Taras, On Tue, Feb 9, 2010 at 6:36 PM, Taras <naplan...@gmail.com> wrote: > Andres, > >> Take a look at grep.domXss , maybe we can improve it based on >> webscarab's code? Maybe we can work together with Martin in order to >> have a greater dom xss detection in both tools? > > Hmmm, interesting idea. I'll look. > >>> But what I want is processing whole page with all scripts on it and find >>> real vulnerability. Yes, it is browser behaviour =) Because as you >>> already >>> mentioned false positives for such vulnerability are possible. >>> So we need either JavaScript engine like Google Chrome V8 or some >>> mechanism >>> to use real web browser like Selenium. >> >> I think that the best way is to integrate w3af directly with a >> javascript engine or firefox. Integrating with a js engine might be a >> little harder, but faster and more flexible. Integrating with firefox >> could be done through something like >> http://hyperstruct.net/projects/mozrepl . > >> >> I've tested both options and found that w3af wasn't stable enough to >> add more complexities to it. This was a year ago, so maybe now its >> time to start thinking about making it more complicated ;) > > I has written PoC audit plugin for W3AF which uses Selenium to find DomXSS. > It works =)
I want to read that code and test it! =) Where is the download link? ;) > I'll also look at mozrepl and V8. > > > > -- > Taras > -- > "Software is like sex: it's better when it's free.", - Linus Torvalds. > > -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ ------------------------------------------------------------------------------ SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW http://p.sf.net/sfu/solaris-dev2dev _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
