Re: [W3af-develop] About HTML parsing and combo boxes
Status: Beta
Brought to you by:
andresriancho
From: Taras P. I. <nap...@gm...> - 2009-03-01 21:50:22
|
On Sun, 2009-03-01 at 19:35 -0200, Andres Riancho wrote: > Taras, > > On Sun, Mar 1, 2009 at 7:30 PM, Taras P. Ivashchenko > <nap...@gm...> wrote: > > Andres, hello! > > > > It looks that Combos processing task is complete. > > Excellent! > > > Changed files: > > > > core/controllers/miscSettings.py > > core/data/dc/form.py > > core/data/parsers/htmlParser.py > > core/data/request/frFactory.py > > > > Now we can choose what values of selects and radio buttons will be > > processed: > > - only top (t) > > - only bottom (b) > > - top and bottom (tb) > > - top, middle and bottom (tmb) - is default > > - all values (all) > > > > Could you please provide us with a set of HTML, PHP and w3af > script files to test the new features? I would like to add the scripts > to the "scripts" directory in w3af, and the HTML and PHP files inside > the "extras/testEnv/webroot/" directory somewhere. > > After you provide us with that, I'll test the new feature and give > you my feedback. > > Thanks for for contribution!! > > Cheers, > > > > > On Thu, 2009-02-05 at 11:22 -0200, Andres Riancho wrote: > >> Taras, > >> > >> On Wed, Feb 4, 2009 at 7:56 PM, Taras P. Ivashchenko > >> <nap...@gm...> wrote: > >> > Andres, > >> > > >> >> I've been thinking about the different ways to handle "long forms": > >> >> > >> >> - Random values: If we have a form with a lot of > >> >> combo/radio/select and the permutations of all of them exceed the > >> >> number of max permutations, one of the options would be to perform a > >> >> random choice of the combo box values and fuzz the other parameter. > >> >> The problem with that is that if the user scans the site again, after > >> >> finding something in a first scan, the probabilities say that he may > >> >> not find the vulnerability again! Example: > >> > ... > >> >> - Top and bottom values: If we have a form with a lot of > >> >> combo/radio/select and the permutations of all of them exceed the > >> >> number of max permutations, one of the options would be to select the > >> >> top and bottom values of the combo box and fuzz the other parameter. I > >> >> think that this is the best option and gives the highest code coverage > >> >> with the less requests. Example: > >> > ... > >> >> What do you think about the top/bottom idea? > >> > I like it! So it will be great if we will have 3 options for > >> > parsing/generating mutants: > >> > - all variants of form elements values > >> > - random values > >> > - top/bottom values > >> > >> I would remove the random values, because they'll be confusing for > >> people when they re-run a scan. I would leave: > >> > >> - all variants of form element values > >> - top/bottom values > >> - top/middle/bottom values (maybe this could be the default?) > >> > >> > As I think after I will finish develop the first option other two will > >> > be trivial. > >> > >> Yes, once you have one working... it's 10 more minutes of work+testing > >> to make the other one work. > > > > -- > > Тарас Иващенко (Taras Ivashchenko), OSCP > > www.securityaudit.ru > > ---- > > "Software is like sex: it's better when it's free." - Linus Torvalds > > > > > -- Тарас Иващенко (Taras Ivashchenko), OSCP www.securityaudit.ru ---- "Software is like sex: it's better when it's free." - Linus Torvalds |