![]() ![]() ![]() Note : DOM is document object model and XSS is cross site scriptingĬhromium is an open source web browser run by the Chromium Project, first released in 2008. # Disable Chromium security features for web app testingįinally Kali will give this error message and you can ignore this, You Are using an Unsupported Command line flag –disable-web-security. # Don't use the GPU blacklist (bug #802933)Įxport CHROMIUM_FLAGS="$CHROMIUM_FLAGS -ignore-gpu-blacklist" ![]() # Do not hide any extensions in the about:extensions dialogĮxport CHROMIUM_FLAGS="$CHROMIUM_FLAGS -show-component-extension-options" To summarize the steps used, # A set of command line flags that we want to set by default. # Disable Chromium security features for web app testingĮxport CHROMIUM_FLAGS="$CHROMIUM_FLAGS -disable-web-security" To use chromium for Web Application Penetration Testing you need to disable all the security features, allowing for DOM based XSS testing in chromium. It user-data-dir and sandboxing, disabling sandboxing will have some obvious security issues but this browser is for web application penetration testing only. You can fix this by opening /etc/chromium.d/default-flags in vim and adding the following lines: # Run as root KaliĮxport CHROMIUM_FLAGS="$CHROMIUM_FLAGS -password-store=detect -no-sandbox -user-data-dir" Chromium exists within the Kali repositories and can be installed using: apt-get install chromiumīy default chromium won’t launch on Kali Linux, this is due to chromium running as the root user. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |