Page to display vulnerabilities - Only display URL
parent
1362da21be
commit
b55243b60a
|
@ -36,10 +36,17 @@ function send_target(server, url, deep, impact){
|
|||
|
||||
// Notifications and update local storage
|
||||
if (http_data.xss != '0'){
|
||||
|
||||
// Update XSS count
|
||||
chrome.storage.sync.get(['xss'], function(items) {
|
||||
chrome.storage.sync.set({'xss': items['xss']+1})
|
||||
});
|
||||
|
||||
// Update vulnerabilities URL list
|
||||
chrome.storage.sync.get(['list'], function(items) {
|
||||
chrome.storage.sync.set({'list': items['list']+http_data.list})
|
||||
});
|
||||
|
||||
new Notification('New vulnerability detected !', {
|
||||
icon: 'icon.png',
|
||||
body: 'XSS on '+extract_domain(unescape(url))
|
||||
|
@ -47,10 +54,17 @@ function send_target(server, url, deep, impact){
|
|||
}
|
||||
|
||||
if (http_data.sql != '0'){
|
||||
|
||||
// Update SQL count
|
||||
chrome.storage.sync.get(['sql'], function(items) {
|
||||
chrome.storage.sync.set({'sql': items['sql']+1})
|
||||
});
|
||||
|
||||
// Update vulnerabilities URL list
|
||||
chrome.storage.sync.get(['list'], function(items) {
|
||||
chrome.storage.sync.set({'list': items['list']+http_data.list})
|
||||
});
|
||||
|
||||
new Notification('New vulnerability detected !', {
|
||||
icon: 'icon.png',
|
||||
body: 'SQLi on '+extract_domain(unescape(url))
|
||||
|
@ -58,10 +72,16 @@ function send_target(server, url, deep, impact){
|
|||
}
|
||||
|
||||
if (http_data.lfi != '0'){
|
||||
// Update LFI count
|
||||
chrome.storage.sync.get(['lfi'], function(items) {
|
||||
chrome.storage.sync.set({'lfi': items['lfi']+1})
|
||||
});
|
||||
|
||||
// Update vulnerabilities URL list
|
||||
chrome.storage.sync.get(['list'], function(items) {
|
||||
chrome.storage.sync.set({'list': items['list']+http_data.list})
|
||||
});
|
||||
|
||||
new Notification('New vulnerability detected !', {
|
||||
icon: 'icon.png',
|
||||
body: 'LFI on '+extract_domain(unescape(url))
|
||||
|
@ -75,7 +95,7 @@ function send_target(server, url, deep, impact){
|
|||
}
|
||||
|
||||
// Set a clean local storage
|
||||
chrome.storage.sync.set({'xss': 0, 'sql': 0, 'lfi': 0, 'work': 1 })
|
||||
chrome.storage.sync.set({'xss': 0, 'sql': 0, 'lfi': 0, 'work': 1, 'list':'' })
|
||||
|
||||
// Launch a scan when the tab change
|
||||
chrome.tabs.onActivated.addListener(function(activeInfo) {
|
||||
|
|
|
@ -37,6 +37,10 @@
|
|||
#debug{
|
||||
margin-top: 20px;
|
||||
}
|
||||
#list{
|
||||
display: none;
|
||||
text-align: left;
|
||||
}
|
||||
</style>
|
||||
<script src="popup.js"></script>
|
||||
</head>
|
||||
|
@ -59,7 +63,10 @@
|
|||
|
||||
<!-- Used only to display debug informations-->
|
||||
<a href='#stop' id='stop'>STOP</a>
|
||||
<a href='#export' id='export'>EXPORT</a>
|
||||
<div id='debug'><span id='status'>Status Server</span></div>
|
||||
<a href='./vulns.html' target=_blank id='export'>LIST</a>
|
||||
<div id='debug'>
|
||||
<span id='status'>Status Server</span>
|
||||
<ul id='list'></ul>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
|
@ -87,10 +87,32 @@ document.addEventListener('DOMContentLoaded', function() {
|
|||
getCurrentTab(function(tab) {
|
||||
|
||||
// Display local storage
|
||||
chrome.storage.sync.get(['xss','sql','lfi'], function(items) {
|
||||
document.getElementById("xss").textContent = items['xss'] + " Cross Site Scripting";
|
||||
document.getElementById("sql").textContent = items['sql'] + " Injection SQL";
|
||||
document.getElementById("lfi").textContent = items['lfi'] + " Local File Inclusion";
|
||||
chrome.storage.sync.get(['xss','sql','lfi','list'], function(items) {
|
||||
|
||||
// Display the list of vulns
|
||||
var vulns = escape(items['list']).split('%7CDELIMITER%7C')
|
||||
var i = 0;
|
||||
vulns.forEach(function(y)
|
||||
{
|
||||
y = encodeURI(unescape(y));
|
||||
if(y!==''){
|
||||
|
||||
var style = "";
|
||||
if (i%2 == 1){
|
||||
style = ' class="alt"';
|
||||
}
|
||||
|
||||
document.getElementById('list').innerHTML += ('<tr'+style+'><td>XSS</td><td><a href="'+y+'">'+y.substring(0,150)+'</a></td></tr>');
|
||||
i++;
|
||||
}
|
||||
|
||||
}
|
||||
);
|
||||
|
||||
// Display vulnerabilities' count
|
||||
document.getElementById("xss").textContent = items['xss'] + " Cross Site Scripting";
|
||||
document.getElementById("sql").textContent = items['sql'] + " Injection SQL";
|
||||
document.getElementById("lfi").textContent = items['lfi'] + " Local File Inclusion";
|
||||
document.getElementById("total").textContent = "Total : "+ (items['lfi']+items['xss']+items['sql']) +" vulnerability found";
|
||||
});
|
||||
|
||||
|
@ -111,20 +133,5 @@ document.addEventListener('DOMContentLoaded', function() {
|
|||
chrome.storage.sync.set({'work': 1});
|
||||
}
|
||||
});
|
||||
|
||||
// Second button ...
|
||||
document.getElementById("export").addEventListener('click', () => {
|
||||
function confirmation() {
|
||||
//document.getElementById("debug").textContent = http_data.list;
|
||||
alert('Not available yet..')
|
||||
}
|
||||
chrome.tabs.executeScript({code: '(' + confirmation + ')();'}, (results) => {
|
||||
document.getElementById('status').textContent = results[0];
|
||||
});
|
||||
});
|
||||
|
||||
});
|
||||
|
||||
});
|
||||
|
||||
|
||||
|
|
|
@ -0,0 +1,98 @@
|
|||
<!doctype html>
|
||||
<html>
|
||||
<head>
|
||||
<title>Damn Website Scanner</title>
|
||||
<style>
|
||||
body {
|
||||
font-family: "Segoe UI", "Lucida Grande", Tahoma, sans-serif;
|
||||
font-size: 100%;
|
||||
text-align: center;
|
||||
}
|
||||
#content{
|
||||
margin-bottom: 20px;
|
||||
}
|
||||
#info {
|
||||
display: block;
|
||||
width: 200px;
|
||||
margin: 0 auto;
|
||||
text-align: left;
|
||||
}
|
||||
#stop,#export{
|
||||
width: 100px;
|
||||
padding: 8px;
|
||||
display: inline-block;
|
||||
margin: 0 auto;
|
||||
border-radius: 5px;
|
||||
text-decoration: none;
|
||||
text-transform: uppercase;
|
||||
text-align: center;
|
||||
color: white;
|
||||
background-image: -webkit-linear-gradient(top,#EA464A,#D43C40);
|
||||
font-family: arial;
|
||||
font-weight: bold;
|
||||
line-height: 30px;
|
||||
box-shadow: 0px 2px 0px #553634, 0px 3px 3px #888;
|
||||
}
|
||||
#export{
|
||||
background-image: -webkit-linear-gradient(top,#00BFA5,#26A69A);
|
||||
}
|
||||
#debug{
|
||||
margin-top: 20px;
|
||||
}
|
||||
.datagrid table { border-collapse: collapse; text-align: left; width: 100%; }
|
||||
.datagrid {font: normal 12px/150% Arial, Helvetica, sans-serif; background: #fff; overflow: hidden; border: 1px solid #006699; -webkit-border-radius: 3px; -moz-border-radius: 3px; border-radius: 3px; }
|
||||
.datagrid table td, .datagrid table th { padding: 3px 16px; }
|
||||
.datagrid table thead th {background:-webkit-gradient( linear, left top, left bottom, color-stop(0.05, #006699), color-stop(1, #00557F) );background:-moz-linear-gradient( center top, #006699 5%, #00557F 100% );filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#006699', endColorstr='#00557F');background-color:#006699; color:#FFFFFF; font-size: 15px; font-weight: bold; border-left: 1px solid #0070A8; }
|
||||
.datagrid table thead th:first-child { border: none; }
|
||||
.datagrid table tbody td { color: #00557F; border-left: 1px solid #E1EEF4;font-size: 12px;font-weight: normal; }
|
||||
.datagrid table tbody .alt td { background: #E1EEf4; color: #00557F; }
|
||||
.datagrid table tbody td:first-child { border-left: none; }.datagrid table tbody tr:last-child td { border-bottom: none; }
|
||||
.datagrid{ width: 70%; margin: 0 auto; margin-bottom: 20px;}
|
||||
.hidden{
|
||||
display: none;
|
||||
}
|
||||
</style>
|
||||
<script src="popup.js"></script>
|
||||
</head>
|
||||
|
||||
|
||||
<body>
|
||||
<h3>Damn Website Scanner - List of vulnerabilities</h3>
|
||||
|
||||
<div id="content">
|
||||
<span id='url' class='hidden'>
|
||||
<a href='http://example.com'>http://limited.url</a>
|
||||
</span>
|
||||
|
||||
<div class="datagrid">
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Type</th>
|
||||
<th>URL of the vulnerability</th>
|
||||
</tr>
|
||||
</thead>
|
||||
|
||||
<tbody id='list'>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
|
||||
<p><span id='total'>Total : 0 vulnerability found</span></p>
|
||||
|
||||
<ul id="info">
|
||||
<li><span id='xss'>0 Cross Site Scripting</span></li>
|
||||
<li><span id='sql'>0 Injection SQL</span></li>
|
||||
<li><span id='lfi'>0 Local File Inclusion</span></li>
|
||||
</ul>
|
||||
|
||||
</div>
|
||||
|
||||
<!-- Used only to display debug informations-->
|
||||
<a href='#stop' id='stop'>STOP</a>
|
||||
<a href='./vulns.html' target=_blank id='export'>LIST</a>
|
||||
<div id='debug'>
|
||||
<span id='status'>Status Server</span>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
|
@ -13,10 +13,11 @@ Currently it scans for:
|
|||
- Detect if the server is up
|
||||
- Start/Stop button
|
||||
- New XSS vectors, work in different contexts (JS var, JS function, inside HTML tag, outside HTML tag)
|
||||
- Basic page to list the vulnerabilities
|
||||
|
||||
## TODO - Work in progress
|
||||
- Get vuln list in localstorage (list)
|
||||
- ScanSQLTime/ScanSQLBlind
|
||||
- Should detect target in source code..
|
||||
- Should detect and work with POST requests
|
||||
- Export function for vulnerabilities
|
||||
- Add some functions from https://sergeybelove.ru/one-button-scan/result/3004e0b978f19e58e3239087d119742779e1efbc/
|
||||
|
|
Loading…
Reference in New Issue