Determine where the scan stopped

When a scan times out, you can determine where it stopped by reviewing QID 150021 Scan Diagnostics. You should see the following lines:

----------

URI parameter manipulation: 31 vulnsigs tests, x requests, y seconds.

Form parameter manipulation: 31 vulnsigs tests, x requests, y seconds.

Login form parameter manipulation: 31 vulnsigs tests, x requests, y seconds.

Path manipulation: 67 vulnsigs tests, x requests, y seconds.

URI blind SQL manipulation: 18 vulnsigs tests, x requests (approx.), y seconds.

Form blind SQL manipulation: 18 vulnsigs tests, x requests (approx.), y seconds.

Login form blind SQL manipulation: 18 vulnsigs tests, x requests (approx.), y seconds.

--------

Important! Scan settings affect information that appears in QID 150021.

If form submission is not allowed, no vulnerability checks will be conducted for these line items: Form parameter manipulation, Login form parameter manipulation, Form blind SQL manipulation, and Login form blind SQL manipulation.

If form submission is allowed (in the option profile) and one or more forms are found during login, then vulnerability checks are conducted for these line items: Login form parameter manipulation and Login form blind SQL manipulation.

Diagnostics for custom vulnerability scans

The QIDs you selected for the scan (in the option profile) affect which lines you see reported inside QID 150021.

Example 1

If you selected only QIDs 150000 and 150004 and allowed form submission, you see these lines:

----------

URI parameter manipulation: 31 vulnsigs tests, x requests, y seconds.

Form parameter manipulation: 31 vulnsigs tests, x requests, y seconds.

Login form parameter manipulation: 31 vulnsigs tests, x requests, y seconds.

Path manipulation: 67 vulnsigs tests, x requests, y seconds.

----------

Example 2

If you selected only QID 150012 and did not allow form submission, you see only the line:

----------

URI blind SQL manipulation: 18 vulnsigs tests, x requests (approx.), y seconds.

----------

See where the scan stopped

Check the last line reported.

Example 1

Let’s say that all QIDs are selected for the scan with form submission allowed, and you receive only these lines:

----------

URI parameter manipulation: 31 vulnsigs tests, x requests, y seconds.

Form parameter manipulation: 31 vulnsigs tests, x requests, y seconds.

----------

This means that the scan stopped during the Form parameter manipulation.

Example 2

Let’s say you scan for QID 150004 and QID 150012 and again with form submission allowed, and you receive only these lines:

----------

Path manipulation: 67 vulnsigs tests, x requests, y seconds.

URI blind SQL manipulation: 18 vulnsigs tests, x requests (approx.), y seconds.

----------

This means the scan stopped during the URI blind SQL manipulation.