Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- xsser -i /root/TestFiles/LoginTest -p "UserName=XSS"
- ===========================================================================
- XSSer v1.7b: "ZiKA-47 Swarm!" - 2011/2016 - (GPLv3.0) -> by psy
- ===========================================================================
- Testing [XSS from file]...
- ===========================================================================
- ) is not a correct url [DISCARDED]ReturnUrl=%2F HTTP/1.1
- ) is not a correct url [DISCARDED]in.site.com
- This target: (User-Agent: Mozilla/x.0 (X11; Linux x86_xx; rv:xx.0) Gecko/2010010) is not a correct url [DISCARDED]
- This target: (Accept: text/html,application/xhtml+xml,application/xml;q=0.x,*/*;) is not a correct url [DISCARDED]
- ) is not a correct url [DISCARDED]US,en;q=0.x
- ) is not a correct url [DISCARDED]p, deflate
- This target: (Referer: https:// site.com/Account/Login?Return) is not a correct url [DISCARDED]
- This target: (Cookie: __RequestVerificationToken=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX) is not a correct url [DISCARDED]lstrx3r
- ) is not a correct url [DISCARDED]
- ) is not a correct url [DISCARDED]uests: 1
- ) is not a correct url [DISCARDED]ation/x-www-form-urlencoded
- ) is not a correct url [DISCARDED]
- ) is not a correct url [DISCARDED]
- **This target: (__RequestVerificationToken= XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX &UserName=user&Password=password) is not a correct url [DISCARDED]
- ===========================================================================**
- Mosquito(es) landed!
- **The text file data(/root/TestFiles/LoginTest) is listed below:**
- POST /Account/Login?ReturnUrl=%2F HTTP/1.1
- Host: site.com
- User-Agent: Mozilla/x.0 (X11; Linux x86_xx; rv:xx.0) Gecko/20100101 Firefox/52.0
- Accept: text/html,application/xhtml+xml,application/xml;q=0.x,*/*;q=0.x
- Accept-Language: en-US,en;q=0.x
- Accept-Encoding: gzip, deflate
- Referer: https://site.com/Account/Login?ReturnUrl=%2f
- Cookie: __RequestVerificationToken= XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX; ASP.NET_SessionId=xxxxx2xxxxxjgzxxxxx3r
- Connection: close
- Upgrade-Insecure-Requests: 1
- Content-Type: application/x-www-form-urlencoded
- Content-Length: 175
- __RequestVerificationToken= XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX &UserName=user&Password=password
Add Comment
Please, Sign In to add comment