Closed

XSS Worm Attack [Research Project]

This project was awarded to gopalvora for $354 USD.

Get free quotes for a project like this
Employer working
Awarded to:
Project Budget
$150 - $300 USD
Total Bids
3
Project Description

This is a school project (educational and research purpose).
I need someone who has strong knowledge with XSS attacks, worms and web security in general.
Required skills : PHP, MySql, Java, JavaScript, Ajax.

Basically I need to reproduce the ''Samy worm'' known also as "myspace worm". Make something similar but on a small scale.


For starters I need a very basic social network to test the worm. (I don't care too much about functionality, design, etc, because it will be used only for testing).
To make it simpler , there are some free social networks (open source) available like Elgg, Oxwall that you can use.
Old versions of it are already vulnerable to XSS, but there is the possibility to make it vulnerable by editing the source code.
Any other method to test the worm is welcomed but at the end I need a mini social network platform to let loose the worm.

The worm
The worm needs to be profile-based which spreads through an information field on the profile.

XSS worm payload
- spreading and infecting other profiles just by visiting an infected profile
- makes users friend a specific account (samy worm example)
- post to user wall something (samy worm example)
- any addition are welcomed

Report/Documentation
Because I need to make also a report about it, I need at the end some explanations about how/what you did.

Final notes
At the end I want to see that the worm is functioning as described through TeamViewer or on a free webserver. After that the funds will be released and I get the source files.

Looking to make some money?

  • Set your budget and the timeframe
  • Outline your proposal
  • Get paid for your work

Hire Freelancers who also bid on this project

    • Forbes
    • The New York Times
    • Time
    • Wall Street Journal
    • Times Online