MCPcopy
hub / github.com/s0md3v/XSStrike / genGen

Function genGen

core/utils.py:134–159  ·  view source on GitHub ↗
(fillings, eFillings, lFillings, eventHandlers, tags, functions, ends, badTag=None)

Source from the content-addressed store, hash-verified

132
133
134def genGen(fillings, eFillings, lFillings, eventHandlers, tags, functions, ends, badTag=None):
135 vectors = []
136 r = randomUpper # randomUpper randomly converts chars of a string to uppercase
137 for tag in tags:
138 if tag == 'd3v' or tag == 'a':
139 bait = xsschecker
140 else:
141 bait = ''
142 for eventHandler in eventHandlers:
143 # if the tag is compatible with the event handler
144 if tag in eventHandlers[eventHandler]:
145 for function in functions:
146 for filling in fillings:
147 for eFilling in eFillings:
148 for lFilling in lFillings:
149 for end in ends:
150 if tag == 'd3v' or tag == 'a':
151 if '>' in ends:
152 end = '>' # we can't use // as > with "a" or "d3v" tag
153 breaker = ''
154 if badTag:
155 breaker = '</' + r(badTag) + '>'
156 vector = breaker + '<' + r(tag) + filling + r(
157 eventHandler) + eFilling + '=' + eFilling + function + lFilling + end + bait
158 vectors.append(vector)
159 return vectors
160
161
162def getParams(url, data, GET):

Callers 1

generatorFunction · 0.90

Calls

no outgoing calls

Tested by

no test coverage detected