xssPlay Updates

August 10, 2012 in Uncategorized by trevelyn

Updates! I added some new functionality thanks to the suggestions of M33b0. First, the application now crawls all links embedded into pages if the ‘-r’ argument is specified at runtime. Also, you can randomly choose a new User Agent for each http request! This will severely falsify and ruin “data” in http access/error logs. You can randomly choose mobile, standard, or any. IN THE EXAMPLE IMAGES BELOW, I DID NOT HACK WT4.COM. I SIMPLY CHANGED MY /ETC/HOSTS FILE TO REFLECT WT4.COM AS LOCALHOST SINCE MY HOSTNAME IS WT4 The pWeb Suite has been updated to have three new files in it also, two html files for the new output logs for xssPlay, and one new file that is filled to the rim with User Agents :)

That’s a sweet looking output, if I do say so my damned self.

There’s the new arguments, there will be a few more to come.

There’s the new “html” output. I got this idea from Havij. Each link goes to the defaced page.

~Douglas