[W3af-svn-notify] [Task #149932] audit.eval
Status: Beta
Brought to you by:
andresriancho
From: SourceForge.net <no...@so...> - 2008-11-04 00:19:38
|
Task #149932 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: audit.eval Complete: 80% Status: Open Authority : andresriancho Assigned to: oxdef Description: The idea of this task is to create an audit plugin that can find scripts that eval() user input. An example vulnerable script would be: ===eval.php=== <? eval($_GET['c']); ?> ============== And a way to check for this is to GET this URL: http://localhost/w3af/eval/eval.php?c=echo 'aaaa' . 'dddd'; And see if in the response we find "aaaadddd" (of course, aaaa and dddd should be replaced by two random strings of at least 6 of length.) Follow-Ups: ------------------------------------------------------- Date: 2008-11-03 22:19 By: andresriancho Comment: Assigning to Taras. ------------------------------------------------------- Date: 2008-08-10 23:56 By: andresriancho Comment: Now it works with magic quotes enabled. ------------------------------------------------------- Date: 2008-08-10 23:51 By: andresriancho Comment: The plugin is working and was added to the trunk, some tasks are still in Viktor's TODO list: - make it work when magic quotes is enabled - make it work for ASP, JSP, ASP.NET, Python. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=149932&group_id=170274&group_project_id=50603 |