I quickly hacked a test-suite based on the OWASP testing-guide. You can find the code here: http://gitorious.org/sectestsuite/websec
Take care, this time it is untested, incomplete and unfancy.
prompt> src/websec.pl myconfig.ini output=short
=====> OWASP_CM_001::sslv2: CWE-XYZ (): code = 0 (msg = 'PASS')
=====> OWASP_CM_001::weak_ciphers: CWE-327 (Use of a Broken or Risky Cryptographic Algorithm): code = 0 (msg = 'PASS')
=====> OWASP_CM_008::http_dangerous_methods: CWE-749 (Exposed Dangerous Method or Function): code = 0 (msg = 'PASS')
=====> OWASP_CM_008::http_arbitrary_methods: CWE-749:CWE-650 (Exposed Dangerous Method or Function:Trusting HTTP Permission Methods on the Server Side): code = 1 (msg = 'FAIL:HTTP arbitrary/dangerous methods allowed (UNLOCK)')
=====> OWASP_CM_008::http_bypass_head: CWE-650 (Trusting HTTP Permission Methods on the Server Side): code = 0 (msg = 'PASS')
=====> OWASP_AT_002::user_enumerate: CWE-204 (Response Discrepancy Information Exposure): code = 0 (msg = 'PASS')
=====> OWASP_AT_002::uri_probing: CWE-204 (Response Discrepancy Information Exposure): code = 1 (msg = 'FAIL:URI probing emits different HTTP status code (200 vs 404)')
=====> OWASP_AT_007::user_really_logged_out: CWE-672 (Operation on a Resource after Expiration or Release): code = 1 (msg = 'FAIL: Still able to access private page even after logging out.')
OWASP_AT_007::session_timeout_used: wait for 120 + 10 seconds
=====> OWASP_AT_007::session_timeout_used: CWE-613 (Insufficient Session Expiration): code = 0 (msg = 'FAIL: Private page was still accessible after timeout (120 + 10 secs).')
=====> OWASP_AZ_001::path_traversal: CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')): code = 0 (msg = 'PASS')
=====> OWASP_SM_002::cookie_security: CWE-614 (Sensitive Cookie in HTTPS Session Without 'Secure' Attribute): code = 1 (msg = 'FAIL:Path attribute points to '/'')
=====> OWASP_SM_003::session_fixation_public: CWE-384 (Session Fixation): code = -2 (msg = 'INFO: Unable to get Cookie from public page')
=====> OWASP_SM_003::session_fixation_private: CWE-384 (Session Fixation): code = 1 (msg = 'FAIL:Vulnerable to Session Fixation Attack by authenticated users')
=====> OWASP_SM_004::cookie_not_fresh: CWE-323 (Reusing a Nonce, Key Pair in Encryption): code = 1 (msg = 'FAIL: Vulnerable of re-using session cookies')
=====> OWASP_SM_004::cookie_secure_storage: CWE-312:CWE-613 (Cleartext Storage of Sensitive Information:Insufficient Session Expiration): code = 1 (msg = 'FAIL:'Expires' header not set:Cache-Control header not set.')
=====> OWASP_SM_004::cookie_via_get: (): code = 0 (msg = 'PASS: Unable to login via GET.')
=====> OWASP_SM_005::csrf: CWE-352 (Cross-Site Request Forgery (CSRF)): code = 1 (msg = 'FAIL:Vulnerable to CSRF Attack (HTTP code 200)')
17 test in 155 secs.
No comments:
Post a Comment