[W3af-develop] w3af q
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
[W3af-develop] w3af q
|
From: Electric M. <ma...@ze...> - 2015-03-03 09:00:05
|
Hello everyone!
Here is my code sample:
#!/usr/bin/env python
from w3af.core.controllers.w3afCore import w3afCore
from w3af.plugins.tests.helper import create_target_option_list
from w3af.core.data.parsers.url import URL
from w3af.core.data.options.option_list import OptionList
from w3af.core.data.options.opt_factory import opt_factory
from w3af.core.data.kb import knowledge_base
w3afcore = w3afCore()
target_opts = create_target_option_list(URL("http://localhost <http://localhost/>"))
w3afcore.target.set_options(target_opts)
w3afcore.plugins.set_plugins(['click_jacking'] , 'grep')
w3afcore.plugins.init_plugins()
w3afcore.start()
I’d like to understand where is method “OPTIONS * HTTP/1.0” get executed. I couldn’t find it in fingerprint_404 class...
Below you could see my apache logs:
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)”
==> error.log <==
[Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist: /var/www/lvX119D7.cgi
[Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist: /var/www/BdfTExEg.do
==> other_vhosts_access.log <==
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /lvX119D7.cgi HTTP/1.1" 404 447 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /BdfTExEg.do HTTP/1.1" 404 446 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
==> error.log <==
[Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist: /var/www/zneaLKli.asp
[Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist: /var/www/nj2Wub66.foobar
[Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist: /var/www/mp5JzKQz.htm
[Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist: /var/www/Ll5OAx0X.py
[Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist: /var/www/VCVM34f7.gif
[Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist: /var/www/348kxmyI.htmls
[Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist: /var/www/lY3gD4if.jsp
[Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist: /var/www/FJZ3bNfK.rb
==> other_vhosts_access.log <==
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /zneaLKli.asp HTTP/1.1" 404 446 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /nj2Wub66.foobar HTTP/1.1" 404 450 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /mp5JzKQz.htm HTTP/1.1" 404 448 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /Ll5OAx0X.py HTTP/1.1" 404 447 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /VCVM34f7.gif HTTP/1.1" 404 449 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /348kxmyI.htmls HTTP/1.1" 404 448 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /lY3gD4if.jsp HTTP/1.1" 404 448 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /FJZ3bNfK.rb HTTP/1.1" 404 448 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
==> error.log <==
[Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist: /var/www/JxX8yBjT.xhtml
==> other_vhosts_access.log <==
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /JxX8yBjT.xhtml HTTP/1.1" 404 449 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
==> error.log <==
[Mon Mar 02 03:46:45 2015] [error] [client ::1] script '/var/www/joHWRGWy.php' not found or unable to stat
[Mon Mar 02 03:46:45 2015] [error] [client ::1] File does not exist: /var/www/GFDhaqJu.aspx
==> other_vhosts_access.log <==
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:45 -0500] "GET /joHWRGWy.php HTTP/1.1" 404 448 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:45 -0500] "GET /GFDhaqJu.aspx HTTP/1.1" 404 448 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
==> error.log <==
[Mon Mar 02 03:46:46 2015] [error] [client ::1] File does not exist: /var/www/1Qy6y9dj.pl
==> other_vhosts_access.log <==
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:46 -0500] "GET /1Qy6y9dj.pl HTTP/1.1" 404 447 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; w3af.org <http://w3af.org/>)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:47 -0500] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.2.22 (Debian) (internal dummy connection)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:48 -0500] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.2.22 (Debian) (internal dummy connection)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:49 -0500] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.2.22 (Debian) (internal dummy connection)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:50 -0500] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.2.22 (Debian) (internal dummy connection)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:51 -0500] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.2.22 (Debian) (internal dummy connection)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:52 -0500] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.2.22 (Debian) (internal dummy connection)"
127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:53 -0500] "OPTIONS * HTTP/1.0" 200 126 "-" "Apache/2.2.22 (Debian) (internal dummy connection)”
Thanks!
Best Regards. |
