[OWASP-WEBSCARAB] Some webscarab-ng testing

Rogan Dawes rogan at dawes.za.net
Tue Jun 27 10:14:00 EDT 2006 

xxradar wrote:
> Hi Rogan,
> First of all nice work, the first impression of the look and feel is great.
> Secondly, congratulations with 35th ranking.

Thanks!

> I more or less experience the same issues as already mentioned about the
> data store logging, the new window and Proxy entry in the menu.
> 
> A thing that came up is when I launch WSNG, every request is intercepted by
> default.  I turned the Toggle Proxy Control Bar and turned on/of the
> checkbox, it operated normal apparently. When I closed the WSNG, the toolbar
> did not disappear and is not linked to the interface (it like borderless
> pane that is lost :-).

What platform are you using? Under Win XP, the proxy control bar always 
disappears when I exit. If it doesn't, it appears that that is a bug in 
your implementation of the JVM. (When the last WS-NG window closes, the 
framework calls System.exit(), so it anything is hanging around afer a 
System.exit(), it must be a bug!)

> Hope the info is useful, and once again, nice work !!
> (I never even tried Paros :-;)

;-)

Thanks

Rogan

> 
> -----Original Message-----
> From: owasp-webscarab-bounces at lists.sourceforge.net
> [mailto:owasp-webscarab-bounces at lists.sourceforge.net] On Behalf Of Rogan
> Dawes
> Sent: Tuesday, June 27, 2006 12:41 PM
> To: Javier Fernandez-Sanguino
> Cc: OWASP WebScarab
> Subject: Re: [OWASP-WEBSCARAB] Some webscarab-ng testing
> 
> Javier Fernandez-Sanguino wrote:
>> Hi there Rogan,
>>
>> I downloaded both the ng-libs.tar.gz and the jar for the NG version of 
>> Webscarab from your site. Unfortunately, even if the GUI starts up, no 
>> proxy listeners are started and no indication is given as to why it 
>> doesn't work.
> 
> Ok, not sure about that. Please try it with the new startup batch file 
> (see below), and let me know if you are still seeing the same problem.
> 
>> If I go to Plugin->Proxy listener, an error will popup saying 
>> "org/springframework/richclient/from/AbstractTableMasterForm" and that's 
>> it, see the attached file.
> 
> Please get an updated batch file from
> 
> <http://dawes.za.net/rogan/webscarab/webscarab-ng.bat>
> 
> I simply did not add the necessary library to the classpath (although is 
> IS in the libs tarball that you downloaded)
> 
>> Also some other issues:
>>
>> - on startup you can select a Database, a dialog shows up with a 
>> username ('sa') and password. A new user will not know what do here (you 
>> just have to press "Ok" I guess)
> 
> Right. I plan to improve this eventually. For the moment, you may want 
> to change the directory from C:\Temp\ . . .
> 
> The idea is that if you want to use something more robust than the 
> Hsqldb provided, you can connect to your "enterprise-class" db for 
> long-term storage. WS-NG will also support multiple sessions in a single DB.
> 
> So, this simple prompt will eventually be extended to have 3 options, 
> probably in a wizard format, selected via a radio button:
> 
> 1. Use built-in DB engine, and a temporary DB. All you will see is the 
> description, and a Finish Button.
> 
> 2. Use the built-in DB engine, and an existing DB. You will see a 
> Directory fields, and a "Browse" button to select one graphically. If 
> the dir is empty, a new DB will be created there, and you will be 
> prompted to name your session. If a DB already exists, you will be 
> prompted to select a previous session, or create a new one. Once you do 
> that, the Finish button will be enabled.
> 
> 3. Use your own DB engine. You will be prompted to enter the information 
> as seen in the current prompt. As for option 2, if there are already 
> session defined, you will be prompted to choose one, or create a new one.
> 
>> - if you startup a new window and select "Exit" you will exit from 
>> Webscarab. There is no "Close this window" in any of the menus (you have 
>> to close it manually from the Close widget).
> 
> It's not difficult to add a Close Window command. I think it would make 
> sense for it to be under the Window menu, since you created a new Window 
> from that same menu.
> 
> "Exit" has pretty well-defined semantics, I think.
> 
>> - I get a lot of errors when running this through the shell, a sample is 
>> attached
> 
> Right, it does a lot of verbose logging. They are not actually errors as 
> such, note the "INFO" tag for most of them. They mostly refer to not 
> being able to find resources/localised texts for a number of 
> forms/buttons/commands. e.g. I have not created little icons for all of 
> the menu items . . .
> 
> Note that the exception screenshot that you sent me DID have a localised 
> "Close"/"Ok" button showing, which is something that the Spring Rich 
> Client framework does automatically (although one needs to provide the 
> necessary translations, obviously).
> 
>> The out of memory information is bound to be very useful. I had many 
>> issues with Webscarab running Oom and losing all the unsaved session 
>> files because of it :-)
> 
> Yes, that is something that was a problem. I'm sure that we'll still 
> find that we have memory leaks in the current version, but hopefully not 
> as bad.
> 
>> Regards
>>
>> Javier
> 
> Thanks a lot for the feedback.
> 
> Rogan
> 
> 
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job
> easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> _______________________________________________
> Owasp-webscarab mailing list
> Owasp-webscarab at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/owasp-webscarab
>

More information about the Owasp-webscarab mailing list