output file missing

Question

output file missing

mavensecurity opened this issue 10 years ago · 5 comments

I just ran git pull with no errors. Now when I run a scan I don't get an output file of results anymore. Previously I got xsscrapy-vulns.txt

The terminal output shows there are findings like this:

2014-12-01 12:45:35-0500 [xsscrapy] DEBUG: Crawled (200) <POST http://demo.testfire.net/comment.aspx> (referer: http://demo.testfire.net/feedback.aspx)
2014-12-01 12:45:35-0500 [xsscrapy] NOLEVEL: URL: http://demo.testfire.net/feedback.aspx
2014-12-01 12:45:35-0500 [xsscrapy] NOLEVEL: response URL: http://demo.testfire.net/comment.aspx
2014-12-01 12:45:35-0500 [xsscrapy] NOLEVEL: POST url: http://demo.testfire.net/comment.aspx
2014-12-01 12:45:35-0500 [xsscrapy] NOLEVEL: Unfiltered: '"(){}:/;
2014-12-01 12:45:35-0500 [xsscrapy] NOLEVEL: Payload: 9zqjxaw'"(){}:/9zqjxaw;9
2014-12-01 12:45:35-0500 [xsscrapy] NOLEVEL: Type: form
2014-12-01 12:45:35-0500 [xsscrapy] NOLEVEL: Injection point: name
2014-12-01 12:45:35-0500 [xsscrapy] NOLEVEL: Possible payloads:
2014-12-01 12:45:35-0500 [xsscrapy] NOLEVEL: Line:

thank you for your comments, 9zqjxaw'"(){}:/9zqjxaw;9
2014-12-01 12:45:35-0500 [xsscrapy] DEBUG: Scraped from <200 http://demo.testfire.net/comment.aspx>

Should I just reinstall from scratch, or is there an issue with the current xsscrapy code?

Answer 1 · 2014-12-01T19:22:21.000Z

I'll check it out tonight.

On Mon, Dec 1, 2014 at 10:51 AM, mavensecurity notifications@github.com
wrote:

I just ran git pull with no errors. Now when I run a scan I don't get an
output file of results. Previously I got xsscrapy-vulns.txt

The terminal output shows there are findings like this:

—
Reply to this email directly or view it on GitHub
#18.

Answer 2 · 2014-12-01T19:48:34.000Z

I just pulled down the latest from github and it seems to be working
normally. I get a xsscrapy-vulns.txt file whenever a vuln is found and no
file if nothing is found. I'm working on making the output of xsscrapy a
little more readable, maybe culling the output to just vulns found rather
than the huge amount of debug info that spews forth at the moment.

On Mon, Dec 1, 2014 at 12:22 PM, Dan McInerney dan.h.mcinerney@gmail.com
wrote:

I'll check it out tonight.

On Mon, Dec 1, 2014 at 10:51 AM, mavensecurity notifications@github.com
wrote:

I just ran git pull with no errors. Now when I run a scan I don't get an
output file of results. Previously I got xsscrapy-vulns.txt

The terminal output shows there are findings like this:

—
Reply to this email directly or view it on GitHub
#18.

Answer 3 · 2014-12-01T23:39:10.000Z

Possibly a permissions problem? Would xsscrapy have the ability to write to the directory you're running it from?

Answer 4 · 2014-12-02T17:24:32.000Z

My bad. The output file is there. Not sure how I managed to overlook it, even when using ls -l. Consider this (false) issue closed. Thanks again for your responsiveness.

Answer 5 · 2020-03-26T08:00:02.000Z

i can't get the out put too