Updated readme

AutoSecTools · Mar 23, 2016 · 115b917 · 115b917
1 parent 15df8ff
commit 115b917
Showing 1 changed file with 34 additions and 16 deletions.
diff --git a/README.md b/README.md
@@ -2,34 +2,45 @@
 A cross platform web exploitation tool written in Aphid and compiled into Python. Currently supports exploitation of PHP local file inclusion and SQL injection with more on the way.
 
 ## Command Line Arguments
-python st.py [strategy] [url] [inputs]
+python st.py [exploitation strategy] [url] [inputs]
 
-#### Strategies
+## Exploitation Strategies
 
-###### lfi
-Local file inclusion mode. Attempts to create a shell by exploiting PHP local file inclusion.
+#### lfi
+Local file inclusion mode. Attempts to create a shell by exploiting PHP local file inclusion. Injection is performed using the $lfi token.
 
-###### sqli {options}
-SQL injection mode. Attempts to automatically exploit SQL injection vulnerabilities by .
+#### sqli {options}
+SQL injection mode. Attempts to automatically exploit SQL injection vulnerabilities by querying information schemas. Injection is performed using the $sqli token.
 
-#### Url
+If used, one of two options must be specified:
+
+*list* - Dumps a list of databases and tables.
+
+*table {name}* - Dumps a database table.
+
+#### xss {server ip}
+Cross-site scripting mode. Currently only supports exploitation of reflected XSS via GET. Injection is performed using the $xss token.
+
+If used, a target accessible server IP must be specified for listening.
+
+## Url
 The url to exploit. Can be injected into using tokens.
 
-#### Inputs
+## Inputs
 
-###### --g {GET name} {GET value}
+#### --g {GET name} {GET value}
 GET data in key/value format.
 
-###### --p {POST name} {POST value}
+#### --p {POST name} {POST value}
 POST data in key/value format.
 
-###### -g {GET data}
+#### -g {GET data}
 GET data in Python map format.
 
-###### -p {POST data}
+#### -p {POST data}
 POST data in Python map format.
 
-#### Examples
+## Examples
 
 python st.py lfi http://localhost/lfiTest.php?theme=$lfi
 
@@ -43,9 +54,16 @@ python st.py sqli list http://localhost/sqliTest.php --g email $sqli
 
 python st.py sqli table sqlitest.users http://localhost/sqliTest.php --g email $sqli
 
-#### Changelog
+python st.py xss 10.0.0.122 http://10.0.0.145/xss.php --g search $xss
+
+## Changelog
+
+### 0.1.0323.1150
+Added support for XSS exploitation
+
+Several bug fixes
 
-###### 0.1.0322.749
+### 0.1.0322.749
 Added support for SQL injection
 
 Improved LFI exploitation support
@@ -54,5 +72,5 @@ CLI improvements
 
 Several bug fixes
 
-###### 0.1.0316.3
+### 0.1.0316.3
 Initial release, supports LFI exploitation.