Cross-Origin Resource Sharing Scanning using CORS-Clover

Cross-Origin Resource Sharing(CORS)  is an HTTP-header based mechanism that allows a server to indicate any other origins(domain, scheme, or port) than its own from which a browser should permit loading of resources such as images, GIF’s animations, font-styles are relevant to CDN’s (Content Delivery Network). In a simple language CORS is the way cross-domain interactions happen.

In simple words an example of CORS in actual implementation, suppose an website is making a cross-domain request, what the server will do is it will add an ‘Origin’ header for the external resource. The application’s response will then include the ‘Allow-Access-Control-Origin’ which explains which origins are authorized for fetching the response of the request that was sent. Another Header which will be added also is known as ‘Allow-Access-Credentials’ which specifies whether or not the request is allowed to ask the browser to include credentials in the cross-domain request, such as session cookies, authorization headers, or TLS client certificates. After both parties are good with the negotiation the domain will have access to the response.

We will use a tool CORS-Clover which can be used for enumerating domains for CORS Security misconfigurations

What is CORS-Clover?

CORS Clover is a tool which can be used for enumerating endpoints for CORS (Cross-Origin Resource Sharing) security misconfigurations, it’s written in python 3 and is currently in BETA Version

Description

CORS-Clover uses python request for sending request to the website (endpoint), after the requests response is received by the script it parses the HTTP headers and shows you the important headers like ‘Allow-Control-Allow-Origin’ , ‘Allow-Control-Allow-Methods’ , ‘Access-Control-Allow-Credentials ‘ which are required as necessary to understand the CORS vulnerability and further you can do your testing with the end-point. Well CORS-Clover dumps the results in ‘output.json’

https://github.com/DexterLex98/CORS-Clover

How to Setup CORS-Clover

Requirements for the tool –

  • Python 3.8.6 or higher
  • requests ( Python module )
  • JQ JSON Processor

 

For setting up CORS-Clover you require the following steps

If you don’t have ` jq ` installed download the executable from –

https://stedolan.github.io/jq/

 

– git clone https://github.com/DexterLex98/CORS-Clover.git

– cd CORS-Clover

– pip3 install -r requirements.txt

– python3 clover.py –h

– python3 clover.py –url <target_host_endpoint> –output <Y/N>

 

Suraj Das is a Certified Ethical Hacker (CEH) from EC-Council and also completed Web Application Penetration Testing. He has a passion for Cyber Security and has worked in many projects as a security analyst. His area of expertise includes vulnerability assessment And penetration testing of servers, web, and mobile applications. He loves to solve different cybersecurity challenges and has developed different Python-based tools and vulnerable machines for practicing CTFs. He got appreciation from NCIIPC ( National Critical Information Infrastructure Protection Centre ) for Vulnerability Disclosures. He has completed B.Tech in computer science and technology.
Suraj Das
Cyber Security Analyst, Author