Attached is a quick hack up SecuriTeam's 40x Cross Site Scripting NASL (without their permission, I hope they're okay with that for a NASL-newbie). This one specifically checks for the Allaire JRUN CSS problem (the scripts require a .jsp, .shtml or .thtml extension tacked on to the end of the request).
It is working in my tests, but I'm wondering if there's a better way to handle the three requests (.jsp, .shtml and .thtml) in some sort of loop (or even just adding it easily to the original SecuriTeam NASL)? In my testing I found that one may work and one may not (I assume it depends on the config options of JRUN, but I don't have access to admin the systems), so all three should be tested to be sure.
Also, if someone has a 2.3.x JRUN installation to test against...
Comments/help appreciated.
Thanks
Chris
It is working in my tests, but I'm wondering if there's a better way to handle the three requests (.jsp, .shtml and .thtml) in some sort of loop (or even just adding it easily to the original SecuriTeam NASL)? In my testing I found that one may work and one may not (I assume it depends on the config options of JRUN, but I don't have access to admin the systems), so all three should be tested to be sure.
Also, if someone has a 2.3.x JRUN installation to test against...
Comments/help appreciated.
Thanks
Chris