Blind XSS Features

Blind xss0r offers a wide range of features designed for detailed analysis and enhanced insights into client-side data. Below is a list of the capabilities provided by the script:

  • All Cookies (Non-HttpOnly): Collects all accessible cookies that are not flagged as HttpOnly for analysis and debugging.
  • Referrer Information: Retrieves the referring URL to identify the source of traffic to the page.
  • IP Address of the Target Client: Captures the public IP address and provides approximate location details, including city, region, and country.
  • Browser Language Information: Detects the browser's language settings to support localization and customization.
  • Browser Name and Version: Identifies the browser name and version using the User-Agent string.
  • Screenshot of DOM Structure: Generates a visual screenshot of the current DOM structure for debugging and reporting purposes.
  • Screen Resolution: Collects the screen resolution and window size of the client’s device.
  • Graphics Card Information: Retrieves detailed GPU information, including vendor and renderer.
  • Battery Status: Tracks the device’s battery level and charging status when supported by the browser.
  • Network Information: Captures the network type (e.g., Wi-Fi, 4G) and downlink speed.
  • Local Storage and Session Storage: Extracts data stored in the client’s local and session storage.
  • Form Inputs: Collects values from all form inputs, including text fields, textareas, and dropdowns, on the page.
  • Page Metadata: Gathers essential page metadata, including the page title, URL, and full HTML structure.
  • Plugins and Mime Types: Retrieves a list of installed browser plugins and supported MIME types.
  • Admin Panel Accessibility Check: Attempts to access the `/admin` endpoint to verify if it is accessible and logs the response status.
  • API Key Discovery in Scripts: Scans all script files loaded on the page to identify potential API keys in their content.

This feature set ensures comprehensive client-side analysis and enables detailed insights into browser and system data.

Step-by-Step Guide

Step 1: Activate Telegram Bot Notifications + Unlock Automation Blind xss0r
  1. Navigate to your Telegram bot page.
  2. Copy your Telegram Bot ID.
  3. Open the Telegram bot link: https://t.me/xss0r_bot.
  4. In the Telegram chat, type: /start.
  5. Type the following command, replacing <your token here> with your actual Telegram Bot ID: /token <your token here>.
  6. You will receive a confirmation message: Connected to the xss0r.
  7. Picture reference: Picture
Step 2: Prepare Payloads and URLs
  1. Go to the Dashboard page on xss0r and navigate to the Payloads section.
  2. Copy all the payloads listed there.
  3. Save these payloads into a new file named blind.txt. Ensure this file is saved in the same directory where xss0r is located.
  4. Prepare your URL list in a file named urls.txt. You can use your collected URLs, or for testing purposes, use the following URL: http://testphp.vulnweb.com/guestbook.php.
Step 3: Run the Blind XSS Spraying

Run the following command to start spraying your Blind XSS payloads on the provided URLs:

./xss0r --spray --urls urls.txt --payloads blind.txt --threads 8 --shuffle

You can use a thread count supported by your plan, which typically ranges between 8 and 15, depending on the plan you have purchased at store.xss0r.com.

Step 4: Enable Automated Crawling Domain + Spraying

To enable crawling for a single domain and spraying payloads on the discovered endpoints:

  1. Modify the urls.txt file to include only the domain name. For example: http://testphp.vulnweb.com.
  2. Run the following command:
./xss0r --crawler --urls urls.txt --payloads blind.txt --spray --threads 8

Once started, xss0r will spray your Blind XSS payloads across the specified URLs or crawl the domain to discover additional endpoints before spraying. You will receive real-time notifications via Telegram whenever an XSS payload is successfully triggered.