AnsweredAssumed Answered

Speed up scanning by disabling path manipulation and ws enumeration

Question asked by Anthirian on May 21, 2015
Latest reply on Jun 2, 2015 by WillB

Hi,

 

for one of our customers we're performing weekly scans at night. It is important to the customer the scan only takes place from 00:00 to 08:00, so it doesn't interfere with their daily routine. Over the last couple of months I have scanned this web application multiple times, but the scan diagnostics indicate it spends most of its allotted 8 hours on path manipulation and ws enumeration. This customer was recently made aware of an XSS vulnerability that QualysGuard should have detected. My guess is it hasn't gotten around to scanning this particular page, due to the time running out before being able to test it. I would like to disable path manipulation and ws enumeration in order to test more efficiently, so I have excluded QID 150004 - Path-Based Vulnerabilities from the option profile. However, when I run a new scan it appears it hasn't been disabled fully. Could you please tell me which QIDs are responsible for the path manipulation and ws enumeration, so that I may exclude those as well?

 

Loaded 3 blacklist entries.

Loaded 0 whitelist entries.

Maximum request count reached: 8000

Collected 34378 links overall.

Batch #0 Path manipulation: estimated time < 1 hour (3 tests, 5001 inputs)

Path manipulation: 3 vulnsigs tests, completed 3038 requests, 711 seconds. Completed 3038 requests of 15003 estimated requests (20.2493%). All tests completed.

Batch #0 WS enumeration: estimated time < 3 hours (9 tests, 5001 inputs)

WS enumeration: 9 vulnsigs tests, completed 13671 requests, 3259 seconds. Completed 13671 requests of 45009 estimated requests (30.3739%). All tests completed.

Batch #1 URI parameter manipulation (no auth): estimated time < 3 hours (47 tests, 613 inputs)

Batch #1 URI parameter manipulation (no auth): 47 vulnsigs tests, completed 28335 requests, 4557 seconds. Completed 28335 requests of 28811 estimated requests (98.3479%). XSS optimization removed 624 links. All tests completed.

Blind SQL manipulation - have 613URI parameters,5803 form fields - no tests enabled.

Batch #1 URI blind SQL manipulation (no auth): estimated time < 1 minute (0 tests, 613 inputs)

Batch #1 URI blind SQL manipulation (no auth): 0 vulnsigs tests, completed 0 requests, 0 seconds. No tests to execute.

Batch #1 URI parameter time-based tests (no auth): estimated time < 1 hour (3 tests, 613 inputs)

Batch #1 URI parameter time-based tests (no auth): 3 vulnsigs tests, completed 1839 requests, 1095 seconds. Completed 1839 requests of 1839 estimated requests (100%). All tests completed.

Batch #1 URI parameter manipulation (auth): estimated time < 38 hours (47 tests, 11878 inputs)

Batch #1 URI parameter manipulation (auth): 47 vulnsigs tests, completed 15252 requests, 6685 seconds. Completed 15252 requests of 558266 estimated requests (2.73203%). Module did not finish.

Scan stopped at established time limit in order to report results.

Blind SQL manipulation - have 11878URI parameters,5803 form fields - no tests enabled.

Blind SQL manipulation - have 111URI parameters,5803 form fields - no tests enabled.

Blind SQL manipulation - have 8919URI parameters,5803 form fields - no tests enabled.

Blind SQL manipulation - have 8URI parameters,5803 form fields - no tests enabled.

Blind SQL manipulation - have 8101URI parameters,5803 form fields - no tests enabled.

Total requests made: 75198

Average server response time: 1.14 seconds

Most recent links:

200 http://www.website.com

Scan stopped at established time limit in order to report results.

 

Kind regards,

Geert Smelt

Outcomes