Application Security Testing: An Integral Part of DevOps
Click here for a larger image.
Environment: VC6, WTL 7.0, WinXP
All methods to manipulate the URL cache are a part of the WinInet library. This library is fairly low-level (not quite at the socket level, but it's pretty far down there). In addition to the cache, the library also provides HTTP, FTP, and Gopher file transfer functionality.
Walking the URL cache is very similar to using the Win32 file-realted functions. FindFirst (with some parameters) returns a handle, FindNext (until there are no more), that sort of thing. I developed a set of classes to deal with the nitty-gritty. You'll find these in the UrlCacheUtil.h/.cpp file.
The application is fairly self documenting (famous last words). I'll leave it to you get out of it what you want. The detail dialog is modless, so it can be left up as you scroll through the cache entries.
Some interesting notes:
- There are definitely some undocumeneted CacheEntryTypes being used. I suspect IE creates some for its own internal use.
- The groups are somewhat a mystery to me. I haven't come across one with a name yet. I suspect all entries go into an unnamed group by default.
DownloadsDownload demo project - 39 Kb
Download source - 26 Kb