About  Project Blog Resources

Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

The Complete Guide to Prototype Pollution Vulnerabilities - 590

Daniel Elkabes - WhiteSourcePosted 4 Years Ago
  • The Prototype Pollution is a vulnerability specific to JavaScript (JS) that requires a deep understanding of JS. In JS, there are object, which are a key-value pair (similar to a dictionary in Python). A Prototype is an attribute of an Object that allows for objects to inherit features from one to another. Even a prototype can have a prototype; this is called a prototype chain.
  • The __proto__ attribute of an object has some unique and interesting traits:
    • It is a special attribute that refers to all the Prototype of an object
    • all Objects have __proto__ as their attribute (Prototype)
    • __proto__ is also an Object
    • __proto__ was meant to be a feature, to support processes like inheritance of all attributes
  • What if we could alter the lead prototype object? If we could do this, then all objects would inherit from this! In the context of JavaScript, this would allow us to change the object information for all other objects of the same type being used.
  • On the frontend, this commonly leads to XSS. On the backend, this could potentially lead to RCE even. The whole point is that we are altering or pre-setting fields that could alter the flow of the program.
  • How to find this vulnerability? The deserialization of a string to JSON object or recursive merge operations are good places to look. Here's an additional video by Intigriti.
  • Prototype Pollution is interesting by itself but difficult to find. Keep out an eye for this in the future with testing.

Maxwell DulinEmail me!TwitterGithubAdminBlog RSS FeedResources RSS Feed