Greasemonkey scripts
This page contains all the greasemonkey scripts I've made, including information about those script.
Greasemonkey is an extension for Firefox which allows users to edit web pages according to a pre-made script (written in JavaScript). For information on how to install the extension and how to write your own scripts, read the official web site.
If you want to contact me about any of these scripts or have suggestions for new ones, go right ahead and email me at sakaru (at) gmail (dot) com. All scripts are licensed under GNU General Public License version 3 although at the time of writing only the XSS Assistant actually mentions this is in the code.
Contents
XSS AssistantIPB Thread Preview
IPB Improved Logout
IPB Moderator Reasonator
HBH Forum Lookback
XSS Assistant
Installation linkIntroduction and goal of script
The goal of this script is to allow users to easily test any web for cross-site-scripting flaws. The script aims to do this by providing an easy to use menu by any form. It should be noted that although I may refer only to forms for the rest of the description, the script does also allow the user to test the current variables in the url bar for cross site scripting flaws. While this script does help a user find an XSS flaw it cannot really be used without understanding what an XSS flaw is. If you do not yet understand XSS flaws, I suggest you read up on it.
In order to effectively test for XSS the script loads up two "Cheat Sheets", one created and managed by RSnake, the other by .mario. RSnake's Cheat Sheet is widely regarded to be a pretty definative list is terms of what may show an XSS hole on a site. The list managed by .mario was made to be more concise yet cover more topics (I'll let you see what he covers yourself). A user can easily edit what XML files are loaded to provide the XSS vectors available for injection, but they must all follow a set schema (look at either XML file to see the structure).
Example of script in use
Once the script is installed the user will still need to start the script. This feature is implemented because the user may not always want the script to run for a number of reasons. To start the script, select Tools > Greasemonkey > User Script Commands... > Start XSSing forms. How to stop the script should be obvious.
Once the script is started and a new page reloaded, the script will go through all forms (and the querystring) and create images by each one. The following image is what will appear:
If the user presses that image a menu will pop up as follows:
You can then pick a vector from the vector select box, pick the field to apply it to (or apply it globally), hit the apply button and press the Submit form button to submit the form.
If you are happy with the injection (even if the injection isn't one from the vector list but something you typed in manually), then hit your browsers back button to get back to the form which is vulnerable to XSS. Then reopen the scripts menu, apply the XSS vector and press the Generate PoC link button. This will create one of two types of PoC links. If the form's method attribute is set to GET, then the PoC link will simply point to the target with the vulnerable variables appended as a querystring, if the form's method attribute is set to POST, then the script will use the XSS post forwarder script to create a PoC link.
You can also report the XSS to xssed.com automatically via the button labelled Report PoC. If you haven't set a name in the file for yourself it'll ask you for your name. It'll then try to submit the XSS to the moderation queue on www.xssed.com and let you know if it worked or not.
Issues with using the script
For every page you visit where the script loads the XSS cheat sheet, the script will create requests for the XML files where it gets the XSS vectors from. This puts a load on those servers and uses some of your bandwidth. You can download the XML files it loads (RSnake's, .mario's) and put them on your local web server (if you have one). Then edit the script to load it from there instead. This will reduce bandwidth usage and increase speed. If you don't have a local web server it may be possible to load the XML file even if it is anywhere else on your local file system by loading the page using the file:// prefix, but this has not been tested.
Credit
Thanks goes to RSnake and .mario for creating and maintaining the XML files, this script would not work without them.
Credit goes to virus for providing fixes for various bugs which were difficult to debug, this script would not work quite so well without him.
Credit goes to Kevin Fernandez, from xssed.com, for making it possible for me to integrate my script with his site.
Credit goes to the populace of criticalsecurity.net and sla.ckers.org/forum for providing feedback, having suggestions and giving me a break.
IPB Thread Preview
Installation linkIntroduction and goal of script
This script was made to make sifting through an IPB forum quicker. The reason I chose IPB is because that's what I use. This script will look for every link to a thread and create a small eye icon (
) by that link. Hovering your mouse over that link will cause a loading box to appear beneath the eye. That loading box will show you either the first post of that thread (if that's what the link points to) or otherwise the latest post in that thread.
Example of script in use
They say an image says a thousand words, here's two images:
Loading the first post in a thread:
Loading the last post in a thread:
Issues with using the script
There aren't directly any issues with using this script, but there are some configurations you may want to know of. I'll just paste the code here, it's mainly comments anyway.
//Variables the user can easily edit:
//These refer to the box with the preview inside it
width = 400 //default 250
height = 100 //default 80
background_colour = '#bcd0ed' //default #bcd0ed
border_width = 1 //default 1
border_colour = '#2f5d89' //default #2f5d89
//These refer to what you want various things replaced by, for instance if you want images replaced by the text [image] or if you just want them removed
//Set the variable to false (boolean, not string) if you do not want to remove the element at all.
smiley = "" //default <blank string>
image = "[image]" //default [image]
quote = "[quote]" //default [quote]
code = "[code]" //default [code]
spoiler = "[spoiler]" //default [spoiler]
IPB Improved Logout
Installation linkIntroduction and goal of script
This script is really quite simple. When a user logs out of an IPB forum the forum does not mark all unread posts as read, something I find annoying. This script creates a new logout button (beside the existing one), this new logout button calls the Mark all posts read function before logging you out. That's all there is to it.
Issues with using the script
This script requires the quick editing feature to be installed on the forums as it uses the loading bar that the feature provides.
IPB Moderator Reasonator
Installation linkIntroduction and goal of script
This script came to being when I found myself moderating an IPB forum and giving out quite similair warning to a lot of members. Obviously a lot of reasons for warning a member are quite unique or specific reasons but in a lot of cases the reason is very generic such as a specific forum rule being broken. I figured that creating a select box on the page which allows the moderator to simply pick the correct reason from the list would save time. This is exactly what this script does.
Example of script in use
Again I feel a screenshot should do the trick
Issues with using the script
Keep in mind that you can edit the code and change the reasons at will. What I entered are merely what I found useful at the time of writing the script. It should be pretty obvious what to do to add more options.
HBH Forum Lookback
Installation linkIntroduction and goal of script
This script came about when I was active on the HellBoundHackers website.
One thing I didn't like about their forum was that when you replied to a post or were editing a post, the thread was not visible and normally I'd have to open another tab in order to read the threads contents, something I wasn't too happy about. The goal of this script is to use the spare screen real estate that exists on the page where you are replying in a thread or editing a post to load the thread.
Example of script in use
There is nothing to do once installed. The script will detect when to run and do everything itself. Below is a screenshot of the script in use, click the image for a larger image.
If you know the HBH website you'll autmatically see the difference.