Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

JS Gadget

Antonin | Last updated: Jul 18, 2024 05:53AM UTC

Hi ! I am having a hard time with the term Gadget. I don't understand what a gadget is, what it does. The more I see the term being used in the course, the more confuse I become. The definition provided in the course goes like this: > A gadget provides a means of turning the prototype pollution vulnerability into an actual exploit. What is A MEANS? It's vague. Later on, one can read: > A property cannot be a gadget. So at least we know a prototype property is not a gadget. So what is it!? More confusing, https://portswigger.net/web-security/prototype-pollution reads: Successful exploitation of prototype pollution requires the following key components: 1. ... 2. ... 3. An exploitable gadget - This is any property that is passed into a sink without proper filtering or sanitization. So a gadget is Property!? ???? Other examples of usage of the word in context: > Once you identify that server-side prototype pollution is possible, you can then look for potential gadgets to use for an exploit. Another example: > If the website's developers haven't set a transport_url property on their config object, this is a potential gadget. What in the world is a JS gadget?

Ben, PortSwigger Agent | Last updated: Jul 18, 2024 08:40AM UTC

Hi Antonin, The following page provides a description of both gadgets and the use of gadget chains: https://portswigger.net/web-security/deserialization/exploiting#gadget-chains

Antonin | Last updated: Jul 23, 2024 04:12AM UTC