Skip to content

Category Archives: fuzzing

Javascript protocol fuzz results

Well it seems that Firefox 2.0.0.14 has provided the most interesting results with my protocol fuzzer.

Char: 56320, link: jav�ascript:
Char: 56321, link: jav�ascript:
Char: 56322, link: jav�ascript:
Char: 56323, link: jav�ascript:
Char: 56324, link: jav�ascript:
Char: 56325, link: jav�ascript:
,, ,, ,, ,,

All the way to:-

char: 57343, link: jav�ascript:

and hex entities but with a semi-colon:-

From:
Char: 56320, link: jav�ascript:

To:
Char: 57343, link: [...]

Posted 30 June 2008 Gareth Heyes § Security § javascript § php § xss Comments (11)

Javascript protocol fuzzer

Continuing the theme of fuzzers, I’ve wrote a Javascript protocol fuzzer. The goal was to try and produce every variation of javascript execution from links. It uses PHP and Javascript in order to maximize the speed of scanning, this means it can scan around 5000 links at a time.
Any ideas on improving the options or [...]

Posted 25 June 2008 Gareth Heyes § Security § javascript § php Comments (7)

XSS tag fuzzer

It’s been a while since I’ve blogged but I’m pretty busy at the moment with my new baby and also moving jobs as I was made redundant. I thought I’d combine my work with my blogging as I’m working on some XSS vectors for IE8.
During the process I built a simple tag fuzzer which [...]

Posted 18 June 2008 Gareth Heyes § Security § javascript § xss Comments (2)

Hackvertor fuzzing tool

I’ve created a separate tool for HTML/JS fuzzing, I decided to do this because Hackvertor does all the hard work of conversion and I can simply extend the functionality without writing much code. The tool is already very powerful and lets you traverse unicode characters and perform whatever conversions you require and in any position [...]

Posted 18 December 2007 Gareth Heyes § Security § hackvertor § xss Comments (6)