[Owasp-testing] Brainstorming about the new Index

Daniel Cuthbert daniel.cuthbert at owasp.org
Fri Oct 13 09:04:37 EDT 2006


Anyone else having a issue with the Wiki?
seems once i go through the authentication process, the site returns  
a blank page

confused!
On 13 Oct 2006, at 18:10, Matteo Meucci wrote:

> I've talked about "4.2 Information Gathering" and "4.8 Infrastructure
> and configuration Testing" with Carlo and Stefano.
> (http://www.owasp.org/index.php/ 
> OWASP_Testing_Guide_v2_Table_of_Contents)
>
> May be we can merge these like that (deleting par.4.8):
>
> 4.2 Information Gathering
> 4.2.1 Spidering and googling
> 4.2.2 Analisys of error code
> 4.2.3 Infrastructure configuration management testing
> SSL/TLS Testing
> 4.2.4 Application configuration management testing
> File extensions handling
> Old, backup and unreferenced files
>
> What is your opinion?
> Mat
>
>
> On 10/13/06, Matteo Meucci <matteo.meucci at gmail.com> wrote:
>> Perfect.
>> Thank you Stefano, I've added:
>> 4.4.4 Directory traversal/file include
>>
>> What about your second idea...where can we insert this item?
>>
>> Mat
>>
>> On 10/13/06, Stefano Di Paola <wisec at wisec.it> wrote:
>>> Just a couple of things that come to my mind (thanks to Matteo and
>>> Alberto)...
>>>
>>> Data Validation Testing chapter misses a little par. about
>>> directory traversal/local file include and remote file include.
>>>
>>> Another point is about athentication and authorization chapter,  
>>> on pages
>>> which miss to exit on a redirection when they find the login/ 
>>> passwd are
>>> wrong.
>>> An example below in Php:
>>> <?
>>> if(islogged())
>>> header("Location : redir.php")
>>> // without exit and then login page follows
>>> logged-in code..-.
>>> ?>
>>>
>>> Maybe in this cases a paragraph is worth writing to cover the  
>>> issue and
>>> to point out the use of command line raw requests like curl and  
>>> related.
>>>
>>> Stefano
>>>
>>>
>>>
>>> On gio, 2006-10-12 at 11:51 +0200, Matteo Meucci wrote:
>>>> Yes,
>>>> I think you are right: this paragraph already exists.
>>>> look at:
>>>> (http://www.owasp.org/index.php/ 
>>>> OWASP_Testing_Guide_v2_Table_of_Contents)
>>>> 4.6 Data Validation Testing 0% TD
>>>> 4.6.1 Cross site scripting 0% TD
>>>> 4.6.1.1 Incubated attacks 0% TD
>>>>
>>>> Ariel may be says that Incubated attacks are a combination of  
>>>> SQL Inj
>>>> and XSS, but we can reasonably affirm that is a particular XSS  
>>>> attack.
>>>> In the same paragraph we can show an example that how a XSS Inc  
>>>> Attack
>>>> works exploiting an SQL Inj vulnerability.
>>>> Right?
>>>>
>>>> Mat
>>>>
>>>>
>>>>
>>>> On 10/12/06, Eoin <eoinkeary at gmail.com> wrote:
>>>>> Hi,
>>>>> incubated attacks are important enough to warrant a section  
>>>>> under XSS. It is
>>>>> another varient of XSS.
>>>>> Metteo what do you think?
>>>>>
>>>>>
>>>>>
>>>>> On 11/10/06, Ariel Waissbein <wata.34mt at coresecurity.com> wrote:
>>>>>> Hi all,
>>>>>>
>>>>>> my first post and 2 cents here:
>>>>>>
>>>>>> I guess we should make a difference between the techniques of  
>>>>>> unit
>>>>>> testing and the results of UT. Even if UT can be used to... e.g.,
>>>>>> discover BO or SQL-injection vulns.
>>>>>>
>>>>>> Although, I noticed that there is an Appendix for fuzzing  
>>>>>> which is
>>>>>> another technique for discovering (some) vulnerabilities.
>>>>>>
>>>>>>
>>>>>> A new question: imagine the following situation: The pen tester
>>>>>> discovers a SQL-injection vulnerability in a webapp he is  
>>>>>> auditing. This
>>>>>> vuln. allows him to store some javascript in the Db and therefore
>>>>>> perpetrate a XSS attack (incubated) on the users of this  
>>>>>> webapp.  My
>>>>>> question is where do we describe this attacks? (I think they are
>>>>>> important enough to be included somewhere.)
>>>>>>
>>>>>> Cheers,
>>>>>> Ariel
>>>>>>
>>>>>> Eoin Keary wrote:
>>>>>>> Hi,
>>>>>>>
>>>>>>> Question:
>>>>>>> Do we want to get into Unit Testing and SDLC methodology in  
>>>>>>> this guide?
>>>>>>> I thought they would be more suite to Andrews dev guide or  
>>>>>>> the code
>>>>>>> review project.
>>>>>>> unit testing is related to testing small blocks of a syaytem
>>>>>>> individually and hence a development phase done prior to  
>>>>>>> system and
>>>>>>> integration testing.
>>>>>>> The Guide currently focuses on penetration testing which is  
>>>>>>> "After the
>>>>>>> Fact" testing and not really one until the system in developed.
>>>>>>>
>>>>>>> What y'all think?
>>>>>>>
>>>>>>> Eoin
>>>>>>>
>>>>>> _______________________________________________
>>>>>> Owasp-testing mailing list
>>>>>> Owasp-testing at lists.owasp.org
>>>>>> http://lists.owasp.org/mailman/listinfo/owasp-testing
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Eoin Keary OWASP - Ireland
>>>>> http://www.owasp.org/local/ireland.html
>>>>>  http://www.owasp.org/index.php/OWASP_Testing_Project
>>>>> http://www.owasp.org/index.php/OWASP_Code_Review_Project
>>>>> _______________________________________________
>>>>> Owasp-testing mailing list
>>>>> Owasp-testing at lists.owasp.org
>>>>> http://lists.owasp.org/mailman/listinfo/owasp-testing
>>>>>
>>>>>
>>>>>
>>>>
>>>
>>>
>>>
>>
>>
>> --
>> Matteo Meucci
>> OWASP-Italy Chair, CISSP, CISA
>> site: http://www.owasp.org/index.php/Italy
>> mail: matteo.meucci at owasp.org
>> ml: http://lists.owasp.org/mailman/listinfo/owasp-italy
>>
>
>
> -- 
> Matteo Meucci
> OWASP-Italy Chair, CISSP, CISA
> site: http://www.owasp.org/index.php/Italy
> mail: matteo.meucci at owasp.org
> ml: http://lists.owasp.org/mailman/listinfo/owasp-italy
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> http://lists.owasp.org/mailman/listinfo/owasp-testing




More information about the Owasp-testing mailing list