1## 2# This file is part of WhatWeb and may be subject to 3# redistribution and commercial restrictions. Please see the WhatWeb 4# web site for more information on licensing and terms of use. 5# http://www.morningstarsecurity.com/research/whatweb 6## 7# Version 0.2 # 8# Fixed regex 9## 10Plugin.define "Vulnerable-To-XSS" do 11author "Brendan Coles <bcoles@gmail.com>" # 2010-06-06 12version "0.2" 13description "This plugin can be used as a very basic xss scanner. It searches for instances of <script>alert(*)</script> in the HTML source." 14 15def passive 16 m=[] 17 result="" 18 if @body =~ /<script>([\s]*)(alert\([a-zA-Z0-9\/\'\"]+\))([\s]*[\;]?[\s]*)<\/script>/i 19 version = @body.scan(/<script>([\s]*)(alert\([a-zA-Z0-9\/\'\"]+\))[\s]*[\;]?[\s]*<\/script>/i) { |match| 20 result << "#{match} " 21 } 22 m << {:version=>result, :certainty=>25} 23 end 24 25 m 26end 27 28end 29 30 31