TENDING_$type=grid$count=5$tbg=rainbow$meta=0$snip=0$rm=0$show=home

REFLECTOR Burp Suite Plugin: Find Reflected XSS on Page in Real-time

Monday, 23 October 2017 Edit this post

REFLECTOR v1.0 Burp Suite extension is able to find reflected XSS on the page in real-time while browsing on the website and inclu...


REFLECTOR v1.0

Burp Suite extension is able to find reflected XSS on the page in real-time while browsing on the website and include some features as:
  • Highlighting of reflection in the response tab.
  • Test which symbols is allowed in this reflection.
  • Analyze of reflection context.
  • Content-Type whitelist.

Usage

After plugin install you just need to start work with the tested web-application. Every time when reflection is found, reflector defines severity and generates burp issue. 

Each burp issue includes detailed info about the reflected parameter, such as:

  • Symbols that allowed in this reflection.
  • Highlighting of reflection value in response.
  • Reflection context analyze.

Allowed Sybmols Analyse


When the reflection is found an option "Aggressive mode" is activated, the reflector will check which of special-symbols are displayed on this page from vulnerable parameters. For this action, reflector composes additional requests for each reflected parameter. In the example, while he was working with elkokc.ml website reflector is generated issue with a detailed information about reflection. There are 3 reflections for "search" parameter and each of them pass special symbols. Because of the possibility of displaying special characters issue severity is marked as high. Every time when reflection is found reflector define severity and generate burp issue.

Context Analyse

In the "Check context" mode reflector it does not only show special characters that are reflected the page but also figure out a character that allows breaking the syntax in the page code. In the example, you may see server response by reflector extension. Parameter "search" was sent with a payload - p@y<"'p@y. As a result, it was reflected a few times in different contexts.


  • reflection with next characters - ',", < and the double quote allow to exit from this context and write HTML code.
  • reflection with next characters - ", < and the bracket allow to inject HTML-tags.
  • reflection with next characters - ',", < and the single quote allow to exit from js variable context and write malicious code.


In the issue information it's marked as:


  • Context char - a character that allows breaking the syntax.
  • Other chars - other chars that are reflected without context. 

Reflection Navigation

Navigation by arrow buttons in the response tab.

Settings


  • Scope only - allow reflector to work only with a scope added websites.
  • Aggressive mode - reflector generates an additional request with a test payload.
  • Check context - activate check context mode.

Moreover, you can manage content-types whitelist with which reflector plugin should work. But if you will use another type except for text/HTML, this can lead to slowdowns in work.

Respected Authors

Shvetsov Alexandr
Dimitrenko Egor


Labels:

SHARE:

Twitter Facebook Google Pinterest

Important Notice

For Educational and Informational Purposes Only.

The information contained in our Website, Programs, and Services is for educational and informational purposes only and is made available to you as self-help tools for your own use. I am not responsible for any kind of damage hardware and software and not liable for any kind of unethical activity.
Name

Amazon,1,Amazon Web Service,1,Auditing,2,AWS,1,BaRMIe,1,Books,1,Brup Suite Plugin,1,Burp Suite,1,Cloudflare,1,CSRF,1,CVE,1,Cyber Crime,1,CyberScan,1,Data Breach,1,DumpsterFire Toolset,1,EllaScanner,1,Enumeration Tool,1,Exploit Pack,1,Exploiting,1,Github,1,Information Gathering,1,Kali Linux,1,Linux,4,Mac OS X,2,News,1,OWASP,1,Pentesting,2,Pentesting Framework,2,Privilege Escalation,1,Python Keylogger,1,Reflector,1,Reptile,1,Rootkit,1,Scanner,2,Seccubus,1,Security,2,theHarvester,1,Tools,17,VHostScan,1,Vulnerability,2,WAF,1,Whole Foods Market Breached,1,Windows,3,XSS,1,ZAP,1,
ltr
item
Exploitable — Cyber Security News & Hacking Tools: REFLECTOR Burp Suite Plugin: Find Reflected XSS on Page in Real-time
REFLECTOR Burp Suite Plugin: Find Reflected XSS on Page in Real-time
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3vm-g2_acBicjdZL_BqcCgGx8wDWqrX9GcY5uYGYmKJqCQWhQSxTQFEiXyP39NeSYdqLhYDnaDoH9B3qe5hVHG0yAYOjEEV8bJh4aysUlJ48o3Mpnb277tYbXuAi7O3sQ8-YfKoXvpFk/s320/refelector-burp-suite-plugin.jpg
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3vm-g2_acBicjdZL_BqcCgGx8wDWqrX9GcY5uYGYmKJqCQWhQSxTQFEiXyP39NeSYdqLhYDnaDoH9B3qe5hVHG0yAYOjEEV8bJh4aysUlJ48o3Mpnb277tYbXuAi7O3sQ8-YfKoXvpFk/s72-c/refelector-burp-suite-plugin.jpg
Exploitable — Cyber Security News & Hacking Tools
https://exploitables.blogspot.com/2017/10/reflector-burp-suite-plugin.html
https://exploitables.blogspot.com/
https://exploitables.blogspot.com/
https://exploitables.blogspot.com/2017/10/reflector-burp-suite-plugin.html
true
8536886516600496120
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS CONTENT IS PREMIUM Please share to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy