A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities
Switch branches/tags
Nothing to show
Clone or download
Latest commit 97062a5 Apr 18, 2017
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
example initial commit Oct 12, 2016
src/main/java/burp Update BurpExtender.java Feb 1, 2017
.gitignore initial commit Oct 12, 2016
LICENSE initial commit Oct 12, 2016
NOTICE initial commit Oct 12, 2016
README.md Updated link to blogpost Oct 19, 2016
pom.xml initial commit Oct 12, 2016

README.md

#SOMEtime

SOMEtime is a passive plugin for the security scanner BurpSuite which will monitor HTTP Request and Responses to determine if a webpage is vulnerable to Same Origin Method Execution.

For more details on Same Origin Method Execution see Ben Hayak's talk or our post on LinkedIn

##How To Use - Burp Pro Passive Scanner Plugin

  1. Clone the repository
  2. Build the code with Maven
$ mvn compile && mvn package
  1. Load Burp Suite Professional
  2. From the Extender tab in Burp Suite, add sometime-0.0.1-SNAPSHOT-jar-with-dependencies.jar as a standard Java-based Burp Extension
  3. Enable Burp Scanner Passive Scanning
  4. Browse your target web application. All requests and responses will be tested for Same Origin Method Execution

##Example There is a directory included in this repository containing proof-of-concept code which showcases the vulnerability. To see the vulnerability, first add 'attacker.com' and 'victim.com' to point to your webserver in '/etc/hosts'. Then, navigate to 'main.html' where the exploit should run. If all works correctly, then there should be an alert pop-up on victim.com, displaying Javascript execution.