ddouhine/GWT support with webscanners #pentest

## GWT support with webscanners #pentest
GWT support (according to the vendors):
Acunetix
NTOSpider
WebInspect
AppScan
ZAP

Tested:
Burp + Gwtscan.jar: works ~
GWT-Penetration-Testing-Toolset:
    gwtenum doesn't works
    gwtparse works ~

To manually find the entry points:

GWT Application Entrypoint Javascript File:
https://FQDN/webapp/webapp.nocache.js

List “Service Interfaces”:
wget https://FQDN/webapp/B7501AF09D1FC5B26E65043C4A20FF0E.cache.html -O GWT-EntryPoint.html; cat GWT-EntryPoint.html | sed 's/com\./&\ncom./g' | awk -F “\'|\;” '{print $1}'| grep -v '\.$' | grep ^com | sort
ex: wget –http-user=user –http-password=pass –no-check-certificate https://FQDN/webapp/B7501AF09D1FC5B26E65043C4A20FF0E.cache.html -O GWT-EntryPoint.html; cat GWT-EntryPoint.html | sed 's/com\./&\ncom./g' | awk -F “\'|\;” '{print $1}'| grep -v '\.$' | grep ^com | sort
output:
(…)
com.XXX.services.FileDownloadService
com.XXX.services.FileHandler
com.XXX.services.VerifyFileUploadController
(…)
com.XXX.services.URLController
com.XXX.services.UserProfileService

List “Service Interface” and “Methods”:
Burp/Target/SiteMap/RightClick/Save selected items/uncheck Base64 encode requests and responses
$ grep “^7” * | awk -F “|” '{print $1,$6,$7}' | sort -u
output:
XXX:7 com.XXX.services.ApplicationService getAdditionalData
XXX:7 com.XXX.services.ApplicationService getDataTableData
XXX:7 com.XXX.services.ApplicationService getMenus
XXX:7 com.XXX.services.ApplicationService sendRequest
XXX:7 com.XXX.services.ApplicationService sendServiceRequest
	GWT support (according to the vendors):
	Acunetix
	NTOSpider
	WebInspect
	AppScan
	ZAP

	Tested:
	Burp + Gwtscan.jar: works ~
	GWT-Penetration-Testing-Toolset:
	gwtenum doesn't works
	gwtparse works ~

	To manually find the entry points:

	GWT Application Entrypoint Javascript File:
	https://FQDN/webapp/webapp.nocache.js

	List “Service Interfaces”:
	wget https://FQDN/webapp/B7501AF09D1FC5B26E65043C4A20FF0E.cache.html -O GWT-EntryPoint.html; cat GWT-EntryPoint.html \| sed 's/com\./&\ncom./g' \| awk -F “\'\|\;” '{print $1}'\| grep -v '\.$' \| grep ^com \| sort
	ex: wget –http-user=user –http-password=pass –no-check-certificate https://FQDN/webapp/B7501AF09D1FC5B26E65043C4A20FF0E.cache.html -O GWT-EntryPoint.html; cat GWT-EntryPoint.html \| sed 's/com\./&\ncom./g' \| awk -F “\'\|\;” '{print $1}'\| grep -v '\.$' \| grep ^com \| sort
	output:
	(…)
	com.XXX.services.FileDownloadService
	com.XXX.services.FileHandler
	com.XXX.services.VerifyFileUploadController
	(…)
	com.XXX.services.URLController
	com.XXX.services.UserProfileService

	List “Service Interface” and “Methods”:
	Burp/Target/SiteMap/RightClick/Save selected items/uncheck Base64 encode requests and responses
	$ grep “^7” * \| awk -F “\|” '{print $1,$6,$7}' \| sort -u
	output:
	XXX:7 com.XXX.services.ApplicationService getAdditionalData
	XXX:7 com.XXX.services.ApplicationService getDataTableData
	XXX:7 com.XXX.services.ApplicationService getMenus
	XXX:7 com.XXX.services.ApplicationService sendRequest
	XXX:7 com.XXX.services.ApplicationService sendServiceRequest