|
Penetration Testing
Testing for DOM-Based XSS....input requested Aug 23 2008 09:32PM Joseph McCray (joe learnsecurityonline com) (2 replies) Re: Testing for DOM-Based XSS....input requested Aug 25 2008 06:52PM Tim (tim-pentest sentinelchicken org) |
|
 Privacy Statement |
located on The Web Application Security Consortium website.
DOM Based Cross Site Scripting or XSS of the Third Kind
http://www.webappsec.org/projects/articles/071105.shtml
He discusses common implementation mistakes/things to look for.
Regards,
- Robert
>
> I got into to this discussion yesterday with someone about DOM-Based
> XSS. It got me thinking about how you could programmatically test for
> it.
>
> I'm really having a tough time with it. I'm hoping someone can shed some
> light on it, and hopefully if I can understand it better I can write
> some sort of check to actually test for it.
>
> According to Wikipedia:
> =======================================================================
> With DOM-based cross-site scripting vulnerabilities, the problem exists
> within a page's client-side script itself. For instance, if a piece of
> JavaScript accesses a URL request parameter and uses this information to
> write some HTML to its own page, and this information is not encoded
> using HTML entities, an XSS hole will likely be present, since this
> written data will be re-interpreted by browsers as HTML which could
> include additional client-side script.
> =======================================================================
>
> So does that mean I'd have to monitor all GET/POST requests made to the
> server, and their related responses to see if a string from the REQUEST
> could be found in the response?
>
> Does anyone have any code snippets I could look at, or at least some
> conceptual guidance they can give me?
>
> Thanks in advance,
>
> --
> Joe McCray
> Toll Free: 1-866-892-2132
> Email: joe (at) learnsecurityonline (dot) com [email concealed]
> Web: https://www.learnsecurityonline.com
>
>
> Learn Security Online, Inc.
>
> * Security Games * Simulators
> * Challenge Servers * Courses
> * Hacking Competitions * Hacklab Access
>
> "The only thing worse than training good employees and losing them
> is NOT training your employees and keeping them."
>
> - Zig Ziglar
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Top 5 Common Mistakes in
> Securing Web Applications
> Get 45 Min Video and PPT Slides
>
> www.cenzic.com/landing/securityfocus/hackinar
> ------------------------------------------------------------------------
>
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
[ reply ]