# # ronin-exploits - A Ruby library for ronin-rb that provides exploitation and # payload crafting functionality. # # Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com) # # ronin-exploits is free software: you can redistribute it and/or modify # it under the terms of the GNU Lesser General Public License as published # by the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # ronin-exploits is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public License # along with ronin-exploits. If not, see . # require 'ronin/exploits/client_side_web_vuln' require 'ronin/exploits/mixins/html' require 'ronin/vulns/reflected_xss' require 'ronin/payloads/javascript_payload' require 'ronin/payloads/builtin/test/xss' module Ronin module Exploits # # Represents a [Cross Site Scripting (XSS)][XSS] exploit. # # [XSS]: https://owasp.org/www-community/attacks/xss/ # # ## Example # # require 'ronin/exploits/xss' # # module Ronin # module Exploits # class MyExploit < XSS # # register 'my_exploit' # # base_path '/path/to/page.php' # query_param 'title' # # end # end # end # # @api public # # @since 1.0.0 # class XSS < ClientSideWebVuln include Mixins::HTML payload_class Payloads::JavaScriptPayload references [ 'https://owasp.org/www-community/attacks/xss/' ] # # Initializes the XSS exploit and defaults the {#payload} to a XSS test # payload. # # @param [Ronin::Payloads::JavaScriptPayload, String, nil] payload # The payload to use. # def initialize(payload: Payloads::Test::XSS.new, **kwargs) super(payload: payload, **kwargs) end # # Returns the type or kind of exploit. # # @return [Symbol] # # @note # This is used internally to map an exploit class to a printable type. # # @api private # def self.exploit_type :xss end # # The XSS vulnerability to exploit. # # @return [Ronin::Vulns::ReflectedXSS] # def vuln @vuln ||= Vulns::ReflectedXSS.new(url,**web_vuln_kwargs) end end end end