Re: Using Proxy Automatic Configuration Scripts in Webscarab

[Rogan Dawes <discard () dawes za net>]

Paul Justin wrote:
> Good morning all,
>
> I was wondering whether of you are using the Webscarab as a proxy tool
> to track traffic between your test sites and the server.
>
> I have a site that requires multiple ip address connections for
> different segments of the site, and currently have a Automatic
> Configuration Script used in IE to redirect the site accordingly.
> However, I would need to track the server request and response with
> Webscarab.
>
> Does anyone have any idea how I could go about this to set the proxy
> in webscarb?
>
> Best regards,
> Paul Justin

owasp-webscarab AT owasp.org is probably the best place to ask questions 
about WebScarab. FYI

To answer your question, there is no support in WebScarab for using a 
PAC file. That needs a JavaScript engine to evaluate the script, which 
WS does not include.

Normally, the solution is to evaluate the PAC file by hand for the 
particular site under test. But if the answer is variable all the time, 
that won't work. To be honest, I don't have a good solution for you. You 
might want to consider investigating how to integrate the Rhino engine 
into WebScarab, if it is not possible to connect to a network segment 
that does not require different proxies for different parts of the 
target site.

I suggest continuing this discussion on the WebScarab mailing list if 
you are interested.

Rogan

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------