Hi malware fighters,
You have the firekeeper extension installed inside Fx or flock browser, open and add the following rules;
alert (msg:”Possible HTML Injection detected!”; body_content:”“
alert (msg:”Possible XSS detected!”; body_content:”>alert(”
alert (msg:”Possible XSS detected!”; body_content:”>document.write(”
alert (msg:”Possible XSS detected!”; body_content:”>document.body.innerHTML =”
Start online testing here: http://www.zubrag.com/tools/sql-injection-test.php
Other online tools for XSS-vulnerability testing: http://www.zubrag.com/tools/
Begin automated testing here from this site:
http://alcazar.sisl.rites.uic.edu/~mike/cgi-bin/browser-neutral-xss/evaluation/effectiveness/xss-cheat-sheet/automate.php (these simulated test attacks here will not perform any malicious actions,
my good forum friends)
I get an alert box here now and for instance a link report like:
({status: ‘recorded’, goto: ‘http://alcazar.sisl.rites.uic.edu/~mike/cgi-bin/browser-neutral-xss/evaluation/effectiveness/xss-cheat-sheet/automate.php?action=getAttack&testId=1277136452211&no=69&scenario=a&auto=1’});
Happy hunt,
pol
P.S. for tags checking: http://www.zubrag.com/tools/html-tags-stripper.php
combined with possible exploit: http://www.securiteam.com/securitynews/5HP031PAKY.html
just use your imagination to pen-test…
Example:
Not found there but an obfuscation url exploit test: === Triggered rule ===
alert(url_content:“%3CSCRIPT”; nocase; msg:“ tags GET request cross site scripting attempt”; url_re:“/%3Cscript.*%3E/i”; reference:url,http://ha.ckers.org/xss.html; reference:url,http://en.wikipedia.org/wiki/Cross-site_scripting;)
Source adopted from: http://www.cgisecurity.com/lib/URLEmbeddedAttacks.html
D