API tools faq
paste
Guest User

Untitled

a guest
Apr 11th, 2018
166
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.28 KB | None | 0 0
raw download clone embed print report
  1. xsser -i /root/TestFiles/LoginTest -p "UserName=XSS"
  2.  
  3. ===========================================================================
  4. XSSer v1.7b: "ZiKA-47 Swarm!" - 2011/2016 - (GPLv3.0) -> by psy
  5. ===========================================================================
  6. Testing [XSS from file]...
  7. ===========================================================================
  8. ) is not a correct url [DISCARDED]ReturnUrl=%2F HTTP/1.1
  9. ) is not a correct url [DISCARDED]in.site.com
  10. This target: (User-Agent: Mozilla/x.0 (X11; Linux x86_xx; rv:xx.0) Gecko/2010010) is not a correct url [DISCARDED]
  11. This target: (Accept: text/html,application/xhtml+xml,application/xml;q=0.x,*/*;) is not a correct url [DISCARDED]
  12. ) is not a correct url [DISCARDED]US,en;q=0.x
  13. ) is not a correct url [DISCARDED]p, deflate
  14. This target: (Referer: https:// site.com/Account/Login?Return) is not a correct url [DISCARDED]
  15. This target: (Cookie: __RequestVerificationToken=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX) is not a correct url [DISCARDED]lstrx3r
  16. ) is not a correct url [DISCARDED]
  17. ) is not a correct url [DISCARDED]uests: 1
  18.  
  19. ) is not a correct url [DISCARDED]ation/x-www-form-urlencoded
  20. ) is not a correct url [DISCARDED]
  21. ) is not a correct url [DISCARDED]
  22.  
  23. **This target: (__RequestVerificationToken= XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX &UserName=user&Password=password) is not a correct url [DISCARDED]
  24. ===========================================================================**
  25. Mosquito(es) landed!
  26.  
  27.  
  28. **The text file data(/root/TestFiles/LoginTest) is listed below:**
  29.  
  30.  
  31.  
  32.  
  33. POST /Account/Login?ReturnUrl=%2F HTTP/1.1
  34. Host: site.com
  35. User-Agent: Mozilla/x.0 (X11; Linux x86_xx; rv:xx.0) Gecko/20100101 Firefox/52.0
  36. Accept: text/html,application/xhtml+xml,application/xml;q=0.x,*/*;q=0.x
  37. Accept-Language: en-US,en;q=0.x
  38. Accept-Encoding: gzip, deflate
  39. Referer: https://site.com/Account/Login?ReturnUrl=%2f
  40. Cookie: __RequestVerificationToken= XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX; ASP.NET_SessionId=xxxxx2xxxxxjgzxxxxx3r
  41. Connection: close
  42. Upgrade-Insecure-Requests: 1
  43. Content-Type: application/x-www-form-urlencoded
  44. Content-Length: 175
  45. __RequestVerificationToken= XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX &UserName=user&Password=password
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!