Open AtifaFahmeen opened 5 years ago
Project : NetBanking API
Job : Default
Env : Default
Category : SimpleGET
Tags : [ OWASP - OTG-CONFIG-006, Fuzz]
Severity : Major
Region : US_WEST
Result : fail
Status Code : 401
Headers : {WWW-Authenticate=[Basic realm="Realm", Basic realm="Realm"], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Content-Length=[0], Date=[Mon, 18 Feb 2019 10:41:51 GMT]}
Endpoint : http://54.215.136.217/api/v1/recenttransactions
Request :
Response :
Logs : 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : URL [http://54.215.136.217/api/v1/recenttransactions] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : Method [GET] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : Request [] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic Y2hhbmdlbWVAZnhsYWJzLmlvOmNoYW5nZXRoaXNwYXNzd29yZA==]}] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : Response [] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : Response-Headers [{WWW-Authenticate=[Basic realm="Realm", Basic realm="Realm"], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Content-Length=[0], Date=[Mon, 18 Feb 2019 10:41:51 GMT]}] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : StatusCode [401] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : Time [312] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : Size [0] 2019-02-18 10:41:51 ERROR [ApiV1RecenttransactionsGetNoParams] : Assertion [@StatusCode == 200] resolved-to [401 == 200] result [Failed]
--- FX Bot ---
Project : NetBanking API
Job : Default
Env : Default
Category : SimpleGET
Tags : [ OWASP - OTG-CONFIG-006, Fuzz]
Severity : Major
Region : US_WEST
Result : fail
Status Code : 401
Headers : {WWW-Authenticate=[Basic realm="Realm", Basic realm="Realm"], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Content-Length=[0], Date=[Mon, 18 Feb 2019 10:41:51 GMT]}
Endpoint : http://54.215.136.217/api/v1/recenttransactions
Request :
Response :
Logs :
2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : URL [http://54.215.136.217/api/v1/recenttransactions] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : Method [GET] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : Request [] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic Y2hhbmdlbWVAZnhsYWJzLmlvOmNoYW5nZXRoaXNwYXNzd29yZA==]}] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : Response [] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : Response-Headers [{WWW-Authenticate=[Basic realm="Realm", Basic realm="Realm"], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Content-Length=[0], Date=[Mon, 18 Feb 2019 10:41:51 GMT]}] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : StatusCode [401] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : Time [312] 2019-02-18 10:41:51 DEBUG [ApiV1RecenttransactionsGetNoParams] : Size [0] 2019-02-18 10:41:51 ERROR [ApiV1RecenttransactionsGetNoParams] : Assertion [@StatusCode == 200] resolved-to [401 == 200] result [Failed]
--- FX Bot ---