Is there a way to create a QID within the WAS knowledge-base? I would like to scan for LDAP injection vulnerability.
Currently QualysGuard does not support building custom checks in WAS. This is a feature request and we're evaluating possible options but do not currently have a timeframe associated with delivering this feature. I believe it will be near the end of 2014 before this may become a candidate for development.
Hello, Landry. Is there a specific LDAP vulnerability you are looking to test for? A search of the VM KnowledgeBase with "ldap" in the vulnerability title yields 85 results, while a search for "ldap" in the WAS KB yields 263 results - are one of those possibly the issue you're looking for?
There's currently not a way to create a custom WAS signature, but you could create a custom OVAL signature in VM if that would help. https://community.qualys.com/docs/DOC-4284
Feel free to respond here or PM me if you'd like to keep details private.
Hi Jason ,
Thanks for your reply. The issue I'm looking for is LDAP injection within a webapp. That means WAS KB. I checked the 263 results but couldn't find a fit. I'm performing some pentests and I want the crafted payload sent to the webapp's form field(s) to be one that will reveal a potential or confirmed existence of LDAP injection, just like WAS do when testing for SQL injection, XSS or any other vulnerabilities of its KB.
I also wanted to mention that you can filter by 'Web Application' category to see only WAS related vulnerabilities.
It will be great to have such feature. By giving users the capability to customize the checks, they will be enabled to eliminate false positives through specific payloads. Hopefully, we'll see it happening . Thanks for your clarification Will.
Retrieving data ...