RTF XSS Fuzzing Technology Research And Implementation

Rich text editor is a widely used web application component in the Internet because of its more editable nature than regular editors,which makes cross-site scripting vulnerabilities even more pernicious in rich text editors.Cross-site scripting vulnerability(XSS)is an important part of many web vulnerability types and has long dominated the top three of the top 10 vulnerabilities in the OWSAP(Open Web Application Security Project).Aiming at the important web application component of rich text editor,this paper studies and designs an efficient fuzz testing method for mining vulnerabilities in rich text cross-site scripting,aiming to solve the problem of data redundancy generated by general rich text fuzz testing methods is too high.Based on the author's long-time research on cross-site scripting vulnerabilities,this paper elaborates the principle and nature of cross-site scripting vulnerabilities and abstracts the composition of rich text editors from a security researcher's perspective,explains why cross?site scripting vulnerabilities cause more harm in this scenario.Through the author's experience of mining cross-site scripting vulnerabilities with various rich text editors and reading the previous research results of XSS fuzzing,the author puts forward a new approach to combat back-end XSS filters in the research process,a new way to fuzz:on the one hand,we designate the rules of data fuzzy variation according to the black/white list filtering rules widely used by back-end filters;on the other hand,we use the model learning method to back-end filters simulate and audit,trying to find "border" values that can interfere with back-end canonical filtering,eventually combining the two ways to generate fuzzing test data.After that we designed and implemented a fuzzing tool based on the previous ideas.This project selects 12 web application products with rich text editor components with large number of users and influence at domestic and overseas,tests them with the fuzz testing tools designed by this project,and the results were compared with some cross-site scripting vulnerabilities found on the market.