'''''''''''''''''''''''''''''''''''''
'baidu widget xss bug scan
'by www.80vul.com
'''''''''''''''''''''''''''''''''''''
dim xmlurl
start =WScript.Arguments(0)
ends =WScript.Arguments(1)

for i=start  to ends
'wscript.echo curl("http://act.hi.baidu.com/widget/info/" & i)
if instr(curl("http://act.hi.baidu.com/widget/info/" & i),"modLink") then
      if instr(curl("http://act.hi.baidu.com/widget/info/" & i)," modType:""rss""")=0 then
            xmlurl = RegExpTest("modLink:""*([^\s]+?)""*(\s|>)",curl("http://act.hi.baidu.com/widget/info/" & i),0)
            xmlurl = replace(replace(xmlurl,"modLink:""",""),""",","")
            if instr(xmlurl,".xml") then
                  if instr(curl(xmlurl),"widget:preferences") then 
                  wscript.echo(xmlurl)
                  end if
                 ' wscript.echo i
                 ' wscript.echo(curl(xmlurl))
             end if
       end if
end if
next

function curl(url)
	Set xPost = CreateObject("Microsoft.XMLHTTP")
	xPost.Open "GET",LCase(url),0
	xPost.Send()
	curl = xPost.responseText
end function

Function RegExpTest(patrn, strng,num)
	Dim regEx, Match, Matches      
	Set regEx = New RegExp       
	regEx.Pattern = patrn        
	regEx.IgnoreCase = True        
	regEx.Global = True         
	Set Matches = regEx.Execute(strng)  
	RegExpTest = Matches(num) 
End Function