为什么单击按钮时此警报框不会弹出?

时间:2017-04-28 19:35:44

标签: javascript html input replace alert

我一直在编写一个脚本来检查反射的XSS漏洞。到目前为止,它有一个URL输入,其中*代替查询,错误检查器输入格式错误的URL。它还有一个文件上传器,供用户上传“有效载荷”。但是,我最近做了一个部分,用有效载荷的内容替换*,然后为了调试目的,我用文件内容作为alert()变量。但是,它不起作用。这是我的代码:

function selectPayload(y) {

  var fr = new FileReader();
  fr.readAsText(document.getElementById('file').files[0]);
  fr.onload = function() {

    var dir = fr.result;
    var payload = y.replace("*", fr.result);
    alert(payload);

  };

}

function myFunction() {

  var errors = [];
  var x = document.getElementById("myText").value;

  if (!x.includes("http://") && !x.includes("https://")) {

    errors.push('missing HTTP or HTTPS in URL');

  }

  if (!x.includes("*")) {

    errors.push('missing * in place of query')

  }

  // Renders errors
  if (errors.length) {

    x = 'Error: ' + errors.join(', ') + '!';

  }

  document.getElementById("demo").innerHTML = x;
  selectPayload(x);

}
<!DOCTYPE html>

<html>

<head>

  <title>Slingshot.XSS</title>

</head>

<body style="font-family:monospace;" align="center">

  <h2>Slingshot.XSS</h2>
  <h3>Slingshot.XSS is a script that launches pre-loaded XSS payloads at a target to test its vulnerabilities.</h3>
  <h4>Please report all issues to
    <a href="https://github.com/keeganjk/slingshot.xss/issues"></a> or contact me at email@example.com.</h4>
  <a href="github.com/keeganjk/slingshot.xss" style="font-family:monospace" align="center">Source Code / Learn More</a>
  <br />

  <h4>Enter a URL with <b>*</b> in the place of query.</h4>
  <h5>Example: <code>https://www.google.com/#q=*</code></h5>
  <input type="text" id="myText" placeholder="Enter a URL"> <button onclick="myFunction()">Submit</button>
  <p id="demo">No Submitted URL</p>

  <h4>Select a payload:</h4>
  <h5>Default payloads in <code>payloads</code></h5>
  <input type="file" id="file"> <button onclick="selectPayload()">Submit</button>

</body>

</html>

我做错了什么?

2 个答案:

答案 0 :(得分:0)

你有第二个按钮调用错误的功能。已更改为致电myFunction()而非selectPayload()。除非您打算使用第二个按钮调用selectPayload(),否则您需要将它传递给它所期望的参数。

function selectPayload(y) {

  var fr = new FileReader();
  fr.readAsText(document.getElementById('file').files[0]);
  fr.onload = function() {

    var dir = fr.result;
    var payload = y.replace("*", fr.result);
    alert(payload);

  };

}

function myFunction() {

  var errors = [];
  var x = document.getElementById("myText").value;

  if (!x.includes("http://") && !x.includes("https://")) {

    errors.push('missing HTTP or HTTPS in URL');

  }

  if (!x.includes("*")) {

    errors.push('missing * in place of query')

  }

  // Renders errors
  if (errors.length) {

    x = 'Error: ' + errors.join(', ') + '!';

  }

  document.getElementById("demo").innerHTML = x;
  selectPayload(x);

}
<!DOCTYPE html>

<html>

<head>

  <title>Slingshot.XSS</title>

</head>

<body style="font-family:monospace;" align="center">

  <h2>Slingshot.XSS</h2>
  <h3>Slingshot.XSS is a script that launches pre-loaded XSS payloads at a target to test its vulnerabilities.</h3>
  <h4>Please report all issues to
    <a href="https://github.com/keeganjk/slingshot.xss/issues"></a> or contact me at keeganjkuhn@gmail.com.</h4>
  <a href="github.com/keeganjk/slingshot.xss" style="font-family:monospace" align="center">Source Code / Learn More</a>
  <br />

  <h4>Enter a URL with <b>*</b> in the place of query.</h4>
  <h5>Example: <code>https://www.google.com/#q=*</code></h5>
  <input type="text" id="myText" placeholder="Enter a URL"> <button onclick="myFunction()">Submit</button>
  <p id="demo">No Submitted URL</p>

  <h4>Select a payload:</h4>
  <h5>Default payloads in <code>payloads</code></h5>
  <input type="file" id="file"> <button onclick="myFunction()">Submit</button>

</body>

</html>

答案 1 :(得分:0)

此处:我找到了可行的代码:

<!DOCTYPE html>

<html>

<head>

  <title>Slingshot.XSS</title>

</head>

<body style="font-family:monospace;" align="center">

  <script> 

    function selectPayload() {

      var x = document.getElementById("myText").value;
      var fr = new FileReader();
      fr.readAsText(document.getElementById('file').files[0]);
      fr.onload = function() {

        var dir = fr.result;
        var payload = x.replace("*", fr.result);
        alert(payload);

      };

    }

    function myFunction() {

      var errors = [];
      var x = document.getElementById("myText").value;

      if (!x.includes("http://") && !x.includes("https://")) {

        errors.push('missing HTTP or HTTPS in URL');

      }

      if (!x.includes("*")) {

        errors.push('missing * in place of query')

      }

      // Renders errors
      if (errors.length) {

        x = 'Error: ' + errors.join(', ') + '!';

      }

      document.getElementById("demo").innerHTML = x;

      }


  </script>

  <h2>Slingshot.XSS</h2>
  <h3>Slingshot.XSS is a script that launches pre-loaded XSS payloads at a target to test its vulnerabilities.</h3>
  <h4>Please report all issues to
    <a href="https://github.com/keeganjk/slingshot.xss/issues"></a> or contact me at keeganjkuhn@gmail.com.</h4>
  <a href="github.com/keeganjk/slingshot.xss" style="font-family:monospace" align="center">Source Code / Learn More</a>
  <br />

  <h4>Enter a URL with <b>*</b> in the place of query.</h4>
  <h5>Example: <code>https://www.google.com/#q=*</code></h5>
  <input type="text" id="myText" placeholder="Enter a URL"> <button onclick="myFunction()">Submit</button>
  <p id="demo">No Submitted URL</p>

  <h4>Select a payload:</h4>
  <h5>Default payloads in <code>payloads</code></h5>
  <input type="file" id="file"> <button onclick="selectPayload()">Submit</button>

</body>

</html>