hhucn / webvulnscan

automated web application vulnerability scanner
MIT License
38 stars 27 forks source link

Improve CRLF attack tests #58

Closed phihag closed 11 years ago

phihag commented 11 years ago

The current CRLF attack test isn't actually vulnerable to the attack, but just simulates what would happen statically. Instead, use a real vulnerable site as a test case (maybe add a task to vulnsrv as well?).

phihag commented 11 years ago

This has been fixed in c3c5ea0c8eefb445885dbd2b99272b5887cd2201 .