4MMSR-Network Security-2012-2013-taint assisted dom xss fuzzing : Différence entre versions

De Ensiwiki
Aller à : navigation, rechercher
Ligne 11 : Ligne 11 :
 
|keywords=fuzzing,DOM/type-0 XSS,data tainting
 
|keywords=fuzzing,DOM/type-0 XSS,data tainting
  
|description=TODO
+
|description=DOM XSS is an injection vulnerability for which few attack grammars do exist.
  
|planning=
+
|expected_output=
 
* write a DOM-XSS attack grammar
 
* write a DOM-XSS attack grammar
 
* interface with Dominator Pro to obtain:  
 
* interface with Dominator Pro to obtain:  
 
** the number of tainted nodes
 
** the number of tainted nodes
** if a DOM XSS attack did occur or not
+
** if a DOM XSS attack did occur or not (test verdict)
 +
 
 +
 
  
 
|research_questions=
 
|research_questions=
Ligne 26 : Ligne 28 :
 
* [https://dominator.mindedsecurity.com/ dominator pro]
 
* [https://dominator.mindedsecurity.com/ dominator pro]
  
|expected_output=
+
 
*
+
  
  
 
}}
 
}}

Version du 30 décembre 2012 à 12:28

Mycomputer.png  Deuxième Année  CDROM.png  Informatique  Security logo.png  Sécurité  4MMSR-mini research logo.jpg  4MMSR-mini research project 

Taint Assisted DOM-XSS Fuzzing

This is a "mini" research project for the course 4MMSR-Network Security

Keywords

fuzzing,DOM/type-0 XSS,data tainting

Description

DOM XSS is an injection vulnerability for which few attack grammars do exist.

Expected output

  • write a DOM-XSS attack grammar
  • interface with Dominator Pro to obtain:
    • the number of tainted nodes
    • if a DOM XSS attack did occur or not (test verdict)

Research Questions

  • propose a methodology for producing a DOM-XSS grammar

References

Tools

Results

{{{results}}}

Get Started!

  • create an archive on the ensimag server, so that only your team members and I have access to it.
  • Créer_une_archive_partagée_avec_Git
  • obviously, do not forget to send me the path afterwards

Contacts

Fabien Duchene