SasanLabs / owasp-zap-fileupload-addon

OWASP ZAP add-on for finding vulnerabilities in File Upload functionality.
Apache License 2.0
22 stars 6 forks source link

File Upload Scan rule only handles Multipart requests #12

Open preetkaran20 opened 3 years ago

preetkaran20 commented 3 years ago

Is your feature request related to a problem? Please describe. Currently, the FIleUpload Scan rule handles the multipart requests for finding vulnerabilities in File Upload Functionality, so we need to figure out what other ways are there to upload files and how much of them are used. Also, we need to analyze on how to handle them and then implement that (Can be under this issue or a new issue, we are flexible with that).

Some ideas can be new JS API's for file upload, GRPC introduction, etc.

Describe the solution you'd like There is something like FlexiInjector in Upload Scanner but not sure if that can handle all the ways. There can be other solutions like Fuzzer or Scripts etc which can be used.

Glimpse of the change

Screenshot 2021-09-25 at 10 34 39 PM

In the box we will have some configurations for handling the file upload ways. Code references Options panel UI: https://github.com/SasanLabs/owasp-zap-fileupload-addon/blob/main/src/main/java/org/sasanlabs/fileupload/ui/FileUploadOptionsPanel.java

Variants supported by ZAP: https://github.com/zaproxy/zaproxy/blob/main/zap/src/main/java/org/parosproxy/paros/core/scanner/Variant.java

Testing code changes build the addon by running

  1. ./gradlew spotlessApply
  2. ./gradlew build Then go to the ZAP -> File -> Local addon file -> Navigate to project -> build -> bin -> fileupload*.zap and done.