File "zeus.py", line 408, in <module>
__run_attacks_main()
File "zeus.py", line 305, in __run_attacks_main
threads=opt.amountOfThreads
File "/home/baal/bin/python/zeus-scanner/lib/core/settings.py", line 1008, in run_attacks
agent=agent, tamper=tamper_script, batch=batch,
File "/home/baal/bin/python/zeus-scanner/lib/attacks/xss_scan/__init__.py", line 190, in main_xss
result = scan_xss(url, proxy=proxy, agent=agent)
File "/home/baal/bin/python/zeus-scanner/lib/attacks/xss_scan/__init__.py", line 117, in scan_xss
xss_request = requests.get(url, proxies=config_proxy, headers=config_headers)
File "/home/baal/.local/lib/python2.7/site-packages/requests/api.py", line 72, in get
return request('get', url, params=params, **kwargs)
File "/home/baal/.local/lib/python2.7/site-packages/requests/api.py", line 58, in request
return session.request(method=method, url=url, **kwargs)
File "/home/baal/.local/lib/python2.7/site-packages/requests/sessions.py", line 508, in request
resp = self.send(prep, **send_kwargs)
File "/home/baal/.local/lib/python2.7/site-packages/requests/sessions.py", line 658, in send
r.content
File "/home/baal/.local/lib/python2.7/site-packages/requests/models.py", line 823, in content
self._content = bytes().join(self.iter_content(CONTENT_CHUNK_SIZE)) or bytes()
File "/home/baal/.local/lib/python2.7/site-packages/requests/models.py", line 748, in generate
raise ChunkedEncodingError(e)
ChunkedEncodingError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
2017-12-01 16:38:10,072;zeus-log;INFO;tampering payloads with 'enclosebrackets'...
2017-12-01 16:38:10,072;zeus-log;INFO;loading payloads...
2017-12-01 16:38:10,088;zeus-log;DEBUG;a total of 296 payloads loaded...
2017-12-01 16:38:10,088;zeus-log;INFO;payloads will be written to a temporary file and read from there...
2017-12-01 16:38:10,105;zeus-log;DEBUG;tampering payload with 'enclosebrackets'...
2017-12-01 16:38:10,118;zeus-log;WARNING;enclosing brackets is meant to be used as an obfuscation against an already valid vulnerable site...
2017-12-01 16:38:10,147;zeus-log;INFO;loaded URL's have been saved to '/tmp/tmpqq_1lU'...
2017-12-01 16:38:10,148;zeus-log;INFO;testing for XSS vulnerabilities on host 'https://link.springer.com/content/pdf/10.1007/s00784-013-0965-8.pdf'...
2017-12-01 16:38:10,148;zeus-log;INFO;using proxy 'socks5://127.0.0.1:9050'...
2017-12-01 16:38:10,979;zeus-log;INFO;trying payload '/content/pdf/10.1007/s00784-013-0965-8.pdf\x['3']c'...
2017-12-01 16:38:10,979;zeus-log;DEBUG;host 'https://link.springer.com/content/pdf/10.1007/s00784-013-0965-8.pdf' does not appear to be vulnerable to XSS attacks with payload '/content/pdf/10.1007/s00784-013-0965-8.pdf\x['3']c'...
2017-12-01 16:38:11,527;zeus-log;INFO;trying payload '/content/pdf/10.1007/s00784-013-0965-8.pdf\x['3']C'...
2017-12-01 16:38:11,528;zeus-log;DEBUG;host 'https://link.springer.com/content/pdf/10.1007/s00784-013-0965-8.pdf' does not appear to be vulnerable to XSS attacks with payload '/content/pdf/10.1007/s00784-013-0965-8.pdf\x['3']C'...
2017-12-01 16:38:12,071;zeus-log;INFO;trying payload '/content/pdf/10.1007/s00784-013-0965-8.pdf\u['0']['0']['3']c'...
2017-12-01 16:38:12,071;zeus-log;DEBUG;host 'https://link.springer.com/content/pdf/10.1007/s00784-013-0965-8.pdf' does not appear to be vulnerable to XSS attacks with payload '/content/pdf/10.1007/s00784-013-0965-8.pdf\u['0']['0']['3']c'...
2017-12-01 16:38:12,628;zeus-log;INFO;trying payload '/content/pdf/10.1007/s00784-013-0965-8.pdf\u['0']['0']['3']C'...
2017-12-01 16:38:12,628;zeus-log;DEBUG;host 'https://link.springer.com/content/pdf/10.1007/s00784-013-0965-8.pdf' does not appear to be vulnerable to XSS attacks with payload '/content/pdf/10.1007/s00784-013-0965-8.pdf\u['0']['0']['3']C'...
2017-12-01 16:38:13,161;zeus-log;INFO;trying payload '/content/pdf/10.1007/s00784-013-0965-8.pdf<'...
2017-12-01 16:38:13,161;zeus-log;DEBUG;host 'https://link.springer.com/content/pdf/10.1007/s00784-013-0965-8.pdf' does not appear to be vulnerable to XSS attacks with payload '/content/pdf/10.1007/s00784-013-0965-8.pdf<'...
2017-12-01 16:38:13,416;zeus-log;ERROR;[7;31;31mZeus has hit an unexpected error and cannot continue, error code '('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))'...
Traceback (most recent call last):
File "zeus.py", line 408, in <module>
__run_attacks_main()
File "zeus.py", line 305, in __run_attacks_main
threads=opt.amountOfThreads
File "/home/baal/bin/python/zeus-scanner/lib/core/settings.py", line 1008, in run_attacks
agent=agent, tamper=tamper_script, batch=batch,
File "/home/baal/bin/python/zeus-scanner/lib/attacks/xss_scan/__init__.py", line 190, in main_xss
result = scan_xss(url, proxy=proxy, agent=agent)
File "/home/baal/bin/python/zeus-scanner/lib/attacks/xss_scan/__init__.py", line 117, in scan_xss
xss_request = requests.get(url, proxies=config_proxy, headers=config_headers)
File "/home/baal/.local/lib/python2.7/site-packages/requests/api.py", line 72, in get
return request('get', url, params=params, **kwargs)
File "/home/baal/.local/lib/python2.7/site-packages/requests/api.py", line 58, in request
return session.request(method=method, url=url, **kwargs)
File "/home/baal/.local/lib/python2.7/site-packages/requests/sessions.py", line 508, in request
resp = self.send(prep, **send_kwargs)
File "/home/baal/.local/lib/python2.7/site-packages/requests/sessions.py", line 658, in send
r.content
File "/home/baal/.local/lib/python2.7/site-packages/requests/models.py", line 823, in content
self._content = bytes().join(self.iter_content(CONTENT_CHUNK_SIZE)) or bytes()
File "/home/baal/.local/lib/python2.7/site-packages/requests/models.py", line 748, in generate
raise ChunkedEncodingError(e)
ChunkedEncodingError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
2017-12-01 16:38:13,710;zeus-log;INFO;[32mZeus got an unexpected error and will automatically create an issue for this error, please wait...[0m
2017-12-01 16:38:13,710;zeus-log;INFO;[32mgetting authorization...[0m
2017-12-01 16:38:13,737;zeus-log;INFO;[32mextracting traceback from log file...[0m
2017-12-01 16:38:13,737;zeus-log;INFO;[32mattempting to get firefox browser version...[0m
Zeus version:
1.3.12.ade2d5
Firefox version:
(57, 0)
Geckodriver version:
geckodriver-v0.19.0-linux64.tar.gz
Error info:
Running details:
Linux-4.10.0-40-generic-x86_64-with-Ubuntu-17.04-zesty
Commands used:
zeus.py -d allintitle: restricted filetype :mail --verbose --batch -x --x-forward --random-agent --proxy socks5://127.0.0.1:9050 --tamper=enclosebrackets -M -L 10
Log file info: