Rust bindings for libinjection
Home Page: https://crates.io/crates/libinjection
License: Apache License 2.0
Rust bindings for libinjection.
libinjection to dependencies of Cargo.toml:libinjection = "0.2"extern crate libinjection;
use libinjection::{sqli, xss};let (is_sqli, fingerprint) = sqli("' OR '1'='1' --").unwrap();
assert!(is_sqli);
assert_eq!("s&sos", fingerprint);Fingerprints: Please refer to fingerprints.txt.
let is_xss = xss("<script type='text/javascript'>alert('xss');</script>").unwrap();
assert!(is_xss);
When I try to build on my machine (macOS 10.14.6, rustc 1.40.0-nightly).
I get an unable to clone libinjection error. I've included a trace below, but wondering if there are any special steps I need to take to get it to build locally? Thanks!
✘ ~/code/libinjection-rs master cargo build
Compiling libinjection v0.1.1 (/Users/me/code/libinjection-rs)
error: failed to run custom build command for `libinjection v0.1.1 (/Users/me/code/libinjection-rs)`
Caused by:
process didn't exit successfully: `/Users/me/code/libinjection-rs/target/debug/build/libinjection-e6642227de8a378d/build-script-build` (exit code: 101)
--- stderr
thread 'main' panicked at 'unable to clone libinjection', build.rs:54:9
stack backtrace:
0: backtrace::backtrace::libunwind::trace
at /Users/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.40/src/backtrace/libunwind.rs:88
1: backtrace::backtrace::trace_unsynchronized
at /Users/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.40/src/backtrace/mod.rs:66
2: std::sys_common::backtrace::_print_fmt
at src/libstd/sys_common/backtrace.rs:77
3: <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt
at src/libstd/sys_common/backtrace.rs:61
4: core::fmt::write
at src/libcore/fmt/mod.rs:1028
5: std::io::Write::write_fmt
at src/libstd/io/mod.rs:1412
6: std::sys_common::backtrace::_print
at src/libstd/sys_common/backtrace.rs:65
7: std::sys_common::backtrace::print
at src/libstd/sys_common/backtrace.rs:50
8: std::panicking::default_hook::{{closure}}
at src/libstd/panicking.rs:188
9: std::panicking::default_hook
at src/libstd/panicking.rs:205
10: std::panicking::rust_panic_with_hook
at src/libstd/panicking.rs:464
11: std::panicking::begin_panic
at /rustc/38048763e885a3ee139abf39d59a530b16484150/src/libstd/panicking.rs:400
12: build_script_build::main
at ./build.rs:54
The current version of libinjection is built from client9/libinjection which was last updated on Mar 12, 2018.
There is a newer fork libinjection/libinjection which, at the time of writing, has a few changes and bug fixes, with the latest commit being 14 days ago.
Hi,
Methods for bypass libinjection-rs of DOM base XSS
1- javascript:alert(eval("2*3"));
PoC : http://example.com/?returnURL=javascript:alert(1);
var redirectUrl = getUrlParameter('returnURL');
window.parent.location.href = redirectUrl;2- a tag when user click button and trigger alert :).
<a href="javascript:alert(1);"> click me </a>3- title value
`<img id="testz" title="javascript:alert(1)">`
<script>
document.location.href=window.testz.title;
</script>source image : https://twitter.com/Milad_Bahari/status/990539191544156160
[dependencies]
json = "0.11.13"
libinjection = "0.1"#[macro_use]
extern crate json;
extern crate libinjection;
use libinjection::{xss};
fn main() {
let data = object!{
"foo" => "javascript:alert(1);",
};
let is_xss = xss("javascript:alert(1);").unwrap();
let is_xss_2 = xss(&data.dump()).unwrap();
let is_xss_3 = xss("<img id='testz' title='javascript:alert(1)'>").unwrap();
println!("{}", data);
println!("{}", is_xss); // false
println!("{}", is_xss_2); // false
println!("{}", is_xss_3); // false
}Thanks,
Ramin - kernel security engineering
Best regards,
Hi,
The error happens when compiling this code.
I tried this code
$ src/main.rs
extern crate libinjection;
use std::str;
use libinjection::{xss};
fn main() {
let _b = "OVJtAFc=";
let bytes = base64::decode(_b).unwrap();
let _ok = str::from_utf8(&bytes).unwrap();
let _is_ok = xss(_ok).unwrap();
println!("{}", _is_ok);
}
$ Cargo.toml 1 ⨯
[package]
name = "new"
version = "0.1.0"
edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
libinjection = "0.2"
base64 = "0.13.0"
rustc --version --verbose:
rustc 1.58.1 (db9d1b20b 2022-01-20)
binary: rustc
commit-hash: db9d1b20bba1968c1ec1fc49616d4742c1725b4b
commit-date: 2022-01-20
host: x86_64-unknown-linux-gnu
release: 1.58.1
LLVM version: 13.0.0
# cargo run
Compiling new v0.1.0 (/home/kali/new)
Finished dev [unoptimized + debuginfo] target(s) in 0.46s
Running `target/debug/new`
thread 'main' panicked at 'called `Option::unwrap()` on a `None` value', src/main.rs:11:27
stack backtrace:
0: 0x563858ee94dc - std::backtrace_rs::backtrace::libunwind::trace::h09f7e4e089375279
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/../../backtrace/src/backtrace/libunwind.rs:93:5
1: 0x563858ee94dc - std::backtrace_rs::backtrace::trace_unsynchronized::h1ec96f1c7087094e
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/../../backtrace/src/backtrace/mod.rs:66:5
2: 0x563858ee94dc - std::sys_common::backtrace::_print_fmt::h317b71fc9a5cf964
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:67:5
3: 0x563858ee94dc - <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt::he3555b48e7dfe7f0
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:46:22
4: 0x563858f0372c - core::fmt::write::h513b07ca38f4fb1b
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/core/src/fmt/mod.rs:1149:17
5: 0x563858ee6c65 - std::io::Write::write_fmt::haf8c932b52111354
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/io/mod.rs:1697:15
6: 0x563858eeac30 - std::sys_common::backtrace::_print::h195c38364780a303
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:49:5
7: 0x563858eeac30 - std::sys_common::backtrace::print::hc09dfdea923b6730
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:36:9
8: 0x563858eeac30 - std::panicking::default_hook::{{closure}}::hb2e38ec0d91046a3
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:211:50
9: 0x563858eea7e5 - std::panicking::default_hook::h60284635b0ad54a8
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:228:9
10: 0x563858eeb2e4 - std::panicking::rust_panic_with_hook::ha677a669fb275654
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:606:17
11: 0x563858eead92 - std::panicking::begin_panic_handler::{{closure}}::h976246fb95d93c31
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:500:13
12: 0x563858ee9984 - std::sys_common::backtrace::__rust_end_short_backtrace::h38077ee5b7b9f99a
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:139:18
13: 0x563858eead29 - rust_begin_unwind
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:498:5
14: 0x563858ec3da1 - core::panicking::panic_fmt::h35f3a62252ba0fd2
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/core/src/panicking.rs:107:14
15: 0x563858ec3ced - core::panicking::panic::h86fc01e270142a61
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/core/src/panicking.rs:48:5
16: 0x563858eccb3e - core::option::Option<T>::unwrap::hd8f9d23cad4cf60f
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/core/src/option.rs:746:21
17: 0x563858ecc921 - new::main::h21ff5125dd81b9ee
at /home/kali/Desktop/source_code_fuzzing_course/Chapter06/arvancloud_libinjection/new/src/main.rs:11:18
18: 0x563858ecd02b - core::ops::function::FnOnce::call_once::h0c7e75edaedfd0f5
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/core/src/ops/function.rs:227:5
19: 0x563858eccc5e - std::sys_common::backtrace::__rust_begin_short_backtrace::hc3ffef76f0ea0d5c
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:123:18
20: 0x563858ecca71 - std::rt::lang_start::{{closure}}::h1086c611fdc767a2
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/rt.rs:145:18
21: 0x563858ee916b - core::ops::function::impls::<impl core::ops::function::FnOnce<A> for &F>::call_once::h7e688d7cdfeb7e00
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/core/src/ops/function.rs:259:13
22: 0x563858ee916b - std::panicking::try::do_call::h4be824d2350b44c9
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:406:40
23: 0x563858ee916b - std::panicking::try::h0a6fc7affbe5088d
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:370:19
24: 0x563858ee916b - std::panic::catch_unwind::h22c320f732ec805e
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panic.rs:133:14
25: 0x563858ee916b - std::rt::lang_start_internal::{{closure}}::hd38309c108fe679d
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/rt.rs:128:48
26: 0x563858ee916b - std::panicking::try::do_call::h8fcaf501f097a28e
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:406:40
27: 0x563858ee916b - std::panicking::try::h20e906825f98acc1
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:370:19
28: 0x563858ee916b - std::panic::catch_unwind::h8c5234dc632124ef
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panic.rs:133:14
29: 0x563858ee916b - std::rt::lang_start_internal::hc4dd8cd3ec4518c2
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/rt.rs:128:20
30: 0x563858ecca40 - std::rt::lang_start::hd2a340c49054275a
at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/rt.rs:144:17
31: 0x563858ecca0c - main
32: 0x7f4443e217ed - __libc_start_main
33: 0x563858ec44ca - _start
34: 0x0 - <unknown>
Thanks,
Ramin,
Hi,
libinection-rs unable to detect time base sql inection,
1 - Payload 1'=sleep(10)='1
let (is_sqli, fingerprint) = sqli("1'=sleep(10)='1").unwrap();
assert!(is_sqli); // false
assert_eq!("s&sos", fingerprint);2- Payloads used to determine database version '=IF(MID(VERSION(),1,1)=1,SLEEP(10),0)='1
let (is_sqli, fingerprint) = sqli("'=IF(MID(VERSION(),1,1)=1,SLEEP(10),0)='1").unwrap();
assert!(is_sqli); // false
assert_eq!("s&sos", fingerprint);Thanks,
Ramin - kernel security engineering
Best regards,
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.