XSStrike 源码阅读

XSStrike是一款XSS扫描工具。

Github地址: https://github.com/UltimateHackers/XSStrike

官网:https://xsstrike.tk/

特点如下

1. WAF识别与绕过
2. 自动POC生成
3. 支持GET与POST请求
4. 支持Cookie/HTTP认证
5. 隐藏参数发现
6. Blind XSS 爆破

接下来也主要基于以上特点进行源码分析。

源码分析

程序初始化

在导入相关package后，XSStrike进行了一系列的设置初始化工作。按顺序梳理如下:

定义颜色参数:

# Just some colors and shit
white = '33[1;97m'
..

初始化浏览器对象 br ，并设置相关参数:

<div class="line">br = mechanize.Browser() <span class="comment"># Just shortening the calling function</span></div>

<div class="line">br.set_handle_robots(<span class="keyword">False</span>) <span class="comment"># Don’t follow robots.txt</span></div>

<div class="line">br.set_handle_equiv(<span class="keyword">True</span>) <span class="comment"># I don’t know what it does, but its some good shit</span></div>

<div class="line">br.set_handle_redirect(<span class="keyword">True</span>) <span class="comment"># Follow redirects</span></div>

<div class="line">br.set_handle_referer(<span class="keyword">True</span>) <span class="comment"># Include referrer</span></div>

<div class="line">br.addheaders = [(<span class="string">’User-agent'</span>, <span class="string">’Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1′</span>),</div>

<div class="line">(<span class="string">’Accept-Encoding'</span>, <span class="string">’deflate'</span>), (<span class="string">’Accept'</span>, <span class="string">’text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q</span></div>

<div>