from colorama import init, Fore, Back, Stylefrom bs4 import BeautifulSoup as b

1. from colorama import init, Fore, Back, Style
2. from bs4 import BeautifulSoup as bs
3. import requests
4.  
5. from urllib.parse import urljoin
6. from pprint import pprint
7. import time
8.  
9.  
10. headers = {
11. "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
12. }
13.  
14. init(autoreset=True)
15.  
16.  
17. def stop(stop_time):
18. now_time = time.time()
19. if stop_time - now_time <= 0:
20. return True
21.  
22. def save(url):
23. file = open("goods.txt", "a")
24. file.write(f"{url}\n")
25. file.close()
26.  
27. def scan_xss(url, stop_time, timeout):
28. stop_time = time.time() + stop_time
29.  
30. html = requests.get(url, headers=headers, timeout=timeout)
31. soup = bs(html.content, "html.parser")
32. forms = soup.find_all("form")
33. js_script = "<Script>alert('XSS')</scripT>"
34. is_vulnerable = False
35.  
36. for form in forms:
37. if stop(stop_time):
38. break
39. details = {}
40.  
41. action = form.attrs.get("action")
42. method = form.attrs.get("method", "get")
43.  
44. if action != None and not(action.startswith("javascript")):
45. action = action.lower()
46. method = method.lower()
47. else:
48. break
49.  
50. inputs = []
51. for input_tag in form.find_all("input"):
52. input_type = input_tag.attrs.get("type", "text")
53. input_name = input_tag.attrs.get("name")
54. inputs.append({"type": input_type, "name": input_name})
55. details["action"] = action
56. details["method"] = method
57. details["inputs"] = inputs
58. form_details = details
59. target_url = urljoin(url, form_details["action"])
60. inputs = form_details["inputs"]
61. data = {}
62.  
63. for input in inputs:
64. if input["type"] == "text" or input["type"] == "search":
65. input["value"] = js_script
66. input_name = input.get("name")
67. input_value = input.get("value")
68. if input_name and input_value:
69. data[input_name] = input_value
70.  
71. if form_details["method"] == "post":
72. content = requests.post(target_url, data=data, headers=headers, timeout=timeout).content.decode('latin-1')
73. else:
74. content = requests.get(target_url, params=data, headers=headers, timeout=timeout).content.decode('latin-1')
75.  
76. if js_script in content:
77. save(url)
78. print(f"{Fore.RED}[+] XSS Detected on {url}{Style.RESET_ALL}\n[*] Form details:")
79. pprint(form_details)
80.  
81.  
82. if __name__ == "__main__":
83. urls = open('site.txt', 'r')
84. for element in urls:
85. url = element.replace("\n", "")
86. print(f"\033[37m{url}")
87. # Максимальное время проверки одного сайта в секундах (не менее 180)
88. stop_time = 180
89. # Максимальное время ожидания ответа от сайта в секундах (не менее 15)
90. timeout = 20
91. try:
92. scan_xss(url, 180, 20)
93. except:
94. pass # ваще похуй
95.  
96. urls.close()