Vice Admiral
Vice Admiral
3137 views

Duplicate Sessions in WebInspect scan results

Hi All,

I ran a basic unauthenticated scan using Standard policy against zero.webappsecurity.com, completed in 40mins.

What puzzeled me is that when looking at the Sesssion Tree, almost all identified session are duplicated, check screenshots. 

It seems that those sessions were identified/discovered through different paths, i.e. following different links.

Is this behaviour expected?

Thanks!

--Capture.WebInspect.Zero.Scan.Duplicate.Sessions.PNGDeyan

[Give Kudos or accept as Solution, if post helped you :)]
Labels (1)
0 Likes
2 Replies
Micro Focus Expert
Micro Focus Expert

That is not the expected outcome.  I compared your screen to the Sample Scan as well as running my own non-authenticated scan of Zero.

  • Do you still have these visual duplicates if you close the scan and re-open it on-screen?
  • Have you switched to Sequence View to see where these extra sessions were encountered?
  • The X-MEMO headers for each of these Sessions will indicate which engine (Crawl, Audit, Macro Run, et al) was responsible for making that individual HTTP Request.  The Referrer headers may also be of interest.
  • You may need to contact Fortify Support if you continue to see this pattern with other scans (softwaresupport.softwaregrp.com).

-- Habeas Data
Micro Focus Fortify Customers-Only Forums – https://community.softwaregrp.com/t5/Fortify/ct-p/fortify
0 Likes
Vice Admiral
Vice Admiral

Hi Hans,

Thanks for your reply.

Yes, I do see those duplicates after reopening the scan.

When checked the sequence  (for äccount"session ) there is 40 mins between HTTP requests.

Referer HTTP header is different for both sessions, respectively the Sessions Steps, check screenshots:

Duplicate.Sessions.HTTPRequest.pngSession steps:Duplicate.Sessions.SessionSteps.png

Shall WebInspect create duplicate sessions if those are derived via different Session Steps?

PS: Scan settins are attached.

Thanks!

--

Deyan

[Give Kudos or accept as Solution, if post helped you :)]
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.