This is the second in a series of short demonstrations of how to use the Oedipus Web Scanner available from http://oedipus.rubyforge.org. You can find the first installment, Generating a log file using Burp, here.
In this lesson, we will look at how to run the Oedipus Analyzer from the command line, to review the log file that we previously recorded using the Burp proxy.
The analyzer can take a variety of input files, including proxy logs from the Burp and Paros proxies, as well as various types of Unix and Windows file listings (for specific types of testing on file present on the web server - more on this in the next installment).
The process we go through in running the Analyzer on the log file we have previously recorded is as follows:
- The Oedipus Analyzer takes the following command line options:
- The -e option prints an example command line for reference
- The -n option prints out notes on the file listing formats supported by the Oedipus Analyzer
- The -f option is the log file (or file listing file) to be used for analysis
- The -t option is to supply the type of file (burp, paros, Unix file listing, or Windows file listing types 1 or 2)
- As well as the file to be analyzed, and the type of file, we need to supply the hostname of the server to be analyzed. This will ensure that we only review and test URLs related to that server when we perform dynamic web scanning testing, and also that we don't erroneously include pages loaded from other sites in our reporting.
- The Oedipus Analyzer creates a unique output directory each time it is run. It generates an analysis report called oedipus-analyze.xml and an input file called input.oedipus
And we're done for this part. Next installment - we use the input.oedipus file to run the Oedipus Scanner to test for web application vulnerabilities on the live website
Found this useful? Then Digg It.
