Dom XSS Pocs

TeamMentor uses plenty of Javascript. Hence there might be more places than what was found in the past, which are vulnerable to DOM XSS. Have been trying to understand what Dom XSS means and created a few simple POCs for the same.

Here is a link to it:
https://github.com/arvinddoraiswamy/DomXSSPoc

Obviously please feel free to play around with it and improve it if you want or tell me if I have screwed up somewhere.

Advertisements
This entry was posted in Misc and tagged , , , . Bookmark the permalink.

3 Responses to Dom XSS Pocs

  1. Dinis Cruz says:

    This is cool stuff

    What about if we write some O2 Platform UnitTests (i.e. browser automation) to show this issues in action

    Also, would you like me to push this repo to Azure?

    Dinis

    • Thnx…do you mean the following?

      a) Pick a page/operation in TM. This could maybe be the previous places where XSS was found.
      b) Write code to automate those ‘screenshot’ tests? This becomes a unit test?

      I’m asking coz this is separate..as in…a single separate input page and a few PHP scripts. So how do you want me to use this in TM? More clarity will be helpful 🙂

  2. Dinis:
    I’m assuming that your PHP pages replicate these issues right?

    a) if you can find those on TM, yeah, but it will make it harder to make it a sell-contained demo/learning
    b) yes, we should have a test that: loads the page, puts payload, check to see if payload was triggered

    —–
    So effectively you’re saying…convert these individual POCs into an automated test? So it tests for DOM XSS automatically on all these PHP pages with a few payloads?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s