Monday, 24 May 2010

Major O2 Milestone: 'Complete Vulnerability Trace' for an HacmeBank Sql Injection vulnerability

(As emailed to the O2 Platform mailing list)

Finally, after tons and tons of features, I was able to create a 'Complete Vulnerability Trace' for an HacmeBank Sql Injection vulnerability.

And by 'Complete Vulnerability Traces' I mean a trace that:
  • starts on the Exploit Layer (i.e. the browser entry point), 
  • then goes through the Web Layer code, 
  • then does a jump over the 'internet' into the Web Services layer,
  • and ends up in the vulnerable .NET System.Data method :)
Using O2's MediaWiki API, I created the following 'draft with tons of screenshots' wiki page (containing details of what this trace looks like):

The example is shown in the "O2 .NET Ast Engine" module,  and tomorrow I will post details on how to consume (most of) it from the "O2 .NET Ast Scanner" module (which will be easier to use)