Home → Questions →

Active Scanning of Multi-Step Workflows

• Edit

tester

09 Sep, 2016 04:35 AM

I would like some help with testing an AngularJS application with multiple steps and associated test data as part of a workflow. A comparable use case would be checkout/shopping cart functionality where users enter their address on one page, then their payment info on another page, and then submit the order on yet another page.

I tried using the login_script plugin to navigate the workflow, and started with Step 1 to Step 2 only. Running a scan showed "Login script: Login was successful" and cookies being displayed in the output console. I also did a browser.url, browser.html, and browser.screenshot, and everything looked good with the login_script. However the URL for Step 2 of the workflow was not listed in the Sitemap/Health Map from the results, hence it appears the second step of the workflow was not covered by the scan.

I also tried using --input-value's but perhaps I'm not setting them properly. Is there a recommended approach to perform an active scan of multi-step workflows with appropriate test data for AngularJS apps?

1. Support Staff 1 Posted by Tasos Laskos on 10 Sep, 2016 11:23 AM

   

   Unfortunately not, there currently isn't a way to script multi-step workflows and the login_script is only used to perform log-in operations.

   You can open a feature-request on GH thought: https://github.com/Arachni/arachni/issues

   Cheers

   • Edit

2. 2 Posted by tester on 11 Sep, 2016 05:05 PM

   

   I appreciate your response and will submit a feature request.

   How are input values used? Just wondering if I can use an input list instead of creating a script

   • Edit

3. Support Staff 3 Posted by Tasos Laskos on 12 Sep, 2016 08:04 AM

   

   See: https://github.com/Arachni/arachni/wiki/Command-line-user-interface...

   • Edit

4. Tasos Laskos closed this discussion on 22 Sep, 2016 09:16 AM.