w3af-develop Mailing List for w3af (Page 9)
Status: Beta
Brought to you by:
andresriancho
You can subscribe to this list here.
2008 |
Jan
(20) |
Feb
(36) |
Mar
(45) |
Apr
(83) |
May
(100) |
Jun
(86) |
Jul
(68) |
Aug
(143) |
Sep
(41) |
Oct
(58) |
Nov
(47) |
Dec
(66) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2009 |
Jan
(41) |
Feb
(33) |
Mar
(115) |
Apr
(61) |
May
(68) |
Jun
(83) |
Jul
(64) |
Aug
(33) |
Sep
(18) |
Oct
(62) |
Nov
(61) |
Dec
(24) |
2010 |
Jan
(38) |
Feb
(24) |
Mar
(56) |
Apr
(31) |
May
(19) |
Jun
(5) |
Jul
(13) |
Aug
(12) |
Sep
(34) |
Oct
(32) |
Nov
(37) |
Dec
(13) |
2011 |
Jan
(50) |
Feb
(56) |
Mar
(15) |
Apr
(12) |
May
(39) |
Jun
(16) |
Jul
(23) |
Aug
(7) |
Sep
(10) |
Oct
(32) |
Nov
(44) |
Dec
(40) |
2012 |
Jan
(40) |
Feb
(78) |
Mar
(21) |
Apr
(88) |
May
(56) |
Jun
(89) |
Jul
(55) |
Aug
(37) |
Sep
(31) |
Oct
(47) |
Nov
(13) |
Dec
(8) |
2013 |
Jan
(24) |
Feb
(20) |
Mar
(12) |
Apr
(23) |
May
(27) |
Jun
(22) |
Jul
(18) |
Aug
(14) |
Sep
(5) |
Oct
(7) |
Nov
(2) |
Dec
(1) |
2014 |
Jan
(7) |
Feb
(13) |
Mar
(52) |
Apr
(23) |
May
(3) |
Jun
|
Jul
|
Aug
(5) |
Sep
(5) |
Oct
(1) |
Nov
|
Dec
|
2015 |
Jan
(4) |
Feb
(7) |
Mar
(8) |
Apr
(3) |
May
|
Jun
(2) |
Jul
(12) |
Aug
(15) |
Sep
(9) |
Oct
(3) |
Nov
(4) |
Dec
(10) |
2016 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
(4) |
Jun
|
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
|
Dec
|
2019 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2021 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
|
From: Andres R. <and...@gm...> - 2013-10-06 11:59:16
|
Maybe the focus should be moved away from the detection engines (snort, suricata) and into the rules provider(s)? http://www.emergingthreats.net/open-source/ On Sun, Oct 6, 2013 at 8:53 AM, Andres Riancho <and...@gm...> wrote: > Andri, > > Good question, actually I didn't even consider Suricata because I > was unaware of it's existance :( So, after reading the suricata > website for some minutes it seems that their rule format is *very > similar* (the same?) as the one from snort, which could make things > easier if we want to support both. > > When it comes to what we want to do, the only thing that matters > is quality (re: false positives) and quantity of the rules to detect > web malware. Do you know if there is a comparison between suricata and > snort rulesets? > > Regards, > > On Sat, Oct 5, 2013 at 11:37 PM, Andri Herumurti <vyn...@ya...> wrote: >> Hi Andres, >> >> how if use Suricata than Snort ? >> here is the comparison : http://wiki.aanval.com/wiki/Snort_vs_Suricata >> >> Regards, >> Andri >> >> >> ________________________________ >> From: Andres Riancho <and...@gm...> >> To: "w3a...@li..." <w3a...@li...>; >> "w3a...@li..." <W3a...@li...> >> Sent: Sunday, October 6, 2013 3:38 AM >> Subject: [W3af-develop] Snort rules to detect malware >> >> Guys, >> >> We already have a clamav plugin that will identify if an http >> response body (usually a PE, DLL, ELF, PDF, DOC etc.) contains a virus >> or not. The other day I was thinking about how to improve this and >> came up with the idea of using snort rules to detect malware [0] >> >> The idea is rather simple: >> * Crawl the site (we already do that) >> * Parse snort rules into regular expressions >> * Create a grep plugin that will apply those regular >> expressions to each HTTP response body >> * If a match is found, then report it to the knowledge base >> >> What do you guys think about the idea? Anyone with snort >> experience to weight in with some facts on how many false positives >> are found by rules like these? Anyone knows about the licensing for >> the rules? Can we include them into our repository? >> >> [0] https://github.com/andresriancho/w3af/issues/671 >> >> Regards, >> -- >> Andrés Riancho >> Project Leader at w3af - http://w3af.org/ >> Web Application Attack and Audit Framework >> Twitter: @w3af >> GPG: 0x93C344F3 >> >> ------------------------------------------------------------------------------ >> October Webinars: Code for Performance >> Free Intel webinars can help you accelerate application performance. >> Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most >> from >> the latest Intel processors and coprocessors. See abstracts and register > >> http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk >> _______________________________________________ >> W3af-develop mailing list >> W3a...@li... >> https://lists.sourceforge.net/lists/listinfo/w3af-develop >> > > > > -- > Andrés Riancho > Project Leader at w3af - http://w3af.org/ > Web Application Attack and Audit Framework > Twitter: @w3af > GPG: 0x93C344F3 -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 |
From: Andres R. <and...@gm...> - 2013-10-06 11:53:46
|
Andri, Good question, actually I didn't even consider Suricata because I was unaware of it's existance :( So, after reading the suricata website for some minutes it seems that their rule format is *very similar* (the same?) as the one from snort, which could make things easier if we want to support both. When it comes to what we want to do, the only thing that matters is quality (re: false positives) and quantity of the rules to detect web malware. Do you know if there is a comparison between suricata and snort rulesets? Regards, On Sat, Oct 5, 2013 at 11:37 PM, Andri Herumurti <vyn...@ya...> wrote: > Hi Andres, > > how if use Suricata than Snort ? > here is the comparison : http://wiki.aanval.com/wiki/Snort_vs_Suricata > > Regards, > Andri > > > ________________________________ > From: Andres Riancho <and...@gm...> > To: "w3a...@li..." <w3a...@li...>; > "w3a...@li..." <W3a...@li...> > Sent: Sunday, October 6, 2013 3:38 AM > Subject: [W3af-develop] Snort rules to detect malware > > Guys, > > We already have a clamav plugin that will identify if an http > response body (usually a PE, DLL, ELF, PDF, DOC etc.) contains a virus > or not. The other day I was thinking about how to improve this and > came up with the idea of using snort rules to detect malware [0] > > The idea is rather simple: > * Crawl the site (we already do that) > * Parse snort rules into regular expressions > * Create a grep plugin that will apply those regular > expressions to each HTTP response body > * If a match is found, then report it to the knowledge base > > What do you guys think about the idea? Anyone with snort > experience to weight in with some facts on how many false positives > are found by rules like these? Anyone knows about the licensing for > the rules? Can we include them into our repository? > > [0] https://github.com/andresriancho/w3af/issues/671 > > Regards, > -- > Andrés Riancho > Project Leader at w3af - http://w3af.org/ > Web Application Attack and Audit Framework > Twitter: @w3af > GPG: 0x93C344F3 > > ------------------------------------------------------------------------------ > October Webinars: Code for Performance > Free Intel webinars can help you accelerate application performance. > Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most > from > the latest Intel processors and coprocessors. See abstracts and register > > http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk > _______________________________________________ > W3af-develop mailing list > W3a...@li... > https://lists.sourceforge.net/lists/listinfo/w3af-develop > -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 |
From: Andri H. <vyn...@ya...> - 2013-10-06 02:37:12
|
Hi Andres, how if use Suricata than Snort ? here is the comparison : http://wiki.aanval.com/wiki/Snort_vs_Suricata Regards, Andri ________________________________ From: Andres Riancho <and...@gm...> To: "w3a...@li..." <w3a...@li...>; "w3a...@li..." <W3a...@li...> Sent: Sunday, October 6, 2013 3:38 AM Subject: [W3af-develop] Snort rules to detect malware Guys, We already have a clamav plugin that will identify if an http response body (usually a PE, DLL, ELF, PDF, DOC etc.) contains a virus or not. The other day I was thinking about how to improve this and came up with the idea of using snort rules to detect malware [0] The idea is rather simple: * Crawl the site (we already do that) * Parse snort rules into regular expressions * Create a grep plugin that will apply those regular expressions to each HTTP response body * If a match is found, then report it to the knowledge base What do you guys think about the idea? Anyone with snort experience to weight in with some facts on how many false positives are found by rules like these? Anyone knows about the licensing for the rules? Can we include them into our repository? [0] https://github.com/andresriancho/w3af/issues/671 Regards, -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk _______________________________________________ W3af-develop mailing list W3a...@li... https://lists.sourceforge.net/lists/listinfo/w3af-develop |
From: Andres R. <and...@gm...> - 2013-10-05 20:38:27
|
Guys, We already have a clamav plugin that will identify if an http response body (usually a PE, DLL, ELF, PDF, DOC etc.) contains a virus or not. The other day I was thinking about how to improve this and came up with the idea of using snort rules to detect malware [0] The idea is rather simple: * Crawl the site (we already do that) * Parse snort rules into regular expressions * Create a grep plugin that will apply those regular expressions to each HTTP response body * If a match is found, then report it to the knowledge base What do you guys think about the idea? Anyone with snort experience to weight in with some facts on how many false positives are found by rules like these? Anyone knows about the licensing for the rules? Can we include them into our repository? [0] https://github.com/andresriancho/w3af/issues/671 Regards, -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 |
From: Andres R. <and...@gm...> - 2013-09-15 23:42:45
|
Apoorv, On Sun, Sep 15, 2013 at 10:51 AM, Apoorv Kishore <kis...@gm...>wrote: > > Hi W3af Team, > > > I have install PyDev Plugin In Eclipse and clone the w3af project using > EGit (master branch) but when > > 1. From the main menu bar, select [image: command link] *File > > Import...*. The Import wizard opens. > 2. Select *General > Existing Project into Workspace* and click *Next*. > > I follow above two steps to import w3af It Shows error "No projects are > found to import". There is no ".project" file in w3af. > I think you want to import source code, not import a project. I've stopped using egit a while ago and my process is usually: * cd /home/user/workspace * git clone ... * Start eclipse * Create a new pydev project * Right click over the newly created project, choose import * Choose general - filesystem * Choose the directory you just cloned > Please help me out how i import w3af source code in Eclipse. > Thanks > Apoorv > > > > ------------------------------------------------------------------------------ > LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99! > 1,500+ hours of tutorials including VisualStudio 2012, Windows 8, > SharePoint > 2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library Power Pack > includes > Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends 9/22/13. > http://pubads.g.doubleclick.net/gampad/clk?id=64545871&iu=/4140/ostg.clktrk > _______________________________________________ > W3af-develop mailing list > W3a...@li... > https://lists.sourceforge.net/lists/listinfo/w3af-develop > > -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 |
From: Apoorv K. <kis...@gm...> - 2013-09-15 13:52:04
|
Hi W3af Team, I have install PyDev Plugin In Eclipse and clone the w3af project using EGit (master branch) but when 1. From the main menu bar, select [image: command link] *File > Import... *. The Import wizard opens. 2. Select *General > Existing Project into Workspace* and click *Next*. I follow above two steps to import w3af It Shows error "No projects are found to import". There is no ".project" file in w3af. Please help me out how i import w3af source code in Eclipse. Thanks Apoorv |
From: Andres R. <and...@gm...> - 2013-09-11 07:28:07
|
Saleem, On Wed, Sep 11, 2013 at 9:18 AM, saleem <asa...@cd...> wrote: > Hi w3af , > > I am trying to run w3af from the console using w3af script. > > I am getting a error like : > > [Wed Sep 11 12:40:49 2013 - error] An internal error occurred while > searching for id "35", even after commit/retry Sadly this is a known bug which has nothing to do with XML or any other plugin(s), it's a bug in w3af's core which breaks many other things. I haven't been able to find / reproduce / fix this bug so far. I think there is nothing you can do, except trying to fix it yourself :( > because of which my XML is not getting generated , it is happening if i > am running it with www-data user . > > now is there any problem with sqlite database permissions or some thing > as the error is coming from the file - /core/data/db/history.py > > please help me out !! > > Thanks & Regards , > Saleem > > > ------------------------------------------------------------------------------------------------------------------------------- > > This e-mail is for the sole use of the intended recipient(s) and may > contain confidential and privileged information. If you are not the > intended recipient, please contact the sender by reply e-mail and destroy > all copies and the original message. Any unauthorized review, use, > disclosure, dissemination, forwarding, printing or copying of this email > is strictly prohibited and appropriate legal action will be taken. > ------------------------------------------------------------------------------------------------------------------------------- > > > ------------------------------------------------------------------------------ > How ServiceNow helps IT people transform IT departments: > 1. Consolidate legacy IT systems to a single system of record for IT > 2. Standardize and globalize service processes across IT > 3. Implement zero-touch automation to replace manual, redundant tasks > http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk > _______________________________________________ > W3af-develop mailing list > W3a...@li... > https://lists.sourceforge.net/lists/listinfo/w3af-develop -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 |
From: saleem <asa...@cd...> - 2013-09-11 07:15:15
|
Hi w3af , I am trying to run w3af from the console using w3af script. I am getting a error like : [Wed Sep 11 12:40:49 2013 - error] An internal error occurred while searching for id "35", even after commit/retry because of which my XML is not getting generated , it is happening if i am running it with www-data user . now is there any problem with sqlite database permissions or some thing as the error is coming from the file - /core/data/db/history.py please help me out !! Thanks & Regards , Saleem ------------------------------------------------------------------------------------------------------------------------------- This e-mail is for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies and the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email is strictly prohibited and appropriate legal action will be taken. ------------------------------------------------------------------------------------------------------------------------------- |
From: Dominique R. <dom...@gm...> - 2013-09-04 04:47:24
|
Andres, I have posted a comment in issue 266 in order to ask you some question about the code review: https://github.com/andresriancho/w3af/issues/266 Thanks in advance :) -- Cordialement, Best regards, Dominique Righetto dom...@gm... dom...@ow... Twitter: @righettod GPG: 0x323D19BA http://www.righettod.eu "No trees were killed to send this message, but a large number of electrons were terribly inconvenienced." |
From: Dominique R. <dom...@gm...> - 2013-08-31 10:41:55
|
Hi, You can start by read W3AF documentation [0] and analyse source code [1] in order to understand how W3AF is built. After you can check the features list [2] managed by Andres in order to see which contribution is opened. You can also contribute in forms of unit tests cases writing for existing plugins or you can fix somes bugs... In terms of guidance on W3AF, i think it's preferable to contact Andres (in Cc) Hope this help and welcome to W3AF project :) [0] https://github.com/andresriancho/w3af/tree/master/doc/EN [1] https://github.com/andresriancho/w3af [2] https://github.com/andresriancho/w3af/issues?labels=plugin&page=1&state=open On 31/08/2013 11:11, Apoorv Kishore wrote: > Hello Sir, > > I am good in python and want to learn more in Web application Security > and want to contribute in w3af project. I have already subscribe the > w3af developer mailing list. > But as this is the first time for me to contribute in such kind of big > project. So I need little guidance how i can help to make w3af better. > Please Sir help me out. > > Thanks > Apoorv Kishore |
From: Joaquim E. <esp...@gm...> - 2013-08-30 04:12:09
|
Hi Andres. Congratulations, nice work. On Thu, Aug 29, 2013 at 5:03 PM, Andres Riancho <and...@gm...>wrote: > Take a look at nimbostratus [0] my latest toy project :) > > [0] http://andresriancho.github.io/nimbostratus/ > > -- > Andrés Riancho > Project Leader at w3af - http://w3af.org/ > Web Application Attack and Audit Framework > Twitter: @w3af > GPG: 0x93C344F3 > > > ------------------------------------------------------------------------------ > Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! > Discover the easy way to master current and previous Microsoft technologies > and advance your career. Get an incredible 1,500+ hours of step-by-step > tutorial videos with LearnDevNow. Subscribe today and save! > http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk > _______________________________________________ > W3af-develop mailing list > W3a...@li... > https://lists.sourceforge.net/lists/listinfo/w3af-develop > -- Joaquim Espinhara da Silva Neto 79 9127.8819 |
From: Dominique R. <dom...@gm...> - 2013-08-30 04:00:01
|
Hi, Seems to be cool :-) Le 30 août 2013 00:05, "Andres Riancho" <and...@gm...> a écrit : > Take a look at nimbostratus [0] my latest toy project :) > > [0] http://andresriancho.github.io/nimbostratus/ > > -- > Andrés Riancho > Project Leader at w3af - http://w3af.org/ > Web Application Attack and Audit Framework > Twitter: @w3af > GPG: 0x93C344F3 > > > ------------------------------------------------------------------------------ > Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! > Discover the easy way to master current and previous Microsoft technologies > and advance your career. Get an incredible 1,500+ hours of step-by-step > tutorial videos with LearnDevNow. Subscribe today and save! > http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk > _______________________________________________ > W3af-develop mailing list > W3a...@li... > https://lists.sourceforge.net/lists/listinfo/w3af-develop > |
From: Andres R. <and...@gm...> - 2013-08-29 22:04:18
|
Take a look at nimbostratus [0] my latest toy project :) [0] http://andresriancho.github.io/nimbostratus/ -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 |
From: Andres R. <and...@gm...> - 2013-08-23 12:12:03
|
On Fri, Aug 23, 2013 at 8:15 AM, Guillaume Rousse <gui...@gm...> wrote: > Le 22/08/2013 14:15, Andres Riancho a écrit : >> As I said in other emails, if you're interested in having support for >> your specific distribution, let me know which packages are needed and >> I'll create a "mageia" file in the platforms directory to handle it. > I don't need any specific software support, I just need clear > indications of actual dependencies. > > [..] >>> I understand perfectly that you are trying to make life easier for >>> newbies, but you're currently making life harder for packagers, by >>> trying to handle their work directly. Before trying any kind of software >>> based solution, with all associated error risks, you should really >>> ensure your documentation is correct, and can be used as a reference. >>> Because your current method seems closer from the problem than from the >>> solution for me :) >> >> Happy to help you in any efforts to create a package for 1.5 and/or >> create a mageia.py inside "platforms". Both things would help our >> users. > I'd happily contribute a documentation patch, but I have very few > interest for such kind of software-based attempt to emulate packager > added value. Giving clear instructions will help users better than > trying to guess what command they have to run. Especially given your > user base: you're not targeting average joe user, after all. I think both things would be the ideal thing to have: #1 Software dependency package with version (agnostic of any apt/rpm/etc.) #2 The command to install it If we would just provide #1 then people would have to loose time looking for the right command to install it on their systems. Because we do have more users than packagers, I decided to go with #2 and figured out that packagers would take the hit to find out #1 based on that. Also, since packaging is usually a difficult and lengthy process (which might require our dependencies to become other packages, licensing issues, etc.) I also think that #1 is a great idea and won't deprecate it for now. Of course, if you have any better solution, let us know! > I've fixed the check issue by removing calls to dependency_check: > http://svnweb.mageia.org/packages/cauldron/w3af/current/SOURCES/w3af-1.5-no-runtime-dependency-check.patch?view=markup > > Mageia 4 will have w3af version 1.5, mageia 3 already has version 1.1. Removing the dependency check is fine if you package w3af and reference each dependency in the package. Otherwise, as you already know, it will break. If your package was already created, I can "reverse engineer" that into creating a new mageia.py inside "platforms" which will help users trying to install the next version of w3af in their system, a next version that might have a new dependency (which I'll add to mageia.py) before the next w3af release is made. Regards, > -- > Guillaume > > ------------------------------------------------------------------------------ > Introducing Performance Central, a new site from SourceForge and > AppDynamics. Performance Central is your source for news, insights, > analysis and resources for efficient Application Performance Management. > Visit us today! > http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk > _______________________________________________ > W3af-develop mailing list > W3a...@li... > https://lists.sourceforge.net/lists/listinfo/w3af-develop -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 |
From: Guillaume R. <gui...@gm...> - 2013-08-23 11:16:10
|
Le 22/08/2013 14:15, Andres Riancho a écrit : > As I said in other emails, if you're interested in having support for > your specific distribution, let me know which packages are needed and > I'll create a "mageia" file in the platforms directory to handle it. I don't need any specific software support, I just need clear indications of actual dependencies. [..] >> I understand perfectly that you are trying to make life easier for >> newbies, but you're currently making life harder for packagers, by >> trying to handle their work directly. Before trying any kind of software >> based solution, with all associated error risks, you should really >> ensure your documentation is correct, and can be used as a reference. >> Because your current method seems closer from the problem than from the >> solution for me :) > > Happy to help you in any efforts to create a package for 1.5 and/or > create a mageia.py inside "platforms". Both things would help our > users. I'd happily contribute a documentation patch, but I have very few interest for such kind of software-based attempt to emulate packager added value. Giving clear instructions will help users better than trying to guess what command they have to run. Especially given your user base: you're not targeting average joe user, after all. I've fixed the check issue by removing calls to dependency_check: http://svnweb.mageia.org/packages/cauldron/w3af/current/SOURCES/w3af-1.5-no-runtime-dependency-check.patch?view=markup Mageia 4 will have w3af version 1.5, mageia 3 already has version 1.1. -- Guillaume |
From: Andres R. <and...@gm...> - 2013-08-22 12:16:21
|
Guillaume, On Thu, Aug 22, 2013 at 8:04 AM, Guillaume Rousse <gui...@gm...> wrote: > Hello. > > I've troubles packaging w3af for mageia (more exactly, updating the > current package from 1.1 to 1.5), because of dependencies management. > > Here is the list of dependencies given in documentation: > - python 2.7 > - fpconst-0.7.2 > - nltk > - SOAPpy > - pdfminer > - Python bindings for the libxml2 library > - Python OpenSSL > - json.py > - scapy > - pysvn > - python sqlite3 Real dependencies are in [0] [0] https://github.com/andresriancho/w3af/blob/master/core/controllers/dependency_check/platforms/linux.py > However, if python guess-langage isn't installed, w3af_console crashes > immediatly. So, this module should be also added to this list. > > Once installed, the software just refuse to run, because of automated > dependencies checking, and requires at least the following python modules: > - esmre > - pybloomfiltermmap > - phply > - msgpack > - pip > It is not clear, tough, if those modules are really needed for anything > excepted satisfying this automated dependencies checking. Yes, they are required. > And even after installing all of them, the software still doesn't run, > and output the following error message: > On Debian systems please install the following operating system packages > before running the pip installer: > sudo apt-get install build-essential python-setuptools git > python-pip python2.7-dev libsqlite3-dev libxslt1-dev libxml2-dev > > First, the check if obviouslty broken: I'm not running debian. > > Second, even if I did, why would any software requires development > packages at runtime ? We need build-essential to build some packages which you installed previously with pip. In your system you already have them, that's why you were able to build the dependencies without installing them. As I said in other emails, if you're interested in having support for your specific distribution, let me know which packages are needed and I'll create a "mageia" file in the platforms directory to handle it. > I assume those packages are actually needed for > building others, but that's a confusion between 'what is needed' and > 'how to install what is needed'. Unless you consider your end-users as > unable to understand it, you should at least make the distinction explicit: > - you need python module esmre > - in order to install it from pypi, you'll also need a buildchain ready > (build-essential and python-setuptools on debian platform) > > Even reading the code, I couldn't find exactly what triggered this check > failure, and the only way I had to execute the software was to disable > automatic dependencies check at startup. This is the source you should be looking at to understand how all this works: https://github.com/andresriancho/w3af/blob/master/core/controllers/dependency_check/dependency_check.py https://github.com/andresriancho/w3af/blob/master/core/controllers/dependency_check/platforms/current_platform.py https://github.com/andresriancho/w3af/blob/master/core/controllers/dependency_check/platforms/linux.py > I understand perfectly that you are trying to make life easier for > newbies, but you're currently making life harder for packagers, by > trying to handle their work directly. Before trying any kind of software > based solution, with all associated error risks, you should really > ensure your documentation is correct, and can be used as a reference. > Because your current method seems closer from the problem than from the > solution for me :) Happy to help you in any efforts to create a package for 1.5 and/or create a mageia.py inside "platforms". Both things would help our users. > -- > Guillaume > > ------------------------------------------------------------------------------ > Introducing Performance Central, a new site from SourceForge and > AppDynamics. Performance Central is your source for news, insights, > analysis and resources for efficient Application Performance Management. > Visit us today! > http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk > _______________________________________________ > W3af-develop mailing list > W3a...@li... > https://lists.sourceforge.net/lists/listinfo/w3af-develop -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 |
From: Guillaume R. <gui...@gm...> - 2013-08-22 11:04:58
|
Hello. I've troubles packaging w3af for mageia (more exactly, updating the current package from 1.1 to 1.5), because of dependencies management. Here is the list of dependencies given in documentation: - python 2.7 - fpconst-0.7.2 - nltk - SOAPpy - pdfminer - Python bindings for the libxml2 library - Python OpenSSL - json.py - scapy - pysvn - python sqlite3 However, if python guess-langage isn't installed, w3af_console crashes immediatly. So, this module should be also added to this list. Once installed, the software just refuse to run, because of automated dependencies checking, and requires at least the following python modules: - esmre - pybloomfiltermmap - phply - msgpack - pip It is not clear, tough, if those modules are really needed for anything excepted satisfying this automated dependencies checking. And even after installing all of them, the software still doesn't run, and output the following error message: On Debian systems please install the following operating system packages before running the pip installer: sudo apt-get install build-essential python-setuptools git python-pip python2.7-dev libsqlite3-dev libxslt1-dev libxml2-dev First, the check if obviouslty broken: I'm not running debian. Second, even if I did, why would any software requires development packages at runtime ? I assume those packages are actually needed for building others, but that's a confusion between 'what is needed' and 'how to install what is needed'. Unless you consider your end-users as unable to understand it, you should at least make the distinction explicit: - you need python module esmre - in order to install it from pypi, you'll also need a buildchain ready (build-essential and python-setuptools on debian platform) Even reading the code, I couldn't find exactly what triggered this check failure, and the only way I had to execute the software was to disable automatic dependencies check at startup. I understand perfectly that you are trying to make life easier for newbies, but you're currently making life harder for packagers, by trying to handle their work directly. Before trying any kind of software based solution, with all associated error risks, you should really ensure your documentation is correct, and can be used as a reference. Because your current method seems closer from the problem than from the solution for me :) -- Guillaume |
From: Andres R. <and...@gm...> - 2013-08-18 14:00:32
|
I don't understand, why do you want to ignore __init__.py files? They are actually used for stuff and required to be there. Also, they don't change unless you do something to them. On Sat, Aug 17, 2013 at 6:23 AM, Dominique RIGHETTO <dom...@gm...> wrote: > Hi, > > I have just found a trick to avoid to commit and push "__init__.py" file. I > use Git option "--assume-unchanged" [0]. > > Ex: > git update-index --assume-unchanged plugins/audit/__init__.py > > Very useful to avoid to anger Andres during a Pull request phase :) > > [0] https://help.github.com/articles/ignoring-files > -- > Cordialement, Best regards, > Dominique Righetto > dom...@gm... > dom...@ow... > Twitter: @righettod > GPG: 0xC34A4565323D19BA > http://www.righettod.eu > "No trees were killed to send this message, but a large number of electrons > were terribly inconvenienced." -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 |
From: Dominique R. <dom...@gm...> - 2013-08-17 09:47:23
|
I have updated the Wiki with this information: https://github.com/andresriancho/w3af/wiki/Contributing-101 On 17/08/2013 11:23, Dominique RIGHETTO wrote: > Hi, > > I have just found a trick to avoid to commit and push "__init__.py" > file. I use Git option "--assume-unchanged" [0]. > > Ex: > git update-index --assume-unchanged plugins/audit/__init__.py > > Very useful to avoid to anger Andres during a Pull request phase :) > > [0] https://help.github.com/articles/ignoring-files |
From: Dominique R. <dom...@gm...> - 2013-08-17 09:23:57
|
Hi, I have just found a trick to avoid to commit and push "__init__.py" file. I use Git option "--assume-unchanged" [0]. Ex: git update-index --assume-unchanged plugins/audit/__init__.py Very useful to avoid to anger Andres during a Pull request phase :) [0] https://help.github.com/articles/ignoring-files -- Cordialement, Best regards, Dominique Righetto dom...@gm... dom...@ow... Twitter: @righettod GPG: 0xC34A4565323D19BA http://www.righettod.eu "No trees were killed to send this message, but a large number of electrons were terribly inconvenienced." |
From: Andres R. <and...@gm...> - 2013-08-12 12:43:37
|
On Mon, Aug 12, 2013 at 1:30 AM, Dominique Righetto <dom...@gm...> wrote: > Hi, > > There is any helper to access to cookie collection coming from an original > response in Audit plugin or do I have to parse response ? > > I have searched into w3af sources but I cannot find any helper or accessors > in "core.data.url.HTTPReponse" class If you want to access all the current cookies that the HTTP client actually knows about you can use self._uri_opener.get_cookies() , for getting the cookie sent by the server in one specific http response, there seem to be no methods for that. Would be happy to see one added :) > Thanks in advance :) > > -- > Cordialement, Best regards, > Dominique Righetto > dom...@gm... > dom...@ow... > Twitter: @righettod > GPG: 0x323D19BA > http://www.righettod.eu > "No trees were killed to send this message, but a large number of electrons > were terribly inconvenienced." > > ------------------------------------------------------------------------------ > Get 100% visibility into Java/.NET code with AppDynamics Lite! > It's a free troubleshooting tool designed for production. > Get down to code-level detail for bottlenecks, with <2% overhead. > Download for free and get started troubleshooting in minutes. > http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk > _______________________________________________ > W3af-develop mailing list > W3a...@li... > https://lists.sourceforge.net/lists/listinfo/w3af-develop > -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 |
From: Dominique R. <dom...@gm...> - 2013-08-12 04:31:04
|
Hi, There is any helper to access to cookie collection coming from an original response in Audit plugin or do I have to parse response ? I have searched into w3af sources but I cannot find any helper or accessors in "core.data.url.HTTPReponse" class Thanks in advance :) -- Cordialement, Best regards, Dominique Righetto dom...@gm... dom...@ow... Twitter: @righettod GPG: 0x323D19BA http://www.righettod.eu "No trees were killed to send this message, but a large number of electrons were terribly inconvenienced." |
From: Dominique R. <dom...@gm...> - 2013-08-10 09:35:20
|
Hi, There is any helper to access to cookie collection coming from an original response in Audit plugin or do I have to parse response ? I have searched into w3af sources but I cannot find any helper or accessors in "core.data.url.HTTPReponse" class Thanks in advance :) -- Cordialement, Best regards, Dominique Righetto dom...@gm... dom...@ow... Twitter: @righettod GPG: 0x323D19BA http://www.righettod.eu "No trees were killed to send this message, but a large number of electrons were terribly inconvenienced." |
From: Dominique R. <dom...@gm...> - 2013-07-29 19:54:00
|
Andres, DM, I will setup ASAP an IRC client (I have never used IRC before) and I will come back to you with a date (Luxembourg time) when I'm able to connect to #w3af channel... Regards, Dom -- Cordialement, Best regards, Dominique Righetto dom...@gm... dom...@ow... Twitter: @righettod GPG: 0x323D19BA http://www.righettod.eu "No trees were killed to send this message, but a large number of electrons were terribly inconvenienced." On Mon, Jul 29, 2013 at 3:22 PM, Andres Riancho <and...@gm...>wrote: > Dom, > > Lets do something, lets schedule it. I'm GMT-3 and during this > week I don't have any fixed appointments yet. If you tell me a > reasonable hour (given my timezone and that I work from 8:30 to > 7:30pm) we can schedule a 2h block and join the #w3af channel on IRC > to work on the integer overflow stuff. So, when do you have 2h for > working on this? > > Regards, > > On Mon, Jul 29, 2013 at 9:32 AM, D M <vin...@gm...> wrote: > > Dom, > > > > I was planning on working on the host header plugin. I did have a > similar > > response from the mailing list, which is understandable see everyone is > very > > busy. > > > > Maybe you and I can work on this further to get a better idea of how it > will > > work? > > > > > > On Mon, Jul 29, 2013 at 8:24 AM, Andres Riancho < > and...@gm...> > > wrote: > >> > >> Dom, > >> > >> On Fri, Jul 26, 2013 at 4:41 PM, Dominique Righetto > >> <dom...@gm...> wrote: > >> > Hi, > >> > > >> > I have spend the 2 last week trying to understand how to detect and > how > >> > to > >> > reproduce the integer overflow, unfortunately I wasn't able to fully > >> > understand both of them. > >> > >> I feel bad that I / we were unable to help you with that, sorry but > >> I'm focused on other things these days. > >> > >> > I will take another ticket: "HTTP Host header attacks - Audit plugin" > if > >> > it's available ? > >> > >> Take a look at the mailing list thread we started a while ago about > >> that, maybe you can take it from there. > >> > >> > Dom > >> > > >> > -- > >> > Cordialement, Best regards, > >> > Dominique Righetto > >> > dom...@gm... > >> > dom...@ow... > >> > Twitter: @righettod > >> > GPG: 0x323D19BA > >> > http://www.righettod.eu > >> > "No trees were killed to send this message, but a large number of > >> > electrons > >> > were terribly inconvenienced." > >> > > >> > > >> > On Mon, Jul 15, 2013 at 1:54 PM, Andres Riancho > >> > <and...@gm...> > >> > wrote: > >> >> > >> >> On Sun, Jul 14, 2013 at 4:49 AM, Dominique RIGHETTO > >> >> <dom...@gm...> wrote: > >> >> > Hi Tomas, > >> >> > > >> >> > Thanks you very much. > >> >> > > >> >> > I try to understand the objective of each of the value in > >> >> > ["-0000012345", "-2147483649", "-2147483648", "0000012345", > >> >> > "2147483647", > >> >> > "2147483648", "4294967295", "4294967296", "0000023456"]. > >> >> > > >> >> > For values: 2147483647,2147483648,-2147483649,-2147483648 > >> >> > I understand because it's a for testing around the limits of the > >> >> > Integer > >> >> > type but for other values I dont understand why they are used and > >> >> > from > >> >> > where > >> >> > they come from ? > >> >> > >> >> The most important part seems to be here [0] > >> >> > >> >> [0] > >> >> > >> >> > https://code.google.com/p/skipfish/source/browse/trunk/src/checks.c#1872 > >> >> > >> >> > As I understand the vulnerability, according the all the stuff > that I > >> >> > can > >> >> > read, is the fact below: > >> >> > > >> >> > A parameter has a Integer overflow vuln if, in the case in which > you > >> >> > submit > >> >> > a value over the max/min limit of the Integer, it return a very > small > >> >> > negative or positive value. > >> >> > > >> >> > Ex: > >> >> > You submit "2147483648" and the returned value is negative > >> >> > You submit "-2147483648" and the returned value is positive > >> >> > > >> >> > Can you confirm to me that's my understanding is correct ? > >> >> > >> >> I'm no good with these low level bugs, but my basic understanding of > >> >> the vuln makes me think that the best way to detect this vuln is: > >> >> * Send HTTP request with a test payload, lets say... 5 , save it > >> >> * Send HTTP request with a test for integer overflow, which if > >> >> successful would be the same as sending the number 5, (calculate > that, > >> >> but it should be -(2^31-5) or something like that), save it > >> >> * Compare the two. If they are equal we're in a case where integer > >> >> overflow is present OR the input is not even used > >> >> * Send one more HTTP request with a number 8 (different from the > >> >> previous), compare with any of the previous ones. If it's different > >> >> then integer overflow is present. > >> >> > >> >> If you want to have lower false positives, after running through > those > >> >> steps you could run one more test round, repeating step 1 and 2 with > a > >> >> number different than 5. > >> >> > >> >> @Thomas: is this how you were doing it? > >> >> > >> >> > I apologize for all my questions but I really want to fully > >> >> > understand > >> >> > the > >> >> > context of the vulnerability in order to take in account all the > >> >> > cases > >> >> > into > >> >> > the plugin implementation and also learn new things. > >> >> > > >> >> > W3AF team is a very cool learning environment, I feel like a dwarf > >> >> > among > >> >> > giants ;o))))) > >> >> > > >> >> > Thanks in advance. > >> >> > > >> >> > Best regards, > >> >> > > >> >> > Dom > >> >> > > >> >> > > >> >> > > >> >> > On 13/07/2013 15:48, Tomas Velazquez wrote: > >> >> >> > >> >> >> Hi Dominique, > >> >> >> > >> >> >> Months ago I code a poc of integer overflow, but it is unfinished. > >> >> >> > >> >> >> My code is based on skipfish detection: > >> >> >> > http://code.google.com/p/skipfish/source/browse/trunk/src/checks.c > >> >> >> > >> >> >> Regards, > >> >> >> > >> >> >> > >> >> >> > >> >> >> On Sat, Jul 13, 2013 at 10:09 AM, Dominique Righetto > >> >> >> <dom...@gm... <mailto: > dom...@gm...>> > >> >> >> wrote: > >> >> >> > >> >> >> Hi Andres, > >> >> >> > >> >> >> I'm working on integer overflow detection plugin and I try to > >> >> >> understand, in a audit plugin, how to access to injection points > >> >> >> detected by in discovery part. > >> >> >> > >> >> >> Can you give me some pointer or plugin example ? > >> >> >> > >> >> >> Thanks in advance > >> >> >> > >> >> >> Dom > >> >> >> > >> >> >> > >> >> >> > >> >> >> > >> >> >> > ------------------------------------------------------------------------------ > >> >> >> See everything from the browser to the database with AppDynamics > >> >> >> Get end-to-end visibility with application monitoring from > >> >> >> AppDynamics > >> >> >> Isolate bottlenecks and diagnose root cause in seconds. > >> >> >> Start your free trial of AppDynamics Pro today! > >> >> >> > >> >> >> > >> >> >> > >> >> >> > http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk > >> >> >> _______________________________________________ > >> >> >> W3af-develop mailing list > >> >> >> W3a...@li... > >> >> >> <mailto:W3a...@li...> > >> >> >> https://lists.sourceforge.net/lists/listinfo/w3af-develop > >> >> >> > >> >> >> > >> >> > > >> >> > >> >> > >> >> > >> >> -- > >> >> Andrés Riancho > >> >> Project Leader at w3af - http://w3af.org/ > >> >> Web Application Attack and Audit Framework > >> >> Twitter: @w3af > >> >> GPG: 0x93C344F3 > >> > > >> > > >> > >> > >> > >> -- > >> Andrés Riancho > >> Project Leader at w3af - http://w3af.org/ > >> Web Application Attack and Audit Framework > >> Twitter: @w3af > >> GPG: 0x93C344F3 > >> > >> > >> > ------------------------------------------------------------------------------ > >> See everything from the browser to the database with AppDynamics > >> Get end-to-end visibility with application monitoring from AppDynamics > >> Isolate bottlenecks and diagnose root cause in seconds. > >> Start your free trial of AppDynamics Pro today! > >> > >> > http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk > >> _______________________________________________ > >> W3af-develop mailing list > >> W3a...@li... > >> https://lists.sourceforge.net/lists/listinfo/w3af-develop > > > > > > > > -- > Andrés Riancho > Project Leader at w3af - http://w3af.org/ > Web Application Attack and Audit Framework > Twitter: @w3af > GPG: 0x93C344F3 > |
From: Dominique R. <dom...@gm...> - 2013-07-29 19:50:56
|
Hi, Thanks you for your response. For sure, we can work together on this subject in order to better understand the attack context and how to test it. I have read the links below in order to have an overview of an attack on "host" header. - http://www.skeletonscribe.net/2013/05/practical-http-host-header-attacks.html - https://www.pentesterlab.com/from_sqli_to_shell_II/from_sqli_to_shell_II.pdf This is my understanding of the audit behavior: ** Check 1 Send a HTTP request with double "host" header in this order: host: example.com host: evil.com ** Check 2 Send a HTTP request with the header "X-Forwarded-Host" with value "evil.com" ** Check 3 Send a HTTP request with the header "X-Forwarded-For" with value "evil.com" For each case check if the HTTP response body or headers contains any reference to "evil.com" then "host" header manipulation seems to be possible... My understanding is it correct ? Thanks in advance :) -- Cordialement, Best regards, Dominique Righetto dom...@gm... dom...@ow... Twitter: @righettod GPG: 0x323D19BA http://www.righettod.eu "No trees were killed to send this message, but a large number of electrons were terribly inconvenienced." On Mon, Jul 29, 2013 at 2:32 PM, D M <vin...@gm...> wrote: > Dom, > > I was planning on working on the host header plugin. I did have a similar > response from the mailing list, which is understandable see everyone is > very busy. > > Maybe you and I can work on this further to get a better idea of how it > will work? > > > On Mon, Jul 29, 2013 at 8:24 AM, Andres Riancho <and...@gm...>wrote: > >> Dom, >> >> On Fri, Jul 26, 2013 at 4:41 PM, Dominique Righetto >> <dom...@gm...> wrote: >> > Hi, >> > >> > I have spend the 2 last week trying to understand how to detect and how >> to >> > reproduce the integer overflow, unfortunately I wasn't able to fully >> > understand both of them. >> >> I feel bad that I / we were unable to help you with that, sorry but >> I'm focused on other things these days. >> >> > I will take another ticket: "HTTP Host header attacks - Audit plugin" >> if >> > it's available ? >> >> Take a look at the mailing list thread we started a while ago about >> that, maybe you can take it from there. >> >> > Dom >> > >> > -- >> > Cordialement, Best regards, >> > Dominique Righetto >> > dom...@gm... >> > dom...@ow... >> > Twitter: @righettod >> > GPG: 0x323D19BA >> > http://www.righettod.eu >> > "No trees were killed to send this message, but a large number of >> electrons >> > were terribly inconvenienced." >> > >> > >> > On Mon, Jul 15, 2013 at 1:54 PM, Andres Riancho < >> and...@gm...> >> > wrote: >> >> >> >> On Sun, Jul 14, 2013 at 4:49 AM, Dominique RIGHETTO >> >> <dom...@gm...> wrote: >> >> > Hi Tomas, >> >> > >> >> > Thanks you very much. >> >> > >> >> > I try to understand the objective of each of the value in >> >> > ["-0000012345", "-2147483649", "-2147483648", "0000012345", >> >> > "2147483647", >> >> > "2147483648", "4294967295", "4294967296", "0000023456"]. >> >> > >> >> > For values: 2147483647,2147483648,-2147483649,-2147483648 >> >> > I understand because it's a for testing around the limits of the >> Integer >> >> > type but for other values I dont understand why they are used and >> from >> >> > where >> >> > they come from ? >> >> >> >> The most important part seems to be here [0] >> >> >> >> [0] >> >> >> https://code.google.com/p/skipfish/source/browse/trunk/src/checks.c#1872 >> >> >> >> > As I understand the vulnerability, according the all the stuff that >> I >> >> > can >> >> > read, is the fact below: >> >> > >> >> > A parameter has a Integer overflow vuln if, in the case in which you >> >> > submit >> >> > a value over the max/min limit of the Integer, it return a very >> small >> >> > negative or positive value. >> >> > >> >> > Ex: >> >> > You submit "2147483648" and the returned value is negative >> >> > You submit "-2147483648" and the returned value is positive >> >> > >> >> > Can you confirm to me that's my understanding is correct ? >> >> >> >> I'm no good with these low level bugs, but my basic understanding of >> >> the vuln makes me think that the best way to detect this vuln is: >> >> * Send HTTP request with a test payload, lets say... 5 , save it >> >> * Send HTTP request with a test for integer overflow, which if >> >> successful would be the same as sending the number 5, (calculate that, >> >> but it should be -(2^31-5) or something like that), save it >> >> * Compare the two. If they are equal we're in a case where integer >> >> overflow is present OR the input is not even used >> >> * Send one more HTTP request with a number 8 (different from the >> >> previous), compare with any of the previous ones. If it's different >> >> then integer overflow is present. >> >> >> >> If you want to have lower false positives, after running through those >> >> steps you could run one more test round, repeating step 1 and 2 with a >> >> number different than 5. >> >> >> >> @Thomas: is this how you were doing it? >> >> >> >> > I apologize for all my questions but I really want to fully >> understand >> >> > the >> >> > context of the vulnerability in order to take in account all the >> cases >> >> > into >> >> > the plugin implementation and also learn new things. >> >> > >> >> > W3AF team is a very cool learning environment, I feel like a dwarf >> among >> >> > giants ;o))))) >> >> > >> >> > Thanks in advance. >> >> > >> >> > Best regards, >> >> > >> >> > Dom >> >> > >> >> > >> >> > >> >> > On 13/07/2013 15:48, Tomas Velazquez wrote: >> >> >> >> >> >> Hi Dominique, >> >> >> >> >> >> Months ago I code a poc of integer overflow, but it is unfinished. >> >> >> >> >> >> My code is based on skipfish detection: >> >> >> http://code.google.com/p/skipfish/source/browse/trunk/src/checks.c >> >> >> >> >> >> Regards, >> >> >> >> >> >> >> >> >> >> >> >> On Sat, Jul 13, 2013 at 10:09 AM, Dominique Righetto >> >> >> <dom...@gm... <mailto:dom...@gm...>> >> >> >> >> wrote: >> >> >> >> >> >> Hi Andres, >> >> >> >> >> >> I'm working on integer overflow detection plugin and I try to >> >> >> understand, in a audit plugin, how to access to injection points >> >> >> detected by in discovery part. >> >> >> >> >> >> Can you give me some pointer or plugin example ? >> >> >> >> >> >> Thanks in advance >> >> >> >> >> >> Dom >> >> >> >> >> >> >> >> >> >> >> >> >> ------------------------------------------------------------------------------ >> >> >> >> See everything from the browser to the database with AppDynamics >> >> >> Get end-to-end visibility with application monitoring from >> >> >> AppDynamics >> >> >> Isolate bottlenecks and diagnose root cause in seconds. >> >> >> Start your free trial of AppDynamics Pro today! >> >> >> >> >> >> >> >> >> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk >> >> >> >> _______________________________________________ >> >> >> W3af-develop mailing list >> >> >> W3a...@li... >> >> >> <mailto:W3a...@li...> >> >> >> https://lists.sourceforge.net/lists/listinfo/w3af-develop >> >> >> >> >> >> >> >> > >> >> >> >> >> >> >> >> -- >> >> Andrés Riancho >> >> Project Leader at w3af - http://w3af.org/ >> >> Web Application Attack and Audit Framework >> >> Twitter: @w3af >> >> GPG: 0x93C344F3 >> > >> > >> >> >> >> -- >> Andrés Riancho >> Project Leader at w3af - http://w3af.org/ >> Web Application Attack and Audit Framework >> Twitter: @w3af >> GPG: 0x93C344F3 >> >> ------------------------------------------------------------------------------ >> >> See everything from the browser to the database with AppDynamics >> Get end-to-end visibility with application monitoring from AppDynamics >> Isolate bottlenecks and diagnose root cause in seconds. >> Start your free trial of AppDynamics Pro today! >> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk >> >> _______________________________________________ >> W3af-develop mailing list >> W3a...@li... >> https://lists.sourceforge.net/lists/listinfo/w3af-develop >> >> > |