Script-based XSS vulnerability detection
First Claim
1. A method of detecting XSS (Cross-site Scripting) vulnerable URLs (Uniform Resource Locator), comprising:
- incorporating a piece of test code designed to expose an XSS vulnerability into a dynamic URL;
loading the dynamic URL into a browser;
sending a first request to a web server in connection with said dynamic URL;
receiving a web page from said web server generated in response to said first request that includes script code based upon said test code;
loading said web page into said browser;
executing said script code of said web page by said browser;
sending a second request to said web server as a result of said browser executing said script code, said script code including said second request; and
reporting the dynamic URL as XSS vulnerable when it is determined that said browser executed said script code and it is determined that said browser sent said second request as a result of said browser executing said script code.
2 Assignments
0 Petitions
Accused Products
Abstract
Detection of dynamic URLs that are vulnerable to XSS attacks is described. First, a dynamic URL is crafted by incorporating a piece of test code designed to expose an instance of XSS vulnerabilities. Next, the crafted URL is loaded into a browser, which causes a web page to be generated that may include the piece of test code. If, upon loading the web page into the browser, the piece of test code is executed by the browser and the browser sends a request to a web server as a result, then the URL is reported as XSS vulnerable. Others, the URL is not vulnerable to this instance of XSS attack. The test may be repeated multiple times for different pieces of test code, each piece designed to expose a different instance of XSS vulnerabilities.
64 Citations
26 Claims
-
1. A method of detecting XSS (Cross-site Scripting) vulnerable URLs (Uniform Resource Locator), comprising:
-
incorporating a piece of test code designed to expose an XSS vulnerability into a dynamic URL; loading the dynamic URL into a browser; sending a first request to a web server in connection with said dynamic URL; receiving a web page from said web server generated in response to said first request that includes script code based upon said test code; loading said web page into said browser; executing said script code of said web page by said browser; sending a second request to said web server as a result of said browser executing said script code, said script code including said second request; and reporting the dynamic URL as XSS vulnerable when it is determined that said browser executed said script code and it is determined that said browser sent said second request as a result of said browser executing said script code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for detecting XSS (Cross-site Scripting) vulnerable URLs (Uniform Resource Locator), comprising:
-
receiving, at a web server computer, a dynamic URL from a client computer over a network; incorporating a piece of test code designed to expose a XSS vulnerability into said dynamic URL to form a modified dynamic URL; loading the modified dynamic URL into a browser of said web server computer; receiving a first request at said web server computer in connection with the dynamic URL from the browser and generating a web page that includes script code in response to said first request; loading said web page into said browser; executing said script code of said web page in said browser; sending a second request to said web server computer from said browser as a result of said browser executing said script code, said script code including said second request; and reporting the dynamic URL as XSS vulnerable when it is determined that the piece of script code is executed by the browser and when it is determined that said browser sent said second request as a result of said browser executing said script code of said web page. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A method of detecting XSS (Cross-site Scripting) vulnerable URLs (Uniform Resource Locator), comprising:
-
designing a plurality of pieces of test code, each piece exposing a different XSS vulnerability in a dynamic URL; and for each of the plurality pieces of test code, incorporating the piece of test code into the dynamic URL; loading the dynamic URL into a browser; receiving a web page in response to the dynamic URL that includes script code based upon said test code; loading the web page into the browser; executing said script code of said web page by said browser; sending a request to a web server as a result of said browser executing said script code, said script code including said request; and reporting the dynamic URL as XSS vulnerable when it is determined that said browser executed said script code and it is determined that said browser sent said request as a result of said browser executing said script code. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26)
-
Specification