metasploit-framework

https://github.com/rapid7/metasploit-framework

Ruby

Metasploit Framework

Msf::Auxiliary::Web::Analysis::Differential#differential_analysis

Performs differential analysis and logs an issue should there be one.

Fuzzer must provide:
  - #boolean_seeds_for - array of boolean injection strings
   (these are supposed to not alter the webapp behavior when interpreted)
  - #fault_seeds_for - array of fault injection strings
   (these are supposed to force erroneous conditions when interpreted)

Here's how it goes:
* let _default_ be the default/original response
* let _fault_   be the response of the fault injection
* let _bool_	be the response of the boolean injection

A vulnerability is logged if:
 default == bool AND bool.code == 200 AND fault != bool

The "bool" response is also checked in order to determine if it's a custom 404,
if it is it'll be skipped.

Source | Google | Stack overflow

Edit

git clone [email protected]:rapid7/metasploit-framework.git

cd metasploit-framework

open lib/msf/core/auxiliary/web/analysis/differential.rb

Contribute

# Make a new branch

git checkout -b -your-name--update-docs-Msf--Auxiliary--Web--Analysis--Differential-differential_analysis-for-pr

# Commit to git

git add lib/msf/core/auxiliary/web/analysis/differential.rbgit commit -m "better docs for Msf::Auxiliary::Web::Analysis::Differential#differential_analysis"

# Open pull request

gem install hub # on a mac you can `brew install hub`

hub fork

git push <your name> -your-name--update-docs-Msf--Auxiliary--Web--Analysis--Differential-differential_analysis-for-pr

hub pull-request

# Celebrate!