OneScan icon indicating copy to clipboard operation
OneScan copied to clipboard
verified publisher icon vaycore

Displaying Reflected Parameters(Not json)

Open secfb opened this issue 11 months ago • 1 comments

I enjoy using this plugin. Can you show the reflected parameters returned in the responses of the requests belonging to the domains included in this plugin? In this feature, requests with Content-Type: application/json should be excluded as they are false positive. It would be great if Content-Type: text/html could be shown in particular.

secfb avatar Apr 23 '25 17:04 secfb

Thank you for using and supporting OneScan plugin. If you want to exclude Content-Type: application/json response content from Databoard display, you can do so through Fingerprint + Filter function. First add a Fingerprint rule, example:

Image

After adding, click the Filter button in Databoard to switch Select column to Fingerprint. Add the filter rule as follows:

Image

In this way, you can filter the content you want.

vaycore avatar May 04 '25 02:05 vaycore

Thank you very much for your answer. I did as you said below. But this way we won't be able to see all application/json requests. I just wanted to detect reflected parameters for XSS vulnerability and hide application/json responses in these responses.

Actually the plugin below does this job but since we can't filter application/json requests we get a lot of false positives. Thanks for your answer anyway. I'll look into this a bit more.

https://portswigger.net/bappstore/8e8f6bb313db46ba9e0a7539d3726651

Image

Image

secfb avatar May 06 '25 07:05 secfb

Sorry, I didn't see the problem clearly... I thought you just wanted to filter Content-Type: application/json response content.

Perhaps you can use Payload Processing + Fingerprint to implement reflective XSS vulnerability detection. First add a Payload Processing record, for example:

Image

Continue, add the first rule,Select rule type select Condition check option,Select rule scope select URL option,Match regex fill \?.+ regular expression. Examples are as follows:

Image

Continue, add a second rule,Select rule type Select Match/replace option,Select rule scope Select URL option,Match regex fill in ([^&=]+)=[^&]* regular expression,Match regex fill in $1=WUpyGxMhp6NL replacement content. Examples are as follows:

Image

This step replaces the GET request parameter with a fixed random value. Click OK to confirm adding the Payload Processing record. An example is as follows:

Image

Continue adding a Fingerprint rule. An example is as follows:

Image

After adding, click the Filter button in Databoard to switch Select column to Fingerprint. Add the filter rule as follows:

Image

Hope to help you, thank you for your attention and support to OneScan plugin!!!

vaycore avatar May 06 '25 15:05 vaycore

Hi Friend, I didn't know that OneScan plugin has such nice features. It's really nice. I think you should add this Reflected XSS detection feature to OneScan by default. Thank you very much for your help.

Image

secfb avatar May 09 '25 10:05 secfb

You are welcome. if you think OneScan plugin is great, please recommend OneScan plugin to more people, thank you very much!!!

vaycore avatar May 09 '25 11:05 vaycore