25 Million Flows Later - Large-scale Detection of DOM-based XSS

Lekies, Sebastian and Stock, Ben and Johns, Martin
(2013) 25 Million Flows Later - Large-scale Detection of DOM-based XSS.
In: 20th ACM Conference on Computer and Communications Security Berlin 4.11.2013.
Conference: CCS - ACM Conference on Computer and Communications Security

[img]
Preview
Text
domxss.pdf - Published Version

Download (968kB) | Preview

Abstract

In recent years, the Web witnessed a move towards sophis- ticated client-side functionality. This shift caused a signifi- cant increase in complexity of deployed JavaScript code and thus, a proportional growth in potential client-side vulnera- bilities, with DOM-based Cross-site Scripting being a high impact representative of such security issues. In this paper, we present a fully automated system to detect and validate DOM-based XSS vulnerabilities, consisting of a taint-aware JavaScript engine and corresponding DOM implementation as well as a context-sensitive exploit generation approach. Using these components, we conducted a large-scale analysis of the Alexa top 5000. In this study, we identified 6167 unique vulnerabilities distributed over 480 domains, show- ing that 9,6% of the examined sites carry at least one DOM- based XSS problem.

Actions

Actions (login required)

View Item View Item