Let's start to use Skipfish to scan a specific website/server for vulnerabilities. For the purpose of illustrating an easy example, lets use the XAMPP localhost to scan for vulnerabilities (although you can scan any website URL even those that are found in the Internet).
Assuming you have started XAMPP, MySQL and the local XAMPP Apache server, you can run Skipfish using the steps below:
1.) Launch Terminal
In Terminal (take note of the dot before forward slash):
4.) After executing this command by pressing the enter key, you will then see below:
5.) To proceed, press any key then Skipfish will start the scan with the ongoing results such as shown below:
Terminating the Scan and Viewing the Scan Results
The good thing about Skipfish is that you can terminate the scan anytime (even the scan is not yet complete) and access the partial results. To terminate the scan and view the results, follow the steps below:
1.) While the scan is ongoing (shown in the previous screenshot), press Control – C. This will terminate the scan.
2.) To view the results, you can only the view the results using Firefox web browser by default. To do this, go to outputresults directory where the scan results are dumped:
3.) Once you are inside the outputresults directory, execute the Firefox command to launch the results in the browser. The actual command is: firefox index.html
4.) You should then see the output results such as shown below:
5.) You should then be able to interpret the results easily. Most of the scan results are pretty self-explanatory. It is recommended to pay attention first to high risk vulnerabilities detected by the scan. You can expand those results to read more details.
What to do next? Well you need to educate yourself at understanding and correcting these vulnerabilities, for example if Skipfish is reporting some MySQL injection vulnerabilities in your website you might need to read and learn more about SQL injection. You can use Google to read more details about that vulnerability. A few examples of preventing MySQL injection vulnerability includes implementing strict user input validation in your web application, implementing appropriate user privileges and using mysql_real_escape_string() PHP function.
Related and Important Resources of Skipfish
Below are some useful resources pertaining to the use of Skipfish and interpretation of results/vulnerabilities:
1.) Skipfish detailed documentation (includes both basic and advanced usage): http://code.google.com/p/skipfish/wiki/SkipfishDoc
2.) Common problems with Skipfish and how to fix them: http://code.google.com/p/skipfish/wiki/KnownIssues
3.) Understanding the functionality and features included in Skipfish: http://lcamtuf.blogspot.com/2010/11/understanding-and-using-skipfish.html
4.) Browser security handbook: http://code.google.com/p/browsersec/wiki/Main
5.) The Open web application security project: http://www.owasp.org/index.php/Category:OWASP_Guide_Project
6.) Web Application Security Consortium: -http://www.webappsec.org/projects/articles/
7) Application Security Principle: http://www.owasp.org/index.php/Category:Principle
blog comments powered by Disqus