the-web-application-hackers-handbook

600 Chapter 14 n Automating Customized Attacks
Figure 14-7: Cycling through function index values and extracting the title
of each resulting page
Attack 3: Application Fuzzing
In addition to exploiting the bugs already identified, you should, of course, probe
the target application for common vulnerabilities. To ensure decent coverage,
you should test every parameter and request, starting from the login request
onward.
To perform a quick fuzz test of a given request, you need to set payload positions
at all the request parameters. You can do this simply by clicking the auto
button on the positions tab, as shown in Figure 14-8.
You then need to configure a set of attack strings to use as payloads and some
common error messages to search responses for. Intruder contains built-in sets
of strings for both of these uses.
As with the fuzzing attack performed using JAttack, you then need to manually
review the table of results to identify any anomalies that merit further investigation,
as shown in Figure 14-9. As before, you can click column headings to sort
the responses in various ways to help identify interesting cases.