Re: [W3af-develop] Crawling RIAs
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
Re: [W3af-develop] Crawling RIAs
|
From: Andres R. <and...@gm...> - 2012-06-29 20:46:40
|
Daniel,
On Thu, Jun 28, 2012 at 12:56 AM, Daniel Zulla <da...@de...> wrote:
> Probably I need to add something, in order to clarify the code snippets:
> I patched my Webkit browser engine to automatically modify the
> .attributeList of a QWebElement as soon as a JSEvents is attached to it.
>
> So I automatically get every event by simply iterating through the
> attributelist, looking for on*= -
That sounds interesting! We might end up doing something similar to
that; but I hope we can avoid modifying ANY C/C++ code.
> but you may need to find another approach
> because what you use right now looks a lot like PhantomJS.
>
> Correct me if I am wrong.
>
> Best,
> Dan
>
>
> I agree. My response was not very clear.
>
> Actually, what I wanted to state:
> There are two different approaches to detect those custom events. If I
> interpret your E-Mail correctly, you are about to use the static approach /
> you want to parse the HTML Tree to extract hard-coded onsomething="" events.
>
> Of course there is nothing wrong with that, but you may also want to extract
> the custom events of every WebElement the dynamic way. If you simply walk
> through the HTML, you may miss something like
>
> jQuery.bind('onmouseover', some_element);
>
> some_element may now be listening to the onmouseover event, but if you only
> parse the element attributes, you may miss that.
>
> I've copy&pasted some code of my own project to explain my solution for the
> problem:
> https://gist.github.com/1540f8b3bfc866b907f8
>
> Best,
> Dan
>
> Daniel,
>
> On Thu, Jun 28, 2012 at 12:18 AM, Daniel Zulla
> <dan...@go...> wrote:
>
> You will need a function that simply returns a list of tuples:
>
> [0] -> the Web Element (a, form, ...)
>
> [1] -> a anonymous function that fires the event
>
>
> Yes, that makes sense, but isn't it the same as the following?
>
> * For each state in which the automated browser is in, be able to
> return a list with all the custom events available (ie. if there is a
> tag with <div onmouseover="..." this should return something like [(
> <div object at 0x...>, 'onmouseover')] )
> * Send an event, for example ( <div object at 0x...>, 'onmouseover'),
> to the current DOM
>
> The anonymous function and the list of tuples is an implementation
> detail that might change from one library to the next one, right?
>
> It is pointless to fire arbitrary events against WebElements -
>
>
> If I have the possibility to send an event to a specific tag; and I
> have the list of tags with custom events, I think it makes sense to
> just send those. I think I won't send events to things that don't have
> custom on...* handlers (maybe click a link? not sure yet, just want to
> have generic requirements that allow me to experiment later).
>
> At some point, you will want to ask a WebElement which Events it is waiting
> for.
>
>
> Same/Very similar to the following?
>
> * For each state in which the automated browser is in, be able to
> return a list with all the custom events available (ie. if there is a
> tag with <div onmouseover="..." this should return something like [(
> <div object at 0x...>, 'onmouseover')] )
>
>
>
> List,
>
>
> On Wed, Jun 27, 2012 at 5:16 PM, Andres Riancho
>
> <and...@gm...> wrote:
>
> Taras,
>
>
> This might be an interesting read for your ajax research:
>
>
> http://blog.watchfire.com/wfblog/2012/06/automated-blackbox-crawling-the-next-generation.html
>
>
> After reading this paper, I came up with a requirement list for
>
> our RIA crawling engine, the algorithm we implement afterwards is
>
> independent from the requirements; but with these it should be
>
> possible to do almost anything:
>
>
> * Load an URL
>
> * All HTTP traffic from the automated browser should go through an
>
> HTTP proxy we define
>
> * For each state in which the automated browser is in, be able to
>
> return a list with all the custom events available (ie. if there is a
>
> tag with <div onmouseover="..." this should return something like [(
>
> <div object at 0x...>, 'onmouseover')] )
>
> * Send an event, for example ( <div object at 0x...>, 'onmouseover'),
>
> to the current DOM
>
> * We need to be able to store events like ( <div object at 0x...>,
>
> 'onmouseover') in order to store a path and replay it if wanted
>
> * Ability to tell if the latest event that was sent by us caused a
>
> full DOM reload or not
>
> * Dump current DOM (with all JS and external resources) to a string.
>
> Useful for comparing two states and restoring a state
>
> * Load a stored DOM into the automated browser instance. This restores
>
> a saved state.
>
> * (optional) Take screenshot of current page
>
>
> @all: Any other thing you can think of?
>
> @Taras: What's provided by the library you're currently experimenting
> with?
>
>
> Regards,
>
>
> Regards,
>
> --
>
> Andrés Riancho
>
> Project Leader at w3af - http://w3af.org/
>
> Web Application Attack and Audit Framework
>
> Twitter: @w3af
>
> GPG: 0x93C344F3
>
>
>
>
> --
>
> Andrés Riancho
>
> Project Leader at w3af - http://w3af.org/
>
> Web Application Attack and Audit Framework
>
> Twitter: @w3af
>
> GPG: 0x93C344F3
>
>
> ------------------------------------------------------------------------------
>
> Live Security Virtual Conference
>
> Exclusive live event will cover all the ways today's security and
>
> threat landscape has changed and how IT managers can respond. Discussions
>
> will include endpoint security, mobile security and the latest in malware
>
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>
> _______________________________________________
>
> W3af-develop mailing list
>
> W3a...@li...
>
> https://lists.sourceforge.net/lists/listinfo/w3af-develop
>
>
>
>
>
> --
> Andrés Riancho
> Project Leader at w3af - http://w3af.org/
> Web Application Attack and Audit Framework
> Twitter: @w3af
> GPG: 0x93C344F3
>
>
>
--
Andrés Riancho
Project Leader at w3af - http://w3af.org/
Web Application Attack and Audit Framework
Twitter: @w3af
GPG: 0x93C344F3
|