ScannerVersionVendor
VulnDetector0.0.2Brad Cable

Tested Against WAVSEP Version:
1.0

The SQL Injection Detection Accuracy of the Scanner:
Detection AccuracyChart
0.00% Detection Rate
0.00% False Positives		(0/136)
(0/10)
Response TypeInput VectorDetection RateDetails
Errorneous 500 ResponsesHTTP GET (Query String Parameters)0 out of 20Execution Failed.
Errorneous 500 ResponsesHTTP POST (Body Parameters)0 out of 20Execution Failed.
Errorneous 200 ResponsesHTTP GET (Query String Parameters)0 out of 20Execution Failed.
Errorneous 200 ResponsesHTTP POST (Body Parameters)0 out of 20Execution Failed.
Valid 200 ResponsesHTTP GET (Query String Parameters)0 out of 20Execution Failed.
Valid 200 ResponsesHTTP POST (Body Parameters)0 out of 20Execution Failed.
Identical 200 ResponsesHTTP GET (Query String Parameters)0 out of 8Execution Failed.
Identical 200 ResponsesHTTP POST (Body Parameters)0 out of 8Execution Failed.
False Positive SQLi Test CasesHTTP GET (Query String Parameters)0 out of 10Execution Failed.
The Reflected XSS Detection Accuracy of the Scanner:
Detection AccuracyChart
0.00% Detection Rate
0.00% False Positives		(0/66)
(0/7)
Response TypeInput VectorDetection RateDetails
Reflected XSSHTTP GET (Query String Parameters)0 out of 33Execution Failed.
Reflected XSSHTTP POST (Body Parameters)0 out of 33Execution Failed.
False Positive RXSS Test CasesHTTP GET (Query String Parameters)0 out of 7Execution Failed.
WAVSEP Scan Log:
After trying to use the tool a couple of times I realized it will not scan any non standard ports, so I set up burp to listen to localhost port 80, and then defined port forwarding in burp for the actual target server (192.168.46.2:8080). After verifying that the port forwarding works fine, I altered all the ?asp? extensions and texts in the source code to ?jsp?, copied the content of the different index pages to index.jsp, edited the python code and defined http://localhost/wavsep/ as the tested site (and ?localhost? as the domain), made sure the XSS and SQL flags were true, set the check level to 3, manually created the log directory and files (the tool fails to execute if the files do not exist) and started the scan using the command ?c:\Python25\python.exe vulndetector-0.0.2pa.py?.
When the scan didn?t work I tried executing the same scan with python 2.4, and/or using different configurations & target URLs, but with no success. It is important to mention that the tool did manage to scan different simple sites, but for some reason, was not able to scan the current test site.


Copyright © 2010-2016 by Shay Chen. All rights reserved.
Click here to learn how this information may be published or reused.