ahvonenj / skipfish

Automatically exported from code.google.com/p/skipfish
Apache License 2.0
1 stars 0 forks source link

Form Authentication without form? #189

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
Hi,I installed the skipfish with the version 1.85b then I tried many times to 
run the Form Authentication but it didn't work as expected.
My webApp submit by javascrit(Don't use the form or action) so What should I 
specify the parameter --auth-form XXX ?
when I added the parameter --config,skipfish abort: parameter '-',
when i wrote as '-config' then skipfish showed " skipfish abort:parameter 
'config'".
By the way,Could someone show me an intact mylogin.conf.
sorry for my English.

Original issue reported on code.google.com by salanghe...@gmail.com on 26 May 2013 at 2:21

GoogleCodeExporter commented 9 years ago
Should I ignore the  Image Verification when Authentication ? if My webApp use 
Image Verification.If the answer is no then how to do this?

Original comment by salanghe...@gmail.com on 27 May 2013 at 1:30

GoogleCodeExporter commented 9 years ago
It's best to use the latest version - not 1.85b for this.  We don't support 
image verification so if the login form has this embedded then an easy 
workaround is to authenticate manually with a browser, record the cookies and 
feed those to skipfish.

More info can be found in the auth docs:
https://code.google.com/p/skipfish/wiki/Authentication

(And in the example config file in ./config/)

Cheers,
Niels

Original comment by niels.he...@gmail.com on 27 May 2013 at 6:33

GoogleCodeExporter commented 9 years ago
niels,Thanks for your response!I installed skipfish2.10b in cygwin,I want to 
run the Cookie authentication,and My command-line is:
./skipfish.exe -C name=EBC8A8700E229D72E6D30EDBD377C068 -o ../cookie_auth_out1 
http://localhost:8080/appName/index.htm
but skipsifh didn't say "*- Authentication starts", it just run as a nomal 
application scan. what's wrong with my command-line,and what's the [...other 
options...]?

Original comment by salanghe...@gmail.com on 29 May 2013 at 4:01