Menu

#3 [PATCH] Properly report 500 errors during attack injection

open
nobody
None
5
2008-09-03
2008-09-03
Luke Macken
No

In the attackInjection_POST method, when the statement 'u = urllib2.urlopen(req)' triggers a 500 error, and HTTPError exception is thrown. This then leaves the 'u' variable unset, and causes issues later on. Attached is a patch to resolve this issue.

Traceback (most recent call last):
File "/usr/lib64/python2.5/threading.py", line 460, in __bootstrap
self.run()
File "powerfuzzer/powerfuzzer.py", line 174, in run
self.attack()
File "powerfuzzer/powerfuzzer.py", line 258, in attack
self.attackPOST(form)
File "powerfuzzer/powerfuzzer.py", line 374, in attackPOST
if self.doInjection==1: self.attackInjection_POST(form)
File "powerfuzzer/powerfuzzer.py", line 920, in attackInjection_POST
if u.code==500:
UnboundLocalError: local variable 'u' referenced before assignment

Discussion

  • Luke Macken

    Luke Macken - 2008-09-03
    • summary: [PATCH] Fix traceback --> [PATCH] Properly report 500 errors during attack injection
     

  • Luke Macken

    Luke Macken - 2008-09-03

    Logged In: YES
    user_id=875832
    Originator: YES

    File Added: powerfuzzer-HTTPError-500-take2.patch

     

  • Luke Macken

    Luke Macken - 2008-09-03

    A cleaner patch that fixes this issue everywhere.

     
    powerfuzzer-HTTPError-500-take2.patch

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.