Archive for February, 2010

 

User Agent Scanner

Feb 13, 2010 in Security

[SecurePlanet Wiki][SecurePlanet RSS Feed][SecurePlanet RSS Vulnerabilities]

During some of my tests, I found having the correct browser user agent could allow a user to completely skip authentication and bypass the system.  I decided to create a tool that examines the responses from having a different user agent.

You can download the tool from here.

The parameters are very basic, only requiring the site and which types of user agents you want to test against.  The 5 types of user-agent classes are:

Basic – tests all common user agents
Mobile – tests mobile (iphone/cell phone) user agents
Browser – tests all varieties of brower user agents
Search-bots – tests all varieties of server bot agents

I have setup a test site which you could run this against.  Run UserAgentScanner.py against http://www.securepla.net/download/test.php

The only difference between the tool image above and the tool release is that I do not output Lengths which are the same as the test firefox user-agent.  This was done here just to show the demo comparison.

So what I would normally do is find the lengths that are dramatically different from the default firefox agent, use an addon called User Agent Switcher (https://addons.mozilla.org/en-US/firefox/addon/59), and try the appropriate user agent.

Happy hacking.
-Cheetz