Class: Watobo::Modules::Passive::Xss_dom
- Inherits:
-
PassiveCheck
- Object
- PassiveCheck
- Watobo::Modules::Passive::Xss_dom
- Defined in:
- modules/passive/xss_dom.rb
Constant Summary
Constants included from Constants
Constants::AC_GROUP_APACHE, Constants::AC_GROUP_DOMINO, Constants::AC_GROUP_ENUMERATION, Constants::AC_GROUP_FILE_INCLUSION, Constants::AC_GROUP_FLASH, Constants::AC_GROUP_GENERIC, Constants::AC_GROUP_JBOSS, Constants::AC_GROUP_JOOMLA, Constants::AC_GROUP_SAP, Constants::AC_GROUP_SQL, Constants::AC_GROUP_TYPO3, Constants::AC_GROUP_XSS, Constants::AUTH_TYPE_BASIC, Constants::AUTH_TYPE_DIGEST, Constants::AUTH_TYPE_NONE, Constants::AUTH_TYPE_NTLM, Constants::CHAT_SOURCE_AUTO_SCAN, Constants::CHAT_SOURCE_FUZZER, Constants::CHAT_SOURCE_INTERCEPT, Constants::CHAT_SOURCE_MANUAL, Constants::CHAT_SOURCE_MANUAL_SCAN, Constants::CHAT_SOURCE_PROXY, Constants::CHAT_SOURCE_UNDEF, Constants::DEFAULT_PORT_HTTP, Constants::DEFAULT_PORT_HTTPS, Constants::FINDING_TYPE_HINT, Constants::FINDING_TYPE_INFO, Constants::FINDING_TYPE_UNDEFINED, Constants::FINDING_TYPE_VULN, Constants::FIRST_TIME_FILE, Constants::GUI_REGULAR_FONT_SIZE, Constants::GUI_SMALL_FONT_SIZE, Constants::ICON_PATH, Constants::LOG_DEBUG, Constants::LOG_INFO, Constants::SCAN_CANCELED, Constants::SCAN_FINISHED, Constants::SCAN_PAUSED, Constants::SCAN_STARTED, Constants::TE_CHUNKED, Constants::TE_COMPRESS, Constants::TE_DEFLATE, Constants::TE_GZIP, Constants::TE_IDENTITY, Constants::TE_NONE, Constants::VULN_RATING_CRITICAL, Constants::VULN_RATING_HIGH, Constants::VULN_RATING_INFO, Constants::VULN_RATING_LOW, Constants::VULN_RATING_MEDIUM, Constants::VULN_RATING_UNDEFINED
Instance Method Summary collapse
- #do_test(chat) ⇒ Object
-
#initialize(project) ⇒ Xss_dom
constructor
A new instance of Xss_dom.
- #showError(chatid, message) ⇒ Object
Constructor Details
#initialize(project) ⇒ Xss_dom
Returns a new instance of Xss_dom.
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 |
# File 'modules/passive/xss_dom.rb', line 32 def initialize(project) @project = project super(project) @info.update( :check_name => 'DOM XSS', # name of check which briefly describes functionality, will be used for tree and progress views :description => "Checks for suspcious javascript functions which manipulate the Browsers DOM and may be misused for Cross-Site-Scripting-Attacks.", # description of checkfunction :author => "Andreas Schmidt", # author of check :version => "1.0" # check version ) @finding.update( :threat => 'Parameter value may be exploitable for XSS.', # thread of vulnerability, e.g. loss of information :class => "DOM XSS", # vulnerability class, e.g. Stored XSS, SQL-Injection, ... :type => FINDING_TYPE_HINT # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN ) @dom_functions = [ 'document\.write', 'document\.url', 'document\.location', #'document\.execCommand', 'document\.attachEvent', 'eval\(', 'window\.open', 'window\.location', #'document\.create', "\.innerHTML", "\.outerHTML"] end |
Instance Method Details
#do_test(chat) ⇒ Object
68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 |
# File 'modules/passive/xss_dom.rb', line 68 def do_test(chat) begin return true unless chat.response.content_type =~ /(text|script)/ @dom_functions.each do |pattern| if chat.response.body =~ /(#{pattern})/i then match = $1.strip match.gsub!(/^[\.\(\)]+/,'') match.gsub!(/[\.\(\)]+$/,'') addFinding( :check_pattern => "#{pattern}", :proof_pattern => "#{pattern}", :chat=>chat, # :title =>"[#{pattern}] - #{chat.request.path}", :title =>"[ #{match} ]" #:class => "DOM XSS" ) end end rescue => bang # raise showError(chat.id, bang) end end |
#showError(chatid, message) ⇒ Object
62 63 64 65 66 |
# File 'modules/passive/xss_dom.rb', line 62 def showError(chatid, ) puts "!!! Error" puts "Chat: [#{chatid}]" puts end |