (DSXS) < 100 LoC (Lines of Code) #v0.2e
by: Miroslav Stampar (@stamparm)
scan results: no vulnerabilities found
root@kali:~/DSXS# python dsxs.py -u "http://www.ccjt.net/search/tosearch.aspx?searchname=hiyouf&searchtype=1"
Damn Small XSS Scanner (DSXS) < 100 LoC (Lines of Code) #v0.2e
by: Miroslav Stampar (@stamparm)
scan results: possible vulnerabilities found
good project!!
but, I find this rule will cause false positives:
(r"<[^>]*'[^>']*%(chars)s[^>']*'[^>]*>", ('\'',), "\"<.'.xss.'.>\", inside the tag, inside single-quotes, %(filtering)s filtering", r"(?s)<script.+?</script>|<!--.*?-->")
egg:
demo.php:
<?php
$input= str_replace("\"", """ ,$_GET['xss']);
$input=str_replace(">","<",$input);
$input=str_replace("<",">",$input);
echo '<meta name="description" content="';
print($input);
echo '#23578';
print($input);
echo '#23578';
print($input);
echo '#23578"/>';
?>
for help~
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.