Build xss-platform platform

Always wanted to ride in the public network to build their own platform to verify the XSS XSS vulnerabilities, using someone else's platform, his heart will always have to worry about picking concerns son a few days ago a lot of reference to previous blog, finally build a good, the way to build also encountered a lot of the pit, so to share the experience built up, Gangster light spray.

First on github walk in a circle above, I built environment is windows server + phpstudy, it corresponds better choice is: xss-platform or BlueLotus_XSS, because no school docker, so there will not be set up to consider the use of docker.

Both XSS platform build process is as follows:

xss-platform is a very classic XSS penetration testing management system, developed in the 2011 year of the original author, long time no maintenance due later led to the beginning of the release can not be run in php7 environment, but github above have been big brother the source code to the php7 environment, interested friends can go and see, here we introduce install xss-platform original.

xss-platform Source Codes: https://github.com/thickforest/xss_platform

After downloading, unzip it in the directory under the www directory XSS

Then modify the config.php configuration file.

The main need to modify the place already use the arrow marked out, and database users according to their own situation changes, because my mysql user name or root is not modified, the user name do not have to modify the database password modify password of your own database, the database name modify the database will be the name of our new store in a mysql database which xss platform data, the registered configuration to normal, because the default is the need to invite invite registered, and we need to register an account (PS myself: You can also directly Add in a database, but this will take some work), website url path to modify the path in the www directory before our folder www / XSS / ..., so here it is. HTTP: // ip / XSS .

Then we went inside the new database repository xss data.

新建数据库可以在mysql命令行里或者在phpmyadmin里面进行操作，为了后面导入xssplatform.sql方便，这里我们直接在phpmyadmin里面进行。

因为之前我们在config.php里面已经设置数据库名为xss，所以这里新建一个名为xss的数据库对应，

创建成功后进入xss数据库

点击导入，导入xssplatform.sql文件，sql文件的位置在

导入成功后可以看到xss数据库里面多了这几张表

接着我们执行一条sql语句，因为xss数据库里面的sql文件里面的站点域名是作者的，我们将其更新替换成自己的。

这里的域名替换成自己的，( 因为在写这篇文章的时候我是在本地再安装一次，所以就把域名换成了127.0.0.1

执行后可以看到更新成功

然后我们配置伪静态页面（.htaccess），这是必须要配置的，否则xss平台生成的网址将打不到他人的cookie。（我就是偷懒这里没弄好所以后来找了好久的原因。

可以看到源码下载了之后里面有一个.htaccess文件，我们将其修改成适合自己环境的，如果没有的话就自己新建一个。

1，如果是Apache服务器，.htaccess的一个模板如下:

RewriteEngine On
RewriteBase /
RewriteRule ^([0-9a-zA-Z]{6})$ /index.php?do=code&urlKey=$1 [L]
RewriteRule ^do/auth/(\w+?)(/domain/([\w.]+?))?$  /index.php?do=do&auth=$1&domain=$3 [L]
RewriteRule ^register/(.?)$ /index.php?do=register&key=$1 [L]
RewriteRule ^register-validate/(.?)$ /index.php?do=register&act=validate&key=$1 [L]

2，如果是Nginx服务器，则一个模板如下:

rewrite "^/([0-9a-zA-Z]{6})$" /index.php?do=code&urlKey=$1 break;
rewrite "^/do/auth/(w+?)(/domain/([w.]+?))?$" /index.php?do=do&auth=$1&domain=$3 break;
rewrite "^/register/(.?)$" /index.php?do=register&key=$1 break;
rewrite "^/register-validate/(.?)$" /index.php?do=register&act=validate&key=$1 break;
rewrite "^/login$" /index.php?do=login break;

值得注意的是，如果我们将.htaccess文件直接这样写的话，是无法访问js文件的。

例如我们将源代码放在phpstudy（Apache环境）的WWW目录下的XSS文件夹里，.htaccess就应该是:

RewriteEngine On
RewriteBase /
RewriteRule ^([0-9a-zA-Z]{6})$ XSS/index.php?do=code&urlKey=$1 [L]
RewriteRule ^do/auth/(\w+?)(/domain/([\w.]+?))?$  XSS/index.php?do=do&auth=$1&domain=$3 [L]
RewriteRule ^register/(.?)$ XSS/index.php?do=register&key=$1 [L]
RewriteRule ^register-validate/(.?)$ XSS/index.php?do=register&act=validate&key=$1 [L]

这样我们访问http://127.0.0.2/XSS/E2xAAk才会出现我们构造的恶意js代码。