• No results found

Acunetix Web Vulnerability Scanner. Manual. v5.0. By Acunetix Ltd.

N/A
N/A
Protected

Academic year: 2021

Share "Acunetix Web Vulnerability Scanner. Manual. v5.0. By Acunetix Ltd."

Copied!
189
0
0

Loading.... (view fulltext now)

Full text

(1)

Acunetix Web Vulnerability Scanner

Manual

v5.0

(2)

Acunetix Ltd.

http://www.acunetix.com E-mail: info@acunetix.com

Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Acunetix Ltd.

Acunetix WVS is copyright of Acunetix Ltd. 2004–2007. Acunetix Ltd. All rights reserved.

Document version 5.00 Last updated 4th June 2007.

(3)

Contents

1. INTRODUCTION TO ACUNETIX WEB VULNERABILITY SCANNER __________________________________ 5 1.1 WHY YOU NEED TO SECURE YOUR WEB APPLICATIONS ____________________________________________ 5

1.2 WEB ATTACK EXAMPLES _________________________________________________________________ 6 1.3 THE ACUNETIX WEB VULNERABILITY SCANNER __________________________________________________ 7 1.4 AUDITED VULNERABILITIES _______________________________________________________________ 7 1.5 SUPPORTED TECHNOLOGIES _______________________________________________________________ 9 1.6 MAIN FEATURES ______________________________________________________________________ 9 1.7 ACUNETIX WVSPROGRAM OVERVIEW ______________________________________________________ 13

1.8 LICENSE SCHEME _____________________________________________________________________ 19 1.8.1 Perpetual or Time Based Licenses _________________________________________________ 19 1.8.2 Small Business Version 1 Site/Server _______________________________________________ 19 1.8.3 Enterprise Version Unlimited Sites/Servers __________________________________________ 19 1.8.4 Consultant Version _____________________________________________________________ 19 1.8.5 Purchasing Acunetix WVS ________________________________________________________ 20 2. INSTALLING ACUNETIX WVS _____________________________________________________________ 21 2.1 SYSTEM REQUIREMENTS ________________________________________________________________ 21 2.2 INSTALLATION PROCEDURE ______________________________________________________________ 21 2.3 UPGRADE PROCEDURE _________________________________________________________________ 23

2.4 CONFIGURING A PROXY SERVER ___________________________________________________________ 25 2.5 CONFIGURING WEB BROWSER FOR HTTPSNIFFER ______________________________________________ 26 2.6 PASSWORD PROTECT WVS ______________________________________________________________ 27

2.7 LIMITATIONS OF THE EVALUATION VERSION ___________________________________________________ 29 2.8 UPGRADING FROM AN EVALUATION TO A PURCHASED VERSION _____________________________________ 29 2.9 EXTENDING OR UPGRADING A PURCHASED VERSION _____________________________________________ 29 3. THE USER INTERFACE ___________________________________________________________________ 31

3.1 INTRODUCTION ______________________________________________________________________ 31 3.2 THE WVSMAIN INTERFACE _____________________________________________________________ 31 3.2.1 Layout _______________________________________________________________________ 31 3.2.2 Navigation ____________________________________________________________________ 31 3.2.3 Toolbar ______________________________________________________________________ 32 3.2.4 Tools Explorer _________________________________________________________________ 33 3.2.5 Main Area ____________________________________________________________________ 34 3.2.6 Activity Window _______________________________________________________________ 34 3.2.7 Status Bar ____________________________________________________________________ 35 3.2.8 Hiding Panels__________________________________________________________________ 35 3.2.9 Context Menus ________________________________________________________________ 35 3.3 THE SETTINGS INTERFACE _______________________________________________________________ 36

3.3.1 Saving Changes ________________________________________________________________ 37 3.4 ERROR HANDLING ____________________________________________________________________ 37 4. GETTING STARTED: SCANNING YOUR WEBSITE ______________________________________________ 38

4.1 STARTING A SCAN ____________________________________________________________________ 38 4.2 STEP 1:SELECT TARGET(S) TO SCAN ________________________________________________________ 39 4.3 STEP 2:CONFIRM TARGETS AND TECHNOLOGIES DETECTED ________________________________________ 40 4.4 STEP 3:SPECIFY CRAWLER OPTIONS ________________________________________________________ 41 4.5 STEP 4:SPECIFY SCANNING PROFILE OPTIONS AND MODE _________________________________________ 42 4.6 STEP 5:CONFIGURE LOGIN FOR PASSWORD PROTECTED AREAS______________________________________ 43 4.7 STEP 6:CONFIGURING CUSTOM 404ERROR PAGES _____________________________________________ 47 4.8 SELECTING THE FILES/FOLDERS TO SCAN _____________________________________________________ 49

(4)

4.9 ANALYZING THE SCAN RESULTS ___________________________________________________________ 50 4.9.1 Alerts Node ___________________________________________________________________ 51 4.9.2 Site Structure Node _____________________________________________________________ 53 4.10 SAVING THE SCAN RESULTS ______________________________________________________________ 54 4.11 GENERATING A REPORT FROM THE SCAN RESULTS _______________________________________________ 54 4.12 GOOGLE HACKING VULNERABILITIES ________________________________________________________ 55 5. SITE CRAWLER TOOL ___________________________________________________________________ 57

5.1 INTRODUCTION ______________________________________________________________________ 57 5.2 ANALYZING A WEBSITE STRUCTURE _________________________________________________________ 58 5.2.1 Starting the crawling process _____________________________________________________ 58 5.2.2 Analyzing the information collected by the crawler ___________________________________ 58 5.2.3 Info Tab ______________________________________________________________________ 58 5.2.4 Referrers Tab __________________________________________________________________ 59 5.2.5 HTTP Headers Tab ______________________________________________________________ 59 5.2.6 Inputs Tab ____________________________________________________________________ 60 5.2.7 View Source Tab _______________________________________________________________ 60 5.2.8 View Page Tab _________________________________________________________________ 61 5.2.9 HTML Analysis Tab _____________________________________________________________ 62 6. TARGET FINDER TOOL __________________________________________________________________ 67 6.1 INTRODUCTION ______________________________________________________________________ 67 6.2 TO START ASCAN ____________________________________________________________________ 67 7. SUBDOMAIN SCANNER TOOL ____________________________________________________________ 69

7.1 INTRODUCTION ______________________________________________________________________ 69

7.2 STARTING A SUBDOMAIN SCAN ___________________________________________________________ 69 8. HTTP SNIFFER TOOL ____________________________________________________________________ 70

8.1 INTRODUCTION ______________________________________________________________________ 70 8.2 CONFIGURING THE HTTPSNIFFER _________________________________________________________ 71 8.3 ENABLING THE HTTPSNIFFER ____________________________________________________________ 71 8.4 CREATING AN HTTPSNIFFER TRAP FILTER ____________________________________________________ 72 8.5 ANALYZING AND RESPONDING TO THE TRAPPED REQUESTS ________________________________________ 73 8.5.1 The Trap Form _________________________________________________________________ 73 8.6 EDITING AN HTTPREQUEST WITHOUT A TRAP _________________________________________________ 74

9. AUTHENTICATION TESTER TOOL __________________________________________________________ 75 9.1 INTRODUCTION ______________________________________________________________________ 75 9.2 TESTING HTTPAUTHENTICATION __________________________________________________________ 75 9.2.1 What is HTTP Authentication? ____________________________________________________ 75 9.2.2 Testing the Password Strength ____________________________________________________ 76 9.3 TESTING HTMLFORM AUTHENTICATION_____________________________________________________ 76

9.3.1 What is HTML Forms Authentication? ______________________________________________ 76 9.3.2 Testing Password Strength _______________________________________________________ 77 10. HTTP EDITOR TOOL ___________________________________________________________________ 79 10.1 INTRODUCTION ______________________________________________________________________ 79 10.2 EDITING A REQUEST ___________________________________________________________________ 80 10.3 FIN-TUNING REQUESTS AND ANALYZING RESPONSES _____________________________________________ 82 10.3.1 Response Headers and Response Data tabs _________________________________________ 83 10.3.2 Text Only Tab _________________________________________________________________ 83 10.3.3 View Page Tab _________________________________________________________________ 83 10.3.4 HTML Structure Analysis Tab _____________________________________________________ 84 11. HTTP FUZZER TOOL ___________________________________________________________________ 85 11.1 INTRODUCTION ______________________________________________________________________ 85

(5)

11.2 CREATING A RULE TO AUTOMATICALLY TEST A SERIES OF INPUTS _____________________________________ 85 12. WEB SERVICES SCANNER ______________________________________________________________ 90

12.1 INTRODUCTION ______________________________________________________________________ 90 12.2 STARTING A WEB SERVICE SCAN ___________________________________________________________ 90 12.3 ANALYZING RESULTS ___________________________________________________________________ 92 13. WEB SERVICES EDITOR ________________________________________________________________ 95

13.1 INTRODUCTION ______________________________________________________________________ 95 13.2 USING THE WEB SERVICES EDITOR _________________________________________________________ 95 13.3 HTTPEDITOR EXPORT FEATURE ___________________________________________________________ 99 14. COMPARE RESULTS TOOL ____________________________________________________________ 101

14.1 INTRODUCTION _____________________________________________________________________ 101 14.2 COMPARING RESULTS _________________________________________________________________ 101 14.3 ANALYZING THE RESULTS COMPARISON _____________________________________________________ 103

14.4 MODIFY/DELETE TEMPLATE ITEMS ________________________________________________________ 104 15. THE REPORTER _____________________________________________________________________ 105

15.1 INTRODUCTION TO THE REPORTER ________________________________________________________ 105 15.2 LAUNCHING THE REPORTER _____________________________________________________________ 105 15.3 REPORT STYLES AND TEMPLATES _________________________________________________________ 106 15.4 GENERATING A REPORT ________________________________________________________________ 109

15.5 THE REPORT VIEW ___________________________________________________________________ 111 15.6 WVSDATABASE ____________________________________________________________________ 112 15.7 THE REPORTER SETTINGS_______________________________________________________________ 112 16. COMMAND LINE SUPPORT ___________________________________________________________ 114

16.1 INTRODUCTION _____________________________________________________________________ 114 16.2 LOCATING THE WVSCOMMAND LINE EXECUTABLE _____________________________________________ 115 16.3 COMMAND LINE PARAMETERS AND OPTIONS _________________________________________________ 116 16.4 REPORTER COMMAND LINE _____________________________________________________________ 118 16.5 COMMAND LINE EXAMPLES _____________________________________________________________ 118 17. SCHEDULER ________________________________________________________________________ 119

17.1 INTRODUCTION _____________________________________________________________________ 119 17.2 THE SCHEDULER MANAGEMENT CONSOLE ___________________________________________________ 120 17.3 CREATING A SCHEDULE ________________________________________________________________ 124

18. CONFIGURING ACUNETIX WVS ________________________________________________________ 126 18.1 INTRODUCTION _____________________________________________________________________ 126 18.2 SETTINGS:APPLICATION SETTINGS >GENERAL ________________________________________________ 127

18.3 SETTINGS:APPLICATION SETTINGS >LANSETTINGS ____________________________________________ 129 18.4 SETTINGS:APPLICATION SETTINGS >DATABASE _______________________________________________ 130 18.5 SETTINGS:APPLICATION SETTINGS >CERTIFICATES _____________________________________________ 132 18.6 SETTINGS:APPLICATION SETTINGS >LOGGING ________________________________________________ 133 18.7 TOOL SETTINGS >SITE CRAWLER _________________________________________________________ 134 18.8 TOOL SETTINGS >SITE CRAWLER >FILE FILTERS _______________________________________________ 136 18.9 TOOL SETTINGS >SITE CRAWLER >DIRECTORY FILTERS __________________________________________ 137 18.10 TOOL SETTINGS >SITE CRAWLER >URLREWRITE ____________________________________________ 138 18.11 TOOL SETTINGS >SITE CRAWLER >CUSTOM COOKIES _________________________________________ 141 18.12 TOOL SETTINGS >HTTPSNIFFER _______________________________________________________ 142

18.13 TOOL SETTINGS >SCANNER ___________________________________________________________ 142 18.14 SCANNER SETTINGS >LOGIN SEQUENCES __________________________________________________ 144 18.15 SCANNER SETTINGS >HTML FORMS _____________________________________________________ 146

18.16 SCANNER SETTINGS >PARAMETER EXCLUSIONS _____________________________________________ 149 18.17 SCANNER SETTINGS >CUSTOM ERROR PAGES _______________________________________________ 150

(6)

18.18 SCANNER SETTINGS >GHDB __________________________________________________________ 152 18.19 SCANNING PROFILES ________________________________________________________________ 153 18.19.1 Default Scanning Profiles _____________________________________________________ 154 18.20 CREATING/MODIFYING SCAN PROFILES ___________________________________________________ 155 19. DATABASE CONVERSION UTILITY ______________________________________________________ 156

19.1 INTRODUCTION _____________________________________________________________________ 156 19.2 OBTAINING THE DATABASE CONVERSION UTILITY ______________________________________________ 156 19.3 CONVERTING A DATABASE ______________________________________________________________ 156 20. VULNERABILITY EDITOR ______________________________________________________________ 161

20.1 INTRODUCTION _____________________________________________________________________ 161

20.2 ACUNETIX WVS AUDIT MODULES _________________________________________________________ 162 20.3 ADDING A VULNERABILITY TEST __________________________________________________________ 163 20.3.1 Editing the Vulnerability Description ______________________________________________ 165 20.3.2 Specifying When the Vulnerability Check is Applicable ________________________________ 167 20.3.3 Specifying Test Variables _______________________________________________________ 167 20.3.4 Variables Explained ____________________________________________________________ 168 20.3.5 Defining the Requests to be Made in the Test _______________________________________ 170 20.3.6 Analyzing the Response ________________________________________________________ 171 20.4 ADDING A VULNERABILITY ITEM __________________________________________________________ 173

20.5 EXAMPLE: CREATING A TEST WHICH SEARCHES FOR A PARTICULAR FILE _______________________________ 174 20.5.1 Step 1: Creating a Vulnerability __________________________________________________ 174 20.5.2 Step 2: Adding a Vulnerability Item _______________________________________________ 175 20.5.3 Step 3: Configuring the Test Properties ____________________________________________ 176 20.5.4 Step 4: Save the Test and Re-Launch Acunetix WVS __________________________________ 178 21. WVS FILE TYPES ____________________________________________________________________ 179 21.1 WVSTOOLS FILE TYPES _______________________________________________________________ 179 21.2 WVSEXPORT FILE TYPES ______________________________________________________________ 179 22. TROUBLESHOOTING _________________________________________________________________ 180

22.1 INTRODUCTION _____________________________________________________________________ 180 22.2 REQUEST SUPPORT VIA E-MAIL __________________________________________________________ 180 22.3 SUPPORT CENTER ____________________________________________________________________ 181 23. CREDITS ___________________________________________________________________________ 183 24. INDEX_____________________________________________________________________________ 185

(7)

1. Introduction to Acunetix Web

Vulnerability Scanner

1.1 Why You Need To Secure Your Web Applications

Website security is possibly today's most overlooked aspect of securing the enterprise and should be a priority in any organization.

Increasingly, hackers are concentrating their efforts on web-based applications to obtain access and to misuse sensitive data such as customer details, credit card numbers and proprietary corporate data.

Hackers already have a wide repertoire of attacks that they regularly launch against organizations including SQL Injection, Cross Site Scripting, Directory Traversal Attacks, Parameter Manipulation (e.g., URL, Cookie, HTTP headers, HTML Forms), Authentication Attacks, Directory Enumeration and other exploits. Moreover, the hacker community is very close-knit; newly discovered web application intrusions are posted on a number of forums and websites known only to members of that exclusive group. Postings are updated daily and are used to propagate and facilitate further hacking. Web applications – shopping carts, forms, login pages, dynamic content, and other bespoke applications – are designed to allow your website visitors to retrieve and submit dynamic content including varying levels of personal and sensitive data.

If these web applications are not secure, then your entire database of sensitive information is at serious risk. A Gartner Group study reveals that 75% of cyber attacks are done at the web application level.

Why does this happen?

 Websites and related web applications must be available 24 hours a day, 7 days a week to provide the required service to customers, employees, suppliers and other stakeholders.

 Firewalls and SSL provide no protection against web application hacking, simply because access to the website has to be made public.

 Web applications often have direct access to backend data such as customer databases and, hence, control valuable data and are much more difficult to secure.

 Most web applications are custom-made and, therefore, involve a lesser degree of testing than off-the-shelf software. Consequently, custom applications are more susceptible to attack.

Various high-profile hacking attacks have proven that web application security remains the most critical. If your web applications are compromised, hackers will have complete access to your backend data even though your firewall is configured correctly and your operating system and applications are patched repeatedly.

(8)

Network security defense provides no protection against web application attacks since these are launched on port 80 (default for websites) which has to remain open to allow regular operation of the business.

For the most comprehensive security strategy, it is therefore imperative that you regularly and consistently audit your web applications for exploitable vulnerabilities.

The need for automated web application security scanning

Manual vulnerability auditing of all your web applications is complex and time-consuming. It also demands a high-level of expertise and the ability to keep track of considerable volumes of code and of all the latest tricks of the hacker‟s „trade‟.

Automated vulnerability scanning allows you to focus on the more challenging issue of securing your web applications from any exploitable vulnerability that jeopardizes your data.

1.2 Web Attack Examples

Well-known sites that were open to web application attacks include:

TJX, the owner of clothing retailers T.J. Maxx, Marshall's Inc. suffered the largest known data theft to date. Hackers invaded the TJX systems resulting in at least 45.7 million credit and debit card numbers stolen over an 18-month period. As well as the stolen personal data, including driver's license numbers of another 455,000 customers who returned merchandise without receipts. TJX first learned that there was suspicious software on its computer system on Dec. 18, 2006, however the stolen data covered transactions dating as far back as December 2002.

In September 2006 hackers pilfered the personal data of nearly 19,000 DSL equipment customers through a vulnerability in AT&T‟s online store. In a statement, AT&T attributed the motive of the attack to a criminal market for illegally obtained personal information. In fact, the data also included customers‟ credit card details.

In 2006, ChoicePoint, Inc. paid $10 million in civil penalties and $5 million in consumer redress after the personal financial records of more than 163,000 consumers in its database had been compromised.

Last year, the University of Southern California spent more than $140,000 to notify affected students and also shut down the applications website for 10 days after a hacker gained online access to the admissions website.

In June 2004, security analyst ZapTheDingbat pointed out that MasterCard, Natwest, Barclaycard, WorldPay, the GCHQ, and various other sites had missed some basic gaps in their security including the cross-site scripting vulnerability. This flaw, for example, allows hackers to send users to the legitimate site while displaying content and functionality of the hacker‟s choice.

In June 2003 fashion label Guess and pet supply retailer PetCo.com were notoriously found to be vulnerable to the SQL injection vulnerability. This resulted in PetCo leaving as many as 500,000 credit card numbers open to anyone able to construct this specially-crafted URL.

One hacker gained access to over five million credit card accounts in February 2003 through a web application attack. Similarly, in December 2002, a vulnerability at Tower Records website laid bare the company‟s customer orders database.

(9)

1.3 The Acunetix Web Vulnerability Scanner

The Acunetix Web Vulnerability Scanner (WVS) broadens the scope of vulnerability scanning by introducing highly advanced heuristic and rigorous technologies designed to tackle the complexities of today's web-based environments.

WVS is an automated web application security testing tool that audits your web applications by checking for vulnerabilities to SQL Injection, Cross site scripting and other exploitable hacking vulnerabilities. In general, the product scans any website or web application that is accessible via a web browser and that respects HTTP/HTTPS rules.

Besides automatically scanning for exploitable vulnerabilities, WVS offers a strong and unique solution for analyzing off-the-shelf and custom web applications including those relying on JavaScript (e.g., AJAX applications). The Acunetix WVS is suitable for any small, medium sized and large organizations with intranets, extranets, and websites aimed at exchanging and/or delivering information with/to customers, vendors, employees and other stakeholders.

How WVS Works

Acunetix WVS has a vast array of automated features and manual tools and, in general, works in the following manner:

1. It crawls the entire website – by following all the links on the site and in the robots.txt file (if available). WVS will then map out the website structure and display detailed information about every file. 2. After this discovery stage or crawling process, WVS automatically launches a series of vulnerability attacks on each page found, in essence emulating a hacker. WVS analyzes each page for places where it can input data, and subsequently attempts all the different input combinations. This is the Automated Scan Stage.

3. As it finds vulnerabilities, Acunetix WVS reports these in the “Alerts Node”. Each alert contains information about the vulnerability and recommendations on how to fix it.

4. After a scan has been completed, it may be saved to file for later analysis and for comparison to previous scans. With the reporter tool a professional report may be created summarizing the scan.

1.4 Audited Vulnerabilities

Acunetix WVS automatically checks for the following vulnerabilities:  Version Check

o Vulnerable Web Servers

o Vulnerable Web Server Technologies – such as PHP 4.3.0 file

disclosure and possible code execution.  CGI Tester

o Checks for Web Servers Problems – Determines if dangerous

HTTP methods are enabled on the web server (e.g. PUT, TRACE, DELETE)

o Verify Web Server Technologies

Parameter Manipulation

o Cross-Site Scripting (XSS)

o SQL Injection

(10)

o Directory Traversal

o File Inclusion

o Script Source Code Disclosure

o CRLF Injection / HTTP Response Splitting

o Cross Frame Scripting (XFS)

o PHP Code Injection

o XPath Injection

o Full Path Disclosure

o LDAP Injection

o Cookie Manipulation

o URL Redirection

o Application Error Message

MultiRequest Parameter Manipulation

o Blind SQL / XPath Injection

File Checks

o Checks for Backup Files or Directories - Looks for common files

(such as logs, application traces, CVS web repositories)

o Cross Site Scripting in URI

o Checks for Script Errors

Directory Checks

o Looks for Common Files (such as logs, traces, CVS)

o Discover Sensitive Files/Directories

o Discovers Directories with Weak Permissions

o Cross Site Scripting in Path and PHPSESSID Session Fixation.

Web Applications – Large database of known vulnerabilities for specific web applications such as Forums, Web Portals, Collaboration Platforms, CMS Systems, E-Commerce Applications and PHP Libraries.

Text Search

o Directory Listings

o Source Code Disclosure

o Check for Common Files

o Check for Email Addresses

o Microsoft Office Possible Sensitive Information

o Local Path Disclosure

o Error Messages

GHDB Google Hacking Database

o Over 1400 GHDB Search Entries in the Database

Web Services – Parameter Manipulation

o SQL Injection / Blind SQL Injection

o Directory Traversal

o Code Execution

o XPath Injection

o Application Error Messages

Other vulnerability tests may also be performed using the manual tools provided, including:

 Input Validation

 Authentication attacks

(11)

1.5 Supported Technologies

Acunetix WVS is designed to use a web application as an exploitable front-end through which it can make contact with a database or web-server. This approach ensures that WVS does not rely on specific compatible web-servers for a scan to be executed.

For scanning web applications, Acunetix WVS is designed around the following concept; if an application can be viewed in any browser without installing special plug-ins, over the HTTP and HTTPS protocols, then it will also be correctly crawled and scanned. Tests carried out internally, and on public web applications, have confirmed that Acunetix WVS can efficiently crawl and scan the following technologies: ASP, ASP.NET, JavaScript, AJAX, PHP, FrontPage, PERL, JRun, Ruby, Flash, ColdFusion. Tested web applications were also hosted on a number of different web servers such as IIS, APACHE, Sun Java, and Lotus Domino.

1.6 Main Features

Compliance Reporting

The reporter allows you to generate detailed compliance reports for OWASP, PCI, Sarbanes-Oxley, Web Application Security Consortium and HIPPA.

JavaScript / AJAX Support – Client Script Analyzer (CSA)

During the discovery stage, Acunetix WVS crawls for JavaScript and AJAX using the new Client Script Analyzer (CSA). This allows the crawler to build a comprehensive site structure upon which the automated scan will be launched.

The CSA has been designed to be part of the crawling process to allow automated rather than manual crawls of websites that rely on JavaScript / AJAX. Rather than parsing the client code on the page, the CSA actually executes the JavaScript in real time and in similar fashion to the browser. This is does since it builds the Document Object Model (DOM) of each page on the website.

These design features significantly reduce the time needed to scan websites containing JavaScript code while simplifying the whole scanning process for such sites.

Web Services Support

For complete web security analysis, Acunetix WVS features full support for Web Services vulnerability scanning and assessment. Web Services are now becoming a commonplace implementation for information availability and task processing over the internet, and the need to secure these systems from being exploited also brings about the need for the right tools to perform this task. The Web Services Scanner and Web Services Editor allow for full vulnerability scanning and WSDL analysis, with full reporting functionality.

Subdomain Scanner

The Subdomain scanner allows fast and easy identification of active Subdomains using various techniques and guessing of common subdomain names. The Subdomain Scanner can be configured to use the target‟s DNS server, or one specified by the user for added flexibility.

(12)

Scheduler Application

The scheduler application ensures enhanced flexibility and automation when launching all types of scans including concurrent and/or sequential scans of single or multiple websites.

Schedule such tasks as automated web crawling and scanning at a time most convenient to you. Tasks may be run daily, weekly, monthly, at certain times and/or continuously within a queue.

Scheduling runs as a service with the related management console enabling users to fully and easily configure scanning, crawling, logging and saving of results features. Relevant schedule logs provide users with detailed information on the scheduled queues.

Command Line

The Command Line support provides a command line interface that gives you the power of Acunetix WVS without the usual graphical user interface. It allows you to use WVS directly from the command prompt and from batch files and script languages, making it ideal for automating repetitive tasks. A comprehensive set of command line parameters gives you direct control over the WVS features.

The WVS Command Line supports the normal tasks for automated scanning as well as support for tasks related to Web Services.

URL Rewrite Support

The idea behind URL Rewriting (for example: “mod_rewrite”) is to use a rule-based rewriting engine (rule-based on a regular-expression parser) to rewrite requested URLs on the fly.

The URL Rewrite configurations may be setup in Acunetix WVS to support the proper crawling of such websites. The configuration may be done manually by defining custom rulesets and also by importing the rules directly from Apache httpd.conf or .htaccess files.

Detects Google Hacking Vulnerabilities

Google hacking is the term used to refer to when a hacker tries to find exploitable targets and sensitive data by using search engines. The Google Hacking Database (GHDB) is a database of queries that identify sensitive data. Although Google blocks some of the better known Google hacking queries, a hacker may still crawl your site and launch Google Hacking Database queries directly onto the crawled content.

The Google hacking feature will launch all the queries found in the Google hacking database, onto the crawled content of your website thus finding any sensitive data or exploitable targets before a “search engine hacker” does. The Google hacking feature is a unique, industry first feature.

The Google Hacking Database is located at http://johnny.ihackstuff.com and looks for the following information:

 Advisories and server vulnerabilities

 Error messages that contain too much information  Files containing passwords

 Sensitive directories

(13)

 Pages containing network or vulnerability data such as firewall logs. For further reference please visit:

http://www.informit.com/articles/article.asp?p=170880&rl=1

Extend Attacks with the HTTP Editor and Sniffer

With the HTTP Editor, you may construct HTTP/HTTPS requests and analyze the related responses of the web server. Thus the feature allows you to perform and test for custom SQL injection and cross site scripting attacks. With the HTTP Sniffer you can log, intercept and modify all HTTP/HTTPS traffic, giving you an in-depth knowledge of the data sent by your web application.

In-Depth Testing with the HTTP Fuzzer

The HTTP Fuzzer tool allows sophisticated testing for buffer overflows and input validation. With it, you can create rules to automatically test a range of variables.

A simple example would be the following URL: http://testphp.acunetix.com/listproducts.php?cat=1

Using the HTTP Fuzzer you could create a rule which would automatically replace the last part of the URL - „1‟ - with numbers between 1 – 999. Only valid results will be reported. This degree of automation allows you to quickly test the results of a 1000 queries while significantly reducing the amount of manual input.

Login Sequence Recorder for Protected Areas

The recorder allows you to scan password-protected sections of your website. Simply use the login sequence tool to provide Acunetix WVS with single or multiple login details. In addition, you can provide the scanner with links it should not crawl, for example, a logout link.

Automatic HTML Form-filler

When the crawler encounters an HTML form, it can be instructed to use certain input values when submitting this form.

This way you can automatically test your website for different types of inputs.

Crawl Flash Files

Acunetix WVS analyzes flash files looking for both links to follow and HTML code.

Test Password Strength of Login Pages

With the authentication tester, you can audit password protected pages by launching a dictionary attack.

Vulnerability Editor

Create custom web attack checks or modify existing ones with the Vulnerability editor.

Supports All Major Web Technologies

Acunetix WVS supports scanning for vulnerabilities in websites that use any of the major development technologies, including ASP, ASP.NET, PHP and

(14)

CGI. In general, the product scans any website or web application that is accessible via a web browser and that respects HTTP/HTTPS rules.

Scanning Profiles

You can use different scanning profiles to scan different websites with different identity and scan options. This reduces scan times and allows for deeper analyses.

Report Generator

The Acunetix WVS V5 Reporting Application makes it quick and easy to generate different reports of your scan results, with the added functionality to export the report to a variety of file types. Designed as a stand-alone application, the Reporter connects directly to the WVS Database, and allows you to view results and generate different reports for vulnerabilities, compliance, statistics, and parallel comparison of results. In-built search functionality allows you to search for specific alerts within a set of results. The Reporter is also fully configurable. One can configure the default report-type for on the fly report generation, insert custom logos, headers, and footers, or change page layout and size.

Compare Scans and Find Differences

Use the compare function to easily contrast recent and previous scans thereby reflecting the changes made and identifying any resulting new vulnerabilities.

Easily Re-Audit Website Changes

Good security best-practice requires you to check your website with every effected change. This can automatically be done with Acunetix WVS. Re-auditing a website has been further simplified with the Scheduler application which allows you to automatically configure website scans according to your specific work and development schedules.

(15)

1.7 Acunetix WVS Program Overview

The following pages briefly explain the main WVS tools and features:

Web Scanner

Screenshot 1 - Acunetix Web Vulnerability Scanner

The Web Scanner is the most important component – it launches the automated security audit of a website. The automated scan consists of two phases:

1. Crawling – This discovery phase will automatically analyze the website and build a site structure.

2. Scanning – A vulnerability scan consists of a series of attacks launched against the crawled site structure, in effect, emulating a hacker.

(16)

Screenshot 2 – Scan Results

The results of a scan are displayed in an Alert Node tree. Each Alert Node contains extensive details on all the vulnerabilities found within the website.

Site Crawler

Screenshot 3 – The Site Crawler

The Site Crawler tool crawls the entire target website and displays its structure together with detailed information on each file found.

(17)

HTTP Editor

Screenshot 4 – The HTTP Editor

The HTTP Editor allows you to create custom HTTP requests from scratch and debug HTTP requests/responses.

HTTP Sniffer

Screenshot 5 - The HTTP Sniffer

In contrast to the HTTP Editor (see above), the HTTP Sniffer helps you modify an HTTP request.

(18)

The HTTP Sniffer allows you to capture, examine and modify HTTP communications between an HTTP client and a web server. This tool is used to:

 Analyze how Session IDs are stored – Session IDs are used by the application to uniquely identify a client browser. It is important that the session ID is unpredictable and the application utilizes a strong method of generating random ID‟s.

 Analyze how inputs are sent back to the server.

 Alter any HTTP request being sent back to the server before it does actually get sent.

 Navigate through parts of the website which cannot be crawled automatically because, for example, of certain JavaScript code.

To use this tool, all http requests must pass through WVS thus the software must be set as the proxy server for your browser.

HTTP Fuzzer

Screenshot 6 - The HTTP Fuzzer

The HTTP Fuzzer tool allows sophisticated testing for buffer overflows and input validation. With this tool you can easily create input rules for Acunetix WVS to test.

A simple example would be the following URL: http://testphp.acunetix.com/listproducts.php?cat=1

Using the HTTP Fuzzer you can create a rule which would automatically replace the last part of the URL - „1‟ - with numbers between 1 – 999. Only valid results will be reported. This degree of automation allows you to quickly test the results of a 1000 queries while significantly reducing the amount of manual input.

(19)

Authentication Tester

Screenshot 7 - The Authentication Tester

With the Authentication Tester tool you can perform a dictionary attack on login pages which use HTTP (NTLM) or HTML form authentication. This tool uses two predefined text files which contain an extensive list of common usernames and passwords. These text files may be easily modified to include your own combinations.

Vulnerability Editor

Screenshot 8 – The Vulnerability Editor

The Vulnerability Editor allows you to create custom security checks. You will also notice changes and additions to the Vulnerability Editor as updates to the Acunetix WVS are installed. For more information on updating the Acunetix WVS please refer to page 127 of this manual.

(20)

Reporter

The Reporter application allows you to present the scan results in a printable format, which you can send to your colleagues or customers. Various report templates are available, including summary, detailed reports and also compliance reporting.

The Consultant Version of the WVS allows further customization of the report headers.

(21)

1.8 License Scheme

Acunetix Web Vulnerability Scanner (WVS) is available in 3 versions: Small Business, Enterprise and Consultant.

1.8.1 Perpetual or Time Based Licenses

Acunetix WVS is sold as a one-year or perpetual license. The 1 year license expires 1 year from the date of purchase. The perpetual license never expires.

The Enterprise and Consultant versions are available as both a one-year and perpetual license. The Small Business version is available as a perpetual license only.

A Maintenance Agreement, which entitles the end user to free support and version upgrades, is included for free in the one-year license for the full duration. Perpetual licenses include two months of free support and upgrades. To extend this period of support a maintenance agreement should be purchased along with the perpetual license. A maintenance agreement can be purchased in yearly intervals and begins from the date of product purchase.

1.8.2 Small Business Version 1 Site/Server

The Small Business Version license allows you to install one copy of Acunetix WVS on one computer, and scan one nominated site or server; this site or server must be owned by yourself (or your company) and not by third parties. In the case of companies, you must obtain proper authorization to scan the website. Acunetix Small Business version will leave a trail in the log files of the scanned server and scanning of third party sites is prohibited with this license.

To scan multiple websites you would require the Enterprise unlimited license. To install copies on several computers, you require purchasing the necessary individual licenses.

1.8.3 Enterprise Version Unlimited Sites/Servers

The Enterprise version license allows you to install one copy of Acunetix WVS on one computer, and scan an unlimited number of sites or servers. The sites or servers must be owned by yourself (or your company) and not by third parties. In the case of companies, you must obtain proper authorization to scan the website. Acunetix Enterprise version will leave a trail in the log files of the scanned server and scanning of third party sites is prohibited with this license.

To install copies on several computers, you are required to purchase the necessary individual licenses.

1.8.4 Consultant Version

The Consultant version license allows you to install one copy of Acunetix on one computer, and scan an unlimited number of sites or servers including 3rd party, provided that you have obtained permission from the respective site owners. This is the correct version to use if you are a consultant who provides web security testing services, or an ISP. The consultant edition also includes the capability of modifying the reports to include your own company logo. Furthermore this version does not leave any trail in the log files of the scanned server.

(22)

1.8.5 Purchasing Acunetix WVS

To purchase any of these licenses please visit:

http://www.acunetix.com/ordering/ and contact one of the Channel Partners in your area. If there are no Channel Partners in your country, you may place your order online from http://www.acunetix.com/ordering/pricing.htm

(23)

2. Installing Acunetix WVS

2.1 System Requirements

 Microsoft Windows XP Professional or Home Edition, Windows 2000, Windows Server 2003 and Windows Vista.

 128 MB of RAM (256 MB or higher recommended).  200 MB of available hard-disk space.

 Microsoft Internet Explorer 5.1 (or higher).

 Microsoft SQL Server / Access support – if database is enabled (optional)

2.2 Installation Procedure

1. Double click on webvulnscan5.exe file to launch Acunetix WVS setup wizard and click Next.

2. Read and review the License agreement and, if you agree with the conditions laid out, select “I accept the agreement”. Click on Next to continue the installation.

Screenshot 10 – Setup Wizard Enter Details

3. Enter your Name, Company Name and License key. If you are evaluating the product, leave the license key edit box blank. Click Next.

(24)

Screenshot 11 – Setup Wizard Confirm Details

4. Select the folder location where you want to install Acunetix Web Vulnerability Scanner and click Next.

5. Choose whether a program shortcut icon is to be created on the desktop. Click on Next to continue with your installation.

If using the evaluation version, you will only be able to scan one of the Acunetix test websites:

http://testphp.acunetix.com - A test website with PHP technology http://testasp.acunetix.com - A test website with ASP technology http://testaspnet.acunetix.com - A test website with ASP.NET technology Furthermore, you will not be able to save the scan results.

(25)

6. After Acunetix WVS has been installed, you will be prompted to launch the application. Check the tick box as appropriate and click Finish.

Screenshot 12 – Setup Wizard Finish

2.3 Upgrade Procedure

1. Double click on webvulnscan5.exe file to launch Acunetix WVS set-up wizard. The installer automatically detects any previous versions installed and will display a dialog which gives you a choice if to continue or not.

Screenshot 13 – Setup Upgrade Confirmation Dialog

By default, Acunetix WVS is installed with Microsoft Access database support enabled. This is required to create reports using the Reporter. If you want to use a Microsoft SQL Server or MSDE database, you will need to enter the required credentials from the configuration screen under the Application Settings node. For more information on how to configure this feature, please refer to page 113 of this manual.

SQL Server/MSDE must be installed in mixed mode or SQL server authentication mode. NT authentication only mode is NOT supported.

(26)

2. Click on Yes to proceed with the upgrade

3. At this point the uninstaller is launched and it will verify again that you want to actually uninstall the previous version of Acunetix WVS. Click on Yes to proceed with the upgrade.

Screenshot 14 – Setup Uninstall Confirmation Dialog

4. The next step requires a careful choice:

 If you plan to keep your past scan results and use them in the new version or build of Acunetix WVS, you may select NO to keep the current database.

 If you plan to clear all your past scans and start from scratch with the new version or build, you may select YES to remove your current database.

Screenshot 15 – Setup Database Removal Dialog

5. At this stage, the un-installation process starts and when finished click on OK to proceed with the upgrade.

6. The installation steps that follow are the same as described in section 2.2 of this manual. The installation procedure will be identical to a standard installation from here on.

Screenshot 16 – First Run Previous Settings Import Dialog

7. After the installation is finished, run Acunetix WVS. The application will present a dialog to upgrade any previous settings from the previous build that was installed. Click on Yes to restore any previous configurations to the new version or build just installed.

(27)

2.4 Configuring a Proxy Server

Screenshot 17 - LAN HTTP Proxy Settings

If your machine is sitting behind a proxy server and you need Acunetix WVS to use this proxy, then you need to configure the proxy server settings. From the Tools Explorer Panel on the far left-hand side of the user interface, select Configuration > Settings. Then select Application Settings > LAN Settings to access the configuration panel as shown above..

Acunetix WVS supports both HTTP and SOCKS proxy settings. You can setup the Acunetix Web Vulnerability Scanner to use both technologies concurrently.

HTTP Proxy Settings

Use an HTTP proxy server – Tick the check box to make Acunetix WVS use an HTTP proxy server.

Hostname and Port – Hostname (or IP address) and port number of the HTTP proxy server.

Username and Password – Credentials used to access the proxy. If no authentication is required, leave these options empty.

SOCKS Proxy Settings

Use a SOCKS proxy server – Tick the check box to make Acunetix WVS use a SOCKS proxy server.

Hostname and Port – Hostname (or IP address) and port number for the SOCKS proxy server.

Protocol – Select which SOCKS protocol to use. Both Socks v4 or v5 protocols are supported by Acunetix WVS.

Username and Password – The credentials used to access this proxy. If no authentication is required, leave these options empty.

(28)

2.5 Configuring Web Browser for HTTP Sniffer

To sniff HTTP traffic, you must configure Acunetix WVS as a proxy server for the browser installed on your machine. This allows you to direct WVS to pages it either could not find automatically or could not access (because of JavaScript etc.) and thus be able to scan them.

Internet Explorer Configuration

To configure Internet Explorer to pass via the Acunetix WVS proxy:

1. Launch Internet Explorer and select Tools > Internet Options > Connections > LAN Settings

Screenshot 18 - Internet Explorer Proxy Server setup

2. Enable „Use a proxy server for your LAN…‟ and specify the IP address / Name and Port (default 8080) of the computer were Acunetix WVS is running. If the browser is running on the same computer as Acunetix WVS, you can use 127.0.0.1 or localhost as the proxy server address.

To use the browser you need to launch Acunetix WVS and enable the HTTP Sniffer. Therefore, it is advisable to install a second browser (either Internet Explorer or Firefox depending on your default preference) and use it for sniffing traffic. You may then continue using your preferred browser for regular browsing.

(29)

Mozilla Firefox Configuration

To configure Mozilla Firefox 2.0.0+ to pass via the Acunetix WVS proxy: 1. Launch Firefox and select Tools > Options

Screenshot 19- Firefox proxy setup

2. Click on the Advanced icon at the top of the dialog. Then go to the Network tab and click on Settings

3. Select “Manual proxy configuration” and specify the IP address/Name and port (default 8080) of the computer running Acunetix WVS for both HTTP and SSL.

4. If you will be using the HTTP Sniffer to browse a local website hosted on the same machine as Acunetix WVS, also clear the “No proxy for:” textbox. 5. Click on the OK button to save the changes.

2.6 Password Protect WVS

To password protect the main interface of WVS together with all the supporting applications including the Reporter, Vulnerability Editor and Scheduler, simply follow these steps:

1. Go to the Configuration > Settings > Application Settings > General node to access the password protection configuration settings.

(30)

Screenshot 20- Password Protection Options

2. In the “Password protection” section of the page, enter the current password in the “Current password” textbox. If you are configuring a password for the first time leave this field empty.

3. Enter the new password in both the “New password” and the “Confirm new password” textboxes.

4. Click on the “Set Password” button to save the settings.

Screenshot 21- Password Protection Dialog

Once a password has been set in WVS, the next time and all the subsequent time that you will launch the product or any of its supporting applications, you will be presented with a password protection dialog. Simply enter the password you configured in WVS into this dialog to access the application normally.

For more information on the password protection feature of WVS, please go to page 128.

(31)

2.7 Limitations of the Evaluation Version

The evaluation version of WVS, which is downloadable from the Acunetix main website, is practically identical to the full version in functionality and in the set of tools that it presents – with the following limitations:

 Websites will be scanned for Cross Site Scripting (XSS) vulnerabilities – only the Acunetix test websites will be scanned for all types of vulnerabilities

 Only the default report can be generated and it cannot be printed or exported

 Scan Results cannot be saved

Screenshot 22- Evaluation Limitations Dialog

2.8 Upgrading From an Evaluation to a Purchased Version

If you decide to purchase Acunetix WVS, you will need to upgrade the evaluation version to the purchased version. You will receive a new download location to obtain the unlocked and full version.

After download, simply launch the setup file. Setup will ask whether it can remove the evaluation version and install the full version. Any settings you have already made will be retained.

You will be able to enter the License key you received, after which you will install the full version and scan your website.

2.9 Extending or Upgrading a Purchased Version

If you have already installed the full version, but only want to extend the license key or upgrade from an enterprise to a consultant version, you can enter your new license key under the General > Licensing node. Right-click on the General/Licensing Node, select „License Product‟ and enter your new license key.

To find out on how to purchase Acunetix Web Vulnerability Scanner, select General >

(32)
(33)

3. The User Interface

3.1 Introduction

Acunetix WVS consists of a comprehensive set of highly technical, complex and flexible tools. The product has an easy-to-use and intuitive Graphical User Interface (GUI) designed to ensure immediate use of the product without any particular level of technical expertise.

3.2 The WVS Main Interface

The following sections contain detailed descriptions of the different parts of the Acunetix Web Vulnerability Scanner.

3.2.1 Layout

Screenshot 23 – The Acunetix WVS Main Interface Layout

The Main Interface includes all the main features needed to operate the application and conduct your audits. From this interface you can launch a new scan, access the individual tools of the application and configure all settings and options.

3.2.2 Navigation

Navigation in Acunetix WVS is performed through the Toolbar and the various nodes in the Tools Explorer panel.

(34)

3.2.3 Toolbar

Screenshot 24 – The Acunetix WVS Toolbar

Found below the menu bar, at the top, the Toolbar contains quick access buttons (represented by a number of icons) that allow quick access to the main tools of the application, to settings and to main operation of the product – that of starting a new scan.

You will note the following icons/buttons on the toolbar:

New Scan – Access the Scan Wizard to start a new scan.

Web Scanner – Access the Web Scanner tool to launch a scan manual instead of using the Scan Wizard.

Site Crawler – Access the Site Crawler tool. Target Finder – Access the Target Finder tool.

Subdomain Scanner – Access the Subdomain Scanner tool. HTTP Editor – Access the HTTP Editor tool.

HTTP Sniffer – Access the HTTP Sniffer tool. HTTP Fuzzer – Access the HTTP Fuzzer tool.

Authentication Tester – Access the Authentication Tester tool. Compare Results – Access the Compare Results tool.

Web Services Scanner – Access the Web Services Scanner tool. Web Services Editor – Access the Web Services Editor tool. Settings – Access the configuration settings area of the application. Scanning Profile – Access the Scanning Profiles configuration. Scheduler – Access the Acunetix WVS Scheduler application.

(35)

3.2.4 Tools Explorer

Screenshot 25 – The Tools Explorer

As will be seen throughout this manual, the Tools Explorer is central to navigating within Acunetix WVS. The Tools Explorer is laid out in a hierarchical tree of nodes (branches) and corresponding sub-nodes (sub-branches). Each sub-node has a parent node which categorizes the structure in sections.

The tree structure has four main nodes:

Tools – This node category contains all the tools available in the application.

Web Services – This node category contains all the tools related to web services available in the application.

Configuration – This node category contains the configuration settings of the application and also the Scanning Profiles configuration settings.

General – This node category contains general application information and links to the support centre.

The convention used to denote a particular node and sub-node throughout this manual

is referenced in the following manner: Node > Sub-Node. For example the “Settings”

sub-node is child to the parent node “Configuration”. Hence, to denote the Settings

(36)

3.2.5 Main Area

Screenshot 26 – The Acunetix WVS Main Area

The Main Area of the application will show the current active screen depending on your selection from the toolbar or the tools explorer. It, therefore, varies according to the tool and feature you are using.

3.2.6 Activity Window

Screenshot 27 – The Activity Window

The Activity Window at the bottom will show the current activity of the application in real time. This section is subdivided into two tabs:

(37)

Application LogTab – This tab includes real-time information on all tools and any informational messages.

Error LogTab – This tab shows any errors occurring during the scan or the use of any of the tools.

3.2.7 Status Bar

Screenshot 28 – The Acunetix WVS Status Bar

The Status Bar found at the bottom of the Main Interface provides summary information of the current running tool in the application.

This information is shown entirely through the operation of all tools so that you always have an immediate overview of the current activity and status of the application.

3.2.8 Hiding Panels

The Tools Explorer and the Activity Window panels can be hidden in order to obtain more space in the main panel. This is extremely useful when working in low resolution modes.

To hide a panel simply click on the icon at the edge of the panel.

Screenshot 29 – Hide Panel Icon

This will trigger the panel‟s auto-hide mode. Moving the mouse to the main panel will auto-hide the panel and moving the mouse to the edge where the panel was will bring it into focus again. To change the panel‟s behavior to fixed mode again, simply click on the icon again.

The auto-hide panel mode is available to other panels throughout the application which have the icon.

3.2.9 Context Menus

Many of the nodes used in the Tools Explorer and also in the tools themselves contain useful Context Menus. Accessed directly by right-click, these menus are contextual in the sense that they allow access to specific actions tied to a particular node.

(38)

Screenshot 30 – The Web Scanner Context Menu

For example, the context menu of the Web Scanner node in the Tools Explorer contains several options regarding the scan results and also an option to start a new scan or load saved scan results.

Screenshot 31 – The Site Crawler Context Menu

In this example, the context menu of the Site Crawler node contains options which let you save and load crawl results.

3.3 The Settings Interface

(39)

The Settings Interface is accessed from the Configuration > Settings node in the Tools Explorer on the left in the main interface.

The settings interface is also laid out in a tree structure to facilitate navigation across the various configuration nodes. The settings tree structure is categorized in the following sections:

Application Settings – Contains the configurations screens related to the general application settings.

Tools Settings – Contains the configuration screens related to the tools in the application.

Scanner Settings – Contains the configuration screens related to the Scanner in the application.

3.3.1 Saving Changes

The settings interface provides two buttons at the bottom of each configuration screen to apply or discard the settings effected. To save the configuration changes you made, click the “Apply” button otherwise your changes will not be saved.

Screenshot 33 – Changing the WVS Settings

After making changes on any of the configuration screens the text “Settings have been changed!” will be shown next to these buttons.

3.4 Error Handling

If an error occurs in Acunetix WVS, the appropriate response in the form of a dialogue box will be presented. Please refer to Troubleshooting section on page 180 for guidelines on how to handle any problems in the application.

(40)

4. Getting Started: Scanning Your

Website

4.1 Starting a Scan

Auditing the security of your website with Acunetix WVS is easy. The Scan Wizard allows you to quickly set-up an automated crawl and scan of your website. An automated scan provides a comprehensive and deep understanding of the level website security by simply reviewing the individual alerts returned.

This chapter presents the process of launching a security audit of your website through the Scan wizard

DO NOT SCAN A WEBSITE WITHOUT PROPER AUTHORISATION!

The web server logs will show the scans and any attacks made by Acunetix WVS. If you are not the sole administrator of the website please make sure to you warn other administrators before performing a scan.

(41)

4.2 Step 1: Select Target(s) to Scan

You will need to enter the IP or the URL of the website that you wish to scan. To begin a new scan:

1. Click on File > New Scan: The Scan Wizard will start up and offer you a number of steps to guide you through the process of launching a website audit.

Screenshot 35 – Scan Wizard Select Scan Type

2. Specify the target(s) to be scanned. The scan target options are:

Scan single website - Scans a single website. Enter a URL, e.g. http://testphp.acunetix.com, https://www.testaspnet.acunetix.com or http:// 80.237.145.112.

Scan using saved crawling results – If you previously performed a crawl/scan on a website and saved the results, you can analyze these results directly without having to crawl the site again. Specify the „Saved crawler results‟ file by clicking on the folder button.

Scan List of Websites – Scans a list of target websites specified in a plain text file (one target per line). Every target in the file is to be specified in the format:

<URL> or <URL:port> or <IP> or <IP:port>

For example http://80.237.145.112:80/. Ensure that the port is included in each line, even if it‟s a default port.

Scan Range of Computers – This will scan a specific range of IPs (e.g. 192.168.0.10-192.168.0.200) for target sites which are open on the specified ports (Default 80, 81 and 443).

(42)

4.3 Step 2: Confirm Targets and Technologies Detected

Screenshot 36 – Scan Wizard Selecting Targets and Technologies

Acunetix WVS will automatically probe the website(s) target(s) for basic details such as operating system, web server, web server technologies and whether a custom error page is used (For more details on Custom Error Pages refer to page 47 of this manual).

The web vulnerability scanner will optimize the scan for the selected technologies and use these details to reduce the number of tests performed which are not applicable (e.g. Acunetix WVS will not probe IIS tests on a UNIX system). This will reduce scanning time.

If you already know what technologies the website is running, you can check whether Acunetix WVS identified them correctly.

Click on the relevant field and change the setting from the provided check boxes as shown above.

References

Related documents

Highlights • Heart failure, evaluation, and management • Update in practice guidelines, performance measures, and clinical research • Review contrasting medical and

To determine the proportion of patient achieving target of low density lipoprotein cholesterol, the associated factors to nonachievement of LDL-C target and adherence to

For modules of the Core OpenStack Project, the Technical Committee may recommend to the Board of Directors the modules for addition, combination, split or deletion from the

ELETTROL REID GLU/CA*1LT SACCA MINSAN 033762016 033762016 B05BB02 SODIO CLORURO/POTASSIO ACETATO/POTASSIO FOSFATO BIBASICO/MAGNESIO SOLFATO EPTAIDRATO/CALCIO GLUCONATO

diversity dimensions are measured by the Blau gender diversity index, the binary variable for number of women on board (at least one, two and three), the type of female

E xpenses payable for Qualified Long Term Care Services provided by a Home Health Care Agency or an Independent Provider (including Informal Caregiver services),at-home Hospice

In the present study, we focused on developing an integrative approach to elucidate the role of EDCs (PCBs, phthalates and BPA) that contributed to the risk of breast cancer

sbhLox!wnfG Tufemsi tisqc AOJflWG2 qJ2Wt OECD eonutuca &amp;uq jDq2 J0L IPC2C aiwqsi tcanja &amp;bbjicq 10 OIJICL conutuca ffiGJ (Too® naca SD Jw&amp;Ju&amp;fIAc wctpoq to