Feature #31

three ways: RFI, LFI, SQLi

Added by Manfred Schilling about 3 years ago. Updated almost 3 years ago.

Status:Assigned Start date:
Priority:Normal Due date:
Assignee:Lukas Rist % Done:

0%
Category:Glastopf Spent time: -
Target version:To be done sometime
Resolution:

Description

As we are dealing with these three attack vectors,

we should split handling/manipulating of each vector...

Discuss:

New entry in database: "attack vector" -> RFI, LFI, SQLI

determine the actual attack vector:

for LFI it seems to be really easy...

trigger "../../"

suggestions?

History

#1
Updated by Lukas Rist almost 3 years ago

  • Status changed from New to Assigned

There is actually something like that, but without any gain. Maybe the code would be a bit clearer if we set up a string, containing information about the attack method.

#2
Updated by Manfred Schilling almost 3 years ago

Replying to [comment:1 glaslos]:

There is actually something like that, but without any gain. Maybe the code would be a bit clearer if we set up a string, containing information about the attack method.

ok. but when you will reach the state of doing some statistics, it should had been put in categories once.

you remember us talking about.

-1, 0, 1, 2, 3

#3
Updated by Lukas Rist almost 3 years ago

Yes, i agree, i will reconsider it as soon, as i will come to more statistics.

Also available in: Atom PDF