ku-suke / skipfish

Automatically exported from code.google.com/p/skipfish
Apache License 2.0
0 stars 0 forks source link

Change "low risk" for 1xxxx issues to something better #108

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
Hi,

Is there any documentation explaining skipfish result. Though most of them are 
self explanatory, some of them are not clear. 

For example the document type overview section with numbers against the 
different data types.

Also in some of the issues which are flagged as Notes have the text Low Risk 
against those items which is misleading as there is already a section low risk 
in the issues overview section.

Sorry if I am posting it at the wrong place, but I did not find any forum/group 
dedicated to this.

Thanks,
John.

Note: before submitting, check:
http://code.google.com/p/skipfish/wiki/KnownIssues

Original issue reported on code.google.com by sir.john...@gmail.com on 2 Feb 2011 at 2:31

GoogleCodeExporter commented 9 years ago
The goal is to keep the report fairly self-explanatory to any security-minded 
engineer, rather than writing tomes of documentation :-) If there is anything 
you would improve, specifically, let me know - but otherwise, I do not intend 
to write any extra docs around this part.

The document type overview section is just that - a list of document types 
encountered during a crawl, which is often useful in understanding the 
operation of the site, and spotting out-of-place data. This is a numbered list.

I'll look to improve the "low risk" note on some of the info entries.

Original comment by lcam...@gmail.com on 2 Feb 2011 at 6:10

GoogleCodeExporter commented 9 years ago
Thanks for the reply.

I am a bit puzzled about the numbers against in the document type overview
section. The site I tested against has so many different documents ( js +
css + images), but only a few are being mentioned here.

Is there any explanation/rule on which of the files will be displayed and
which won't be.

Thanks.

Original comment by sir.john...@gmail.com on 2 Feb 2011 at 6:18

GoogleCodeExporter commented 9 years ago
What does an interesting file mean in the results produced by skipfish? Sorry 
if this is not the right place to post..

Original comment by ssvkames...@gmail.com on 16 Aug 2011 at 10:52

GoogleCodeExporter commented 9 years ago
Just that: a file you should probably look at and decide if it should be there. 
The "memo" field has more info.

Original comment by lcam...@gmail.com on 16 Aug 2011 at 10:55

GoogleCodeExporter commented 9 years ago
Regarding SQL Injection,I could check in your blog that

 'when testing for string-based SQL injection, we compare the results of passing '"original_value, \'\"original_value, and \\'\\"original_value. When the first response is similar to the third one, but different from from the second one - we can, with a pretty high confidence, say that there is an underlying query injection vulnerability (even if query results can't be observed directly). ' 

Can you please elaborate on this a little more. Or help me with any material of 
the kind of pattern analysis?

Original comment by ssvkames...@gmail.com on 16 Aug 2011 at 11:15

GoogleCodeExporter commented 9 years ago

Original comment by niels.he...@gmail.com on 3 Aug 2012 at 1:43