ScannerVersionVendor
Uber Web Security Scanner0.0.2Levent Kayan & Illuminatus

Tested Against WAVSEP Version:
1.0

The SQL Injection Detection Accuracy of the Scanner:
Detection AccuracyChart
21.32% Detection Rate
40.00% False Positives		(29/136)
(4/10)
Response TypeInput VectorDetection RateDetails
Errorneous 500 ResponsesHTTP GET (Query String Parameters)1 out of 20Inconsistent Results. Cases Detected: 2 Cases Missed: 1(1st&,2nd),3-19
Errorneous 500 ResponsesHTTP POST (Body Parameters)0 out of 20Cases Missed: 1-19
Errorneous 200 ResponsesHTTP GET (Query String Parameters)20 out of 201(1st&2nd)-19
Errorneous 200 ResponsesHTTP POST (Body Parameters)0 out of 20Cases Missed: 1-19
Valid 200 ResponsesHTTP GET (Query String Parameters)8 out of 20Cases Detected: 2,6-8,15-18 Cases Missed: 1(1st&2nd),3-5,9-14,19
Valid 200 ResponsesHTTP POST (Body Parameters)0 out of 20Cases Missed: 1-19
Identical 200 ResponsesHTTP GET (Query String Parameters)0 out of 8Cases Missed: 1-8
Identical 200 ResponsesHTTP POST (Body Parameters)0 out of 8Cases Missed: 1-8
False Positive SQLi Test CasesHTTP GET (Query String Parameters)4 out of 10Case 8 (identified as vulnerable); the false positive RXSS cases 1,2,3,4,6,7 and many other RXSS were all identified as vulnerable to SQL injection (false). All the RXSS FP cases were represented in the SQL false positive count as an addition of 3.
The Reflected XSS Detection Accuracy of the Scanner:
Detection AccuracyChart
10.61% Detection Rate
42.86% False Positives		(7/66)
(3/7)
Response TypeInput VectorDetection RateDetails
Reflected XSSHTTP GET (Query String Parameters)7 out of 33Cases Detected: 1,2,4,5,30(1st&2nd),32 Cases Missed: 3,6-29,31
Reflected XSSHTTP POST (Body Parameters)0 out of 33Cases Missed: 1-32
False Positive RXSS Test CasesHTTP GET (Query String Parameters)3 out of 71,2,6
WAVSEP Scan Log:
The initial pages were configured in the scan configuration file - uwss.conf (which was surprisingly easy to use), and the scan was executed using the following commands:
python uwss ?f uwss.conf ?c
python uwss ?f uwss.conf ?r xml
The following URLs were scanned:
http://192.168.1.100:8080/wavsep/index-xss.jsp
http://192.168.1.100:8080/wavsep/index-sql.jsp
http://192.168.1.100:8080/wavsep/index-false.jsp
The tool successfully crawled all the application pages (although I?m not sure forms were submitted during this process, or even if the tool is capable of submitting forms).


Copyright © 2010-2016 by Shay Chen. All rights reserved.
Click here to learn how this information may be published or reused.