Awesome
Pocuito
A tiny chrome extension to record and replay your web application proof-of-concepts. Replaying PoCs from bug tracker written steps is a pain most of the time, so just record the poc, distribute and replay it whenever necessary without much hassle.
Use Cases
- To avoid developers wasting your time when they are unable to reproduce your issues, just send them the json file and let them go through step by step.
- To share your shiny new web vulnerabilities with your colleagues.
- To simplify verification of a bug fix by just replaying the poc.
Installation
- Download & Install from here
- Start python proxy if planning on using tampering or asserting functionality.
or
- Clone the repository
- Install bower dependencies
bower install
- Setup proxy
- Open Chrome extension settings
- Enable developer mode checkbox
- Click on load unpacked extension and browse to root extension directory
Proxy Setup
- Install pip requirements
pip install -r proxy/requirements.txt
. - Start proxy server
python proxy.py --uuid some_random_string
(proxy url =http://<ip>:8888/some_random_string
) - For more customizations look into
python proxy.py --help
. - It will print a url to the console which will be used in the addon.
Usage
Setup the proxy and put that url in the addon and wait a moment or two so that addon can verify. Let us take an example of a poc of XSS in chrome.
- Let's navigate to
testphp.vulnweb.com
. - Let us click on the extension and add an event called start proxy (
testphp
as url filter) to tamper responses later. - Once the proxy event is added, let us disable XSS auditor by adding event add response header & fill the first row with
X-XSS-Protection
and0
. - Click on record user actions to record our search actions.
- Now, we will click on the search, search for
<img src=x onerror='alert(9);'/>
and click on the buttonGo
. - When we open the popup we will see multiple click and change events made by us. Stop user event recording by clicking on
Pause Recording Events
. - Since our required capture is done, we will add stop proxy event.
- If necessary add comments to each step, eg: Lets click on the first step cursor button and add comment
Navigate to https://testphp.vulnweb.com and then play
.
To replay any step just select a step and click on Play Step.
Known Issues
- User input events like
return
on input fields is not being recorded as an event yet. Only click and change events are being monitored now.
Roadmap
v0.2
- Move to typescript or coffeescript?
- Add Unit Tests?
- Add to webstore?
Author
Bharadwaj Machiraju
The main reason for writing this extension is to learn MarionetteJS. May be learn more stuff like TypeScript or CoffeScript in the further development.