Fixed HTML comment context handling + Refactor

core/arjun.py

@@ -1,8 +1,9 @@
-import re
 import concurrent.futures
-from core.requester import requester
+import re
+
 from core.colors import good, info, green, end
 from core.config import blindParams, xsschecker, threadCount
+from core.requester import requester
 
 def checky(param, paraNames, url, headers, GET, delay, timeout):
     if param not in paraNames:

core/checker.py

@@ -1,10 +1,11 @@
-import re
 import copy
 from fuzzywuzzy import fuzz
+import re
+from urllib.parse import unquote
+
 from core.config import xsschecker
 from core.requester import requester
 from core.utils import replacer, fillHoles
-from urllib.parse import unquote
 
 def checker(url, params, headers, GET, delay, payload, positions, timeout, encoding):
     checkString = 'st4r7s' + payload + '3nd'

core/dom.py

@@ -1,4 +1,5 @@
 import re
+
 from core.colors import red, end, yellow
 
 def dom(response):

core/encoders.py

@@ -1,5 +1,5 @@
-import re
 import base64 as b64
+import re
 
 def base64(string):
 	if re.match(r'^[A-Za-z0-9+\/=]+$', string) and (len(string) % 4) == 0:

core/fuzzer.py

@@ -1,11 +1,12 @@
 import copy
-from time import sleep
 from random import randint
-from core.utils import replacer
-from core.requester import requester
-from core.config import fuzzes, xsschecker
+from time import sleep
 from urllib.parse import unquote
+
 from core.colors import end, red, green, yellow, bad, good, info
+from core.config import fuzzes, xsschecker
+from core.requester import requester
+from core.utils import replacer
 
 def counter(string):
     special = '\'"=/:*&)(}{][><'

core/generator.py

@@ -1,6 +1,6 @@
+from core.config import badTags, fillings, eFillings, lFillings, jFillings, eventHandlers, tags, functions
 from core.jsContexter import jsContexter
 from core.utils import randomUpper as r, genGen, extractScripts
-from core.config import badTags, fillings, eFillings, lFillings, jFillings, eventHandlers, tags, functions
 
 def generator(occurences, response):
     scripts = extractScripts(response)
@@ -83,7 +83,6 @@ def generator(occurences, response):
                 except:
                     continue
             closer = jsContexter(script)
-            validBreakers = ['\'', '"', '`']
             scriptEfficiency = occurences[i]['score']['</scRipT/>']
             greatBracketEfficiency = occurences[i]['score']['>']
             breakerEfficiency = occurences[i]['score'][breaker]

core/htmlParser.py

@@ -1,6 +1,6 @@
 import re
-from core.config import badTags
-from core.config import xsschecker
+
+from core.config import badTags, xsschecker
 
 def htmlParser(response, encoding):
     rawResponse = response
@@ -79,8 +79,8 @@ def htmlParser(response, encoding):
     occurences = {}
     for i, loc, env, tag, attr, position in zip(range(len(locations)), locations, environments, tags, attributes, positions):
         occurences[i] = {}
-        if loc == 'comment':
-            value = '-->'
         occurences[i]['position'] = position
+        if loc == 'comment':
+            env = '-->'
         occurences[i]['context'] = [loc, env, tag, attr]
     return [occurences, positions]

core/jsContexter.py

@@ -1,6 +1,7 @@
 import re
-from core.utils import stripper
+
 from core.config import xsschecker
+from core.utils import stripper
 
 def jsContexter(script):
     broken = script.split(xsschecker)

core/photon.py

@@ -1,12 +1,11 @@
-# Let's import what we need
-from re import findall
 import concurrent.futures
+from re import findall
 from urllib.parse import urlparse
 
 from core.colors import run
-from core.zetanize import zetanize
-from core.requester import requester
 from core.utils import getUrl, getParams
+from core.requester import requester
+from core.zetanize import zetanize
 
 def photon(seedUrl, headers, level, threadCount, delay, timeout):
     forms = [] #  web forms

core/prompt.py

@@ -1,5 +1,6 @@
 import os
 import tempfile
+
 from core.config import defaultEditor
 
 def prompt(default=None):

core/requester.py

@@ -1,7 +1,8 @@
-import time
 import random
-import warnings
 import requests
+import time
+import warnings
+
 import core.config
 
 warnings.filterwarnings('ignore') # Disable SSL related warnings

core/updater.py

@@ -1,8 +1,9 @@
-import re
 import os
+import re
 from requests import get
+
 from core.config import changes
-from core.colors import run, que, good, info, red, end, green
+from core.colors import run, que, good, info, end, green
 
 def updater():
     print('%s Checking for updates' % run)

core/utils.py

@@ -1,8 +1,9 @@
-import re
 import json
 import random
-from core.config import xsschecker
+import re
+
 from core.colors import info, red, end
+from core.config import xsschecker
 
 def verboseOutput(data, name, verbose):
     if verbose:

core/wafDetector.py

@@ -1,5 +1,6 @@
-import re
 import json
+import re
+
 from core.requester import requester
 
 def wafDetector(url, params, headers, GET, delay, timeout):

xsstrike.py

@@ -33,7 +33,7 @@ print('''%s
 
 try:
     import concurrent.futures
-    from urllib.parse import quote_plus, unquote, urlparse
+    from urllib.parse import unquote, urlparse
 except ImportError:  # throws error in python2
     print('%s XSStrike isn\'t compatible with python2.\n Use python > 3.4 to run XSStrike.' % bad)
     quit()
@@ -215,7 +215,6 @@ def singleTarget(target, paramData, verbose, encoding):
 
 
 def multiTargets(scheme, host, main_url, form, domURL, verbose, blindXSS, blindPayload, headers, delay, timeout):
-    signatures = set()  # TODO(NN) unused
     if domURL and not skipDOM:
         response = requester(domURL, {}, headers, True, delay, timeout).text
         highlighted = dom(response)