📄 nikto_apache_expect_xss.plugin
字号:
#VERSION,2.00#LASTMOD,01.06.2008################################################################################ Copyright (C) 2008 CIRT, Inc.## This program is free software; you can redistribute it and/or# modify it under the terms of the GNU General Public License# as published by the Free Software Foundation; version 2# of the License only.## This program is distributed in the hope that it will be useful,# but WITHOUT ANY WARRANTY; without even the implied warranty of# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the# GNU General Public License for more details.## You should have received a copy of the GNU General Public License# along with this program; if not, write to the Free Software# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.############################################################################################################################################################### PURPOSE# Test Apache's expect header XSS###############################################################################sub nikto_apache_expect_xss{ LW2::http_close(\%request); # force-close any old connections LW2::http_reset(); $request{'whisker'}->{'uri'} = "/"; $request{'Expect'} = "<script>alert(xss)</script>"; LW2::http_fixup_request(\%request); dump_var("Request Hash", \%request); if ($CLI{pause} > 0) { sleep $CLI{pause}; } LW2::http_do_request_timeout(\%request, \%result, 5); dump_var("Result Hash", \%result); if ($result{'whisker'}->{'data'} =~ /<script>alert\(xss\)<\/script>/) { $TARGETS{$CURRENT_HOST_ID}{positives}{999974} = 1; $TARGETS{$CURRENT_HOST_ID}{total_vulns}++; $TESTS{999974}{osvdb} = 27487; $TESTS{999974}{message} = "Apache is vulnerable to XSS via the Expect header"; nprint("+ OSVDB-$TESTS{999974}{osvdb}: $TESTS{999974}{message}"); } delete $request{'Expect'};}1;⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -