Embed Size (px)
DESCRIPTION
Online Web Scanner And Admin Finder is a web application vulnerability scanner. It is a web application written in PHP/MYSQL and can be used to test remote, or local, web applications for security vulnerabilities.
Citation preview
I
A
Major Project Report
On
“COMPLETE WEB VULNERABILITIES SCANNER”
Submitted
In fulfillment
For the award of the Degree of
Bachelor of Technology
In Department of Computer Science & Engineering
Submitted To: Submitted By:
Ravi Shankar Sharma Vikas Kumar
Assoc. Professor Enroll No:SGVU101013949
SGVU, Jaipur
Department of Computer Science & Engineering
Suresh Gyan Vihar University
Mahal, Jagatpura, Jaipur
A
Major Project Report
On
“COMPLETE WEB VULNERABILITIES SCANNER”
Submitted
In fulfillment
For the award of the Degree of
Bachelor Of Technology
In Department of Computer Science & Engineering
Submitted To: Submitted By:
Ravi Shankar Sharma Vikas Kumar
Assoc. Professor Enroll No: SGVU101014659
SGVU, Jaipur
Department of Computer Science & Engineering
Suresh Gyan Vihar University
Mahal, Jagatpura, Jaipur
Candidate’s Declaration
I hereby that the work, which is being presented in the Major Project, entitled “COMPLETE WEB
VULNERABILITIES SCANNER” in fulfillment for the award of Degree of “Bachelor of Technology” in
Dept. of Computer Science & Engineering with and submitted to the Department of Computer Science&
Engineering, Suresh Gyan Vihar University is a record of my own investigations carried under the
Guidance of Mr. Ravi Shankar Sharma Department of Computer Science & Engineering.
I have not submitted the matter presented in this Major Project any where for the award of any other Degree.
(Name and Signature of Candidate)
Vikas Kumar
Enrolment No: SGVU101013949
Counter Singed by
Name (s) of Supervisor (s)
Mr Ravi Shankar Sharma
Associate Professor, CSE Dept
Suresh Gyan Vihar University
CERTIFICATE
This is to certify that the major project entitled “COMPLETE WEB VULNERABILITIES
SCANNER” submitted by Vikas Kumar of Semester VII is a bona-fide account of the work
done by him/her under our supervision, during the academic year 2013-2014.
Mr. Ravi Shankar Sharma Mr. Kamlesh Lakhwani
(Project In-charge) (Head, Department of C.S.)
ACKNOWLEDGEMENT
The successful completion of my project can be attributed to the combined efforts made by me and the
contribution made in one form or other by the individuals I hereby acknowledge. First and foremost thank
God Almighty for giving me all strength, courage and blessings to design and complete this project. I wish
to extend my sincere gratitude to the management and our honorable Principle, Mr. Dinesh Goyal for
providing me the valuable opportunity to this project. I express my sincere gratitude to our Head of the
Information Computer Science Department, Mr Kamlesh Lakhwani.I also thank her for her sincere help
and support.
Words fail to thank adequately our project-in-charge and Project guide Mr. Ravi Shankar Sharma who
gave me all supports and helped me to clear all confusions regarding the project. And last but not the least; I
thank my family members and my friends for providing me moral support to achieve my goal.
Thanking you
Mr Ravi Shankar Sharma
ABSTRACT
Complete Web Vulnerabilities Scanner is developed for creating scanning whole webpage of websites .
This web application is to be conceived in its current form as a dynamic site- requiring constant updates
both from the clients as well as the developer. On the whole the objective of the project is to remove the
vulnerabilities which is founded by this application.
A great number of web application vulnerabilities are leveraged through client-side submission of
unexpected inputs. While it is clear these vulnerabilities are complex and widespread, what is not clear is
why after over a decade of effort they remain so prevalent. This paper explores a number of methods for
combatting this class of threats and assesses why they have not proven more successful. The paper describes
the current best practices for minimizing these vulnerabilities and points to promising research and
development in the field.
TABLE OF CONTENTS
Certificate
Acknowledgements
Abstract Page No:
1. Introduction -------------------------------------------------------------------------------------------------------- 01
2. System Analysis ---------------------------------------------------------------------------------------------------- 02
2.1. Existing system ------------------------------------------------------------------------------------------------ 02
2.2. Proposed System ---------------------------------------------------------------------------------------------- 02
2.3. Feasible Study -------------------------------------------------------------------------------------------------- 03
2.3.1. Economic feasibility ----------------------------------------------------------------------------------- 03
2.3.2. Technical feasibility ----------------------------------------------------------------------------------- 04
2.3.3. Operational feasibility --------------------------------------------------------------------------------- 04
3. System Requirement Specification ---------------------------------------------------------------------------- 05
3.1. Introduction ---------------------------------------------------------------------------------------------------- 05
3.2. Functional Requirement ------------------------------------------------------------------------------------- 06
3.3. System Configuration ---------------------------------------------------------------------------------------- 08
3.3.1. Hardware Configuration ----------------------------------------------------------------------------- 08
3.3.2. Software Configuration ------------------------------------------------------------------------------ 08
3.4. About the developing system ------------------------------------------------------------------------------- 09
3.4.1. Front end tool ----------------------------------------------------------------------------------------- 09
3.4.2. Back end tool ------------------------------------------------------------------------------------------ 09
3.5. Operating System --------------------------------------------------------------------------------------------- 10
4. System Design ----------------------------------------------------------------------------------------------------- 11
4.1. Module Design ------------------------------------------------------------------------------------------------ 11
4.1.1. Entity and Attributes --------------------------------------------------------------------------------- 11
4.2. Logical System Design -------------------------------------------------------------------------------------- 12
4.2.1. ERD ---------------------------------------------------------------------------------------------------- 13
4.2.2. DFE ----------------------------------------------------------------------------------------------------- 14
4.2.3. User Case Diagram ----------------------------------------------------------------------------------- 17
4.3. Physical System Design ------------------------------------------------------------------------------------- 18
4.3.1. Architectural Design --------------------------------------------------------------------------------- 20
4.3.2. Interface Design -------------------------------------------------------------------------------------- 20
4.3.3. Database Design -------------------------------------------------------------------------------------- 21
4.4. Normalization ------------------------------------------------------------------------------------------------- 22
5. Software Testing -------------------------------------------------------------------------------------------------- 23
5.1. Strategic approach to software testing --------------------------------------------------------------------- 23
5.1.1. Unit testing -------------------------------------------------------------------------------------------- 23
5.1.2. Conditional testing ----------------------------------------------------------------------------------- 24
5.1.3. Basic Path testing ------------------------------------------------------------------------------------- 24
5.1.4. Loop testing ------------------------------------------------------------------------------------------- 25
6. Screenshots --------------------------------------------------------------------------------------------------------- 26
6.1. Front End Screenshot ---------------------------------------------------------------------------------------- 26
6.2. Back End Screenshot ----------------------------------------------------------------------------------------- 34
7. Security Analysis of Website ----------------------------------------------------------------------------------- 36
8. Future Enhancement ---------------------------------------------------------------------------------------------- 41
9. Conclusion --------------------------------------------------------------------------------------------------------- - 42
10. Bibliography ----------------------------------------------------------------------------------------------------- 43
1. INTRODUCTION
Complete web vulnerabilities scanner is used to find the websites bug and after that it shows the
types of bug on that websites. This project is developed in PHP and MYSQL .As we know an ever-
increasing number of high profile data breaches have plagued organizations over the past decade. A great
number of these come about via so called ‘injection attacks’; the submission of malic ious code to a web
application. Indeed, the Open Source Web Application Security Project (OWASP), the leading organization
in the field of web app security states; “How data input is handled by Web applications is arguably the most
important aspect of security.”
Two factors increase the stakes of the cyber struggle. Tactically and operationally, the increasing
dependence of modern technologically advanced forces on networks and information systems create new
kinds of exploitable vulnerabilities. Second, as modern societies including the militaries that mirror them
have continued to evolve, they have become ever more dependent on a series of interconnected, increasingly
vulnerable “critical infrastructures” for their effective functioning. These infrastructures not only have
significantly increased the day-to-day efficiency of almost every part of our society, but they have also
introduced new kinds of vulnerabilities.
2. System Analysis
System analysis is an important phase of any system development process. The system is studied to the
minute details and analyzed. The system analyst plays the role of an interrogator and dwells deep into the
working of the present system. In analysis, a detailed study of these operations performed by a system and
their relationships within and outside the system is done. A key question considered here is, “what must be
done to solve the problem?” The system is viewed as a whole and the inputs to the system are identified.
Once analysis is completed the analyst has a firm understanding of what is to be done.
This project is aimed at developing a web-based for a company. This document provides details about
the entire software requirements specification for the CWVS. The project Complete Web Vulnerabilities
Scanner(CWVS) is aimed at developing a web-based and more efficient crawler and Scanner form
EXISTING SYSTEM.
Input injection attacks may serve a number of ends. Generally, they are preferred by malicious users as a
way to obtain restricted data from a back end database or to embed malicious code onto a web server that
will in turn serve up malware to unsuspecting clients. These clients may find their credentials or personal
information exfiltrated as a result.
1.1 PROPOSED SYSTEM
This system tends to replace the existing manual system for the scanning process which is a time
consuming, less interactive and highly expensive. The main features of this system will be creating report
and find various types of vulnerabilities, storing Scanning data, process initiation, and after that it generates
a report of whole scanned websites.
Advantages of the Proposed System:
User friendly registration System
Fastest Wed Spider/Crawler
Easy to control Session
Free Registration
Wide range of Tests
Fastest Scanner
Search for a particular Websites if Once it is used
1.2 FEASIBILITY STUDY:
A feasibility study is a test of system proposal according to its workability, impact on the
organization, ability to meet user needs and effective use of resources. The objective of feasibility study is
not to solve the problem, but to acquire a sense of its scope. During the study, the problem definition is
crystallized and aspects of the problem to be included in the system are determined, consequently costs and
benefits are estimated with greater detail at this stage. The result of the feasibility study is a system formal
proposal. This is simply a form of documenting or detailing the nature and scope of proposed solutions. The
proposal summarizes what is known and what is going to be done. Three key considerations involved in the
feasibility analysis:
Economic feasibility
Technical feasibility
Operational feasibility
1.2.1 ECONOMIC FEASIBILITY:
Economic analysis is the most frequently used method for comparing the cost with the benefit or in-
come that is expected from developed system. A system can be developed technically and that will be used
if installed must still be a good investment for the organization. In the economical feasibility, the
development cost in creating the system is evaluated against the ultimate benefit derived from the new
systems. Financial benefits must equal or exceed the costs.
1.2.2 TECHNICAL FEASIBILITY:
The feasibility center on the existing computer system (software, hardware) and to what extend it can
support the proposed addition. The technical issue usually raised during the feasibility stage of the
investigation includes the following:
Does the necessary technology exist to do what is suggested?
Do the proposed equipments have the technical capacity to hold the data required to use the new
system?
Will the proposed system provide adequate response to inquiries, regardless of the number or location of
users?
Can the system be upgraded if developed?
Are there technical guarantees of accuracy, reliability, ease of access and data security?
1.2.3 OPERATIONAL FEASIBILITY:
Proposed projects are beneficial only if they can be turned out into information system. That will meet
the organization’s operating requirements. Operational feasibility aspects of the project are to be taken as an
important part of the project implementation. Some of the important issues raised are to test the operational
feasibility of a project includes the following: -
Is there sufficient support for the management from the users?
Will the system be used and work properly if it is being developed and implemented?
Will there be any resistance from the user that will undermine the possible application benefits?
This system is targeted to be in accordance with the above-mentioned issues. Beforehand, the management
issues and user requirements have been taken into consideration. So there is no question of resistance from
the users that can undermine the possible application benefits.
The well-planned design would ensure the optimal utilization of the computer resources and would help in
the improvement of performance status.
3. SYSTEM REQUIREMENT SPECIFICATION
3.1. INTRODUCTION
Purpose: The main purpose for preparing this document is to give a general insight into the analysis and
requirements of the existing system or situation and for determining the operating characteristics of the
system. This document provides details about the entire software requirements specification for the
Complete Web Vulnerabilities Scanner. The project Complete Web Vulnerabilities Scanner is aimed at
developing a web-based Scanner of a all company and organization.
Scope: This Document plays a vital role in the development life cycle (SDLC) and it describes the complete
requirement of the system. It is meant for use by the developers and will be the basic during testing phase.
Any changes made to the requirements in the future will have to go through formal change approval
process.
3.2. FUNCTIONAL REQUIREMENTS:
OUTPUT DESIGN
Outputs from computer systems are required primarily to communicate the results of processing to users.
They are also used to provide a permanent copy of the results for later consultation. The various types of
outputs in general are:
1 External Outputs, whose destination is outside the organization,.
2 Internal Outputs whose destination is with in organization and they are the
3 User’s main interface with the computer.
4 Operational outputs whose use is purely with in the computer department.
5 Interface outputs, which involve the user in communicating directly with
OUTPUT DEFINITION
The outputs should be defined in terms of the following points:
Type of the output
Content of the output
Format of the output
Location of the output
Frequency of the output
Volume of the output
Sequence of the output
It is not always desirable to print or display data as it is held on a computer. It should be decided as which
form of the output is the most suitable.
For Example
Will decimal points need to be inserted
Should leading zeros be suppressed.
Output Media:
In the next stage it is to be decided that which medium is the most appropriate for the output. The main
considerations when deciding about the output media are:
1 The suitability for the device to the particular application.
2 The need for a hard copy.
3 The response time required.
4 The location of the users
5 The software and hardware available.
Keeping in view the above description the project is to have outputs mainly coming under the category of
internal outputs. The main outputs desired according to the requirement specification are:
The outputs were needed to be generated as a hot copy and as well as queries to be viewed on the screen.
Keeping in view these outputs, the format for the output is taken from the outputs, which are currently being
obtained after manual processing. The standard printer is to be used as output media for hard copies.
INPUT DESIGN
Input design is a part of overall system design. The main objective during the input design is as given
below:
To produce a cost-effective method of input.
To achieve the highest possible level of accuracy.
To ensure that the input is acceptable and understood by the user.
INPUT STAGES:
The main input stages can be listed as below:
Data recording
Data transcription
Data conversion
Data verification
Data control
Data transmission
Data validation
Data correction
INPUT TYPES:
It is necessary to determine the various types of inputs. Inputs can be categorized as follows:
External inputs, which are prime inputs for the system.
Internal inputs, which are user communications with the system.
Operational, which are computer department’s communications to the system?
Interactive, which are inputs entered during a dialogue.
INPUT MEDIA:
At this stage choice has to be made about the input media. To conclude about the input media consideration
has to be given to;
Type of input
Flexibility of format
Speed
Accuracy
Verification methods
Rejection rates
Ease of correction
Storage and handling requirements
Security
Easy to use
Portability
Keeping in view the above description of the input types and input media, it can be said that most of the
inputs are of the form of internal and interactive. As Input data is to be the directly keyed in by the user, the
keyboard can be considered to be the most suitable input device.
ERROR AVOIDANCE
At this stage care is to be taken to ensure that input data remains accurate form the stage at which it is
recorded upto the stage in which the data is accepted by the system. This can be achieved only by means of
careful control each time the data is handled.
ERROR DETECTION
Even though every effort is make to avoid the occurrence of errors, still a small proportion of errors is
always likely to occur, these types of errors can be discovered by using validations to check the input data.
DATA VALIDATION
Procedures are designed to detect errors in data at a lower level of detail. Data validations have been
included in the system in almost every area where there is a possibility for the user to commit errors. The
system will not accept invalid data.
3.3. SYSTEM CONFIGURATION:
The successful running of any project primarily depends upon hardware and software used in its
compilation. The hardware used in the machine should be such that it supports the software that is to be
mounted for assembling the project. This project deals with the hardware and software, which is available
readily and easy on each and every machine given to the user.
Hardware Requirements:
Machine : Pentium IV or higher
Clock Speed : 500 MHz or higher
System Memory : 512 MB and above
Hard Disk Space : 20 GB and above
Software Requirements:
Operating System : Windows XP / 7 or higher
RDBMS : MySQL
Web Server : Xampp server, Wampp Server
Front-end : PHP, JAVASCRIPT, HTML, CSS
Communication Requirements:-
Web Browser IE-9, Chrome 28, Firefox 18 or higher version.
Local intranet and internet protocols.
Supports all HTTPS,SMTPS and POP3 services.
3.4. ABOUT THE DEVELOPING PROJECT
The project has developed in PHP 5 as front end and MySQL as back end. We use XAMPP server at
the time of development.
3.4.1. FRONT END TOOL: PHP 5
PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-
purpose scripting language that is especially suited for web development and can be embedded into HTML.
What distinguishes PHP from something like client-side JavaScript is that the code is executed on the
server, generating HTML which is then sent to the client. The client would receive the results of running
that script, but would not know what the underlying code was. You can even configure your web server to
process all your HTML files with PHP, and then there's really no way that users can tell what you have up
your sleeve.
The best things in using PHP are that it is extremely simple for a newcomer, but offers many advanced
features for a professional programmer. Don't be afraid reading the long list of PHP's features. You can
jump in, in a short time, and start writing simple scripts in a few hours
3.4.2. BACK END TOOL: MYSQL
MySQL is the world's most popular open source database software, with over 100 million copies of
its software downloaded or distributed throughout it's history. With its superior speed, reliability, and ease
of use, MySQL has become the preferred choice for Web, Web 2.0, SaaS, ISV, Telecom companies and
forward-thinking corporate IT Managers because it eliminates the major problems associated with
downtime, maintenance and administration for modern, online applications.
Many of the world's largest and fastest-growing organizations use MySQL to save time and money
powering their high-volume Web sites, critical business systems, and packaged software — including
industry leaders such as Yahoo!, Alcatel-Lucent, Google, Nokia, YouTube, Wikipedia, and Booking.com.
The flagship MySQL offering is MySQL Enterprise, a comprehensive set of production-tested software,
proactive monitoring tools, and premium support services available in an affordable annual subscription.
MySQL is a key part of LAMP (Linux, Apache, MySQL, PHP / Perl / Python), the fast-growing open
source enterprise software stack. More and more companies are using LAMP as an alternative to expensive
proprietary software stacks because of its lower cost and freedom from platform lock-in.
MySQL was originally founded and developed in Sweden by two Swedes and a Finn: David Axmark, Allan
Larsson and Michael "Monty" Widenius, who had worked together since the 1980's.
3.5. OPERATING SYSTEM:
This project is platform independent so you can run it in many OS like windows XP, window7, window8,
Ubuntu 10 or above , and Linux based OS with the help of supported browser (IE 9 or above) .
4. SYSTEM DESIGN
4.1. Modules of project
Software design sits at the technical kernel of the software engineering process and is applied
regardless of the development paradigm and area of application. Design is the first step in the development
phase for any engineered product or system. The designer’s goal is to produce a model or representation of
an entity that will later be built. Beginning, once system requirement have been specified and analyzed,
system design is the first of the three technical activities -design, code and test that is required to build and
verify software.
The importance can be stated with a single word “Quality”. Design is the place where quality is
fostered in software development. Design provides us with representations of software that can assess for
quality. Design is the only way that we can accurately translate a customer’s view into a finished software
product or system. Software design serves as a foundation for all the software engineering steps that follow.
Without a strong design we risk building an unstable system – one that will be difficult to test, one whose
quality cannot be assessed until the last stage.
During design, progressive refinement of data structure, program structure, and procedural details
are developed reviewed and documented. System design can be viewed from either technical or project
management perspective. From the technical point of view, design is comprised of four activities –
architectural design, data structure design, interface design and procedural design.
Module I: New User
The new user has to register in order to login for the first time. Then he can use the service of scanner and
crawler and shows the vulnerable pages of scanned websites and also know the types of vulnerabilities.
Module II: Existing User
In this Section user can only login the page and after that they are able to use this services of security issues
of the particular websites.
Module III: Admin
Basically work of admin is to manage the database as well as users problem. Admin has the full privilege to
see any users profile and can make any changes. Admin can also delete user.
4.2. Logical system design
The most creative and challenging phase of the system life cycle is system design. The term design
describes a final system and the process by which it is developed. It refers to the technical specifications that
will be applied in implementing the proposed system. It also includes the construction of program and
designing of output, input, code, database and process of the system.
4.2.1. ENTITY RELATIONSHIP DIAGRAMS
An ER model is an abstract way to describe a database.
Fig.1
4.2.2. DATAFLOW DIAGRAM
Dataflow diagram is used to define the flow of the system and their resources .It is the way of
expressing system requirements in a graphical manner. It is one of the most ingenious tools used for
structured analysis. It is the starting point of design phase.
A full description of a system actually consists of a set of data flow diagrams. Using two familiar notations
Yourdon, Gane and Sarson notation develops the data flow diagrams. Each component in a DFD is labeled
with a descriptive name. Process is further identified with a number that will be used for identification
purpose. The development of DFD’S is done in several levels. Each process in lower level diagrams can be
broken down into a more detailed DFD in the next level. The lop-level diagram is often called context
diagram. It consists a single process bit, which plays vital role in studying the current system. The process
in the context level diagram is exploded into other process at the first level DFD.
The idea behind the explosion of a process into more process is that understanding at one level of detail is
exploded into greater detail at the next level. This is done until further explosion is necessary and an
adequate amount of detail is described for analyst to understand the process.
Larry Constantine first developed the DFD as a way of expressing system requirements in a
graphical from, this lead to the modular design.
A DFD is also known as a “bubble Chart” has the purpose of clarifying system requirements and identifying
major transformations that will become programs in system design. So it is the starting point of the design
to the lowest level of detail. A DFD consists of a series of bubbles joined by data flows in the system.
Crawler DFD
Crawler Queue DFD
Crawler Fetch DFD
Overall DFD
4.2.3. USECASE DIAGRAM:
In designing an efficient and effective system it is important to consider usecase diagram. Usecase diagram
is one of the five diagrams in YML or modeling the dynamic aspects of the system.usecase diagram is
central to modeling the behavior of a system, a subsystem or a class. Usecase diagram are more important
for visualizing, specifying and make systems, subsystems and classes approachable and view of how those
elements may be used in context.
Crawl webpage
Vulnerabilities
Sign Out
Scan Webpages
Find Result
Test Log
4.2.4. PHYSICAL SYSTEM DESIGN
This produces the working system by defining the design specifications that tell the programmers
exactly what the candidate system must do.
4.2.5. ARCHITECTURAL DESIGN
Architectural design is a comprehensive framework that describes its form and a structure its
components and how they fit together. Architectural design is a software component that can be something
as simple as program module, but it can also be extended to include database and middleware that enable
the configuration of a network of client and servers. This project consists of different modules. The
Administrator module helps the administration of the entire site. The administrator will decide which
department should view the complaint.
4.2.6. INTERFACE DESIGN
Interface design creates an effective communication medium between a human and a computer. In
this project it is the communication between Administrator and station in-charge design. Since this project
requires a database, the client machines require proper connection with the server machine. The users will
interact with the software through the user friendly web pages.
4.2.7. DATABASE DESIGN
Database design is the most important part of the system design phase. In a database environment
common data are available and are used by several users. Instead of each program managing its own data,
authorized users share data across application with the database software managing the data as an entity. In
our project both the administrator and station in-charge share the crime details and criminal details. The
primary objective of database design is fast response time to inquire, more information at low cost, control
of redundancies, clarity and ease of use, data and program independencies, accuracy and integrity of the
system.
Entities with Attributes:
1. User :
o Username
o Email
o Password
2. Vulnerabilities:
o Id
o Name
o Description
o Solution
o Priority
o Priority Num
3. Tests:
o Id
o Status
o numUrlsFound
o Type
o Num_requests_send
o Start_timestamp
o Finish_timestamp
o Scan_finished
o Url
o Username
o Urls_found
4. Test_results:
o Test_id
o Type
o Method
o Url
o Attack_str
4.3. NORMALIZATION
It is a process of converting a relation to a standard form. The process is used to handle the problems that
can arise due to data redundancy i.e. repetition of data in the database, maintain data integrity as well as
handling problems that can arise due to insertion, updation, deletion anomalies.
Decomposing is the process of splitting relations into multiple relations to eliminate anomalies and maintain
anomalies and maintain data integrity. To do this we use normal forms or rules for structuring relation.
Insertion anomaly: Inability to add data to the database due to absence of other data.
Deletion anomaly: Unintended loss of data due to deletion of other data.
Update anomaly: Data inconsistency resulting from data redundancy and partial update
Normal Forms: These are the rules for structuring relations that eliminate anomalies.
FIRST NORMAL FORM:
A relation is said to be in first normal form if the values in the relation are atomic for every attribute in the
relation. By this we mean simply that no attribute value can be a set of values or, as it is sometimes
expressed, a repeating group.
SECOND NORMAL FORM:
A relation is said to be in second Normal form is it is in first normal form and it should satisfy any one of
the following rules.
1) Primary key is a not a composite primary key
2) No non key attributes are present
3) Every non key attribute is fully functionally dependent on full set of primary key.
THIRD NORMAL FORM:
A relation is said to be in third normal form if their exits no transitive dependencies.
Transitive Dependency: If two non-key attributes depend on each other as well as on the primary key then
they are said to be transitively dependent. The above normalization principles were applied to decompose
the data in multiple tables thereby making the data to be maintained in a consistent state.
5. SYSTEM TESTING
Testing is the process of executing the program to find if there are any errors. It is the final verification and
validation activity .In testing phase we have tried to affirm the quality of the product. We have also tried to
eliminate errors in the previous stages.
Why testing is done
Testing is the process of running a system with the intention of finding errors.
Testing enhances the integrity of a system by detecting deviations in design and errors in the
system.
Testing aims at detecting error-prone areas. This helps in the prevention of errors in a system.
Testing also add value to the product by confirming to the user requirements.
Causes of Errors
The most common causes of errors in a software system are:
Communication gap between the developer and the business decision maker: A communication
gap between the developer and the business decision maker is normally due to subtle differences
between them. The differences can be classified into five broad areas: Thought process, Background
and Experience, Interest, Priorities, Language.
Time provided to a developer to complete the project: A common source of errors in projects
comes from time constraints in delivering a product. To keep to the schedule, features can be cut. To
keep the features, the schedule can be slipped. Failing to adjust the feature set or schedule when
problems are discovered can lead to rushed work and flawed systems.
Over Commitment by the developer: High enthusiasm can lead to over commitment by the
developer. In these situations, developers are usually unable to adhere to deadlines or quality due to
lack of resources or required skills on the team.
Insufficient testing and quality control: Insufficient testing is also a major source of breakdown
of e-commerce systems during operations, as testing must be done during all phases of development.
Inadequate requirements gathering: A short time to market results in developers starting work on
the Web site development without truly understanding the business and technical requirements.
Also, developers may create client-side scripts using language that may not work on some client
browsers.
Keeping pace with the fast changing Technology: New technologies are constantly introduced.
There may not be adequate time to develop expertise in the new technologies. This is a problem for
two reasons. First, the technology may not be properly implemented. Second, the technology may
not integrate well with the existing environment.
Testing Principles
To discover as yet undiscovered errors.
All tests should be traceable to customer’s requirement.
Tests should be planned long before the testing actually begins.
Testing should begin “in the small” & progress towards “testing in the large”.
Exhaustive Testing is not possible.
To be most effective training should be conducted by an Independent Third Party
Testing Objectives
Testing is a process of executing a program with the intent of finding errors.
A good test case is one that has a high probability of finding an as yet undiscovered error.
A successful test is one that uncovers an as yet undiscovered error.
Kinds of Testing
Black Box Testing- Not based on any knowledge of internal designs or code. Tests are based on
requirements and functionality.
White Box Testing- Based on the knowledge of the internal logic of an application’s code. Tests are
based on coverage of code statements, branches, paths and statements.
Unit Testing- The most ‘micro’ scale of testing; to test particular functions and code modules.
Typically done by the programmer and not by the testers, as it requires detailed knowledge of the
internal program design and code. Not always easily done unless the application has a well-designed
architecture with tight code; may require developing test driver modules or test harnesses.
Integration Testing- Testing of combined parts of an application to determine if they function
together correctly. The ‘parts’ can be code modules, individual applications, client and server
applications on a network, etc. This type of testing is especially relevant to client/ server and
distributed systems.
Functional Testing- Black-box type testing geared to functional requirements of an application;
testers should do this type of testing. This doesn’t mean that the programmers shouldn’t check that
their code works before releasing it.
Regression Testing- Re-testing after fixes or modifications of the software or its environment. It is
difficult to determine how much re testing is needed, especially near the end of the development
cycle. Automated testing tools can be especially useful for this type of testing.
Acceptance Testing- Final testing based on the specifications of the end user or customer or based
on use by end-users/ customers over some limited period of time.
User Acceptance Testing- Determining if software is satisfactory to an end user customer.
5.1. STRATEGIC APPROACH TO SOFTWARE TESTING
The software engineering process can be viewed as a spiral. Initially system engineering defines the role of
software and leads to software requirement analysis where the information domain, functions, behavior,
performance, constraints and validation criteria for software are established. Moving inward along the
spiral, we come to design and finally to coding. To develop computer software we spiral in along
streamlines that decrease the level of abstraction on each turn.
A strategy for software testing may also be viewed in the context of the spiral. Unit testing begins at the
vertex of the spiral and concentrates on each unit of the software as implemented in source code. Testing
progress by moving outward along the spiral to integration testing, where the focus is on the design and the
construction of the software architecture. Talking another turn on outward on the spiral we encounter
validation testing where requirements established as part of software requirements analysis are validated
against the software that has been constructed. Finally we arrive at system testing, where the software and
other system elements are tested as a whole.
5.1.1. Unit Testing
Unit testing focuses verification effort on the smallest unit of software design, the module. The unit testing
we have is white box oriented and some modules the steps are conducted in parallel.
White Box Testing
This type of testing ensures that
All independent paths have been exercised at least once.
All logical decisions have been exercised on their true and false sides.
All loops are executed at their boundaries and within their operational bounds.
All internal data structures have been exercised to assure their validity.
To follow the concept of white box testing we have tested each form .we have created independently to
verify that Data flow is correct, All conditions are exercised to check their validity, All loops are executed
on their boundaries.
5.1.2. BASIC PATH TESTING
Established technique of flow graph with cyclomatic complexity was used to derive test cases for all the
functions. The main steps in deriving test cases were:
Use the design of the code and draw correspondent flow graph.
5.1.3. CONDITIONAL TESTING
In this part of the testing each of the conditions were tested to both true and false aspects. And all the
resulting paths were tested. So that each path that may be generate on particular condition is traced to
uncover any possible errors.
5.1.4. DATA FLOW TESTING
This type of testing selects the path of the program according to the location of definition and use of
variables. This kind of testing was used only when some local variable were declared. The definition-use
chain method was used in this type of testing. These were particularly useful in nested statements.
5.1.5. LOOP TESTING
In this type of testing all the loops are tested to all the limits possible. The following exercise was adopted
for all loops:
All the loops were tested at their limits, just above them and just below them.
All the loops were skipped at least once.
For nested loops test the inner most loop first and then work outwards.
For concatenated loops the values of dependent loops were set with the help of connected loop.
Unstructured loops were resolved into nested loops or concatenated loops and tested as above.
Each unit has been separately tested by the development team itself and all the input have been validated.
6. SCREENSHOT
6.1. FRONT END SCREENSHOT
Index page:
Fig.5
Registration Page:
Login Page
About Us:
Crawler:
Scanner:
Scan History:
Report:
6.2. BACK END SCREENSHOT
Cwvs:
Test:
Test Structure:
Test_results:
User:
User Structure:
Vulnerabilities:
Vulnerabilities Structure:
7.Security Analysis Of Website:
Security is the most important part of any website or development process which is related to internet. We
have done a lot of studies on different kinds of websites related to PHP, HTML, Java –Script and CSS to
make our website more and more secure. In context of that we found a lot of vulnerabilities and traced
several me thods for securing this. For that we made some protections and developments in it. Secured
from:-
Sql injection
XSS
File upload
Sql injection:
SQL Injection is one of the many web attack mechanisms used by hackers to steal data from organizations.
It is perhaps one of the most common application layer attack techniques used today. It is the type of attack
that takes advantage of improper coding of your web applications that allows hacker to inject SQL
commands into say a login form to allow them to gain access to the data held within your database.
In essence, SQL Injection arises because the fields available for user input allow SQL statements to pass
through and query the database directly.
Why is it possible to pass SQL queries directly to a database that is hidden behind a firewall and any
other security mechanism?
Firewalls and similar intrusion detection mechanisms provide little or no defense against full-scale SQL
Injection web attacks.
Since your website needs to be public, security mechanisms will allow public web traffic to communicate
with your web application/s (generally over port 80/443). The web application has open access to the
database in order to return (update) the requested (changed) information.
In SQL Injection, the hacker uses SQL queries and creativity to get to the database of sensitive corporate
data through the web application.
SQL or Structured Query Language is the computer language that allows you to store, manipulate, and
retrieve data stored in a relational database (or a collection of tables which organise and structure data). SQL
is, in fact, the only way that a web application (and users) can interact with the database. Examples of
relational databases include Oracle, Microsoft Access, MS SQL Server, MySQL, and Filemaker Pro, all of
which use SQL as their basic building blocks.
SQL commands include SELECT, INSERT, DELETE and DROP TABLE. DROP TABLE is as ominous as
it sounds and in fact will eliminate the table with a particular name.
What is the impact of SQL Injection?
Once an attacker realizes that a system is vulnerable to SQL Injection, he is able to inject SQL Query /
Commands through an input form field. This is equivalent to handing the attacker your database and
allowing him to execute any SQL command including DROP TABLE to the database!
An attacker may execute arbitrary SQL statements on the vulnerab le system. This may compromise the
integrity of your database and/or expose sensitive information. Depending on the back-end database in use,
SQL injection vulnerabilities lead to varying levels of data/system access for the attacker. It may be possible
to manipulate existing queries, to UNION (used to select related information from two tables) arbitrary data,
use sub selects, or append additional queries.
In some cases, it may be possible to read in or write out to files, or to execute shell commands on the
underlying operating system. Certain SQL Servers such as Microsoft SQL Server contain stored and
extended procedures (database server functions). If an attacker can obtain access to these procedures, it
could spell disaster.
Unfortunately the impact of SQL Injection is only uncovered when the theft is discovered. Data is being
unwittingly stolen through various hack attacks all the time. The more expert of hackers rarely get caught. \
Prevention: In this website we use secure coding to to prevent it from sql injection like we filter script like
quote(‘). On my manual testing on this software we found that website is secure from sql attack.
XSS(Cross site scripting)
Hackers are constantly experimenting with a wide repertoire of hacking techniques to compromise websites
and web applications and make off with a treasure trove of sensitive data including credit card numbers,
social security numbers and even medical records.Cross Site Scripting (also known as XSS or CSS) is
generally believed to be one of the most common application layer hacking techniques.
In the pie-chart below, created by the Web Hacking Incident Database for 2011 (WHID) clearly shows that
whilst many different attack methods exist, SQL injection and XSS are the most popular. To add to this,
many other attack methods, such as Information Disclosures, Content Spoofing and Stolen Credentials
could all be side-effects of an XSS attack
Attacking scenario is shown ih the above diagram that how much exploit techniques can be used
regarding security issues. Here we can see that the maximum percentage is of XSS attack which is a
major issue for a now days security. Today, websites rely heavily on complex web applications to deliver
different output or content to a wide variety of users according to set preferences and specific needs. This
arms organizations with the ability to provide better value to their customers and prospects. However,
dynamic websites suffer from serious vulnerabilities rendering organizations helpless and prone to cross site
scripting attacks on their data.
"A web page contains both text and HTML markup that is generated by the server and interpreted by the
client browser. Web sites that generate only static pages are able to have full control over how the browser
interprets these pages. Web sites that generate dynamic pages do not have complete control over how their
outputs are interpreted by the client. The heart of the issue is that if mistrusted content can be introduced
into a dynamic page, neither the web site nor the client has enough information to recognize that this has
happened and take protective actions." (CERT Coordination Center).
Cross Site Scripting allows an attacker to embed malicious JavaScript, VBScript, ActiveX, HTML, or Flash
into a vulnerable dynamic page to fool the user, executing the script on his machine in order to gather data.
The use of XSS might compromise private information, manipulate or steal cookies, create requests that can
be mistaken for those of a valid user, or execute malicious code on the end-user systems. The data is usually
formatted as a hyperlink containing malicious content and which is distributed over any possible means on
the internet.
As a hacking tool, the attacker can formulate and distribute a custom-crafted CSS URL just by using a
browser to test the dynamic website response. The attacker also needs to know some HTML, JavaScript and
a dynamic language, to produce a URL which is not too suspicious-looking, in order to attack a XSS
vulnerable website.
Any web page which passes parameters to a database can be vulnerable to this hacking technique. Usually
these are present in Login forms, Forgot Password forms, etc…
N.B. Often people refer to Cross Site Scripting as CSS or XSS, which is can be confused with Cascading
Style Sheets (CSS).
File upload:
This vulnerability is very dangerous. At uploading point hacker take advantage and upload shell in website.
If shell is successfully uploaded by hacker then he/she can do any thing with your website as well as server.
Shell provide interaction between software and hardware. Hacker can destroy your whole software from
server and steal your confidential information.
Prevention: To make safety from this type of attack we use pre-defined secured code which is coded by
OWASP. We use it both side server as well as client side. This Project is fully tested by the Security Analyst
and fix all the bug.
8. FUTURE ENHANCEMENT
Nothing can be ended in a single step. It is the fact that nothing is permanent in this world. So this
project also has some future enhancements in the evergreen and booming IT industry. Change is inevitable.
The project entitled “Complete Web Vulnerabilities Scanner” was successfully designed developed and
tested. The system and the architecture is a compatible one, so addition of new modules can be done without
much difficulty. Since this module has its unique properties it can extend further to make this system a
complete one.
Scope
It provides the Security Analyst with all the necessary security issues and its solution to prevent
by the hackers.
It provides the users with all the necessary privileges to access and modify the data intended for them.
It doesn’t entirely replace the existing system but it mostly automize the Scanning process and all the data
used.
Success Criteria
This software automates the manual Scanning process. We believe that once the organization
chooses to use this system, it will eventually recognize the value and necessity of this system and
understand the problems involved in the manual process.
9. CONCLUSION
The project provides much security. The simplicity and friendliness are the advantages of this project. The
Software is made user friendly to the maximum so that anyone can run the software provided he could
access to the system via the login password.
This project manages all details without any risk. All the objectives were met with satisfaction. The
performance of the system is found to be satisfactory.
10.BIBLIOGRAPHY
XAMPP server installation
www.support.mircosoft.com
Development kit
www.adove.com
Book & references
www.w3c.com
www.w3school.com
www.php.net/manual
www.adove.com/in/products/dreamweaver.html
www.html.net
![[ITAS.VN]Black-Box Automated Web Vulnerability Scanner Limitations](https://img.dokumen.tips/doc/110x75/55a507771a28ab0e7b8b467b/itasvnblack-box-automated-web-vulnerability-scanner-limitations.jpg)
