Andre,
On Fri, Mar 21, 2014 at 3:59 PM, Andre Daniels <andre...@ucsc.edu> wrote:
> Andres,
>
> Thanks for the insanely quick reply.
Hopefully I'll keep it this way :D
> Sorry, I haven't yet figured out how to post to the actual thread...checking
> docs...
Just reply to all to the email and it should work.
I added you to the mailing list after your first email
> I cannot just add an option for the url. I need to know what url is being
> tested or to catch the redirect that will happen when the framework is
> trying to access a protected resource.
Hmmm... I believe I don't know enough about SAML to help you, maybe
the following <p> helps.
> The code I have currently doesn't do much. I will post it as soon as I know
> I am barking up the right tree. So the issue I see is this:
Recommendation: Write your plugin to work with the feature/module
branch. It will be the next stable release.
> When the w3af framework attempts to access a SAML protected url when running
> a plugin (say...spidering) it will be redirected to first login on the SSO
> server that is configured for that resource. (typically shibd)
> The auth plugin must intercept that redirect and manage the login on the SSO
> server. I have configuration parameters for u and pwd as in generic.py
> The auth plugin needs to inform the opener to post to a specific page on the
> original target to verify the SSO login was successful. There is javascript
> on the response from the SSO server that posts form data containing login
> verification data.
> That post, once verified by shibd, will redirect the opener to the original
> requested resource
> The shibd daemon uses cookies to keep track of the session.
>
> Is this possible with an auth plugin? Where can I get hooks to this
> implement this process?
Hah! Well... it is the first time I've found something like this, and
the architecture isn't prepared for it. If we can make it work, it
will:
* Be a hack
* Require some re-architecture
For what I can see at [0] there will be a first login() call to all
auth plugins before starting the scan. Maybe that's where you want to
start doing things.
Also, the target can be found while the scan is running from the
w3afCore.target object. Not tested this code but it will give you the
idea:
from w3af.core.controllers.core_helpers.target import w3af_core_target
t = w3af_core_target()
opts = t.get_options()
print opts['targets']
[0]
https://github.com/andresriancho/w3af/blob/feature/module/w3af/core/controllers/core_helpers/strategy.py#L437
> Thanks,
> Andre
>
> Remembering to remove signature this time...
--
Andrés Riancho
Project Leader at w3af - http://w3af.org/
Web Application Attack and Audit Framework
Twitter: @w3af
GPG: 0x93C344F3
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/13534_NeoTech
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
