• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Vulnerability tracker

 
Greenhorn
Posts: 7
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i have to create an application which takes web page as input amd then checks the sql injection, xss and url requeting
all this process should have to be automated..... and a report is to be generated which tells the types of thevulnerabilty present in the webpage
 
Author and all-around good cowpoke
Posts: 13078
6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What a cool project! Congratulations!

Now, what is the current status of your project? Can you create a java.net.HttpURLConnection and grab the web page text?

Bill
 
chander bhushan mishra
Greenhorn
Posts: 7
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
yes i am getting web page text And I had created the connetion. But problem is what should do next. as i am on very intial step. but i have very less time as i have to submitt this project by
18th may. As our semester is getting over. this projects carries lots of credit point.

Thanks
Chander
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
For programmatic web access I'd use a library like HtmlUnit (Or jWebUnit, which build son top of HtmlUnit). Those make retrieving pages, submitting forms, and checking the results, easy.
 
chander bhushan mishra
Greenhorn
Posts: 7
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i have tried it but i am not getting the results trough it. if you can guide me it will be help full i am not getting any idea
 
William Brogden
Author and all-around good cowpoke
Posts: 13078
6
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
1. You are not going to get anybody here to do your work for you.

2. Given that you can capture the initial web page text, the next step would be to parse out all the elements which could lead to the various security vulnerabilities. As Ulf said, there are libraries which can help with parsing.

3. Have you made a list of the vulnerabilities you want to check for and the HTML elements which would be associated?

Bill
 
chander bhushan mishra
Greenhorn
Posts: 7
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
thanks
bill for your help
i have been able to parse all the elements
and yes I successfully checked for the xss and csrf
o the web page .
but the problem is with sql injection
as now what should i do whether i should go with Url rewriting technique or i should post the data on form using the input field of the form.
 
Rancher
Posts: 377
Android Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hey,

I would also go for HtmlUnit for this it will give you much more flexibility on your tests.
Also you may want to check this: OWASP top 10 which are the top 10 vulnerabilities that websites should be checking for. If you have any of these then really your website should not be on then net, as it could make users of your site vulnerable to attack, not just you. The site also gives useful information on how to check your site and also some tools, which you may or may not find useful. In your case though I would definitely have a look through this site.

Sean
 
chander bhushan mishra
Greenhorn
Posts: 7
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
well sean thanks for the reply
before starting this project i also
looked wasp and sans;
and there are lots of open source tools avilable for the same task
but what i want to prepare is that i have to automate all the test cases.
and to some extent i am able to do that. now the problem is with sql injection as i am thinking that i should append the url using post method. but every time its gibve me an error that i am not able to understantd.

 
William Brogden
Author and all-around good cowpoke
Posts: 13078
6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
With respect to SQL injection, it seems to me that it will be very hard to rule out.

Wherever there is a form with text input, it will be up to the server to properly sanitize and protect the database calls. I can't think of any way to test what the server does with the input - except trying to destroy the database - which would not be popular.

Even if you can detect that the form uses JavaScript to check text input content, is that enough to provide security?

Bill


 
chander bhushan mishra
Greenhorn
Posts: 7
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
thanks bill for suggestions
i was thinking of using the concept of source and sink
but i failed yesterday in doing so becuse tracking the process of serever side was not possible.
but can we do it by fetching the url and somehow manipulate the query to check for sql injection.
is it possible?.
 
William Brogden
Author and all-around good cowpoke
Posts: 13078
6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It seems to me that since you have no way to determine from the HTML what the form is supposed to do or how the server is supposed to recognize a valid request and respond to it, you have no way to see if the server handles attempted SQL injection correctly.

I would just report a summary of the possible hazard.

Include the URL and the names and types of all the form fields.

Bill
 
chander bhushan mishra
Greenhorn
Posts: 7
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
so can you please suggest me some other way through which can i check for the sql injection vulnerability.
as one way is to do it manually but its not my project.


so if you can help me i will be thankfull to you. as i have left only with this vulnerability all other i have finished
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic