|XSSploit||0.5||SCRT Information Security|
|Tested Against WAVSEP Version:|
|21.21% Detection Rate|
85.71% False Positives
|Response Type||Input Vector||Detection Rate||Details|
|Reflected XSS||HTTP GET (Query String Parameters)||7 out of 33||Incomplete Results. Cases Detected: 1-7 Cases Missed: 8-32|
|Reflected XSS||HTTP POST (Body Parameters)||7 out of 33||Incomplete Results. Cases Detected: 1-7 Cases Missed: 8-32|
|False Positive RXSS Test Cases||HTTP GET (Query String Parameters)||6 out of 7||1-4,6,7|
|I tried installing the scanner in multiple operating systems (ubuntu 9, fedora 11, windows xp), but for some reason, whenever I started executing it on an application, the spider would not work (http://192.168.1.100:8080/wavsep/index-xss.jsp). At the last deadline, a few hours before releasing the article, I decided to try again. I uninstalled every python installation an module from my windows XP vm, deleted any trace of the word ?python? from the registry, and installed python 2.5, pyOpenSSL, wxPython and pyCurl (the site claims that only python 2.5 and wxPython are required, but I got carried out). In addition, I defined burp proxy to forward traffic from port 80 to port 8080, and crawled & scanned the following URLs:
This time, the spider feature that did work, and so did the scanner? So it seems like being stubborn has some advantages after all?
The scanner successfully crawled all URLs and submitted all the forms, but when I started analyzing, various exceptions were presented in the tool?s console (particularly on page 32), and the scan was never truly ?completed? (except in the false positive URLs); it was however, possible to view the results that were already discovered by the tool.
I repeated the process with various URLs, with identical results and problems.