XSStrike icon indicating copy to clipboard operation
XSStrike copied to clipboard

Published 20 hours ago verified publisher icon s0md3v

UnicodeDecodeError: 'charmap' codec can't decode byte 0x9d in position 3798: character maps to <undefined>

Open windowshopr opened this issue 2 years ago • 1 comments

Describe the bug Trying to use XSStrike on Windows 10, Python 3.7.9 and the DVWA XSS (DOM) page. I stored this payload list into a payloads.txt file, then when I run this command:

python xsstrike.py -u http://172.16.1.82:8008/dvwa/vulnerabilities/xss_d/ --data Default --file payloads.txt

...I get this traceback error:

PS Z:\Python_Projects\...\XSStrike> python xsstrike.py -u http://172.16.1.82:8008/dvwa/vulnerabilities/xss_d/ --data Default --file payloads.txt     

        XSStrike v3.1.5

Traceback (most recent call last):
  File "xsstrike.py", line 149, in <module>
    payloadList = list(filter(None, reader(args_file)))
  File "Z:\Python_Projects\...\XSStrike\core\utils.py", line 206, in reader
    '\n').encode('utf-8').decode('utf-8') for line in f]
  File "Z:\Python_Projects\...\XSStrike\core\utils.py", line 205, in <listcomp>
    result = [line.rstrip(
  File "C:\Users\...\AppData\Roaming\Python\Python37\lib\encodings\cp1252.py", line 23, in decode
    return codecs.charmap_decode(input,self.errors,decoding_table)[0]
UnicodeDecodeError: 'charmap' codec can't decode byte 0x9d in position 3798: character maps to <undefined>

To Reproduce To reproduce, setup the DVWA on a local server, download the above payloads list into a payloads.txt file, and run the same command while the DVWA server is running.

Screenshots

Potential cause or fix

Environment: Described at the beginning.

Some Questions

  • [X] I am using the latest version of XSStrike.
  • [X] I installed the dependecies using pip3 instead of pip
  • [X] I have read the documentation before submitting this issue.
  • [X] I have checked the other issues to see if someone reported this before. (There are similar issues, but not this one, nor was there any answers for it).

Other comments None.

windowshopr avatar May 22 '22 23:05 windowshopr

It seems python on windows uses cp1252 as default encoding when opening file, but saved file has utf8 encoding, that's why UnicodeDecodeError raises. Maybe it will be better to restrict utf8 files only, and open file as open(path, 'r', encoding='utf8') in reader function

GebMirFreiheit avatar May 28 '23 15:05 GebMirFreiheit