From 413c8af701d43b72405d891750839af538ede8cd Mon Sep 17 00:00:00 2001
From: zluudg <8853567-zluudg@users.noreply.gitlab.com>
Date: Tue, 21 Mar 2023 12:21:44 +0100
Subject: [PATCH 1/6] Ignore a bunch of autogenrated files and folders

---
 .gitignore | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 .gitignore

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..a7d8ad2
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,13 @@
+# Folders we don't want to track
+logs/
+__pycache__/
+venv/
+
+# Files that BlackWidow creates
+command.txt
+queue.txt
+run.flag
+attack_lookup_table.txt
+form_xss.txt
+graph_mathematica.txt
+successful_xss.txt

From a6fb989f095eecc5e380b857a4c8146d57dff075 Mon Sep 17 00:00:00 2001
From: zluudg <8853567-zluudg@users.noreply.gitlab.com>
Date: Tue, 21 Mar 2023 12:22:19 +0100
Subject: [PATCH 2/6] Compat with selenium 4.8

---
 Classes.py             | 19 ++++++++++---------
 Functions.py           | 33 +++++++++++++++++----------------
 extractors/Events.py   | 11 ++++++-----
 extractors/Forms.py    | 15 ++++++++-------
 extractors/Iframes.py  |  5 +++--
 extractors/Ui_forms.py | 13 +++++++------
 extractors/Urls.py     |  7 ++++---
 7 files changed, 55 insertions(+), 48 deletions(-)

diff --git a/Classes.py b/Classes.py
index 0db0c8c..717787d 100644
--- a/Classes.py
+++ b/Classes.py
@@ -9,6 +9,7 @@
                                        WebDriverException,
                                        InvalidElementStateException
                                        )
+from selenium.webdriver.common.by import By
 
 from urllib.parse import urlparse, urljoin
 import json
@@ -657,18 +658,18 @@ def attack_event(self, driver, vector_edge):
 
             try:
                 if  event.event == "oninput" or event.event == "input":
-                    el = driver.find_element_by_xpath(event.addr)
+                    el = driver.find_element(By.XPATH, event.addr)
                     el.clear()
                     el.send_keys(payload)
                     el.send_keys(Keys.RETURN)
-                    logging.info("oninput %s" %  driver.find_element_by_xpath(event.addr) )
+                    logging.info("oninput %s" %  driver.find_element(By.XPATH, event.addr) )
                 if  event.event == "oncompositionstart" or event.event == "compositionstart":
-                    el = driver.find_element_by_xpath(event.addr)
+                    el = driver.find_element(By.XPATH, event.addr)
                     el.click()
                     el.clear()
                     el.send_keys(payload)
                     el.send_keys(Keys.RETURN)
-                    logging.info("oncompositionstart %s" %  driver.find_element_by_xpath(event.addr) )
+                    logging.info("oncompositionstart %s" %  driver.find_element(By.XPATH, event.addr) )
 
                 else:
                     logging.error("Could not attack event.event %s" % event.event)
@@ -828,7 +829,7 @@ def inspect_attack(self, vector_edge):
         successful_xss = set()
 
         # attribute injections
-        attribute_injects = self.driver.find_elements_by_xpath("//*[@jaekpot-attribute]")
+        attribute_injects = self.driver.find_elements(By.XPATH, "//*[@jaekpot-attribute]")
         for attribute in attribute_injects:
             lookup_id = attribute.get_attribute("jaekpot-attribute")
             successful_xss.add(lookup_id)
@@ -942,7 +943,7 @@ def use_tracker(self, tracker, vector_with_payload):
 
     def inspect_tracker(self, vector_edge):
         try:
-            body_text = self.driver.find_element_by_tag_name("body").text
+            body_text = self.driver.find_element(By.TAG_NAME, "body").text
 
             for tracker in self.io_graph:
                 if tracker in body_text:
@@ -1377,7 +1378,7 @@ def rec_crawl(self):
                 time.sleep(1)
         except UnexpectedAlertPresentException:
             logging.warning("Alert detected")
-            alert = driver.switch_to_alert()
+            alert = driver.switch_to.alert
             alert.dismiss()
 
             # Check if double check is needed...
@@ -1431,7 +1432,7 @@ def rec_crawl(self):
             wait_json = driver.execute_script("return JSON.stringify(need_to_wait)")
         except UnexpectedAlertPresentException:
             logging.warning("Alert detected")
-            alert = driver.switch_to_alert()
+            alert = driver.switch_to.alert
             alert.dismiss()
         wait_json = driver.execute_script("return JSON.stringify(need_to_wait)")
         wait = json.loads(wait_json)
@@ -1501,7 +1502,7 @@ def rec_crawl(self):
 
         # Try to clean up alerts
         try:
-            alert = driver.switch_to_alert()
+            alert = driver.switch_to.alert
             alert.dismiss()
         except NoAlertPresentException:
             pass
diff --git a/Functions.py b/Functions.py
index 192a477..8c325b5 100644
--- a/Functions.py
+++ b/Functions.py
@@ -7,6 +7,7 @@
 from selenium.webdriver.common.action_chains import ActionChains
 from selenium.webdriver.common.keys import Keys
 from selenium.common.exceptions import StaleElementReferenceException, TimeoutException, UnexpectedAlertPresentException, NoSuchFrameException, NoAlertPresentException, ElementNotVisibleException, InvalidElementStateException
+from selenium.webdriver.common.by import By
 from urllib.parse import urlparse, urljoin
 import json
 import pprint
@@ -59,7 +60,7 @@ def xpath_row_to_cell(addr):
 def remove_alerts(driver):
     # Try to clean up alerts
     try:
-        alert = driver.switch_to_alert()
+        alert = driver.switch_to.alert
         alert.dismiss()
     except NoAlertPresentException:
         pass
@@ -356,13 +357,13 @@ def execute_event(driver, do):
             if el.tag_name == "select":
                 # If need to change a select we try the different
                 # options
-                opts = el.find_elements_by_tag_name("option")
+                opts = el.find_elements(By.TAG_NAME, "option")
                 for opt in opts:
                     try:
                         opt.click()
                     except UnexpectedAlertPresentException:
                         print("Alert detected")
-                        alert = driver.switch_to_alert()
+                        alert = driver.switch_to.alert
                         alert.dismiss()
             else:
                 # If ot a <select> we try to write
@@ -437,7 +438,7 @@ def form_fill(driver, target_form):
 
     # Ensure we don't have any alerts before filling in form
     try:
-        alert = driver.switch_to_alert()
+        alert = driver.switch_to.alert
         alertText = alert.text
         logging.info("Removed alert: " +  alertText)
         alert.accept();
@@ -445,7 +446,7 @@ def form_fill(driver, target_form):
         logging.info("No alert removed (probably due to there not being any)")
         pass
 
-    elem = driver.find_elements_by_tag_name("form")
+    elem = driver.find_elements(By.TAG_NAME, "form")
     for el in elem:
         current_form = parse_form(el, driver)
 
@@ -455,7 +456,7 @@ def form_fill(driver, target_form):
             continue
 
         # TODO handle each element
-        inputs = el.find_elements_by_tag_name("input")
+        inputs = el.find_elements(By.TAG_NAME, "input")
         if not inputs:
             inputs = []
             logging.warning("No inputs founds, falling back to JavaScript")
@@ -475,7 +476,7 @@ def form_fill(driver, target_form):
 
 
 
-        buttons = el.find_elements_by_tag_name("button")
+        buttons = el.find_elements(By.TAG_NAME, "button")
         inputs.extend(buttons)
 
         for iel in inputs:
@@ -579,7 +580,7 @@ def form_fill(driver, target_form):
                 logging.error(traceback.format_exc())
 
         # <select>
-        selects = el.find_elements_by_tag_name("select")
+        selects = el.find_elements(By.TAG_NAME, "select")
         for select in selects:
             form_select = Classes.Form.SelectElement( "select", select.get_attribute("name") )
             if form_select in target_form.inputs:
@@ -603,7 +604,7 @@ def form_fill(driver, target_form):
 
 
         # <textarea>
-        textareas = el.find_elements_by_tag_name("textarea")
+        textareas = el.find_elements(By.TAG_NAME, "textarea")
         for ta in textareas:
             form_ta = Classes.Form.Element( ta.get_attribute("type"),
                                             ta.get_attribute("name"),
@@ -620,7 +621,7 @@ def form_fill(driver, target_form):
                 logging.warning("[textareas] could NOT FIND " + str(form_ta) )
 
         # <iframes>
-        iframes = el.find_elements_by_tag_name("iframe")
+        iframes = el.find_elements(By.TAG_NAME, "iframe")
         for iframe in iframes:
             form_iframe = Classes.Form.Element("iframe", iframe.get_attribute("id"), "")
 
@@ -630,7 +631,7 @@ def form_fill(driver, target_form):
                 try:
                     iframe_id =  i.name
                     driver.switch_to.frame(iframe_id)
-                    iframe_body = driver.find_element_by_tag_name("body")
+                    iframe_body = driver.find_element(By.TAG_NAME, "body")
                     if(iframe_body.get_attribute("contenteditable") == "true"):
                         iframe_body.clear()
                         iframe_body.send_keys(i.value)
@@ -676,7 +677,7 @@ def form_fill(driver, target_form):
 
                 # Some forms show an alert with a confirmation
                 try:
-                    alert = driver.switch_to_alert()
+                    alert = driver.switch_to.alert
                     alertText = alert.text
                     logging.info("Removed alert: " +  alertText)
                     alert.accept();
@@ -690,7 +691,7 @@ def form_fill(driver, target_form):
 
         # Check if submission caused an "are you sure" alert
         try:
-            alert = driver.switch_to_alert()
+            alert = driver.switch_to.alert
             alertText = alert.text
             logging.info("Removed alert: " +  alertText)
             alert.accept();
@@ -710,7 +711,7 @@ def ui_form_fill(driver, target_form):
 
     # Ensure we don't have any alerts before filling in form
     try:
-        alert = driver.switch_to_alert()
+        alert = driver.switch_to.alert
         alertText = alert.text
         logging.info("Removed alert: " +  alertText)
         alert.accept();
@@ -849,8 +850,8 @@ def set_form_values(forms):
 
 
 def enter_iframe(driver, target_frame):
-    elem = driver.find_elements_by_tag_name("iframe")
-    elem.extend( driver.find_elements_by_tag_name("frame") )
+    elem = driver.find_elements(By.TAG_NAME, "iframe")
+    elem.extend( driver.find_elements(By.TAG_NAME, "frame") )
 
     for el in elem:
         try:
diff --git a/extractors/Events.py b/extractors/Events.py
index c2c5b27..f69fd0a 100644
--- a/extractors/Events.py
+++ b/extractors/Events.py
@@ -3,6 +3,7 @@
 from selenium.webdriver.remote.webdriver import WebDriver
 from selenium.webdriver.common.action_chains import ActionChains
 from selenium.common.exceptions import StaleElementReferenceException, TimeoutException, UnexpectedAlertPresentException, NoSuchFrameException, NoAlertPresentException, ElementNotVisibleException, InvalidElementStateException
+from selenium.webdriver.common.by import By
 from urllib.parse import urlparse, urljoin
 import json
 import pprint
@@ -21,7 +22,7 @@
 
 
 def extract_data_toggle(driver):
-    toggles = driver.find_elements_by_xpath("//button[@data-toggle]") 
+    toggles = driver.find_elements(By.XPATH, "//button[@data-toggle]") 
     dos = []
     for toggle in toggles:
 
@@ -37,13 +38,13 @@ def extract_data_toggle(driver):
     return dos
 
 def extract_inputs(driver):
-    toggles = driver.find_elements_by_xpath("//input") 
+    toggles = driver.find_elements(By.XPATH, "//input") 
     dos = []
     for toggle in toggles:
         input_type = toggle.get_attribute("type")
         if (not input_type) or input_type == "text":
 
-            in_form = toggle.find_elements_by_xpath(".//ancestor::form")
+            in_form = toggle.find_elements(By.XPATH, ".//ancestor::form")
             if not in_form:
                 xpath = driver.execute_script("return getXPath(arguments[0])", toggle)
                 do = {'function_id': '',
@@ -54,7 +55,7 @@ def extract_inputs(driver):
                       'class': ''}
                 dos.append(do)
 
-    toggles = driver.find_elements_by_xpath("//textarea")
+    toggles = driver.find_elements(By.XPATH, "//textarea")
     for toggle in toggles:
         xpath = driver.execute_script("return getXPath(arguments[0])", toggle)
         do = {'function_id': '',
@@ -70,7 +71,7 @@ def extract_inputs(driver):
 
 
 def extract_fake_buttons(driver):
-    fake_buttons = driver.find_elements_by_class_name("btn") 
+    fake_buttons = driver.find_elements(By.CLASS_NAME, "btn") 
     dos = []
     for button in fake_buttons:
 
diff --git a/extractors/Forms.py b/extractors/Forms.py
index b848cb2..eb5418b 100644
--- a/extractors/Forms.py
+++ b/extractors/Forms.py
@@ -3,6 +3,7 @@
 from selenium.webdriver.remote.webdriver import WebDriver
 from selenium.webdriver.common.action_chains import ActionChains
 from selenium.common.exceptions import StaleElementReferenceException, TimeoutException, UnexpectedAlertPresentException, NoSuchFrameException, NoAlertPresentException, ElementNotVisibleException, InvalidElementStateException
+from selenium.webdriver.common.by import By
 from urllib.parse import urlparse, urljoin
 import json
 import pprint
@@ -39,7 +40,7 @@ def parse_form(el, driver):
 
     # <input> tags
     try:
-        inputs = el.find_elements_by_tag_name("input")
+        inputs = el.find_elements(By.TAG_NAME, "input")
     except StaleElementReferenceException as e:
         print("Stale pasta in inputs")
         logging.error("Stale pasta in inputs")
@@ -96,7 +97,7 @@ def parse_form(el, driver):
 
 
     # <select> and <option> tags
-    selects = el.find_elements_by_tag_name("select")
+    selects = el.find_elements(By.TAG_NAME, "select")
     for select in selects:
         tmp = {'name': None}
         if select.get_attribute("name"):
@@ -111,7 +112,7 @@ def parse_form(el, driver):
             #    form_select.selected = option.get_attribute("value")
 
     # <textarea> tags
-    textareas = el.find_elements_by_tag_name("textarea")
+    textareas = el.find_elements(By.TAG_NAME, "textarea")
     for ta in textareas:
         tmp = {'name': None, 'value': None}
         try:
@@ -128,7 +129,7 @@ def parse_form(el, driver):
         form.add_textarea(tmp['name'], tmp['value'])
 
     # <button> tags
-    buttons = el.find_elements_by_tag_name("button")
+    buttons = el.find_elements(By.TAG_NAME, "button")
     for button in buttons:
         form.add_button(button.get_attribute("type"),
                         button.get_attribute("name"),
@@ -136,11 +137,11 @@ def parse_form(el, driver):
                        )
 
     # <iframe> with <body contenteditable>
-    iframes = el.find_elements_by_tag_name("iframe")
+    iframes = el.find_elements(By.TAG_NAME, "iframe")
     for iframe in iframes:
         iframe_id =  iframe.get_attribute("id")
         driver.switch_to.frame(iframe)
-        iframe_body = driver.find_element_by_tag_name("body")
+        iframe_body = driver.find_element(By.TAG_NAME, "body")
 
         if(iframe_body.get_attribute("contenteditable") == "true"):
             form.add_iframe_body(iframe_id)
@@ -155,7 +156,7 @@ def parse_form(el, driver):
 
 # Search for <form>
 def extract_forms(driver):
-    elem = driver.find_elements_by_tag_name("form")
+    elem = driver.find_elements(By.TAG_NAME, "form")
 
     forms = set()
     for el in elem:
diff --git a/extractors/Iframes.py b/extractors/Iframes.py
index 38e97a6..df3259a 100644
--- a/extractors/Iframes.py
+++ b/extractors/Iframes.py
@@ -3,6 +3,7 @@
 from selenium.webdriver.remote.webdriver import WebDriver
 from selenium.webdriver.common.action_chains import ActionChains
 from selenium.common.exceptions import StaleElementReferenceException, TimeoutException, UnexpectedAlertPresentException, NoSuchFrameException, NoAlertPresentException, ElementNotVisibleException, InvalidElementStateException
+from selenium.webdriver.common.by import By
 from urllib.parse import urlparse, urljoin
 import json
 import pprint
@@ -23,7 +24,7 @@
 def extract_iframes(driver):
     # Search for <iframe>
     iframes = set()
-    elem = driver.find_elements_by_tag_name("iframe")
+    elem = driver.find_elements(By.TAG_NAME, "iframe")
     for el in elem:
         try:
             src = None
@@ -44,7 +45,7 @@ def extract_iframes(driver):
 
 
     # Search for <frame>
-    elem = driver.find_elements_by_tag_name("frame")
+    elem = driver.find_elements(By.TAG_NAME, "frame")
     for el in elem:
         try:
             src = None
diff --git a/extractors/Ui_forms.py b/extractors/Ui_forms.py
index 46efad8..509e649 100644
--- a/extractors/Ui_forms.py
+++ b/extractors/Ui_forms.py
@@ -3,6 +3,7 @@
 from selenium.webdriver.remote.webdriver import WebDriver
 from selenium.webdriver.common.action_chains import ActionChains
 from selenium.common.exceptions import StaleElementReferenceException, TimeoutException, UnexpectedAlertPresentException, NoSuchFrameException, NoAlertPresentException, ElementNotVisibleException, InvalidElementStateException
+from selenium.webdriver.common.by import By
 from urllib.parse import urlparse, urljoin
 import json
 import pprint
@@ -25,22 +26,22 @@ def extract_ui_forms(driver):
     submits =  []
     ui_forms = []
 
-    toggles = driver.find_elements_by_xpath("//input")
+    toggles = driver.find_elements(By.XPATH, "//input")
     for toggle in toggles:
         try:
             input_type = toggle.get_attribute("type")
             if (not input_type) or input_type == "text":
-                in_form = toggle.find_elements_by_xpath(".//ancestor::form")
+                in_form = toggle.find_elements(By.XPATH, ".//ancestor::form")
                 if not in_form:
                     xpath = driver.execute_script("return getXPath(arguments[0])", toggle)
                     sources.append( {'xpath': xpath, 'value': 'jAEkPotUI'} )
         except:
             logging.warning("UI form error")
 
-    toggles = driver.find_elements_by_xpath("//textarea")
+    toggles = driver.find_elements(By.XPATH, "//textarea")
     for toggle in toggles:
         try:
-            in_form = toggle.find_elements_by_xpath(".//ancestor::form")
+            in_form = toggle.find_elements(By.XPATH, ".//ancestor::form")
             if not in_form:
                 xpath = driver.execute_script("return getXPath(arguments[0])", toggle)
                 sources.append( {'xpath': xpath, 'value': 'jAEkPotUI'} )
@@ -49,10 +50,10 @@ def extract_ui_forms(driver):
 
 
     if sources:
-        buttons = driver.find_elements_by_xpath("//button")
+        buttons = driver.find_elements(By.XPATH, "//button")
         for button in buttons:
             try:
-                in_form = button.find_elements_by_xpath(".//ancestor::form")
+                in_form = button.find_elements(By.XPATH, ".//ancestor::form")
                 if not in_form:
                     xpath = driver.execute_script("return getXPath(arguments[0])", button)
                     ui_forms.append( Classes.Ui_form(sources, xpath))
diff --git a/extractors/Urls.py b/extractors/Urls.py
index 4d8e68a..5ed295a 100644
--- a/extractors/Urls.py
+++ b/extractors/Urls.py
@@ -3,6 +3,7 @@
 from selenium.webdriver.remote.webdriver import WebDriver
 from selenium.webdriver.common.action_chains import ActionChains
 from selenium.common.exceptions import StaleElementReferenceException, TimeoutException, UnexpectedAlertPresentException, NoSuchFrameException, NoAlertPresentException, ElementNotVisibleException, InvalidElementStateException
+from selenium.webdriver.common.by import By
 from urllib.parse import urlparse, urljoin
 import json
 import pprint
@@ -39,7 +40,7 @@ def extract_urls(driver):
     urls = set()
 
     # Search for urls in <a>
-    elem = driver.find_elements_by_tag_name("a")
+    elem = driver.find_elements(By.TAG_NAME, "a")
     for el in elem:
         try:
             if el.get_attribute("href"):
@@ -66,7 +67,7 @@ def extract_urls(driver):
             print(traceback.format_exc())
 
     # Search for urls in <iframe>
-    elem = driver.find_elements_by_tag_name("iframe")
+    elem = driver.find_elements(By.TAG_NAME, "iframe")
     for el in elem:
         try:
             if el.get_attribute("src"):
@@ -79,7 +80,7 @@ def extract_urls(driver):
             print(traceback.format_exc())
 
     # Search for urls in <meta>
-    elem = driver.find_elements_by_tag_name("meta")
+    elem = driver.find_elements(By.TAG_NAME, "meta")
     for el in elem:
         try:
             

From 37de75b98db23cd64c5ccb754f73722d279831fc Mon Sep 17 00:00:00 2001
From: zluudg <8853567-zluudg@users.noreply.gitlab.com>
Date: Tue, 21 Mar 2023 12:50:55 +0100
Subject: [PATCH 3/6] Option to only run crawler. Fetched from gxy113@GitHub.
 Thanks!

---
 Classes.py | 12 +++++++++---
 crawl.py   |  3 ++-
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/Classes.py b/Classes.py
index 717787d..521f88f 100644
--- a/Classes.py
+++ b/Classes.py
@@ -482,7 +482,11 @@ def __init__(self, driver, url):
 
         logging.info("Init crawl on " + url)
 
-    def start(self, debug_mode=False):
+    def start(self, debug_mode=False, crawler_mode=False):
+        if(crawler_mode == False):
+            print("run both crawler module and attack module")
+        else:
+            print("only run the crawler module")
         self.root_req = Request("ROOTREQ", "get")
         req = Request(self.url, "get")
         self.graph.add(self.root_req)
@@ -568,8 +572,10 @@ def start(self, debug_mode=False):
                 #print(self.graph.toMathematica())
                 break
 
-        print("Done crawling, ready to attack!")
-        self.attack()
+        print("Done crawling")
+        if(crawler_mode == False):
+            print("Start Attacking")
+            self.attack()
 
     def extract_vectors(self):
         print("Extracting urls")
diff --git a/crawl.py b/crawl.py
index 132691a..54a2f1c 100644
--- a/crawl.py
+++ b/crawl.py
@@ -10,6 +10,7 @@
 parser = argparse.ArgumentParser(description='Crawler')
 parser.add_argument("--debug", action='store_true',  help="Dont use path deconstruction and recon scan. Good for testing single URL")
 parser.add_argument("--url", help="Custom URL to crawl")
+parser.add_argument("--crawler", action='store_true', help="Only run the crawler")
 args = parser.parse_args()
 
 # Clean form_files/dynamic
@@ -47,7 +48,7 @@
 
 if args.url:
     url = args.url
-    Crawler(driver, url).start(args.debug)
+    Crawler(driver, url).start(args.debug, args.crawler)
 else:
     print("Please use --url")
 

From d3e88f6843a35f4a361b4bdf7c4c82f0db2e78ec Mon Sep 17 00:00:00 2001
From: zluudg <8853567-zluudg@users.noreply.gitlab.com>
Date: Tue, 21 Mar 2023 14:49:09 +0100
Subject: [PATCH 4/6] Ignore more autogen files

---
 .gitignore | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.gitignore b/.gitignore
index a7d8ad2..031cf0d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -11,3 +11,5 @@ attack_lookup_table.txt
 form_xss.txt
 graph_mathematica.txt
 successful_xss.txt
+form_files/dynamic/
+successful_injections*.txt

From 1116fca7358501848a5f05e9981924fab1128525 Mon Sep 17 00:00:00 2001
From: zluudg <8853567-zluudg@users.noreply.gitlab.com>
Date: Tue, 21 Mar 2023 14:49:35 +0100
Subject: [PATCH 5/6] Oops, forgot some selenium 4.8 compat

---
 Functions.py        | 44 ++++++++++++++++++++++----------------------
 extractors/Forms.py |  2 +-
 2 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/Functions.py b/Functions.py
index 8c325b5..84936e4 100644
--- a/Functions.py
+++ b/Functions.py
@@ -321,7 +321,7 @@ def execute_event(driver, do):
 
     try:
         if   do.event == "onclick" or do.event == "click":
-            web_element =  driver.find_element_by_xpath(do.addr)
+            web_element =  driver.find_element(By.XPATH, By.XPATH, do.addr)
             logging.info("Click on %s" % web_element )
 
             if web_element.is_displayed():
@@ -330,30 +330,30 @@ def execute_event(driver, do):
                 logging.warning("Trying to click on invisible element. Use JavaScript")
                 driver.execute_script("arguments[0].click()", web_element)
         elif do.event == "ondblclick" or do.event == "dblclick":
-            web_element =  driver.find_element_by_xpath(do.addr)
+            web_element =  driver.find_element(By.XPATH, do.addr)
             logging.info("Double click on %s" % web_element )
             ActionChains(driver).double_click(web_element).perform()
         elif do.event == "onmouseout":
-            logging.info("Mouseout on %s" %  driver.find_element_by_xpath(do.addr) )
-            driver.find_element_by_xpath(do.addr).click()
-            el = driver.find_element_by_xpath(do.addr)
+            logging.info("Mouseout on %s" %  driver.find_element(By.XPATH, do.addr) )
+            driver.find_element(By.XPATH, do.addr).click()
+            el = driver.find_element(By.XPATH, do.addr)
             # TODO find first element in body
-            body = driver.find_element_by_xpath("/html/body")
+            body = driver.find_element(By.XPATH, "/html/body")
             ActionChains(driver).move_to_element(el).move_to_element(body).perform()
         elif do.event == "onmouseover":
-            logging.info("Mouseover on %s" %  driver.find_element_by_xpath(do.addr) )
-            el = driver.find_element_by_xpath(do.addr)
+            logging.info("Mouseover on %s" %  driver.find_element(By.XPATH, do.addr) )
+            el = driver.find_element(By.XPATH, do.addr)
             ActionChains(driver).move_to_element(el).perform()
         elif  do.event == "onmousedown":
-            logging.info("Click (mousedown) on %s" %  driver.find_element_by_xpath(do.addr) )
-            driver.find_element_by_xpath(do.addr).click()
+            logging.info("Click (mousedown) on %s" %  driver.find_element(By.XPATH, do.addr) )
+            driver.find_element(By.XPATH, do.addr).click()
         elif  do.event == "onmouseup":
-            logging.info("Mouseup on %s" %  driver.find_element_by_xpath(do.addr) )
-            el = driver.find_element_by_xpath(do.addr)
+            logging.info("Mouseup on %s" %  driver.find_element(By.XPATH, do.addr) )
+            el = driver.find_element(By.XPATH, do.addr)
             ActionChains(driver).move_to_element(el).release().perform()
         elif  do.event == "change" or do.event == "onchange":
-            el = driver.find_element_by_xpath(do.addr)
-            logging.info("Change %s" %  driver.find_element_by_xpath(do.addr) )
+            el = driver.find_element(By.XPATH, do.addr)
+            logging.info("Change %s" %  driver.find_element(By.XPATH, do.addr) )
             if el.tag_name == "select":
                 # If need to change a select we try the different
                 # options
@@ -367,23 +367,23 @@ def execute_event(driver, do):
                         alert.dismiss()
             else:
                 # If ot a <select> we try to write
-                el = driver.find_element_by_xpath(do.addr)
+                el = driver.find_element(By.XPATH, do.addr)
                 el.clear()
                 el.send_keys("jAEkPot")
                 el.send_keys(Keys.RETURN)
         elif  do.event == "input" or do.event == "oninput":
-            el = driver.find_element_by_xpath(do.addr)
+            el = driver.find_element(By.XPATH, do.addr)
             el.clear()
             el.send_keys("jAEkPot")
             el.send_keys(Keys.RETURN)
-            logging.info("oninput %s" %  driver.find_element_by_xpath(do.addr) )
+            logging.info("oninput %s" %  driver.find_element(By.XPATH, do.addr) )
 
         elif  do.event == "compositionstart":
-            el = driver.find_element_by_xpath(do.addr)
+            el = driver.find_element(By.XPATH, do.addr)
             el.clear()
             el.send_keys("jAEkPot")
             el.send_keys(Keys.RETURN)
-            logging.info("Composition Start %s" %  driver.find_element_by_xpath(do.addr) )
+            logging.info("Composition Start %s" %  driver.find_element(By.XPATH, do.addr) )
 
         else:
             logging.warning("Warning Unhandled event %s " % str(do.event) )
@@ -470,7 +470,7 @@ def form_fill(driver, target_form):
                 # TODO Need better COMPARE!
                 if( current_form.action == target_form.action and current_form.method ==  target_form.method ):
                     for js_el in js_form['elements']:
-                        web_el = driver.find_element_by_xpath(js_el['xpath'])
+                        web_el = driver.find_element(By.XPATH, js_el['xpath'])
                         inputs.append(web_el)
                     break
 
@@ -721,7 +721,7 @@ def ui_form_fill(driver, target_form):
 
 
     for source in target_form.sources:
-        web_element =  driver.find_element_by_xpath(source['xpath'])
+        web_element =  driver.find_element(By.XPATH, source['xpath'])
 
         if web_element.get_attribute("maxlength"):
             try:
@@ -743,7 +743,7 @@ def ui_form_fill(driver, target_form):
                 logging.error("[inputs] also faild with JS " + str(web_element)  )
 
 
-    submit_element =  driver.find_element_by_xpath(target_form.submit)
+    submit_element =  driver.find_element(By.XPATH, target_form.submit)
     submit_element.click()
 
 def set_standard_values(old_form):
diff --git a/extractors/Forms.py b/extractors/Forms.py
index eb5418b..78da978 100644
--- a/extractors/Forms.py
+++ b/extractors/Forms.py
@@ -69,7 +69,7 @@ def parse_form(el, driver):
 
             if( current_form.method == form.method and current_form.action == form.action ):
                 for js_el in js_form['elements']:
-                    web_el = driver.find_element_by_xpath(js_el['xpath'])
+                    web_el = driver.find_element(By.XPATH, js_el['xpath'])
                     # print("Adding js form input", js_el, web_el)
                     inputs.append(web_el)
                 break

From 2a077eae5b166fd5b776adf070c9fbc62afc698b Mon Sep 17 00:00:00 2001
From: zluudg <8853567-zluudg@users.noreply.gitlab.com>
Date: Wed, 12 Apr 2023 15:50:05 +0200
Subject: [PATCH 6/6] Fixed faulty call to find_element

---
 Functions.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Functions.py b/Functions.py
index 84936e4..131daa4 100644
--- a/Functions.py
+++ b/Functions.py
@@ -321,7 +321,7 @@ def execute_event(driver, do):
 
     try:
         if   do.event == "onclick" or do.event == "click":
-            web_element =  driver.find_element(By.XPATH, By.XPATH, do.addr)
+            web_element =  driver.find_element(By.XPATH, do.addr)
             logging.info("Click on %s" % web_element )
 
             if web_element.is_displayed():