Hello,
I am trying to scan an application built in Oracle ADF using w3af. I know that
there is a plugin to get me past the authentication, but I do not understand
how to make w3af scan the rest of the application, because all of the requests
use things like javax.faces.ViewState and many other parameters which must
submit values that were sent in previous responses from the server. So for
instance, request A returns response A. Response A contains a value that I
must then use as the value for a parameter in request B. Otherwise, request B
will fail. Is there a way for w3af to work with this level of parameterization
in requests?
I have been trying for some time to find a way, and Googling to no avail.
Please just point me in the right direction. I'm willing to spend time to get
it working, I just need someone to give me a starting point of where to look.
If there is no way to do this, then does w3af support me just manually
navigating to certain parts of the app, and having it scan that, and then I can
manually navigate to another part, etc.?
Thanks so much!
- Dave
Dave Douglas
Software Quality Assurance Analyst | AIReS
1.888.828.8515 x1859 | 724.601.1051 (mobile)
[email protected]
The information contained in this e-mail and any accompanying documents may
contain information that is confidential or otherwise protected from
disclosure. If you are not the intended recipient of this message, or if this
message has been addressed to you in error, please immediately alert the sender
by reply e-mail and then delete this message, including any attachments. Any
dissemination, distribution or other use of the contents of this message by
anyone other than the intended recipient is strictly prohibited.
------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite!
It's a free troubleshooting tool designed for production.
Get down to code-level detail for bottlenecks, with <2% overhead.
Download for free and get started troubleshooting in minutes.
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk
_______________________________________________
W3af-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-users
