Prototype Pollution: Client-side prototype pollution in third-party libraries

Introduction to client-side prototype pollution in third-party libraries

Client-side prototype pollution is a security vulnerability that arises when user input is allowed to modify the prototype of an object in unexpected ways, potentially leading to exploitation by attackers. Third-party libraries can be a common source of this vulnerability, and developers should carefully review their code and dependencies, validate and sanitize user input, and use tools to detect and address potential issues.

Lab Solutions | Practical Work Time

This lab is vulnerable to DOM XSS via client-side prototype pollution. This is due to a gadget in a third-party library, which is easy to miss due to the minified source code. Although it’s technically possible to solve this lab manually, we recommend using DOM Invader as this will save you a considerable amount of time and effort.

DOM Invader

  • Go to the Proxy > Intercept tab and open Burp’s browser.
  • In the upper-right corner of the browser window, click the Burp Suite logo. If you can’t see this logo, click the jigsaw icon first. A panel opens containing tabs for the Burp Suite Navigation Recorder and DOM Invader settings menu.
Client-side prototype pollution
  • From the DOM Invader settings, toggle the switch so that DOM Invader is on.
  • Click Reload to refresh the browser. This is necessary for your changes to take effect.
  • Right-click anywhere in the main browser window and select Inspect to open the browser’s DevTools panel. Note that this now contains the DOM Invader tab. For the best experience, we recommend docking the panel to the bottom of the browser window.

From the DOM Invader settings, toggle the switch so that DOM Invader is on.

Click Reload to refresh the browser. This is necessary for your changes to take effect.

Right-click anywhere in the main browser window and select Inspect to open the browser’s DevTools panel. Note that this now contains the DOM Invader tab. For the best experience, we recommend docking the panel to the bottom of the browser window.

Stepwise Solution of the Lab

According to PortSwigger lab’s solving instruction we’ve to use Burp Suite’s Chromium for DOM Invader.

Leave a Comment