[Owasp-leaders] Help...

gaz Heyes gazheyes at gmail.com
Tue Sep 11 11:42:05 UTC 2012


On 11 September 2012 11:24, Johanna Curiel <johanna.curiel at owasp.org> wrote:

> this looks like an excellent tool. With this I'll be able to test the
> vectors in the newest browsers and also check the sucessfull ones.
>

Shazzer also has a JSON API btw so you can automatically construct
cheatsheet.

Info:
http://shazzer.co.uk/json?action=info

Get a list of public vectors:
http://shazzer.co.uk/json?action=vectorList

Get a specific vector:
http://shazzer.co.uk/json?action=export&vectorID=203

The JSON includes a template for the vector as well as a PoC url

[{"vectorTemplate":"\u003cimg src=xxx:xxx
title=1*chr*\/onerror=logChr(*num*)\u003e","vector":"\u003cimg
src=xxx:xxx title=1%09\/onerror=logChr(1)\u003e","chr":9,.....

 Any non displayable characters are urlencoding.

You can find all sorts of vulnerabilities from crashes, charset issues and
DOM xss issues such as recently I found Firefox translates the host part of
an anchor:
http://shazzer.co.uk/database/All/Characters-allowed-as-lt-in-url

<a href="http://&#xfe64script&#xfe65;alert(1)&#xfe64&#xff0f;script&#xfe65"
id=x>test</a>
<script>
document.write(x.host);
</script>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120911/16b7c7f7/attachment-0001.html>


More information about the OWASP-Leaders mailing list