- Swiss knife for XSS on any URI
- XSS Fuzzer & Finder
- Any logic is valid logic in this software
- EULA
- chmod u+x *
- ./interface.sh
The hash (#) character in a URI denotes the beginning of a URI fragment. According to the RFC 3986, clients are not supposed to send URI fragments to the server, as the client should recognize that they reference a resource secondary to the current, or primary, resource. What does this mean for DOM based XSS! First, the fragment is stored in the DOM as a part of the document.location object, as well as in the document.location.href and document.URL attributes. If a developer parses either of these elements, the fragment will be included. Depending on how the developer parses the URL to extract parameter values, the use of a hash may have no effect on the parser, allowing an attacker to use a hash to inject the payload into the URL, but prevent the payload from being sent to the server where it may be scrutinized. Below is the same example as before, but the exploit is changed by introducing the hash character.
- Example: <script> var x = document.URL.substring(document.URL.indexOf("name=")+5);document.write(name + "!"); </script>
- Exploit: http://example.com?name=Tim#<script>alert(42)</script>
- Result: Hello Tim#<script>alert(42)</script>!
- chmod u+x Kali_Installer.sh
- ./Kali_Installer.sh
- ScreamingCobra
- ScreamingCobra is now system command, call anywhere in system
- chmod u+x Parrot_Os_Installer.sh
- ./Parrot_Os_Installer.sh
- ScreamingCobra
- ScreamingCobra is now system command, call anywhere in system
- chmod u+x Termux_Installer.sh
- ./interface.sh
- Android Led TV, Termux, Linux, Windows using cygwin
- Version 1 is a normal version, could be used any time
- Version 2 is a Dom case is a special version, should be used only in Dom case