Plugin (Addon)

已查看 43 次
跳至第一个未读帖子

Alex

未读,
2019年2月12日 07:17:532019/2/12
收件人 OWASP ZAP User Group
Hello,
how i can launch quick-scan only for the SQL injection vulnerabilities in command line. I installed sqliplugin but i don't know how i use it. 
Please someone help-me :).
img.png

Simon Bennetts

未读,
2019年2月12日 07:53:022019/2/12
收件人 OWASP ZAP User Group
Hiya,

The sqliplugin adds an active scan rule, so you'll need to run the active scan.
The ZAP quick-scan options are farily limited so that probably wont be suitable for you.
A better option would be to use the packaged full scan: https://github.com/zaproxy/zaproxy/wiki/ZAP-Full-Scan
This always uses the standard spider, but if your app uses javascript links then you can use the ajax spider as well.
You can automatically install the sqliplugin using the ZAP -addoninstall command line option.
Run the command with -g to generate a configuration file, edit it to just enable the sqliplugin rule and then supply that using the -c option when you re-run it.

Cheers,

Simon

Alex

未读,
2019年2月12日 09:08:472019/2/12
收件人 OWASP ZAP User Group
Thanks for your quick reply and actually the package offers a lot more options but I want scan an URL just for verify if it's vulnerable for SQL Injection, just SQL injection not other attacks (Cross Site,Web Browser XSS,....).
regards,

kingthorin+owaspzap

未读,
2019年2月12日 09:16:442019/2/12
收件人 OWASP ZAP User Group
When you launch an active scan you can select which plugins are included in the scan policy. If you only include SQLi plugins then that's all that will run.

Simon Bennetts

未读,
2019年2月12日 09:18:112019/2/12
收件人 OWASP ZAP User Group
And thats what that script allows you to do.
Run it with -g to generate a config file (once)
Edit the config file so that just the SQL injection rules are enabled
Then you can keep running it passing in the config file and it will just scan for SQL injection vulns.

You cannot just scan for a specific type of vulnerability using the quick-scan option as that is not flexible enough, that why you need the packaged full scan which has the flexibility you need, even if you dont use most of the options.

Alex

未读,
2019年2月12日 09:19:142019/2/12
收件人 OWASP ZAP User Group
I want scan just for SQL Injection vulnerabilities, i don't want wait until it scan the whole, to know if my website is vulnerable for SQL injection  ;).

Simon Bennetts

未读,
2019年2月12日 09:30:252019/2/12
收件人 OWASP ZAP User Group
And thats what you can configure the packaged full scan to do.
There seems to be some miscommunication here :/
The packaged full scan is very flexible, but you can configure it to only scan for SQL injections and nothing else.

Alex

未读,
2019年2月12日 10:13:492019/2/12
收件人 OWASP ZAP User Group
Sorry i had lost my connexion...
Anyway, i will try your solution and i will tell you the result.
thank you again for your help.

Alex

未读,
2019年2月14日 01:29:032019/2/14
收件人 OWASP ZAP User Group

2.png

3.png

1.png

Hello dear,
I tried your solution using the full scan package and modifying the configuration file (gen.conf). But I still feel that does not accelerate the scan and he does not ignore all the attacks while in the file I noted IGNORE .



Le mardi 12 février 2019 17:30:25 UTC+3, Simon Bennetts a écrit :

Simon Bennetts

未读,
2019年2月14日 04:26:302019/2/14
收件人 OWASP ZAP User Group
Thats a bug then, I've raised it as https://github.com/zaproxy/zaproxy/issues/5225
I'll aim to look at this soon as it will impact something I'll be working on in a bit, unless anyone beats me to it :)

Simon Bennetts

未读,
2019年2月27日 07:47:252019/2/27
收件人 OWASP ZAP User Group
Can you post the command you are using to run the scan?
Based on my testing its working fine :/
回复全部
回复作者
转发
0 个新帖子