[W3af-svn-notify] [Task #148676] parameter discovery using static code analysis
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
[W3af-svn-notify] [Task #148676] parameter discovery using static code analysis
|
From: SourceForge.net <no...@so...> - 2008-05-23 00:27:29
|
Task #148676 has been updated. Project: w3af Subproject: TODO v1.12 Summary: parameter discovery using static code analysis Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: parameter discovery using static code analysis; this means: - code a new plugin - plugin should have access to source code - plugin should know the URL for every file which he has access to - The plugin will read the code and if it finds something like: $GET['a'] The he should add the parameter to the script fuzzable request and then the other audit plugins can use: http://localhost/c.php?a=f00 The idea is good but we have to think about the details. This is the start of w3af doing static code analysis. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=148676&group_id=170274&group_project_id=54342 |
