sarperavci / mxs Goto Github PK

Sometimes it throws
OSError: [Errno 24] Too many open files: 'vulnerable_urls.txt'

Hello,

I'm having a problem using this tool. For testing purposes, I use PortSwigger's XSS reflected lab : https://portswigger.net/web-security/cross-site-scripting/reflected/lab-html-context-nothing-encoded

I added this link in a t.txt file.

https://0a170095045518cb8594bf1400550000.web-security-academy.net/?search=ds

The tool does not find the classic reflected XSS :

https://0a170095045518cb8594bf1400550000.web-security-academy.net/?search=<script>alert(1)</script>

python3 MXS.py -i t.txt -o results.txt
 [i] Starting scan with 50 concurrency
 [i] Output file: results.txt
 [i] Timeout: 15 seconds
 [i] Scanning finished. All URLs are saved to results.txt
 [i] Total found: 0
 [i] Total scanned: 1
 [i] Time taken: 0 seconds

On the other hand, the lab is well solved, so the tool's payloads are fully functional, it's the XSS validation function that's not working properly.

python3 MXS.py -i list -c 10 -o out -t 15 -p '"><script>alert(1)</script>'

Error loading payload file: "><script>alert(1)</script>
 [i] Starting scan with 10 concurrency
 [i] Output file: out
 [i] Timeout: 15.0 seconds
 [+] Vulnerable parameter found:  http://blankonthemap.free.fr/1_accueil/index.php?code=%22jaVasCript%3A/%2A-/%2A%60/%2A%5C%60/%2A%27/%2A%22/%2A%2A/%28/%2A%20%2A/oNcliCk%3Dalert%281%29%20%29////%3C/stYle/%3C/titLe/%3C/teXtarEa/%3C/scRipt/--%21%3E%3CsVg/%3CsVg/oNloAd%3Dalert%281%29//%3E%3E
 [i] Scanning finished. All URLs are saved to out
 [i] Total found: 1
 [i] Total scanned: 1
 [i] Time taken: 0 seconds

and Vulnerable parameter found is a false positive.

[i] Timeout: 15 seconds
Traceback (most recent call last):jectable URLs
File "/root/MXS/MXS.py", line 21, in
scanner.run()
File "/root/MXS/func.py", line 121, in run
asyncio.run(self.scan())
File "/usr/lib/python3.11/asyncio/runners.py", line 190, in run
return runner.run(main)
^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/asyncio/runners.py", line 118, in run
return self._loop.run_until_complete(task)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/asyncio/base_events.py", line 653, in run_until_complete
return future.result()
^^^^^^^^^^^^^^^
File "/root/MXS/func.py", line 99, in scan
async with aiohttp.ClientSession(timeout=timeout, connector=aiohttp.TCPConnector(ssl=False, limit=0, enable_cleanup_closed=True)) as session:
File "/usr/local/lib/python3.11/dist-packages/aiohttp/client.py", line 1140, in aexit
await self.close()
File "/usr/local/lib/python3.11/dist-packages/aiohttp/client.py", line 1006, in close
await self._connector.close()
^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/dist-packages/aiohttp/connector.py", line 792, in close
return super().close()
^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/dist-packages/aiohttp/connector.py", line 409, in close
self._close()
File "/usr/local/lib/python3.11/dist-packages/aiohttp/connector.py", line 439, in _close
transport.abort()
File "/usr/lib/python3.11/asyncio/sslproto.py", line 247, in abort
self._ssl_protocol._abort()
^^^^^^^^^^^^^^^^^^^^^^^^^
AttributeError: 'NoneType' object has no attribute '_abort'

• Support for multiple payloads
• Enhanced concurrency
• Warning system for various errors like file not found
• Verbose levels determined by command line arguments.

Can we not scan single url? Also why did u use wordlists.txt when all we hv to scan us a url..