Maran XSS Filter

Posted on 23.12.2009 by Emil

In these days, many spammers are visiting our websites trying to spam our comments pages with robots or even trying to attack the server using SQL injection or javascript xss attacks or trying to upload files in our servers from attackers servers.

The best prevention method is to filter all REQUEST from outside, checking all POSTs and GETs sent to your website. Another thing is to check all variables used on you web , these shound be only in some chars range. For example, if you use for ids integers, this should be always a number.

Most of this attackers are using a russian script called c99.php which is saved into a txt file.

Download Link:

All the files has been moved in Project Hosting. From now on, You can follow and see the changes and new versions on

See here example of xss scripts used by hackerz in last 6 months, trying to hack our sites. If you search on google about c99 OR r57shell you'll find a lot of results and a lot of hosts having this file hidden in some folders.

I recomend to include this script in your webs to prevent attacks.

XSS attacks Examples.


02.07.2009- Check page extension(one page extension allowed). V1.01
03.06.2009- History of xss attacks from last 6 months.
07.12.2008- none. V1.0

Other resources: