Bolt – CSRF Scanning Suite

0
11
Bolt - CSRF Scanning Suite

Bolt is in beta part of growth which suggests there may be bugs. Any manufacturing use of this device discouraged. Pull requests and points are welcome. I additionally recommend you to place this repo on watch if you’re excited about it.

Workflow

Crawling

Bolt crawls the goal website to the required depth and shops all of the HTML kinds present in a database for additional processing.

Evaluating

In this part, Bolt finds out the tokens which are not sturdy sufficient and the kinds which are not protected.

Comparing

This part focuses on detection on replay assault situations and therefore checks if a token has been issued a couple of time. It additionally calculates the common levenshtein distance between all of the tokens to see if they’re comparable.

Tokens are additionally in contrast in opposition to a database of 250+ hash patterns.

Observing

In this part, 100 simultaneous requests are made to a single webpage to see if identical tokens are generated for the requests.

Testing

This part is devoted to energetic testing of the CSRF protection mechanism. It contains however not restricted to checking if safety exsists for moblie browsers, submitting requests with self-generated token and testing if token is being checked to a sure size.

Analysing

Various statistical checks are carried out on this part to see if the token is de facto random. Following exams are carried out throughout this part

  • Monobit frequency take a look at
  • Block frequency take a look at
  • Runs take a look at
  • Spectral take a look at
  • Non-overlapping template matching take a look at
  • Overlapping template matching take a look at
  • Serial take a look at
  • Cumultative sums take a look at
  • Aproximate entropy take a look at
  • Random excursions variant take a look at
  • Linear complexity take a look at
  • Longest runs take a look at
  • Maurers common statistic take a look at
  • Random excursions take a look at

Usage
Scanning an internet site for CSRF utilizing Bolt is as simple as doing

python3 bolt.py -u https://github.com -l 2

Where -u is used to provide the URL and -l is used to specify the depth of crawling.
Other choices and switches:

  • -t variety of threads
  • --delay delay between requests
  • --timeout http request timeout
  • --headers provide http headers

Credits
Regular Expressions for detecting hashes are taken from hashID.
Bit stage entropy exams are taken from highfestiva‘s python implementation of statistical exams.

MoreTip.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.