Prototype Pollution

Prototype pollution is a JavaScript vulnerability that enables an attacker to add arbitrary properties to global object prototypes, which may then be inherited by user-defined objects.

In client-side JavaScript, this commonly leads to DOM XSS.

- DOM Invader

Intercept > Open Browser > Burp Extension > DOM Invader > Enable Prototype pollution

Then, it will search for sources that enable you to add arbitrary properties to the Object.prototype.

If anything is found, click Test button, this will inject a test string in the query string, then we could open the inspector in the new oppened tab and see that the testpropperty has been injected.

Once found a source you can scan for a gadget clicking "scan for a gadget".

Then, clicking exploit, it will automatically attempt to create a prototype pollution payload.