From 65744104f3cf1db82300db83acb849638c02e7bc Mon Sep 17 00:00:00 2001 From: ekultek Date: Wed, 8 Nov 2017 20:02:51 -0600 Subject: [PATCH] minor tweak to output colors, when run in batch will not prompt if you want to save the URL's, will just delete them --- lib/attacks/xss_scan/__init__.py | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/lib/attacks/xss_scan/__init__.py b/lib/attacks/xss_scan/__init__.py index 2815090..9f29d60 100644 --- a/lib/attacks/xss_scan/__init__.py +++ b/lib/attacks/xss_scan/__init__.py @@ -122,7 +122,7 @@ def scan_xss(url, agent=None, proxy=None): return False, None -def main_xss(start_url, verbose=False, proxy=None, agent=None, tamper=None): +def main_xss(start_url, verbose=False, proxy=None, agent=None, tamper=None, batch=False): """ main attack method to be called """ @@ -144,7 +144,7 @@ def main_xss(start_url, verbose=False, proxy=None, agent=None, tamper=None): )) filename = create_urls(start_url, payloads, tamper=tamper) logger.info(set_color( - "loaded URL's have been saved to '{}'...".format(filename) + "loaded URL's have been saved to '{}'...".format(filename), level=25 )) logger.info(set_color( "testing for XSS vulnerabilities on host '{}'...".format(start_url) @@ -191,15 +191,18 @@ def main_xss(start_url, verbose=False, proxy=None, agent=None, tamper=None): )) if len(success) != 0: logger.info(set_color( - "possible XSS scripts to be used:" + "possible XSS scripts to be used:", level=25 )) create_tree(start_url, list(success)) else: logger.error(set_color( "host '{}' does not appear to be vulnerable to XSS attacks...".format(start_url) )) - save = prompt( - "would you like to keep the URL's saved for further testing", opts="yN" - ) - if save.lower().startswith("n"): + if not batch: + save = prompt( + "would you like to keep the URL's saved for further testing", opts="yN" + ) + if save.lower().startswith("n"): + os.remove(filename) + else: os.remove(filename) \ No newline at end of file