Taras, On Mon, Feb 8, 2010 at 8:26 PM, Andres Riancho <andres.rian...@gmail.com> wrote: > Taras, > > On Mon, Feb 1, 2010 at 6:02 PM, Taras <naplan...@gmail.com> wrote: >> Hi, Martin! >> >> Thanks for answer! >> >>> I don't know of selenium, but testing for dom-based xss can be done >>> passively by checking for use (assignments) using any of the following: >>> window.location,window.top.location document.URL document.location >>> document.URLUnencoded >> >> Yes, I also thought about simply grepping response for such patterns. > > Take a look at grep.domXss , maybe we can improve it based on > webscarab's code? Maybe we can work together with Martin in order to > have a greater dom xss detection in both tools? > >> But what I want is processing whole page with all scripts on it and find >> real vulnerability. Yes, it is browser behaviour =) Because as you already >> mentioned false positives for such vulnerability are possible. >> So we need either JavaScript engine like Google Chrome V8 or some mechanism >> to use real web browser like Selenium. > > I think that the best way is to integrate w3af directly with a > javascript engine or firefox. Integrating with a js engine might be a > little harder, but faster and more flexible. Integrating with firefox > could be done through something like > http://hyperstruct.net/projects/mozrepl . > > I've tested both options and found that w3af wasn't stable enough to > add more complexities to it. This was a year ago, so maybe now its > time to start thinking about making it more complicated ;)
Here are a couple of links that might be of your interest: http://www.advogato.org/article/1014.html http://pyxpcomext.mozdev.org/no_wrap/tutorials/pyxulrunner/python_xulrunner_about.html >>> The source for that functionality in Webscarab can be viewed at >>> >>> >>> http://martin.swende.se/gitweb.cgi?p=webscarab;a=blob;f=src/org/owasp/webscarab/plugin/fragments/Fragments.java;hb=HEAD >> >> How can I import this code into webscarab? >> >> >> >> -- >> Taras >> -- >> "Software is like sex: it's better when it's free.", - Linus Torvalds. >> >> >> ------------------------------------------------------------------------------ >> The Planet: dedicated and managed hosting, cloud storage, colocation >> Stay online with enterprise data centers and the best network in the >> business >> Choose flexible plans and management services without long-term contracts >> Personal 24x7 support from experience hosting pros just a phone call away. >> http://p.sf.net/sfu/theplanet-com >> _______________________________________________ >> W3af-develop mailing list >> W3af-develop@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/w3af-develop >> >> > > > > -- > Andrés Riancho > Founder, Bonsai - Information Security > http://www.bonsai-sec.com/ > http://w3af.sf.net/ > -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ ------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
