Title: 500 HTTP Error... False Positive?
Post by: sgtsteamy on November 14, 2011, 02:48:00 PM
I'm using Wapiti to audit on of my web applications and I was returned with 3 sql injection, 39 blind sql, 27 file handling vulnerabilities, and 9 command execution vulnerabilities.
The thing is... Every single one contained a 500 http error code.
I know the 500 error is the "catch all" error... Basically the server doesn't know what to do with these.
I'd like to go ahead and just try exploiting one of these vulnerabilities to see if it is just a false positive but since I've been assigned to just do vulnerability assessments, it would be wrong and illegal.
So are these false positives? Whats a good way to futher test? Does Wapiti generally return any error as a vulnerability? I know sql injection can return 500 errors but I have a hunch many of these aren't actually vuln.
Title: Re: 500 HTTP Error... False Positive?
Post by: cd1zz on November 14, 2011, 07:32:25 PM
Can you try another tool like sqlmap just to see if you get the same results?