Document Object Model (DOM) Injection |
Overview DOM Injection may occcur when the web page uses DOM manipulation to update the HTML of the page in response to user input. This is typically done using JavaScript. Video Tutorials Discovery Methodology Locate pages which use DOM manipulation to update the page without returning to the server. This can often be detected when a client proxy such as Burp does NOT intercept a request when a page updates. Exploitation Inject the field or event from which the page will be updated and inject HTML or JavaScript into the field or event. Example Use Firebug or similar to examine the message that appears when a new item is added to storage. The message appears in a label below the two input fields. Inject XSS into the "key" field. This is output into the message. Craft a XSS to read the DOM storage or perform other action. Videos Cross-Site Scripting: Part 1- What is Reflected XSS? Cross-Site Scripting: Part 2 - What is DOM-based XSS? Cross-Site Scripting: Part 3 - What is Persistent XSS? Cross-Site Scripting: Part 4 - How Output Encoding Stops XSS Cross-Site Scripting: Part 5 - How to Test Output Encoding What is Content Security Policy? - Part 1 What is Content Security Policy? - Part 2 What is Content Security Policy? - Part 3 What is Content Security Policy? - Part 4 What is Content Security Policy? - Part 5 Content Security Policy: Script Source (script-src) How to Set HTTP Headers Using Apache Server Check HTTP Headers with cURL How to Check HTTP Headers (Command Line) How to Check HTTP Headers from Browser Cookies: Part 1 - How HTTPOnly Works What is the XSS Protection Header? Check for Vulnerable Libraries in Your Web Application How to Enable Apache Mod-Headers |