-
Notifications
You must be signed in to change notification settings - Fork 0
/
output_example.txt
67 lines (67 loc) · 5.64 KB
/
output_example.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
hidden_finder.py
Javascript found on line 138 in source code
Found /flasgger_static/swagger-ui-bundle.js
https://httpbin.org/flasgger_static/swagger-ui-bundle.js
Might be dangerous function in javascript file https://httpbin.org/flasgger_static/swagger-ui-bundle.js
Possible Javascript Injection in javascript file https://httpbin.org/flasgger_static/swagger-ui-bundle.js
Look at the eval() function parameters. If parameters has user input, it is vulnerable to javascript injection
Possible payloads: eval(document.cookie), eval(document.domain), eval(document.location)
More info at https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval
Might be dangerous function in javascript file https://httpbin.org/flasgger_static/swagger-ui-bundle.js
Possible payloads: window.location = 'https://www.attecker_website.com'
Might cause Open redirection vulnerability in javascript file https://httpbin.org/flasgger_static/swagger-ui-bundle.js
More info at https://developer.mozilla.org/en-US/docs/Web/API/Window/location
Might be dangerous function in javascript file https://httpbin.org/flasgger_static/swagger-ui-bundle.js
setRequestHeader in javascript file https://httpbin.org/flasgger_static/swagger-ui-bundle.js
Possible payloads: xhr.setRequestHeader('X-Forwarded-For', ')
More info at https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/setRequestHeader
Might be dangerous function in javascript file https://httpbin.org/flasgger_static/swagger-ui-bundle.js
JSON.parse in javascript file https://httpbin.org/flasgger_static/swagger-ui-bundle.js
Possible payloads: JSON.parse('string')
More info at https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse
Might be dangerous function in javascript file https://httpbin.org/flasgger_static/swagger-ui-bundle.js
JSON.parse in javascript file https://httpbin.org/flasgger_static/swagger-ui-bundle.js
Possible payloads: JSON.parse('string')
More info at https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse
Javascript found on line 139 in source code
Found /flasgger_static/swagger-ui-standalone-preset.js
https://httpbin.org/flasgger_static/swagger-ui-standalone-preset.js
Might be dangerous function in javascript file https://httpbin.org/flasgger_static/swagger-ui-standalone-preset.js
Possible Javascript Injection in javascript file https://httpbin.org/flasgger_static/swagger-ui-standalone-preset.js
Look at the eval() function parameters. If parameters has user input, it is vulnerable to javascript injection
Possible payloads: eval(document.cookie), eval(document.domain), eval(document.location)
More info at https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval
Might be dangerous function in javascript file https://httpbin.org/flasgger_static/swagger-ui-standalone-preset.js
Possible payloads: window.location = 'https://www.attecker_website.com'
Might cause Open redirection vulnerability in javascript file https://httpbin.org/flasgger_static/swagger-ui-standalone-preset.js
More info at https://developer.mozilla.org/en-US/docs/Web/API/Window/location
Might be dangerous function in javascript file https://httpbin.org/flasgger_static/swagger-ui-standalone-preset.js
JSON.parse in javascript file https://httpbin.org/flasgger_static/swagger-ui-standalone-preset.js
Possible payloads: JSON.parse('string')
More info at https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse
Might be dangerous function in javascript file https://httpbin.org/flasgger_static/swagger-ui-standalone-preset.js
JSON.parse in javascript file https://httpbin.org/flasgger_static/swagger-ui-standalone-preset.js
Possible payloads: JSON.parse('string')
More info at https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse
Javascript found on line 140 in source code
Found /flasgger_static/lib/jquery.min.js
https://httpbin.org/flasgger_static/lib/jquery.min.js
Might be dangerous function in javascript file https://httpbin.org/flasgger_static/lib/jquery.min.js
Possible Javascript Injection in javascript file https://httpbin.org/flasgger_static/lib/jquery.min.js
Look at the eval() function parameters. If parameters has user input, it is vulnerable to javascript injection
Possible payloads: eval(document.cookie), eval(document.domain), eval(document.location)
More info at https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval
Might be dangerous function in javascript file https://httpbin.org/flasgger_static/lib/jquery.min.js
setRequestHeader in javascript file https://httpbin.org/flasgger_static/lib/jquery.min.js
Possible payloads: xhr.setRequestHeader('X-Forwarded-For', ')
More info at https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/setRequestHeader
Might be dangerous function in javascript file https://httpbin.org/flasgger_static/lib/jquery.min.js
JSON.parse in javascript file https://httpbin.org/flasgger_static/lib/jquery.min.js
Possible payloads: JSON.parse('string')
More info at https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse
Might be dangerous function in javascript file https://httpbin.org/flasgger_static/lib/jquery.min.js
JSON.parse in javascript file https://httpbin.org/flasgger_static/lib/jquery.min.js
Possible payloads: JSON.parse('string')
More info at https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse
Might be dangerous function in javascript file https://httpbin.org/flasgger_static/lib/jquery.min.js
Javascript found on line 141 in source code