search

hahwul / XSpear

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem
MIT License
1.17k stars 222 forks source link

Anyone have any idea what the issue could be does it affect the scan ? #77

Open a6thmfsin opened 1 month ago

a6thmfsin commented 1 month ago 
)  (

( /( )\ )
)())(()/( ( ) (
(()\ /())` ) ))\ ( /( )(
(()()) /(/( /(())())(()\
\ \/ // |(()\ ()) (() (()

< _ | ' )/ -)/ || '_| /_/\_\|___/| .__/ \___|\__,_||_| /> |_| \ /< {\\\\\\\\\\\\\BYHAHWUL\\\\\\\\\\\(0):::<======================- / \< \> [ v1.4.1 ] [*] analysis request.. [*] used test-all-params mode(-a) [*] creating a test query all param + blind XSS [*] load custom payload /usr/lib/ruby/3.1.0/json/common.rb:216:inparse': 451: unexpected token at '{ (JSON::ParserError) "payload":"'">"autofocus/onfocus=alert(1)//", "callback":"P2", "descript":"blahblah~" }, { "payload":"<>", "callback":"P1", "descript":"blahblah~" } ] ' from /usr/lib/ruby/3.1.0/json/common.rb:216:in parse' from /var/lib/gems/3.1.0/gems/XSpear-1.4.1/lib/XSpear.rb:605:inrun' from /var/lib/gems/3.1.0/gems/XSpear-1.4.1/exe/XSpear:196:in <top (required)>' from /usr/local/bin/XSpear:25:inload' from /usr/local/bin/XSpear:25:in `

'

github-actions[bot] commented 1 month ago

Thank you for your first issue report :D

a6thmfsin commented 1 month ago

hey so i realized my misstake.. so i deleted my own old gemfile and reinstalled it the correct way but getting this when trying to edit the REAL gemfile: [!] There was an error parsing Gemfile: You cannot specify the same gem twice coming from different sources.
You specified that XSpear (>= 0) should come from source at . and
. Bundler cannot continue.

from /var/lib/gems/3.1.0/gems/XSpear-1.4.1/Gemfile:5

-------------------------------------------

gemspec

gem 'XSpear'

-------------------------------------------

Im not familiar with Ruby at all and seems like a great tool.

a6thmfsin commented 1 month ago

got it do: source "https://rubygems.org"

Specify your gem's dependencies in XSpear.gemspec

gemspec

gem 'XSpear'

nano gemfile in /var/lib/gems/3.1.0/gems/XSpear-1.4.1 like above not sure why it wouldnt work first times but with sudo bundle install it worked.

a6thmfsin commented 4 weeks ago

also any idea on how to make it take a file as input in a bash framework? ive tried with for loops and while but it wont work..