Google can find XSS for you
thegooglecache.com has a brief but interesting article on finding XSS exploits that are in URLs. Honestly this is a pretty weak way to perform this type of auditing, but it may point to bigger issues if search engines ever start indexing JavaScript, for instance. Wouldn’t it be easier to search for dom based reflected XSS in one request verses thousands?
June 1st, 2006 at 6:51 am
Thanks for the post. Being in SEO, getting URL injections indexed is the whole point of XSS, so finding sites that Google is ready and willing to index with these garbled URLs is very useful. For normal XSS injection auditing, however, I agree that this is pretty useless.
June 1st, 2006 at 8:46 am
I certainly wouldn’t say useless, Russ, far from it. In fact, I think there is a lot more here, than meets the eye. I’m working on something (already have a beta working) to help locate a lot of things like these. I’ll post about it more when I have something more than a lame prototype working.