-
Notifications
You must be signed in to change notification settings - Fork 0
/
XSSVulnerableScanner.py
178 lines (157 loc) Β· 6.73 KB
/
XSSVulnerableScanner.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
import re, requests, os, sys
import html, urllib.request, urllib.error
from time import time as timer
from multiprocessing.dummy import Pool
from pathlib import Path
from colorama import Fore
from colorama import Style
#from web import web
####### Colors ######
fr = Fore.RED
fc = Fore.CYAN
fw = Fore.WHITE
fg = Fore.GREEN
sd = Style.DIM
sn = Style.NORMAL
sb = Style.BRIGHT
#######################
def banners():
try:
os.mkdir('logs')
except:
pass
banner = """{}
...
;::::; ::
;::::; :; ::::::
;::::; :; XSS Scanner
;:::::' :; By RaiC0d3r
;:::::; ;.
,:::::' ; OOO\
::::::; ; OOOOO\{}
;:::::; ; OOOOOOOO
,;::::::; ;' / OOOOOOO
;:::::::::`. ,,,;. / / DOOOOOO
.';:::::::::::::::::;, / / DOOOO
,::::::;::::::;;;;::::;, / / DOOO
;`::::::`'::::::;;;::::: ,#/ / DOOO
:`:::::::`;::::::;;::: ;::# / DOOO {}
::`:::::::`;:::::::: ;::::# / DOO
`:`:::::::`;:::::: ;::::::#/ DOO
:::`:::::::`;; ;:::::::::## OO
::::`:::::::`;::::::::;:::# OO
`:::::`::::::::::::;'`:;::# O
`:::::`::::::::;' / / `:#
::::::`:::::;' / / `#
\n""".format(fg, fr, fg, sn)
print(banner)
Headers = {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0',
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
'Accept-Language': 'en-US,en;q=0.5',
'Accept-Encoding': 'gzip, deflate',
'Content-Type': 'application/x-www-form-urlencoded'
}
def getoption():
print("{}[1]{} Single Site".format(fg, fw))
print("{}[2]{} Multiple Site".format(fg, fw))
choiceoption=input('Put Number => ')
if choiceoption=='1':
url = input("\n\033[92m[!]\033[91m ENTER WEBSITE : ")
start = timer()
singlescan(url)
print('Finished in : ' + str(timer() - start) + ' seconds')
print("\n")
if os.stat("logs/xss_paramaters").st_size == 0:
print("\n")
else:
print("{}[1]{} Advanced Scan".format(fg, fw))
print("{}[2]{} No Thanks".format(fg, fw))
choiceoptions=input('Put Number => ')
if choiceoptions=='1':
print("{}{}Checking if the entry points are vulnerable...{}\n\n" .format(sn, fc, sn))
os.system("gau "+url+" | gf xss | sed 's/=.*/=/' | sed 's/URL: //' | dalfox pipe -o xss.txt")
elif choiceoptions=='2':
exit()
elif choiceoption=='2':
start_raw = input("\n\033[92m[!]\033[91m ENTER LIST OF WEBSITES : ")
try:
with open(start_raw, 'r') as f:
url = f.read().splitlines()
except IOError:
pass
start = timer()
ThreadPool = Pool(100)
Threads = ThreadPool.map(multiplescan, url)
print('PrivateBot Finished in : ' + str(timer() - start) + ' seconds')
def singlescan(url):
print("\n{}[+] Vulnerability: XSS{}\n".format(fg, sn))
print("{}{}Finding XSS entry points in the domain...{}\n\n".format(sn, fc, sn))
os.system("sudo gau "+url+"| gf xss | tee logs/xss_paramaters")
print("\n")
if os.stat("logs/xss_paramaters").st_size == 0:
print("{}{}[π]Not Found XSS entry points in the domain...{}\n\n" .format(sn, fc, sn))
else:
print("{}{}[π]Checking if the entry points are vulnerable...{}\n\n" .format(sn, fc, sn))
try:
with open("logs/xss_paramaters", 'r') as f:
domain = f.read().splitlines()
except IOError:
pass
start = timer()
ThreadPool = Pool(100)
Threads = ThreadPool.map(scanner, domain)
def multiplescan(url):
print("\n{}[+] Vulnerability: XSS{}\n".format(fg, sn))
print("{}{}Finding XSS entry points in the domain...{}\n\n".format(sn, fc, sn))
os.system("sudo gau "+url+"| gf xss | tee logs/xss_paramaters")
print("\n")
if os.stat("logs/xss_paramaters").st_size == 0:
print("{}{}[π]Not Found XSS entry points in the domain...{}\n\n" .format(sn, fc, sn))
else:
print("{}{}[π]Checking if the entry points are vulnerable...{}\n\n" .format(sn, fc, sn))
try:
with open("logs/xss_paramaters", 'r') as f:
domain = f.read().splitlines()
except IOError:
pass
start = timer()
ThreadPool = Pool(100)
Threads = ThreadPool.map(scanner, domain)
def scanner(domain):
try:
payloads = open("Payloads.txt", 'r').read().splitlines()
for payload in payloads:
website = domain + payload
source = urllib.request.urlopen(website).read()
mystr = source.decode("utf8")
if payload in mystr:
print("\n{}[β] Vulnerable =>{}{}\n".format(fg, website, sn))
open('XSSVulnerable.txt', 'a').write(website+'\n')
except urllib.error.URLError:
pass
except urllib.error.HTTPError:
pass
except KeyboardInterrupt:
raise KeyboardInterrupt
except:
pass
def installreq():
print("\n{}[+] Installing Requirement{}\n".format(fg, sn))
os.system("sudo su")
os.system("go install github.com/tomnomnom/gf@latest && go install github.com/lc/gau@latest")
os.system("cp ~/go/bin/gau /usr/bin && cp ~/go/bin/gf /usr/bin/")
print("\n{}Installed Done{}\n".format(fg, sn))
os.system("git clone https://github.com/Sherlock297/gf_patterns.git && cd gf_patterns/ && cp *.json ~/.gf")
getoption()
banners()
path_to_file = '/usr/bin/gau'
path_to_file1 = '/usr/bin/gf'
path = Path(path_to_file)
path1 = Path(path_to_file1)
if path.is_file() & path1.is_file():
#print(f'The file {path_to_file} & {path_to_file1} exists')
getoption()
else:
print(f'The file {path_to_file} & {path_to_file1} does not exist')
installreq()