Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/user/bin/ruby
- require 'net/http'
- require 'uri'
- require 'open-uri'
- # hamza-xDz
- # lol devlope it
- def ent_url(url)
- return URI.parse(url)
- end
- def post(dzs,input)
- urls=URI.parse(dzs)
- http = Net::HTTP.new(urls.host, 80)
- posts="#{input}=<script>alert(1)</script>"
- resp, data = http.get(urls.path, nil)
- dz, data = http.post(urls.path, posts)
- if (dz.body.scan(/<script>alert(1)<\/script>/i))
- puts"[+] Found xss ->#{dzs} \npost:#{posts}\n"
- end
- end
- def sourc_d(uri)
- begin
- f = open(uri)
- xd=f.readlines.join
- return xd
- rescue
- puts "#{uri} -> Error Cant Connect!?\n "
- end
- end
- for inou in sourc_d('http://127.0.0.1/test.php').scan(/name='(.*?)'/)
- for x in inou
- post('http://127.0.0.1/test.php',x.chomp)
- end
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement