Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

File http-xssed

Script types: portrule
Categories: safe, external, discovery
Download: http://nmap.org/svn/scripts/http-xssed.nse

User Summary

This script searches the xssed.com database and outputs the result.

Script Arguments

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap -p80 --script http-xssed.nse <target>

This script will search the xssed.com database and it will output any
results. xssed.com is the largest online archive of XSS vulnerable
websites.

PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack
| http-xssed:
|   xssed.com found the following previously reported XSS vulnerabilities marked as unfixed:
|
|     /redirect/links.aspx?page=http://xssed.com
|
|     /derefer.php?url=http://xssed.com/
|
|   xssed.com found the following previously reported XSS vulnerabilities marked as fixed:
|
|_    /myBook/myregion.php?targetUrl=javascript:alert(1);

Requires


Author: George Chatzisofroniou

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]