Subscribe to the RSS feed

Grabber

Entries feed - Comments feed

Monday, January 29 2007

When Black Box becomes Dark Box...

By Romain on Monday, January 29 2007, 13:37 UTC

What if - in some cases - a Web Application Scanner (black box tester) could tell you that you have this vulnerability/weakness in your code at this line?

Got some ideas this morning on this, I'll try to implement this in Grabber in the next weeks.

Tuesday, December 26 2006

Extended JavaScript/CSS parser for Grabber

By Romain on Tuesday, December 26 2006, 15:04 UTC

I took some time this morning to extend the JavaScript parser; I also added a CSS parser.
The parsers can detect some basic comment based obfuscation. The JavaScript parser is also launched on the CSS's expression and url functions.
Now, I only have to parse the onbody, onmouseover etc. to get the JavaScript in these tags (samethings with the style tag for CSS); it should be done easily.

The following lines should be detected:

  • JS in CSS: background: expression(foo("script.ext"));
  • CSS: background: url(http://bad.com/script.jpg)
  • CSS: <style>

@imp/* This is a nested comment */ort('css-parser-nested-comment.css') </style>

  • JavaScript: foo(){var script="script.ext";var params="?kikoo=plop";async(script+params);}



The new Spider with the parser will be added in the next Grabber release.
I also have to say that I'm very proud that Simon Roses Femerling chooses to include the JavaScript/CSS parser from Grabber in the OWASP Pantera project :) !

no comment

http://rgaucher.info/bot