Re: Web Security Tools?

Although its not an automated tool itself, WWW::Mechanize allows you to develop site testing tools quickly. HTTP::Recorder helps you generate mech scripts which you can modify to repeat queries with different parameters.

You might modify the parameters sent to be empty, include non-ASCII characters, or use the quote (') and backtick (`) characters to check for SQL and shell escaping, respectively.

If you have access to the source itself, note the errors thrown by enabling taint checking and consider how you might exploit them. Automated tools generally work against a server, but you can look through the source itself - usually a richer source of ideas.

Comment on Re: Web Security Tools?

Replies are listed 'Best First'.
Re^2: Web Security Tools? by davis (Vicar) on Jun 04, 2004 at 09:17 UTC
You might modify the parameters sent to be empty, include non-ASCII characters, Add the NULL "\0" value to that list. It might upset some programs that do string handling in C. But then, if the OP had Taint checking on (and used it sensibly), it'd be extremely unlikely that anything like that got through. davis It's not easy to juggle a pregnant wife and a troubled child, but somehow I managed to fit in eight hours of TV a day.	[reply]

Replies are listed 'Best First'.

Re^2: Web Security Tools?
by davis (Vicar) on Jun 04, 2004 at 09:17 UTC

You might modify the parameters sent to be empty, include non-ASCII characters,

Add the NULL "\0" value to that list. It might upset some programs that do string handling in C. But then, if the OP had Taint checking on (and used it sensibly), it'd be extremely unlikely that anything like that got through.

davis

It's not easy to juggle a pregnant wife and a troubled child, but somehow I managed to fit in eight hours of TV a day.

[reply]