DOMXSS is not Dead

DOMXSS is definitely still "a thing" on the Internet and can be hard to detect, especially if buried in third party JS libraries or under 4 layers of JQuery abstractions. The publicly available tools to detect DOMXSS don't seem to have evolved much since DOMinator in 2011 and can be difficult to use in a real-world testing scenario. A weekend project of mine investigating in-browser JS taint analysis turned into a "good enough" tool that quickly found a vulnerability in a third-party service used by hundreds of thousands of websites. This tool will be demonstrated and released as open source for the community to build on.

Presented at Security Fest 2019.

Speaker: Olle Segerdahl

About Olle Segerdahl

Olle Segerdahl

Olle is a veteran of the IT security industry, having worked with both “breaking” and “building” security solutions for over 20 years. During that time, he has worked on securing classified systems, critical infrastructure and cryptographic products as well as building software whitelisting solutions used by industrial robots and medical equipment. He is currently a Principal Consultant in F-Secure’s technical security consulting practice.

 
Get all relevant information and news regarding Security Fest, when we release recordings of talks, etc.