From 3d750e6994343db3dd5a8a0c2dd921a5f5ff96a0 Mon Sep 17 00:00:00 2001
From: Roman Hergenreder <mail@romanh.de>
Date: Tue, 2 Jun 2020 15:25:10 +0200
Subject: [PATCH] xss handler improvement

---
 xss_handler.py | 29 +++++++++++++++++++++++++----
 1 file changed, 25 insertions(+), 4 deletions(-)

diff --git a/xss_handler.py b/xss_handler.py
index 13e58f1..09e569f 100755
--- a/xss_handler.py
+++ b/xss_handler.py
@@ -4,6 +4,7 @@ import util
 import sys
 import http.server
 import socketserver
+from http.server import HTTPServer, BaseHTTPRequestHandler
 
 def generatePayload(type, address, port):
     if type == "img":
@@ -11,6 +12,27 @@ def generatePayload(type, address, port):
     else:
         return None
 
+class XssServer(BaseHTTPRequestHandler):
+    def _set_headers(self):
+        self.send_response(200)
+        self.send_header("Content-type", "text/html")
+        self.end_headers()
+
+    def _html(self):
+        content = f"<html><body><h1>Got'cha</h1></body></html>"
+        return content.encode("utf8")  # NOTE: must return a bytes object!
+
+    def do_GET(self):
+        self._set_headers()
+        self.wfile.write(self._html())
+
+    def do_HEAD(self):
+        self._set_headers()
+
+    def do_POST(self):
+        self._set_headers()
+        self.wfile.write(self._html())
+
 if __name__ == "__main__":
 
     if len(sys.argv) < 2:
@@ -39,7 +61,6 @@ if __name__ == "__main__":
     print(payload)
     print()
 
-    Handler = http.server.SimpleHTTPRequestHandler
-    with socketserver.TCPServer((local_address, listen_port), Handler) as httpd:
-        print("serving at port", listen_port)
-        httpd.serve_forever()
+    httpd = HTTPServer((local_address, listen_port), XssServer)
+    print(f"Starting httpd server on {local_address}:{listen_port}")
+    httpd.serve_forever()