Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Testing script injection #466

Open
ChillVibesMushroom opened this issue May 1, 2023 · 6 comments
Open

Testing script injection #466

ChillVibesMushroom opened this issue May 1, 2023 · 6 comments
Labels
question Further information is requested

Comments

@ChillVibesMushroom
Copy link

Question

Your questions
Is it possible to test my personal Js script for injection using dalfox
@ChillVibesMushroom ChillVibesMushroom added the question Further information is requested label May 1, 2023
@hahwul
Copy link
Owner

hahwul commented May 1, 2023

To achieve your desired action, there are three specific flags that you can try.

  • --custom-alert-type and --custom-alert-value
  • --custom-payload

If you want to test with a custom payload, you can use the --custom-payload flag. The other flags are related to functions, such as alert. Currently, there is no direct way to modify the function, but you can achieve a similar effect with a simple trick (with --custom-alert-value).

dalfox url https://xss-game.appspot.com/level1/frame \
  --custom-alert-value "1);your_payload;console.log("

# [POC][R][GET][inHTML-none(1)-URL] https://xss-game.appspot.com/level1/frame?query=%3CsVg%2Fonload%3Dprompt%281%29%3Byour_payload%3Bconsole.log%28%29%3E
# https://xss-game.appspot.com/level1/frame?query=%3CsVg%2Fonload%3Dprompt%281%29%3Byour_payload%3Bconsole.log%28%29%3E

스크린샷 2023-05-01 오후 1 03 57

If you're interested, I can write some code and create a new flag that modifies the function.
(e.g --custom-func)

@ChillVibesMushroom
Copy link
Author

dalfox url https://xss-game.appspot.com/level1/frame \ --custom-payload /home/scripts/JavaScript.js

Would that input be right ?

@hahwul
Copy link
Owner

hahwul commented May 6, 2023

@ChillVibesMushroom
The use of flag is correct. However, I think it may differ from the desired behavior depending on what the file means and the purpose.

Could you show me an example of the .js file? I don't understand exactly what kind of action you want. 😭

@ChillVibesMushroom
Copy link
Author

@ChillVibesMushroom
The use of flag is correct. However, I think it may differ from the desired behavior depending on what the file means and the purpose.

Could you show me an example of the .js file? I don't understand exactly what kind of action you want. 😭

<script>alert("test");</script>

@hahwul
Copy link
Owner

hahwul commented May 16, 2023

@ChillVibesMushroom
I think that would be suitable for --custom-payload flag.

@ChillVibesMushroom
Copy link
Author

ChillVibesMushroom commented Jul 20, 2023
edited

Ill give it a shot right now Im looking into different frameworks I just remembered I actually do have to install Dalfox you know what I realized though that the tool is pretty powerful it doesn't automatically go incognito mode it just gets straight too it and alongside
other tools like hakrawler its powerful.

I was going to ask you but I never got the chance what tools would you use alongside dalfox when scanning a website for vulnerabilities.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hahwul @ChillVibesMushroom