Conversation
…ject name identifier in GUI
|
Hey @thariyarox Thanks very much for your work, which we really appreciate! This are nice features/improvements/fixes! I'll publish the new release 1.3.0 soon. |
|
Hi @thariyarox Today I had time to check the new added code. I had some issues concerning the new introduced textbox. I tried several assertions, but it was not possible to apply the XSW attacks. The problem is, that the content of the textbox is replacing the content of the XML tag In some assertions, the the I think it's quite difficult to implement atextbox to set the evil subject on the correct position. Sometimes, you may want to change a e-mail address and sometimes a group the user belongs to. These can be in one or more attribute statement. During a test, the part(s) I want to change in the evil assertion can be anywhere. That's why I had to revert the commits related to the textbox. Sorry. But I thank you anyway for the other commits! |
|
Hi Emanuel, No worries. I would like to contribute with new attack types. I will send a PR later. Thanks ! |
This PR contains following fixes done on top of SAML Raider v1.2.0.