GitBook: [#3028] No subject
This commit is contained in:
parent
c7c8039587
commit
4a5d3a49d3
@ -2,7 +2,7 @@
|
||||
|
||||
## Discovering using Automatic tools
|
||||
|
||||
The tools [**https://github.com/dwisiswant0/ppfuzz**](https://github.com/dwisiswant0/ppfuzz?tag=v1.0.0) and [**https://github.com/kleiton0x00/ppmap**](https://github.com/kleiton0x00/ppmap) can be used to **find prototype pollution vulnerabilities**. 
|
||||
The tools [**https://github.com/dwisiswant0/ppfuzz**](https://github.com/dwisiswant0/ppfuzz?tag=v1.0.0)**,** [**https://github.com/kleiton0x00/ppmap**](https://github.com/kleiton0x00/ppmap) **and** [**https://github.com/kosmosec/proto-find**](https://github.com/kosmosec/proto-find) can be used to **find prototype pollution vulnerabilities**.
|
||||
|
||||
Moreover, you could also use the **browser extension** [**PPScan**](https://github.com/msrkp/PPScan) to **automatically** **scan** the **pages** you **access** for prototype pollution vulnerabilities.
|
||||
|
||||
@ -50,8 +50,6 @@ The gadget is the **code that will be abused once a PP vulnerability is discover
|
||||
|
||||
If the application is simple, we can **search** for **keywords** like **`srcdoc/innerHTML/iframe/createElement`** and review the source code and check if it l**eads to javascript execution**. Sometimes, mentioned techniques might not find gadgets at all. In that case, pure source code review reveals some nice gadgets like the below example.
|
||||
|
||||
|
||||
|
||||
## Recompilation of payloads for vulnerable libraries
|
||||
|
||||
* [https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#prototype-pollution](https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#prototype-pollution)
|
||||
|
Loading…
Reference in New Issue
Block a user