forked from marciopocebon/Tishna
-
Notifications
You must be signed in to change notification settings - Fork 1
/
phantomxsspayload.sh
65 lines (59 loc) · 1.48 KB
/
phantomxsspayload.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
#!/bin/bash
red="\e[0;31m"
new="\e[0;36m"
green="\e[0;32m"
off="\e[0m"
clear
function banner() {
echo "
Phantom JS XSS Injection Helper
version 1.0a
Script - Hackeruniversee
Coder - Haroon Awan
"
}
banner
echo "";
echo -e "$red [$green+$red] $off Caution: Before Continue Adjust payload1 and payload2 file";
echo "";
echo -e "$red [$green+$red] 1:$off Show Phantom JS XSS Injection 1st ";
echo -e "$red [$green+$red] 2:$off Show Phantom JS XSS Injection 2nd ";
echo -e "$red [$green+$red] 3:$off Show test.js file ";
echo "";
echo -ne "$red [$green+$red] Select An Option:$off: " ;
read Option
if [ $Option -eq "1" ]
then
echo "";
echo -e "$red [$green+$red] $off Setup: Try to Inject the payload into parameter/form/domain,etc and remember Path "
echo "";
cd phantomxsspayload
cat payload1
echo "";
fi
if [ $Option -eq "2" ]
then
echo "";
echo -e "$red [$green+$red] $off Setup: After successful payload1, try to Inject victim with payload2 and use js file for root "
echo "";
cd phantomxsspayload
cat payload2
echo "";
fi
if [ $Option -eq "3" ]
then
echo "";
echo -e "$red [$green+$red] $off Setup: Remember step2 and adjust js file for your server path "
echo "";
cd phantomxsspayload
cat test.js
echo "";
fi
if [ $Option -eq "4" ]
then
echo "";
echo -e "$red [$green+$red] $off Setup: Host this file locally with no header to bypass cross domain "
echo "";
cat no_referer
echo "";
fi