#SOMEtime
SOMEtime is a passive plugin for the security scanner BurpSuite which will monitor HTTP Request and Responses to determine if a webpage is vulnerable to Same Origin Method Execution.
For more details on Same Origin Method Execution see Ben Hayak's talk or our post on LinkedIn
##How To Use - Burp Pro Passive Scanner Plugin
- Clone the repository
- Build the code with Maven
$ mvn compile && mvn package
- Load Burp Suite Professional
- From the Extender tab in Burp Suite, add
sometime-0.0.1-SNAPSHOT-jar-with-dependencies.jar
as a standard Java-based Burp Extension - Enable Burp Scanner Passive Scanning
- Browse your target web application. All requests and responses will be tested for Same Origin Method Execution
##Example There is a directory included in this repository containing proof-of-concept code which showcases the vulnerability. To see the vulnerability, first add 'attacker.com' and 'victim.com' to point to your webserver in '/etc/hosts'. Then, navigate to 'main.html' where the exploit should run. If all works correctly, then there should be an alert pop-up on victim.com, displaying Javascript execution.