File-Upload-XSS icon indicating copy to clipboard operation
File-Upload-XSS copied to clipboard

verified publisher icon pakbch

Metadata

File-Upload-XSS is a Python script that exploits the SVG XSS vulnerability in file upload services to gather information about users visiting a specific URL and send it to a Discord webhook.

Introduction

File-Upload-XSS is a Python script designed to take advantage of the SVG XSS vulnerability present in various file upload services. When a user visits the specified URL, the script gathers information about their visit and sends it to a Discord webhook for analysis.

Features

  • Leverages the SVG XSS vulnerability to gather information about users visiting a specific URL
  • Sends gathered information to a Discord webhook

Preview

Script Menu

image

Grabbed Information

image

Demo

https://user-images.githubusercontent.com/98830093/209461303-408ae221-f883-4e5d-9291-3e4ea9147441.mp4

Updates

Added two new websites

  • megaupload.nz
  • openload.cc
  • upvid.cc
  • rapidshare.nu
  • hotfile.io
  • lolabits.se

Configuration

Don't forget to add your Discord webhook URL in payload.js before running the script.

Metadata

15
Stars
3
Forks
Watchers

Owner

verified publisher icon pakbch

Metadata

File-Upload-XSS is a Python script that exploits the SVG XSS vulnerability in file upload services to gather information about users visiting a specific URL and send it to a Discord webhook.

Back