XSSer dont work... why?

madonzy
7 years ago

0

I’m trying to figure out why XSSer doesn’t work… I mean, it starts tests, but don’t find any vulnerabilities… in Bee Box :D

That is how I was trying:
xsser -u "http://bee-box.local/bWAPP/xss_get.php?firstname=VECTOR&lastname=VECTOR&form=submit" -s --Dom xsser -u "http://bee-box.local/bWAPP/xss_get.php?firstname=VECTOR&lastname=VECTOR&form=submit" -s --Dom --all xsser -all -u "http://bee-box.local/bWAPP/xss_get.php?firstname=VECTOR&lastname=VECTOR&form=submit" -s --Dom xsser -u "http://bee-box.local/bWAPP/xss_get.php?firstname=VECTOR&lastname=VECTOR&form=submit" -s --Dom --auto xsser -u "http://bee-box.local/bWAPP/xss_get.php?firstname=vector&lastname=vector&form=submit" -s --Dom --auto xsser -u "http://bee-box.local/bWAPP/xss_get.php?firstname=VECTOR&lastname=VECTOR&form=submit" -s --Dom --auto xsser -u "http://bee-box.local/bWAPP/xss_get.php" -g "firstname=VECTOR&lastname=VECTOR&form=submit"" -s --Dom --auto xsser -u "http://bee-box.local/bWAPP/xss_get.php" -g "firstname=VECTOR&lastname=VECTOR&form=submit" -s --Dom --auto xsser -u "http://bee-box.local/bWAPP/xss_get.php" -g "firstname=VECTOR&lastname=VECTOR&form=submit" -s --Dom --auto | grep firstname xsser -u "http://bee-box.local" -g "/bWAPP/xss_get.php?firstname=VECTOR&lastname=VECTOR&form=submit" -s --Dom --auto | grep firstname xsser -u "http://bee-box.local" -g "/bWAPP/xss_get.php?firstname=VECTOR&lastname=" -s --Dom --auto xsser -u "http://bee-box.local" -g "/bWAPP/xss_get.php?firstname=&lastname=" -s --Dom --auto xsser -u "http://bee-box.local" -p "/bWAPP/xss_post.php?firstname=&lastname=" -s --Dom --auto xsser -u "http://bee-box.local" -p "/bWAPP/xss_post.php?firstname=alex&lastname=" -s --Dom xsser -u "http://bee-box.local/bWAPP/xss_post.php" -p "firstname=alex&lastname=" -s --Dom xsser -u "http://bee-box.local/bWAPP/xss_post.php" -p "submit=submit&firstname=alex&lastname=" -s --Dom xsser -u "http://bee-box.local/bWAPP/xss_post.php" -p "submit=submit&firstname=alex&lastname=" -s --Dom -all xsser -u "http://bee-box.local/bWAPP/xss_post.php" -p "submit=submit&firstname=alex&lastname=" -s --Dom -auto xsser -u "http://bee-box.local/bWAPP/xss_post.php" -p "submit=submit&firstname=alex&lastname=" -s --Dom --auto xsser -u "http://bee-box.local/bWAPP" -g "/xss_get.php?submit=submit&firstname=alex&lastname=" --cookie="PHPSESSID=a3d0d35713422fae24ab63d84fe14303&security_level=0" -s --Dom --auto xsser -u "http://bee-box.local/bWAPP" -g "/xss_get.php?submit=submit&firstname=alex&lastname=" --cookie="PHPSESSID=a3d0d35713422fae24ab63d84fe14303&security_level=0" --proxy "http://127.0.0.1:8118" --referer "666.666.666.666" --user-agent "correct audit" -s --Dom --auto xsser -u "http://bee-box.local" -g "bWAPP/xss_get.php?submit=submit&firstname=alex&lastname=" --cookie="PHPSESSID=a3d0d35713422fae24ab63d84fe14303&security_level=0" --proxy "http://127.0.0.1:8118" --referer "666.666.666.666" --user-agent "correct audit" -s --Dom --auto xsser -u "http://bee-box.local" -g "bWAPP/xss_get.php?submit=submit&firstname=alex&lastname=" --cookie="PHPSESSID=a3d0d35713422fae24ab63d84fe14303&security_level=0" -s --Dom --auto xsser -u "http://bee-box.local/bWAPP" -g "xss_get.php?submit=submit&firstname=alex&lastname=" --cookie="PHPSESSID=a3d0d35713422fae24ab63d84fe14303&security_level=0" -s --Dom --auto xsser -u "http://bee-box.local/bWAPP?xss_get.php?submit=submit&firstname=VECTOR&lastname=VECTOR" --cookie="PHPSESSID=a3d0d35713422fae24ab63d84fe14303&security_level=0" -s --Dom --auto xsser -v xsser -u "http://bee-box.local/bWAPP?xss_get.php?submit=submit&firstname=VECTOR&lastname=VECTOR" --cookie="PHPSESSID=a3d0d35713422fae24ab63d84fe14303&security_level=0"history -s --Dom --auto

and nothing of that is working. What I’m dooing wrong? When I use firefox plugin XSS-me it work pretty good. Please help :)

0replies

2voices

277views

Reply has been removed

You must be logged in to reply to this discussion. Login

1 of 1