Menu

Grabber-en




Grabber

Phase(s):

Primary: Discovery.
Secondary: N/A.

Description:

Tool that performs a vulnerability scan on a web application using a predefined test set mainly focused on the detection of input validation security flaws.

Objective:

  • Detect vulnerabilities present on a web application.

Features:

Supported technologies: Web applications (HTTP/HTTPS).

Operative mode: Active.

Detect vulnerabilities present on a web application.

  • Performs a spidering on the web application.
  • Detects the following vulnerabilities: Cross Site Script, SQL Injection, Blind SQL Injection, Path Traversal (File Inclusion), etc.
  • Offers two configuration modes:
    • Throuhg a XML configuration file. Use by default by the tool if no parameters are passed to the command.
    • Command: Include parameters.
  • Provides the Cystal module which performs a source code analysis of PHP code in order to identify vulnerable sections and patterns.

Reports:
Output reports:

  • Provides the Cystal module which performs a source code analysis of PHP code in order to identify vulnerable sections and patterns.

Basic usage:

Perform a basic scan using the XML configuration file. Open and modify the "grabber.conf.xml” XML configuration file adding the web application URL, the spider deep level (URL) and the modules to be used during the scan.

<?xml version="1.0"?>
<!-- Grabber configuration file -->
<grabber version="0.1">
<site>
<url>[URL]</url>
<spider>1</spider> <!-- Depth of the spider -->
<scan>
<!--
If the action is in the list... it will be done...
tags:
session
javascript
crystal
xss
sql
bsql
include
backup
crystal
-->
<xss />
<sql />
<bsql />
</scan>
</site>
</grabber>


Where:

  • URL: Web application URL address.

The following command initiates the scan on the web application using the parameters specified in the configuration file.

>python grabber.py


The tool will begin with the web application spidering.

Start scanning... http://localhost/miaplicacion
runSpiderScan @ http://localhost/miaplicacion | # 2
runSpiderScan @ http://localhost/miaplicacion/adt_txt.html | # 1
runSpiderScan @ http://localhost/miaplicacion/adt_txt.html | # 0
runSpiderScan @ http://localhost/miaplicacion/adt_ur.html | # 0
runSpiderScan @ http://localhost/miaplicacion/adt_ur.html | # 1
runSpiderScan @ http://localhost/miaplicacion/adt_txt.html | # 0


Once the spidering is complete the tool will jump to the vulnerabilities scan.

Start investigation...
Method = GET http://localhost/miaplicacion/adt_ur.html
Method = GET http://localhost/miaplicacion
Method = GET http://localhost/miaplicacion/adt_txt.html


When the scan is complete the results will be exported.

XML example report:


<xss>
<method>METHOD</method>
<url>http://localhost/miaplicacion</url>
<parameter name='paramName'><A HREF="http://google.com/">XSS</A></parameter>
<type name='XSS Injection Type'>Removing Cnames</type>
<result>http://localhost/miaplicacion?txt003=%3CA+HREF%3D%22http%3A%2F%2Fgoogle.com%2F%22%3EXSS%3C%2FA%3E</result>
</xss>


Resources:

Link: http://rgaucher.info/beta/grabber.
Author(s): Romain Gauche.
Contact: r [at] rgaucher.info.
License: BSD license.