Research

We build genuine partnerships with our clients

• White Papers
  • Web Application Vulnerability Statistics 2010-2011
  • Assessing Cloud Node Security
  • Smartphones in the Enterprise
  • Clickjacking
• Tools
  • Clickjacking Tool
  • CAT
    • Why use CAT?
    • Key Components
    • Download
    • User Guide
      • Installation
      • Menu
      • Options
      • Log View
      • Repeater Panel
      • Proxy Panel
      • Fuzzer Panel
      • Log Panel
      • Auth Checker Panel
      • SSL Checker Panel
      • Notepad
      • Integrated Web Browser Panel
      • Addons
      • Additional Information
    • Addons
    • Mono
  • MBean Trojan
  • IIS7 Header Block
• Blog
  • Malware 2 - From Infection to Persistence
  • Server Technologies - HTTPS BEAST Attack
  • Malware - Dark Comet RAT
  • Server Technologies - Reverse Proxy Bypass
  • SAP Exploitation – Part 2
  • SAP Exploitation – Part 1
  • WebGL - More WebGL Security Flaws
  • WebGL - A New Dimension for Browser Exploitation
    • FAQ
  • Server Technologies - SSL2: Should it keep you awake at night?
  • SmartPhones - Can you Trust your USB Charger?
  • Malware 1 - From Exploit to Infection
  • Server Technologies - JBoss RMI Twiddling

Most of the different panels that make up the CAT tool use a log to record the results of the various activities. This log has various features that are common and allow the different components to interact.

The log is driven by the user from the right click dropdown menu. An item or items are selected (multiple via shift or control key), then the right button provides various options.

• Copy HTTP Request – Used to move requests from one log to another log/repeater/fuzzer etc. (works on multiple items).
• Paste HTTP Request – Adds the current clipboard request or requests to the log
• Copy URL – Adds the URL of the current single request to the clipboard so it can be pasted into a web browser or notepad.
• Remove Log Item(s) – Remove the selected items from the log.
• Load Request In ... Repeater or Fuzzer – Sends the request to a new tab for either a repeater or a fuzzer.
• Save Response to File… – Prompts the user for a filename and location to save the selected response. This can be used to save binary files that have been downloaded.
• Diff Request/Response – Does a visual diff between the two selected requests or responses.
• View All Extracted Data – Goes through all entries in the log and displays the HTML comments and the decoded viewstates.
• Find / Extract All – Displays the search box for searching the log for certain keywords or to regexing out certain values.
• Repeat Request – Send the request again and add the result to the end of the log.
• Export Summary Results – Creates a HTML file in the specified location which contains all the details in the log list (summary details no content).

• Add Column – Adds extracted columns with certain extra information.
• Contains String – Shows a true/false value from a grep for the string specified.
• Contains Strings... – Allows for a list of keywords to be setup. This will add a column which will display which of these keywords is contained in the response.
• Reflected Parameters – Shows which of the supplied parameter’s values appear in the response page. This is used to indentify potential non-persistent XSS. Be aware that a parameter with a very short value will often appear in the page quite frequently but not necessary be from the actual parameter.
• Test All – Will perform the XSS, SQL Injection and backup tester on the request(s).
• XSS – A basic cross site scripting checker. For each parameter, it will show whether it was capable of injecting a JavaScript alert box (Red), special characters needed to inject JavaScript (Orange), reflects an arbitrary value (Yellow), or no reflection (Green). All requests sent can be drilled down into so the user is able to continue where CAT left off.
• SQL Injection – Enters a series of SQL injection strings into each parameter and then determiners if a SQL error message is returned (Red), the response took more than 20 seconds after three retries (Orange), some responses were different than the original (Yellow) or no change from the original (Green).
• File Backup Tester – Tests the request(s) to see if there is another version with a backup type extension e.g. .bak, .old, .tmp.
• Autocompletion Enabled – States whether the HTML contains a form which has autocompletion enabled. This allows for forms that process sensitive data to be checked whether they have been secured.
• Page Cached – Checks for the HTTP headers which should be used to prevent pages containing sensitive information being cached.
• CSRF Tester – Tool to aid in testing for Cross Site Request Forgery. Create a URL and HTML (auto-posting form) CSRF attack. This includes the ability to create multi-stage CSRF HTML. Where several requests are required to step the application through to perform the attack.
• Clickjacking Test – Loads two copies of the selected URL, one in an IFRAME and another normally. It uses the cookies of the selected request. If the framed version still operates then the page is most likely vulnerable to Clickjacking.
• Open…, Save… - Allows for all log items to be saved to a XML or CAT file and then reloaded in any log tab at a later date.
• Export Page Summary – Creates a list of information about the pages in the log and any links that have not been followed in a HTML file in the location specified.
• Clear Log – Deletes all entries.
• Spider – Follows all links discovered on that host starting from the links on the request selected. A control box will appear at the bottom showing progress and a stop button. The result of the links and form submissions will be added into the same log view. Any pages with logout in the name will not be followed. Cookies from the original selected request will be used for the spider.

© Copyright 2012 Context Information Security.

Main Navigation

• Home /
• Our Company /
• Security Solutions /
• Research /
• Media /
• Contact Us