As of optional settings it supports HTTP proxy together with HTTP header values "User-Agent", "Referer" and "Cookie".
Latest source code can be found here (update: current version is v0.1e - Nov 6th 2011).
p.s. sample run(s) against LEGAL targets :
$ python dsxs.py Damn Small XSS Scanner (DSXS) < 100 LOC (Lines of Code) #v0.1e by: Miroslav Stampar (http://unconciousmind.blogspot.com | @stamparm) Usage: dsxs.py [options] Options: --version show program's version number and exit -h, --help show this help message and exit -u URL, --url=URL Target URL (e.g. "http://www.target.com/page.htm?id=1") --data=DATA POST data (e.g. "query=test") --cookie=COOKIE HTTP Cookie header value --user-agent=UA HTTP User-Agent header value --random-agent Use randomly selected HTTP User-Agent header value --referer=REFERER HTTP Referer header value --proxy=PROXY HTTP proxy address (e.g. "http://127.0.0.1:8080") $ python dsxs.py -u "http://zero.webappsecurity.com/login1.asp" --data="login=te st&password=test&graphicOption=minimum" --random-agent Damn Small XSS Scanner (DSXS) < 100 LOC (Lines of Code) #v0.1e by: Miroslav Stampar (http://unconciousmind.blogspot.com | @stamparm) * scanning POST parameter 'login' (i) POST parameter 'login' appears to be XSS vulnerable (">...<", outside tags, some filtering)) * scanning POST parameter 'password' * scanning POST parameter 'graphicOption' scan results: possible vulnerabilities found $ python dsxs.py -u "http://xss.progphp.com/xss8.html?input=1" --random-agent Damn Small XSS Scanner (DSXS) < 100 LOC (Lines of Code) #v0.1e by: Miroslav Stampar (http://unconciousmind.blogspot.com | @stamparm) * scanning GET parameter 'input' (i) GET parameter 'input' appears to be XSS vulnerable ("...", pure text respon se, no filtering)) scan results: possible vulnerabilities found $ python dsxs.py -u "http://xss.progphp.com/xss12.html" --data="bar=secret&foo=t est" Damn Small XSS Scanner (DSXS) < 100 LOC (Lines of Code) #v0.1e by: Miroslav Stampar (http://unconciousmind.blogspot.com | @stamparm) * scanning POST parameter 'bar' * scanning POST parameter 'foo' (i) POST parameter 'foo' appears to be XSS vulnerable ("<.'...'.>", inside tag, inside single-quotes, some filtering)) scan results : possible vulnerabilities found
p.p.s. ttyrec console recording :
0 comments:
Post a Comment