Skip to content

Commit

Permalink
update xss + dorking module -> fixing a lot of bugs
Browse files Browse the repository at this point in the history
  • Loading branch information
ElNiak committed Jun 13, 2024
1 parent 1c3b5bf commit d2a9f2e
Show file tree
Hide file tree
Showing 58 changed files with 29,896 additions and 938 deletions.
6 changes: 6 additions & 0 deletions INSTALL.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
# Installation

## Pre-Commit

python3 -m pip install pre-commit
pre-commit installed at .git/hooks/pre-commit


## Classical

## PyPy
16 changes: 11 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,15 +11,15 @@ make
```
## Usage
```bash
python3 bounty_drive.py
python3 py
```

```bash
Please specify the website extension(eg- .in,.com,.pk) [default: ] ----->
Please specify the website extension(eg- .in,.com,.pk) [default: ] ----->
Do you want to restrict search to subdomain present in target.txt ? [default: true (vs false)] -----> true
Please specify the total no. of websites you want [default: 10] ---->
From which Google page you want to start(eg- 1,2,3) [default: 1] ---->
Do you want to do the Google dorking scan phase ? [default: true (vs false)] ---->
Please specify the total no. of websites you want [default: 10] ---->
From which Google page you want to start(eg- 1,2,3) [default: 1] ---->
Do you want to do the Google dorking scan phase ? [default: true (vs false)] ---->
Do you want to do the Github dorking scan phase ? [default: true (vs false)] ----> false
Do you want to test for XSS vulnerability ? [default: true (vs false)] ----> true
Do you want to encode XSS payload ? [default: true (vs false)] ----> false
Expand All @@ -40,6 +40,10 @@ Updated at 2024-02-18 15:32:02 UTC.

TODO: we should proxy proxy chains

## TODO

- use singletons for config !!!

# HAPPY HUNTING


Expand All @@ -64,5 +68,7 @@ https://github.com/spekulatius/infosec-dorks

https://github.com/RevoltSecurities/Subdominator

https://github.com/Raghavd3v/CRLFsuite/blob/main/crlfsuite/db/wafsignatures.json

# TODO
add a vulnerable wordpress plugin and then dork to find vulnerable wordpress sites
7 changes: 6 additions & 1 deletion bounty_drive/attacks/dorks/dorking_config.py
Original file line number Diff line number Diff line change
@@ -1 +1,6 @@
SUBDOMAIN = None # TODO use target.txt and allow multiple domain
class DorkingConfig:
SUBDOMAIN = [] # TODO use target.txt and allow multiple domain
CRAWL = False


dorking_config = DorkingConfig()
50 changes: 25 additions & 25 deletions bounty_drive/attacks/dorks/google/xss/XSS-Dork.txt
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,9 @@
/view.php?PID= /view.php?PID=
/winners.php?year=2008&type= /winners.php?year=2008&type=
/winners.php?year=2008&type= /winners.php?year=2008&type=
index.php?option=com_reservations&task=askope&nidser=2&namser= com_reservations
index.php?option=com_reservations&task=askope&nidser=2&namser= com_reservations
intext:Website by Mile High Creative
index.php?option=com_reservations&task=askope&nidser=2&namser= "com_reservations"
index.php?option=com_reservations&task=askope&nidser=2&namser= "com_reservations"
intext:"Website by Mile High Creative"
inurl:.com/search.asp
inurl:/poll/default.asp?catid=
inurl:/products/classified/headersearch.php?sid=
Expand All @@ -37,28 +37,28 @@ inurl:com_feedpostold/feedpost.php?url=
inurl:headersearch.php?sid=
inurl:scrapbook.php?id=
inurl:search.php?q=
inurl:.php?author=
inurl:.php?cat=
inurl:.php?cmd=
inurl:.php?feedback=
inurl:.php?file=
inurl:.php?from=
inurl:.php?keyword=
inurl:.php?mail=
inurl:.php?max=
inurl:.php?pass=
inurl:.php?q=
inurl:.php?query=
inurl:.php?search=
inurl:.php?searchstring=
inurl:.php?searchst­ring=
inurl:.php?tag=
inurl:.php?txt=
inurl:.php?vote=
inurl:.php?years=
inurl:.php?z=
inurl:contentPage.php?id=
inurl:displayResource.php?id=
inurl:".php?author="
inurl:".php?cat="
inurl:".php?cmd="
inurl:".php?feedback="
inurl:".php?file="
inurl:".php?from="
inurl:".php?keyword="
inurl:".php?mail="
inurl:".php?max="
inurl:".php?pass="
inurl:".php?q="
inurl:".php?query="
inurl:".php?search="
inurl:".php?searchstring="
inurl:".php?searchst­ring="
inurl:".php?tag="
inurl:".php?txt="
inurl:".php?vote="
inurl:".php?years="
inurl:".php?z="
inurl:"contentPage.php?id="
inurl:"displayResource.php?id="
pages/match_report.php?mid= pages/match_report.php?mid=
inurl:/search?query=<script>alert('XSS')</script>
inurl:/login?username=<script>alert('XSS')</script>
Expand Down
Loading

0 comments on commit d2a9f2e

Please sign in to comment.