From 7f242b44567f8434e4454071793b7f57f10e0625 Mon Sep 17 00:00:00 2001
From: nerrorsec <42860825+nerrorsec@users.noreply.github.com>
Date: Mon, 4 Apr 2022 13:39:43 +0545
Subject: [PATCH] Security fix

fixed Stored XSS and file override via domain argument, reported by @rupesh-sshhh
---
 GoogleDorker.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/GoogleDorker.py b/GoogleDorker.py
index d6cdc47..c7da630 100644
--- a/GoogleDorker.py
+++ b/GoogleDorker.py
@@ -99,7 +99,7 @@ def vendork(domain):
     f.close()
 
 options = get_arguments()
-if options.domain:
+if options.domain and re.match("^((?!-))(xn--)?[a-z0-9][a-z0-9-_]{0,61}[a-z0-9]{0,1}\.(xn--)?([a-z0-9\-]{1,61}|[a-z0-9-]{1,30}\.[a-z]{2,})$", options.domain):
     google_dork(options.domain)
     vendork(options.domain)
     print("\n[+] Success. Please check the newly created files.")