Scanning a Template-based Website Using Acunetix WVS

Scanning a large website very often takes a long time. Using the default settings, Acunetix Web Vulnerability Scanner will first try to identify all the pages using various crawling techniques, and will then proceed to scan the pages that have been identified. While Acunetix WVS does employ various techniques to minimise the scan time, you would sometimes need to fine-tune the scan settings to avoid needless scan delays. In this article, we will look at one technique that can be used to minimise the time taken to scan websites that make use of templates.

Nowadays, websites are mostly dynamic; they are built using a few templates, which are used to create the site’s numerous pages. Data is often retrieved from a database, and inserted into the templates to create the pages. Often, a large site makes use of less than 50 template pages, and often, the vulnerabilities exist and need to be fixed in the template pages.

This guide will assist you in identifying one of many pages using the same template and scanning only that page, rather than scanning all the pages using the same template. This will result in a faster scan. You can perform such a scan either by starting a new scan, or by using crawling results which have been saved from a previous scan.

Starting a New Scan

  1. Initiate a new scan using the scan wizard by clicking on the New Scan button.
  2. In the ‘Scan Type’ page, select ‘Scan single website’ and enter the Website’s URL. Click Next.
  3. On the ‘Options’ page, you need to select the option ‘After Crawling let me choose the files to scan’.
    Choose files to scan
  4. Proceed through the wizard and start the scan. Acunetix WVS will proceed with crawling all the website, and might identify some vulnerabilities in the process.
  5. Once the crawler has finished, you will be asked to select the files you want to scan. At this stage you need to select one page for each template. In our example website, all the product pages are created from a single template. Therefore only product1.htm needs to be selected. The other product pages can be unselected since they are based on the same template.
    Select pages to scan
  6. After selecting one page for each template, you should also remember to scan all the pages which are not based on the any template.
    Note:  You need to ensure that you identify all the templates at this stage, otherwise you run the risk of not scanning sections of your website. Be cautious and consult your development team if necessary.
  7. Click Ok to start the scan on the selected pages.
  8. Optional: After the scan has finished, you might want to save the site structure identified during the crawl so as to avoid crawling the website the next time you want to scan the same site(check note 1). Right click on the Site structure and select ‘Save Crawler Data’.
    Save Crawler Data

Using Saved Crawling Results

If you have saved the Crawler Data from a previous scan, you can re-use this data to scan specific portions of your website. Proceed as if starting a new scan, and in the Scan Wizard, select ‘Scan using saved crawl results’.

Use saved crawling results

Notes

  1. Avoid using the same crawled results over and over again if pages are added and removed from your website frequently.
  2. Make sure that you select at least one page per template used. If you do not do this, you might end up not scanning part of your site for vulnerabilities. Consult your developers in order to identify all the templates.
  3. Further reading: How to Scan a Shopping Cart with an Automated Security Scanner
  • This works most of the cases, but it’s not entirely true. Because usually developers
    add ugly hacks in templates like this:

    if ($product_id==100){
    doThis();
    }

    You will miss vulns in doThis() if you only scan the page product01.htm for example where $product_id is 1

    • Hi an_animal,

      The blog post above applies to websites that adhere strictly to the templates. We do stress that when running a scan as described above, you should check in with the developers, since they will know about such exception pages like the one you mention.

  • why acunetix show different result for same link every time
    When i scanned a link first time it showed a high vulnerability but second time it didnt then again third time it did.

    Why so ?

  • Leave a Reply

    Your email address will not be published.


    *