Added XSS.is activation method and GET params support

2026-05-15 19:05:43 +00:00 · 2021-01-21 01:08:29 +03:00
parent 69a3d17608
commit 36ccafbb3d
4 changed files with 37 additions and 5 deletions
@@ -1588,8 +1588,20 @@
            "usernameUnclaimed": "noonewouldeverusethis7"
        },
        "XSS.is": {
+            "activation": {
+                "method": "xssis",
+                "marks": [
+                    "errorHtml"
+                ],
+                "url": "https://xss.is/login/keep-alive",
+                "src": "csrf",
+                "dst": "x-guest-token"
+            },
            "checkType": "status_code",
-            "url": "https://xss.is/index.php?members/find&q={username}&_xfToken=1611176826%2Ce821e74f39e8436e2b599758f6fa5387&_xfRequestUri=%2Fmembers%2F%3Fkey%3Dmost_messages&_xfWithData=1&_xfResponseType=json",
+            "getParams": {
+                "_xfToken": "1611179947,a2710362e45dad9aa1da381e21941a38"
+            },
+            "url": "https://xss.is/index.php?members/find&q={username}&_xfRequestUri=%2Fmembers%2F%3Fkey%3Dmost_messages&_xfWithData=1&_xfResponseType=json",
            "urlMain": "https://xss.is",
            "usernameClaimed": "adam",
            "usernameUnclaimed": "noonewouldeverusethis7"
@@ -13436,7 +13448,7 @@
                "sec-ch-ua": "Google Chrome\";v=\"87\", \" Not;A Brand\";v=\"99\", \"Chromium\";v=\"87\"",
                "authorization": "Bearer AAAAAAAAAAAAAAAAAAAAANRILgAAAAAAnNwIzUejRCOuH5E6I8xnZz4puTs%3D1Zv7ttfk8LF81IUq16cHjhLTvJu4FA33AGWWjCpTnA",
                "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36",
-                "x-guest-token": "1350800018744160259"
+                "x-guest-token": "1351631725676388352"
            },
            "errors": {
                "Bad guest token": "x-guest-token update required"