Skip to content
This repository has been archived by the owner on Mar 8, 2023. It is now read-only.
/ File-Upload-XSS Public archive

File-Upload-XSS is a Python script that exploits the SVG XSS vulnerability in file upload services to gather information about users visiting a specific URL and send it to a Discord webhook.

15 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

pakbch/File-Upload-XSS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits

README.md

README.md

 
 

main.py

main.py

 
 

payload.js

payload.js

 
 

Repository files navigation

Introduction

File-Upload-XSS is a Python script designed to take advantage of the SVG XSS vulnerability present in various file upload services. When a user visits the specified URL, the script gathers information about their visit and sends it to a Discord webhook for analysis.

Features

  • Leverages the SVG XSS vulnerability to gather information about users visiting a specific URL
  • Sends gathered information to a Discord webhook

Preview

Script Menu

image

Grabbed Information

image

Demo

demo1.mp4

Updates

Added two new websites

  • megaupload.nz
  • openload.cc
  • upvid.cc
  • rapidshare.nu
  • hotfile.io
  • lolabits.se

Configuration

Don't forget to add your Discord webhook URL in payload.js before running the script.

About

File-Upload-XSS is a Python script that exploits the SVG XSS vulnerability in file upload services to gather information about users visiting a specific URL and send it to a Discord webhook.

Topics

discord file-upload xss stealer

Resources

Readme
Activity

Stars

15 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages