Skip to content
/ django-xss-example Public
forked from Prikalel/django-xss-example

This repo reproduce xss attack on django 4.0.1 (see CVE-2022-22818)

0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Will-777/django-xss-example

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
grammars
grammars
 
 
mysite
mysite
 
 
polls
polls
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
manage.py
manage.py
 
 
runfuzz.py
runfuzz.py
 
 
selen.py
selen.py
 
 

Repository files navigation

Run tests on django

python runfuzz.py

To run django server:

python manage.py runserver

Check the python modules are installed:

python3 -m django --version  # pip install django==4.0.1
grammarinator-generate --version  # pip install grammarinator
pip install selenium  # should be installed
pip install webdriver-manager  # also
pip install progress

Prepare fuzzer and check that all is ok

touch grammars/fuzzer/HTMLGenerator.py  # Otherwise it will not find the file
grammarinator-process grammars/HTMLLexer.g4 grammars/HTMLParser.g4 -o grammars/fuzzer  # Fill the file

Try fuzzer:

grammarinator-generate grammars.fuzzer.HTMLCustomGenerator.HTMLCustomGenerator -r htmlDocument -d 20 -o grammars/examples/test_%d.html -n 10 --sys-path ./
cd grammars/examples/
ls # Here is your files.
python -m http.server # start the server

About

This repo reproduce xss attack on django 4.0.1 (see CVE-2022-22818)

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 75.1%
  • ANTLR 20.0%
  • HTML 4.9%