msrkp / ppscan Goto Github PK
View Code? Open in Web Editor NEWClient Side Prototype Pollution Scanner
License: MIT License
Client Side Prototype Pollution Scanner
License: MIT License
Hi -
This may be "user error" but I am not able to see which parameters are vulnerable within the extension box like in the example you provided in the README.md. I can find the effected parameters if I go back through the burp history, but it would be easier to see in the extension output box. Again, it could be something on my end - I am using the version of Chrome that comes with Burp Suite Pro (90.0.4430.93). I have attached a screenshot of what I mean, what you see in the screenshot is the only data available to me, I am not able to expand on any of the categories.
Not sure why. Is this a problem with the most recent versions of Chrome or am I doing something wrong?
Website here is https://ctf.nikitastupin.com/pp/known.html
Thank you
Hi,
as title. It's possible there is no real security risk behind it, especially when the target is not vulnerable to prototype pollution. However I think it would still be best practice to not reference as part of the extension a parked domain that in the future could be hijacked.
Example:
https://example.com/#__proto__[attrs][src]=1&__proto__[src]=//p6.is/ppscan.php
https://example.com/#__proto__[BOOMR]=1&__proto__[url]=//p6.is/ppscan.php
I would like to install the PPScan. I am not able to find any documentation for installation.
revise the code at scripts/popup.js:88
function listFound(found) {
// foundList.innerHTML = '';
foundLabel.style.display = foundList.style.display = found.length > 0 ? 'block' : 'none';
found.forEach((str) => {
try {
const line = JSON.parse(str);
const tr = document.createElement("tr");
if (line['domain'] == 'null')
hostname = line['domain'];
else
hostname = new URL(line['domain']).hostname;
tr.innerHTML = `<td><a target="_blank" href="${line['domain']}">${hostname}</a></td><td>${line['type']}</td><td><a target="_blank" href="${line['file']}">${line['file']}:${line['lineCol']}</a></td>`;
foundList.appendChild(tr);
} catch (e) {
const tr = document.createElement("tr");
tr.innerHTML = `<td><a target="_blank" href="${str}">${new URL(str).hostname}</a></td><td>brute</td><td><a target="_blank" href="${str}">${str}</a></td>`;
foundList.appendChild(tr);
}
});
}
I got following message in type column
What it means ?
Type
| Unknown Lib [7] |
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.