I have a couple of web application penetration testing script for you. I will start out with a really simple one. First is a script that will convert the parameters given on the URL as a HTTP GET into a HTTP POST. This makes it easier to demonstrate XSS vulnerabilities in a POST to your customers. It does the same thing as http://www.whiteacid.org/misc/xss_post_forwarder.php but has the obvious advantage of running on a server you own so you don’t expose customer XSS vulnerabilities to third parties. You can specify a client IP address filter when you start the proxy to limit who can use your server. Here are the CLI options:
mark.baggett$ python get2post.py -h
Usage: get2post.py [options]
Options:
-p server port Define a port for the server to listen on. Default 8080
-c clientip Filter incoming connections and only allow the specified client to use the tool.
Once its running if you connect to the server with your web browser it will give you sample syntax. Here is an example URL:
For example: http://thishost.com;8080?target=http://victim.com/xssvulnerable.php&postparam1=postvalue1&postparam2=PostValue#2
Will generate a html form that automatically posts the values “postparam1=postvalue1&postparam2=PostValue#2” to the url http://victim.com/xssvulnerable.php
Here it is:get2post.py
Join me for SANS 504 Hacker Techniques, Exploits & Incident Handling November 15 in San Antonio TX! Register today!
http://www.sans.org/san-antonio-2010/description.php?tid=243