Bypasses for proto string match

If the application matches the "__proto__" string for blocking the request, can we bypass this?

Created by: vitorfhc

Created on: Thursday, August 29, 2024 at 12:29:34 AM

Updated on: Monday, September 2, 2024 at 5:43:11 PM

Vector type: JS

Code used before fuzz:

function insertPayload(original, payload) {
    let result = [];
    for (let i = 0; i <= original.length; i++) {
        let newString = original.slice(0, i) + payload + original.slice(i);
        result.push(newString);
    }
    return result;
}

Template used:

s = "abc";
keys = insertPayload("__proto__", fromCodePoint($[i]))

for(i = 0; i < keys.length; i++) {
    if (typeof s[keys[i]] != "undefined") {
        log(keys[i]);
        break;
    }
}

Your browser was detected as:

Detecting... Detecting... Detecting... Detecting...

Fuzz results

No results found.

Bypasses for __proto__ string match

Fuzz results

Bypasses for proto string match