Results - Fuzzer
744 views
Skip to first unread message
Monica K.
Nov 14, 2013, 1:39:17 PM11/14/13
to zaprox...@googlegroups.com
I am new to this tool. Can someone help me interpret the Fuzzer results tab? I have have been searching, reading, watching tutorials, etc. but cannot find anything specific. Biggest help would be the State column and what Successful, Reflected, and Error mean or a link to a key that gives detailed information. Thanks!
'M
thc202
Nov 14, 2013, 2:06:18 PM11/14/13
to zaprox...@googlegroups.com
Hi.
The meaning of the values of the "State" column:
- "Successful" - the message was successfully sent/received;
- "Error" - an error occurred while creating or sending/receiving the message (for example: malformed HTTP message, time out while reading the response, ...);
- "Reflected" - the injected fuzz string (value of "Fuzz" column) was found in the response body.
I'll update the "Fuzzer tab" help page to include that info.
Best regards.
The meaning of the values of the "State" column:
- "Successful" - the message was successfully sent/received;
- "Error" - an error occurred while creating or sending/receiving the message (for example: malformed HTTP message, time out while reading the response, ...);
- "Reflected" - the injected fuzz string (value of "Fuzz" column) was found in the response body.
I'll update the "Fuzzer tab" help page to include that info.
Best regards.
Monica K.
Nov 14, 2013, 2:18:29 PM11/14/13
to zaprox...@googlegroups.com
Thanks for the information. So, does this mean, the tool detects a vulnerability when it returns a Successful or Reflected response?
Simon Bennetts
Nov 15, 2013, 3:55:48 AM11/15/13
to zaprox...@googlegroups.com
Hi Monica,
The fuzzer does not detect vulnerabilities, its there to help you find vulnerabilities manually, and as such is probably more useful for experienced pentesters.
Where we can detect vulnerabilities automatically then we implement that logic in active or passive scan rules, although there will always be more of those we can implement ;)
The fuzzer is to help you find vulnerabilities that cannot be found automatically.
The 'Successful' and 'Reflected' labels are just to help you see whether the 'attack' was reflected in the output.
Its up to you to decide whether there is a vulnerability or not.
You can use the 'Search' tab to search the fuzzer output - this can be very useful if you are looking for a specific error message.
Does that make sense?
Simon
The fuzzer does not detect vulnerabilities, its there to help you find vulnerabilities manually, and as such is probably more useful for experienced pentesters.
Where we can detect vulnerabilities automatically then we implement that logic in active or passive scan rules, although there will always be more of those we can implement ;)
The fuzzer is to help you find vulnerabilities that cannot be found automatically.
The 'Successful' and 'Reflected' labels are just to help you see whether the 'attack' was reflected in the output.
Its up to you to decide whether there is a vulnerability or not.
You can use the 'Search' tab to search the fuzzer output - this can be very useful if you are looking for a specific error message.
Does that make sense?
Simon
Monica K.
Nov 15, 2013, 2:46:33 PM11/15/13
to zaprox...@googlegroups.com
Simon,
Thank you so much for taking the time to explain this to me. I definitely was using Fuzzer from a different perspective and it now makes sense. I will utlize the Search tab and see what I can find. Take care!
Reply all
Reply to author
Forward
0 new messages