gitea-mirror/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-12-12 15:49:38 -08:00
Code Issues Packages Projects Releases Wiki Activity

Normalize page header for JWT, LDAP, LaTeX, OAuth, ORM

Browse Source
This commit is contained in:
Swissky
2024-11-10 15:28:12 +01:00
parent 2304101657
commit 1a3e605d64
10 changed files with 103 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
Prototype Pollution/README.md
View File

@@ -6,14 +6,14 @@
## Summary
* [Tools](#tools)
* [Labs](#labs)
* [Exploit](#exploit)
* [Methodology](#methodology)
* [Examples](#examples)
* [Manual Testing](#manual-testing)
* [Prototype Pollution via JSON input](#prototype-pollution-via-json-input)
* [Prototype Pollution in URL](#prototype-pollution-in-url)
* [Prototype Pollution Payloads](#prototype-pollution-payloads)
* [Prototype Pollution Gadgets](#prototype-pollution-gadgets)
* [Labs](#labs)
* [References](#references)
@@ -27,13 +27,7 @@
* [msrkp/PPScan](https://github.com/msrkp/PPScan) - Client Side Prototype Pollution Scanner
## Labs
* [YesWeHack Dojo - Prototype Pollution](https://dojo-yeswehack.com/XSS/Training/Prototype-Pollution)
* [PortSwigger - Prototype Pollution](https://portswigger.net/web-security/all-labs#prototype-pollution)
## Exploit
## Methodology
In JavaScript, prototypes are what allow objects to inherit features from other objects. If an attacker is able to add or modify properties of `Object.prototype`, they can essentially affect all objects that inherit from that prototype, potentially leading to various kinds of security risks.
@@ -174,6 +168,12 @@ A "gadget" in the context of vulnerabilities typically refers to a piece of code
Either create your own gadget using part of the source with [yeswehack/pp-finder](https://github.com/yeswehack/pp-finder), or try to use already discovered gadgets [yuske/server-side-prototype-pollution](https://github.com/yuske/server-side-prototype-pollution) / [BlackFan/client-side-prototype-pollution](https://github.com/BlackFan/client-side-prototype-pollution).
## Labs
* [YesWeHack Dojo - Prototype Pollution](https://dojo-yeswehack.com/XSS/Training/Prototype-Pollution)
* [PortSwigger - Prototype Pollution](https://portswigger.net/web-security/all-labs#prototype-pollution)
## References
- [A Pentester's Guide to Prototype Pollution Attacks - Harsh Bothra - January 2, 2023](https://www.cobalt.io/blog/a-pentesters-guide-to-prototype-pollution-attacks)