Python FLASK

Shahab Ghosni
Shahab Ghosni used Ask the Experts™
on
Dear Friends,
I'm in the middle of project and could use a little help.
I'm writing a webapp that when a page is visited it gets redirected to another page with a customized header and a GET request!
I can add the html code to the end of the URL and the page accepts it but the chrome XSS Auditor detects the code as malicious and sanitizes it!!!
when I use an interceptor and add the code to the header on the fly it's OK so I should redirect the user to the page while customizing the header without changing the URL!!!
the page is www.mysite.com/login/
I want to add this code to the header: ?b0f4c"><a>d294b6910ec=1
so the header will be: GET /login/?b0f4c"><a>d294b6910ec=1 HTTP/1.1
but I can't change the URL like this: www.mysite.com/login/?b0f4c"><a>d294b6910ec=1
I'm using the FLASK framework and python for my redirector so I could use python libraries and frameworks...
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Walter RitzelSenior Software Engineer

Commented:
So, I confess that I did not fully understand what you want to accomplish here, but for us to progress, can attach here or at least paste the piece of code that is with a problem?
Shahab GhosniNetwork Infrastructure Engineer

Author

Commented:
Dear Walter,
I know the situation is complicated so I'll do my best to explain it more.
all we need is to lead the users to load a page with a cross site script. The page accepts the HTML script and does not change the code:
Request and responseThe problem is if a user add this code to the url while visiting the page (entering https://mysite.com/login/?b0f4c"><a>d294b6910ec=1 in the address bar in Google Chrome) Chrome Anti XSS detects the code as malicious and changes it and we fail to get the page with the XSS!
I though instead of giving the user this link: https://mysite.com/login/?b0f4c"><a>d294b6910ec=1 send the user to another link like http://redirector.com and this page redirect the user to https://mysite.com/login/ but inserts the code in the HTML GET header instead of the URL!
What I want to do is to build this redirecter using FLASK and Python! the redirect function of the FLASK only redirects to a URL (I guess) and I can't change the header in it! so I though maybe I could use something like httplib2 and python to do so!
Of course I don't know how to do that so I haven't started writing the code!
I hope I could explain my problem clearly!
Of course the URLs are made up as my project is actually a pen test and this is a vulnerability on the page :-)
Thanks in advance.
Walter RitzelSenior Software Engineer

Commented:
I would do something very simple: before send the parameter you need, convert it to base64 string, send it and then when receiving, unconvert it.
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Shahab GhosniNetwork Infrastructure Engineer

Author

Commented:
Unfortunately the server can't process Base64 and the code returns encoded in the HTML form and doesn't do the trick...
I tried many XSS Filter Bypass methods but all failed! I need a proof of concept for this vulnerability so I need to do something...
Walter RitzelSenior Software Engineer

Commented:
Have you tried to send as POST instead of a GET?
Shahab GhosniNetwork Infrastructure Engineer

Author

Commented:
Even if the POST request works it wont matter cause the end user can only make a GET request by simply clicking on a link!
Senior Software Engineer
Commented:
yes, but your redirector can teceive the GET and make the POST.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial