« Oedipus get a command injection plugin | Main | Using Oedipus - Lesson 2 - Running the Oedipus Analyzer from the Command Line »


Using Oedipus - Lesson 1 - Generating a log file using Burp

This is the first in a series of short demonstrations of how to use the Oedipus Web Scanner available from http://oedipus.rubyforge.org. In this lesson, we will look at how to generate a log file to feed into Oedipus for analysis of web requests and responses, and as a basis for dynamic web testing. In this lesson, we are going to use the Burp Suite (specifically the proxy functionality) freely available from Portswigger (note, you will need Java installed for Burp to work), and Firefox to explore the functionality of a sample application, and record a "burp" logfile. The demonstration is done in Linux, however you can record a log file on any platform supporting Java (i.e. like OS X, and Windows with the Sun Java Runtime).

  • By default, the Burp proxy will be configured to intercept HTTP requests after they leave the browser. In this configuration we would have to continually click the "Forward" button in order for the requests to be sent to the webserver. We will therefore turn "Intercept Off" in Burp so this doesn't happen. Requests will be passed on by Burp without interruption in this configuration
  • We will go to the "Comms" tab in Burp. One of the things we can do on this tab is configure Burp to log all of the requests and responses passing between the browser and webserver. Here we need to select the text file to log these to (in this case "log.txt")
  • Burp is now configured to capture and log all HTTP requests and responses that pass through it, however we will need to configure our browser to use Burp as a proxy server. Burp runs on the local IP address (127.0.0.1) on port 8080 by default (although that can be changed if needed). We configure Firefox to use Burp as the proxy from the Edit -> Preferences -> General -> Connection Settings menu path in Firefox (note this option may be somewhere slightly different for other operating systems such as OS X)
  • We are now ready to record a log of browsing through the website we are looking to test. In the example movie I am testing a sample web application . I will click through all of the functionality within the application, filling in each form with valid information, and clicking each link that is within the application. It is very important at this stage to ensure that all of the functionality within the application is logged, so we need to make sure our walkthrough includes all of the links, forms, and functionality within the application. This includes any functionality that requires authentication (i.e. functionality that can only be accessed after login). Also, we need to make sure that all of the data we pass into the application is valid at this point, so no testing for issues at this stage!

And we're done for this part. Next installment - we use the log file we just recorded through the Oedipus Analyzer.

Tags:

Found this useful? Then Digg It.

Posted by Justin Clarke on March 12, 2006 4:27 PM |


Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

All spam will be reported

Search

Google
Web justinclarke

About

This page contains a single entry from the blog posted on March 12, 2006 4:27 PM.

The previous post in this blog was Oedipus get a command injection plugin.

The next post in this blog is Using Oedipus - Lesson 2 - Running the Oedipus Analyzer from the Command Line.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]
Creative Commons License
This weblog is licensed under a Creative Commons License.
Powered by
Movable Type 3.36

Valid XHTML 1.0!