Skip to content

Instantly share code, notes, and snippets.

@arbazkiraak

arbazkiraak/phantonjs-xss.html

Forked from yeukhon/test.html
Last active September 15, 2019 23:47
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save arbazkiraak/f31bbc3e538580ae258fee80cb409f0a to your computer and use it in GitHub Desktop.
Save arbazkiraak/f31bbc3e538580ae258fee80cb409f0a to your computer and use it in GitHub Desktop.
Download ZIP
Simple XSS detector using PhantomJS
Raw
phantonjs-xss.html
<html>
<head></head>
<body>
<a href="javascript: alert('clicked xss link')" id="link">click me</a>
<img src="xx" onerror="alert('xss')" />
</body>
</html>
Raw
test-autorefresh.js
var page = require('webpage').create(),
system = require('system'),
address;
page.onAlert = function (msg) {
console.log("Received an alert: " + msg);
};
page.onConfirm = function (msg) {
console.log("Received a confirm dialog: " + msg);
return true;
};
page.onPrompt = function (msg) {
console.log("Recieved an prompt: "+msg);
};
function loadPage() {
if (system.args.length === 1) {
console.log("Must provide the address of the webpage");
} else {
address = system.args[1];
page.open(address, function (status) {
if (status === "success") {
console.log("opened web page successfully!");
page.evaluate(function () {
var e = document.createEvent('Events');
e.initEvent('click', true, false);
document.getElementById("link").dispatchEvent(e);
});
}
setTimeout(loadPage, 5000) // Call the function loadPage again in 5 seconds
});
}
}
loadPage()
Raw
test.js
var page = require('webpage').create(),
system = require('system'),
address;
page.onAlert = function (msg) {
console.log("Received an alert: " + msg);
};
page.onConfirm = function (msg) {
console.log("Received a confirm dialog: " + msg);
return true;
};
if (system.args.length === 1) {
console.log("Must provide the address of the webpage");
} else {
address = system.args[1];
page.open(address, function (status) {
if (status === "success") {
console.log("opened web page successfully!");
page.evaluate(function () {
// .click() is not standard
// see https://github.com/ariya/phantomjs/issues/11153
var e = document.createEvent('Events');
e.initEvent('click', true, false);
document.getElementById("link").dispatchEvent(e);
});
}
});
}
Raw
xss-detector.md

Usage

Launch python -m SimpleHTTPServer in the same directory as test.html. By default, the port is 8000.

Then launch phantomJS like this: phantomjs test.js http://localhost:8000/test.html

Output

vagrant@precise64:~$ pjs test.js http://localhost:8000/test.html
Received an alert: xss
opened web page successfully!
Received an alert: clicked xss link

^C
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment