Sommaire |
ScreamingCSS.pl est un script écrit en Perl par David Devitry, inspiré par screamingCobra, écrit par Samy Kamkar.
Son objectif est de détecter des points d'entrée (failles de XSS) sur un site Web.
screamingCSS.pl [-e] [-i] [-s|-v] <http://host.name>[:port][/start/page]
-e: EXTRA TECHNIQUES
Uses multiple techniques to find bugs.
This will take over twice the amount of time to
complete a scan and the other techniques used with
this options are not commonly found in applications
but if you need to do a very strong pen test, you
may want to use this option.
-i: DON'T IGNORE ANY FILES
In the program, there is a user-configurable array
of extensions to ignore (not to GET). Those include
images, compressed files, etc.. This is because those
files will usually not be HTML pages so there won't
be any useful data in them, and they may take up a lot
of bandwidth as well. This option ignores that list
and screamingCobra will not ignore any files.
-s: STATUS BAR
This creates a status bar with constantly updated
numbers of pages accessed, bugs found and attempted
vulnerability scans. Cannot be used with verbose,
although the status bar is ALWAYS displayed when the
user unexpectedly exits or kills the application (^C)
or when the application is finished crawling.
-v: VERBOSE
This will display all the files being accessed and
will also list when CGIs are found and attempted to
be broken (to find vulnerabilities). Cannot be used
with status bar, although a status bar is ALWAYS
displayed when the user unexpectedly exits or kills the
application (^C) or when the application is finished
crawling.
# ./screamingCSS.pl -e -i -v http://www.target-site.fr Beginning to scan www.target-site.fr :: for CGI bugs... Kick back and relax, this will take a while... GET www.target-site.fr:80/ GET www.target-site.fr:80/welcome.php GET www.target-site.fr:80/map.php GET www.target-site.fr:80/contact.php GET www.target-site.fr:80/sendmail.php?name=&mailfrom=&mailbody=%22%3exxx%3cP%3eyyy&btnValidation=Envoyer GET www.target-site.fr:80/sendmail.php?name=&mailfrom=&mailbody=&btnValidation=%22%3exxx%3cP%3eyyy GET www.target-site.fr:80/sendmail.php?name=%22%3exxx%3cP%3eyyy&mailfrom=&mailbody=&btnValidation=Envoyer GET www.target-site.fr:80/sendmail.php?name=&mailfrom=%22%3exxx%3cP%3eyyy&mailbody=&btnValidation=Envoyer GET www.target-site.fr:80/reprise.php GET www.target-site.fr:80/renovation.php GET www.target-site.fr:80/majnews.php GET www.target-site.fr:80/logincheck.php?pseudo=&password=%22%3exxx%3cP%3eyyy GET www.target-site.fr:80/logincheck.php?pseudo=%22%3exxx%3cP%3eyyy&password= GET www.target-site.fr:80/actus.php GET www.target-site.fr:80/actus.php?search=%22%3exxx%3cP%3eyyy BUG FOUND - http://www.target-site.fr:80/actus.php?search=%22%3exxx%3cP%3eyyy GET www.target-site.fr:80/construction.php GET www.target-site.fr:80/amenagement.php GET www.target-site.fr:80/whoarewe.php GET www.target-site.fr:80/img/big/
