Re: webinspect-Java applets based application (313 Views)
Reply
Occasional Visitor
anandanmuthu
Posts: 1
Registered: ‎01-24-2012
Message 1 of 6 (707 Views)

webinspect-Java applets based application

Hi,

 

Our application is based on Oracle forms.I am not able to audit the applictions because the whole applications runs on java applet on a page. 

Can someone please clarify how to capture login macro for application is based on java applets and audit the application for security vulnerablities.

 

 

thanks in advance

Anandan M.

Valued Contributor
jfapple
Posts: 44
Registered: ‎01-07-2011
Message 2 of 6 (699 Views)

Re: webinspect-Java applets based application

Hi Anandan,

I'm not familiar with Oracle Forms. Is there a demo app on the Internet that we can play with to test login macro recording? Have you tried using a session-based macro? How does the browser applet communicate with the server? Is it using standard HTTP or some other out-of-band socket traffic? It's possible, you may need to manually crawl the site and let WebInspect audit the site from that point.

Jeff

Occasional Visitor
swift_kicker
Posts: 1
Registered: ‎02-07-2012
Message 3 of 6 (672 Views)

Re: webinspect-Java applets based application

Hello Jeff,

 

Thank you for your reply. To add more to anandan's question, our application is based on Oracle Forms. (http://www.oracle.com/technetwork/developer-tools/forms/overview/index.html).

It does not use

 

After entering the url for the app, a separate window opens for the application as shown.

 

Application launch window

 

Now when trying to record a login macro for this, Web Inspect does not recognize the login window. Only the IE window with the original url is detected.

The problem is that the url remains the same no matter what is done in the application. WebInspect does not recognize this. 

 

Any help will be greatly appreciated.

 

Thank you!

 

Frequent Advisor
Atman_1
Posts: 31
Registered: ‎01-04-2011
Message 4 of 6 (655 Views)

Re: webinspect-Java applets based application

Please contact the support. They will help you with your questions. Thanks.

Occasional Visitor
WebScan
Posts: 1
Registered: ‎01-02-2014
Message 5 of 6 (322 Views)

Re: webinspect-Java applets based application

Hi Jeff

 

I am in a similar situation where I have to record a macro for the login/logout site which requires java plugins. When I try to record a macro it uses the default firefox to record a macro and asks to download the plugin. WOuld you advice if there are any settings that needs to be done for the macro recording for the site that requires java plugins?

Respected Contributor
HansEnders
Posts: 613
Registered: ‎07-01-2008
Message 6 of 6 (313 Views)

Re: webinspect-Java applets based application

When the browser requires plugins, you will most likely have trouble using either the Firefox-based (3.x) or the IE-based Web Macro Recorder that comes in WebInspect 10.10. Future releases should update that Firefox to use a modern version. For sites requiring plugins, I would switch to the Web Proxy and record the macro from your actual browser with that.

-- Habeas Data
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.