Monday, October 8, 2012

Two updates for DOMinatorPro Suite


As some of you already knows DOMinatorPro Suite consists in two parts, one opensource named DOMinatorCore,based on Mozilla Firefox, hosted on GitHub and a commercial, proprietary AddOn named DOMinatorPro Extension.

Before all words and phrases, here's a MacOs screenshot anticipation of the fully updated DOMinatorPro Suite:



Some very interesting new features have been added, I really hope you'll be interested in trying them.
Bottom line: new versions of both pieces of the suite are out and here is the list of changes.

DOMinatorCore 

Product: DOMinatorCore
Date: 06/10/2012
Version: 0.9.6
  • Finally a MacOs version is available for download!Register or go to your DOMinatorPro personal page and download it!
  • A small but significant improvement in taint propagation  about the creation on the fly of objects via JSON or eval result in tainted values or key name.
var TaintedString='{"k1":"V1PATTERN","k2PATTERN":"V2"}';
var newObj = eval('('+TaintedString+')');
//Obj.keys(newObj)[1].tainted & newObj.k1.tainted are now true; 
Object.keys(newObj).map(
    function(a,b) {
     console.log(a,a.tainted,newObj[a],newObj[a].tainted)
    }
  )
Where PATTERN is a customizable RegEx pattern that triggers the creation of Tainted Stored Strings. We'll blog about the so called Tainted Stored Strings in the next days.
Previously, it would have been triggered only the eval alert on the Stored String if the PATTERN matched.

DOMinatorPro Extension

DOMinatorPro Extension on the other hand has important changes.

Product: DOMinatorPro Extension
Date: 06/10/2012
Version: 0.9.1.2

Tainting

  • ResponseText can be now set as tainted according to Stored Taint functionality.
  • Fixed Firefox bug about location.pathname
  • Added checks for uncontrollable inputElements like checkbox or radio buttons.
  • Fixed jQuery double log for some sink
  • jQuery alerts are shown with jQuery version used, since it can make the difference.
  • Improved jQuery tests and noconflict wrap.
  • location.pathname now returns the pathinfo part with ';'.
  • Hidden and unusable input tag values are now exluded from sources (radio buttons, textbox)

Analysis Engine

  • Improved url building algo in the fuzzer.
  • Experimental Regular Expression check for False Negative / False Positives.

User Interface

  • Now DOMinatorPro has a starting page about:dominator.
  • DOMinatorPro Settings UI are now exposed.
  • We are now able to remove selected results from the log.
  • Removed StackTrace Button since it's handled automatically by sink events.

Automation

  • Added first support to selenium.
  • Remote Alerting send Native JSON.

Knowledge base

  • Knowledge base improvements. 

Most of the changes in the code probably should require a blog post and a video. I'll try to cover some of the more interesting parts about them in the next days!

For any question or request feel free to drop us a line at dominator at mindedsecurity dot com.

Ps. Maybe some already registered trial user will complain about the impossibility to download the addon update, you can download the full suite which comes with a version close to the up to date.


No comments :

Post a Comment