hunter: xss hunter collects the reflection on the webview page and stores xss, which is convenient for emergency app and front-end page to encounter xss security problems when publishing

Posted by punzalan at 2020-02-25


At present, the domestic android app widely uses WebView to develop products quickly. If there are security problems in the design of the product itself on WebView, it is likely to generate XSS cross site or even cross domain script injection (for the pages displayed on WebView, the harm of XSS is no less than that of rce remote code execution PK AV browser Album: treatment of local tumor viewer, All elements and execution logic on WebView can be controlled by XSS. If XSS appears in the privilege domain, it can also cause rce security problems. Kcon-2013 black brother topic: clients crossed last year). XSS Hunter analyzes XSS features on WebView page, Provide the developers with the XSS information collection report in app WebView returned from the user's use process after the app is released to accelerate the hot patch update speed and stop the loss in time. The following are common reflective XSS test cases:

XSS-hunter<script>alert('xss');</script> -- 基本测试<img src="" onerror="alert('xss')" /> -- DOM <img> 元素事件XSS 执行测试<iframe src="" /> -- <iframe> 元素挂马测试<svg>/<script>alert('xss');</script> -- 组合HTML 元素绕过测试<div><a><img src="" onerror="alert('xss')" /> -- 混合HTML 元素和img 事件绕过测试" -- 初期XSS 绕过元素属性闭合测试" onerror="alert('xss'); -- 元素事件XSS 测试' " onload="alert('xss'); -- 元素事件XSS 误报BUG 测试" alt="change tips"; -- 元素XSS 修改非事件属性测试" /><script>alert('xss');</script> -- 绕过元素之外构造DOM XSS 测试 -- 元素XSS 误报测试

All passed the test. The detection effect of XSS Hunter: