I am trying to use Selenium’s WebDriver to automate the testing of a security tool I’m developing. Specifically, I am attempting to inject js payloads into a HTML page via reflected XSS. In order to test the fitness of the payloads, I need to verify that the scripts actually run.
I have been largely successful in doing this by having XSS payloads call a specific function which passes information to my python program with one of the following methods:
- Creating new elements in the DOM and finding them with the WebDriver python API (find_elements_by_class_name, etc.)
- Setting the window title in js and reading it via driver.title
- Creating dialogs/prompts in js and handling them via driver.switch_to_alert()
However the above are all pretty hacky and slow (
especially method #1 if the desired element does not exist I’m stupid and had my implicit wait really high, but I still don’t like the method of creating dom elements to pass strings). Also, the last option fails pretty consistently if there are multiple alerts.
I wanted to retrieve variable values via driver.execute_script(script) however my scripts seem unable to actually read values, as stuff like ‘return window.name’ always returns None. That being said, I don’t expect execute_script() to be the fastest method, since it has to perform a lot of overhead in executing said script.
What is the fastest way to pass runtime information from inside a browser context to the controlling python program? I don’t need to send much info, maybe a few kb at the most, so a cookie value could suffice but the browser’s URL probably wouldn’t.