XSS Worm Research

Avg Bid (USD)
Project Budget (USD)
$50 - $100

Project Description:
This is a school project (educational and research purpose).
I need someone who has strong knowledge with XSS vulnerabilites, worms and web security in general.
Required skills : PHP, MySql, Java, JavaScript, Ajax, jQuery, Joomla.

- Edit the source code of Jomsocial 2.8_Beta3 to make it vulnerable to XSS. (preferable persistent XSS)

- Additionally I need an XSS profile based worm to function like this:
Infection: Infect user_X through the xss vulnerability made on the previous step (worm is loaded from an external server)
Payload: User_Y is visiting the profile of user_X. ; User_Y is infected and will send a friend request to User_X ;
The worm will post on the infected user wall: "User_X is my Hero!"
Spreading: User_Z is visiting the profile of User_Y (which is infected) and will be also infected (worm spreading). User_Z will also add User_X to his
friend list and post on his wall: "User_X is my Hero!".

Details and materials to start the work will be provided (jomsocial source files, xss profile based worm code example)

Note: I am accepting to work with Milestones.
Because I got burned before, the Milestone will be released only at the end of the work. A demonstration on your webserver will be requiered, before
releasing milestone.

If you don't have any experience with web security or never heard about XSS vulnerabilities please don't bother to bid on this project.
Bidders with 0 reputation will be ignored.

Skills required:
Javascript, Joomla, jQuery / Prototype, MySQL, PHP
About the employer:
Public Clarification Board
Bids are hidden by the project creator. Log in as the employer to view bids or to bid on this project.
You will not be able to bid on this project if you are not qualified in one of the job categories. To see your qualifications click here.

$ 250
in 3 days
$ 250
in 3 days
$ 250
in 10 days
Hire cmechlin
$ 100
in 10 days