OWASP shows this examples of JSON hijacking:
Exploitable:
[{"object": "inside an array"}]
Not exploitable:
{"object": "not inside an array"}
Also not exploitable:
{"result": [{"object": "inside an array"}]}
But is just a JSON string '"c29tZXRva2Vu"'
created by JSON.stringify('c29tZXRva2Vu')
without brackets on the outside exploitable?
CodePudding user response:
It is not possible to exploit a JSON string that is not enclosed in brackets using the JSON hijacking technique.
JSON hijacking is a technique that allows an attacker to access data from a JSON response by manipulating the JavaScript code that processes the response. This technique relies on the fact that JSON responses are executed as JavaScript code when they are loaded in a web page.
To exploit a JSON response using this technique, the attacker must be able to inject JavaScript code into the response. This is typically done by enclosing the response in brackets, which allows the attacker to treat the response as an array and access its elements using array notation.
However, if the JSON response is not enclosed in brackets, it cannot be treated as an array and cannot be exploited using this technique. Therefore, a JSON string like '"c29tZXRva2Vu"' that is not enclosed in brackets is not exploitable using JSON hijacking.
I hope this helps! Let me know if you have any questions.