Penetration Testing mailing list archives

Re: [PEN-TEST] Browser Automation

From: Paul Harrington <paul () pizza org>
Date: Thu, 28 Dec 2000 13:42:56 +0000

1. Is to follow a web site transaction automagically from sign in to sign
out, by specifying a number of interactions like usernames and passwords and
form filed inputs etc. Now I know Elza does this and it is awesome (kudos to
Philip Stoev (www.stoev.org) ) but I am lazy and my Perl is not great so the
learning curve steep.

Are there any other tools that can do this ?


I use curl for this.  I've not played with Elsa so don't know how it compares.

2. Second I want to watch a set of cookies; i.e. all the cookies that are
produced from the same bakers oven. I want to be able to watch what changes
automagically during a transaction to look at hijacking and session
management; i.e. compare a bakers oven over time.


curl allows you to dump and send cookies so this should be possible.

Take a look at http://curl.haxx.nu

Good Luck

Cheers

Paul
--
         Paul Harrington              ___________________________________
   Independent Internet Limited      /       Phone:  07779 622683
  Internet * Security * Unix * NT   /        Fax:    0870 2841627
___________________________________/       URL http://www.comms.net

Current thread:

[PEN-TEST] Browser Automation Mark Curphey (Dec 27)
- Re: [PEN-TEST] Browser Automation Drew Simonis (Dec 28)
- Re: [PEN-TEST] Browser Automation Paul Harrington (Dec 28)