A tiny chrome extension to record and replay your web application proof-of-concepts. Replaying PoCs from bug tracker written steps is a pain most of the time, so just record the poc, distribute and replay it whenever necessary without much hassle.
- To avoid developers wasting your time when they are unable to reproduce your issues, just send them the json file and let them go through step by step.
- To share your shiny new web vulnerabilities with your colleagues.
- To simplify verification of a bug fix by just replaying the poc.
- Download & Install from here
- Start python proxy if planning on using tampering or asserting functionality.
or
- Clone the repository
- Install bower dependencies
bower install - Setup proxy
- Open Chrome extension settings
- Enable developer mode checkbox
- Click on load unpacked extension and browse to root extension directory
- Install pip requirements
pip install -r proxy/requirements.txt. - Start proxy server
python proxy.py --uuid some_random_string(proxy url =http://<ip>:8888/some_random_string) - For more customizations look into
python proxy.py --help. - It will print a url to the console which will be used in the addon.
Setup the proxy and put that url in the addon and wait a moment or two so that addon can verify. Let us take an example of a poc of XSS in chrome.
- Let's navigate to
testphp.vulnweb.com. - Let us click on the extension and add an event called start proxy (
testphpas url filter) to tamper responses later. - Once the proxy event is added, let us disable XSS auditor by adding event add response header & fill the first row with
X-XSS-Protectionand0. - Click on record user actions to record our search actions.
- Now, we will click on the search, search for
<img src=x onerror='alert(9);'/>and click on the buttonGo. - When we open the popup we will see multiple click and change events made by us. Stop user event recording by clicking on
Pause Recording Events. - Since our required capture is done, we will add stop proxy event.
- If necessary add comments to each step, eg: Lets click on the first step cursor button and add comment
Navigate to https://testphp.vulnweb.com and then play.
To replay any step just select a step and click on Play Step.
- User input events like
returnon input fields is not being recorded as an event yet. Only click and change events are being monitored now.
- Move to typescript or coffeescript?
- Add Unit Tests?
- Add to webstore?
Bharadwaj Machiraju
The main reason for writing this extension is to learn MarionetteJS. May be learn more stuff like TypeScript or CoffeScript in the further development.