Vega icon indicating copy to clipboard operation
Vega copied to clipboard

Published 20 hours ago verified publisher icon subgraph

Run Vega on WIVET

Open rkhal101 opened this issue 6 years ago • 1 comments

Hi, I seem to be unable to maintain the same session across a scan. The following are my steps:

  1. Click on the Start New Scan icon at the top left.
  2. In the Select a Scan Target Window, select the option Choose a target Scope for Scan. Select the Default Scope. In the Default Scope I have http://localhost:8080/ (where I have a docker image of wivet running) as my Base Path and http://localhost:8080/offscanpages.* http://localhost:8080/logout.* as my Exclude (URL or pattern). Click Next.
  3. In the Select Modules window, I keep the default configuration. Click Next.
  4. Under Set-Cookie or Set-Cookie2 value, I add the session cookie. For example, PHPSESSID=22fe03ee3ce3dfdb9c7b6bc76aab2120. Click Next.
  5. Click Finish.

In step 4 I added the session cookie, however, when I run the scan, it starts with the cookie session id I provided but then opens up multiple other sessions. Please let me know if this is an issue with the scanner or I'm doing something wrong.

Thanks in advance! Rana

rkhal101 avatar May 11 '18 09:05 rkhal101

After trial and error I found that the option that is causing it to create new sessions is “Bash Environment Variable Blind OS Injection…” under Injection modules.

rkhal101 avatar May 23 '18 10:05 rkhal101