Hey Folks, In this tutorial we are going to discuss an XSS vulnerability finder called an “xssmap“. If you are a beginner then we can recommend this tool otherwise there is nothing better than manual bug hunting. Lets talk about this tool 🙂 ! The tool has been made in python language, hence we have to prepared yourself and configure python tool to use. In this tool you will get many features like: proxy user-agent parameters etc. with the help of whose we can do anonymous bug hunting as well as can also exploit the vulnerability without much effort.
Features of this Tool
- URL encoding bypass
- Case bypass
- Support unicode encoding of HTML tag attribute value to bypass
- Support HTML encoding to bypass the HTML tag attribute value
- Support for flexible replacement of () ‘”to bypass
Lets take a look 🙂 !!
Installation
We do not need a lot of resources to download this tool just we should have only CURL tool which will download it automatically in our system. After the prerequisites are met, we will execute the following command.
1 | curl -L -s https://raw.githubusercontent.com/Jewel591/CheckXSS/master/docs/install.sh|bash |
After completing this, we will go to the directory which was created itself after completion of downloading.
1 2 | cd CheckXSS ls |
All the work has been done now we are ready to start this tool and can execute and check the features of this tool by executing the below command.
1 | python3 xssmap.py --h |
Example
Let’s take an example first and for the testing purposes we will use XVWA vulnerable web application which is vulnerable to the XSS vulnerability. You can analysis the given code in which we have given the location and parameter to the vulnerability where possible we may get vulnerability of XSS.
1 | python3 xssmap.py -u "http://192.168.0.104/xvwa/vulnerabilities/reflected_xss/?item=check" -p item |
Results
Great 🙂 You can see that it has successfully found the vulnerability and is even giving us the payload with the help of which we exploit the vulnerability.
After enter the payload onto the vulnerable parameter we get the following results.
In the same way you can use it on various web applications and detect vulnerabilities of XSS.
A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.