w3af-svn-notify Mailing List for w3af (Page 246)
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
w3af-svn-notify — This mailing list has a copy of the SVN Commit logs and each modified file
You can subscribe to this list here.
| 2008 |
Jan
|
Feb
(235) |
Mar
(336) |
Apr
(280) |
May
(278) |
Jun
(159) |
Jul
(270) |
Aug
(240) |
Sep
(121) |
Oct
(110) |
Nov
(199) |
Dec
(228) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2009 |
Jan
(251) |
Feb
(206) |
Mar
(115) |
Apr
(45) |
May
(27) |
Jun
(67) |
Jul
(49) |
Aug
(38) |
Sep
(10) |
Oct
(131) |
Nov
(89) |
Dec
(38) |
| 2010 |
Jan
(85) |
Feb
(71) |
Mar
(45) |
Apr
(23) |
May
(12) |
Jun
|
Jul
(11) |
Aug
(7) |
Sep
(81) |
Oct
(79) |
Nov
(165) |
Dec
(62) |
| 2011 |
Jan
(134) |
Feb
(73) |
Mar
(34) |
Apr
(63) |
May
(147) |
Jun
(43) |
Jul
(21) |
Aug
(26) |
Sep
(43) |
Oct
(34) |
Nov
(44) |
Dec
(112) |
| 2012 |
Jan
(47) |
Feb
(44) |
Mar
(72) |
Apr
(209) |
May
(54) |
Jun
(279) |
Jul
(151) |
Aug
(332) |
Sep
(39) |
Oct
(268) |
Nov
(116) |
Dec
(368) |
| 2013 |
Jan
(73) |
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <fac...@us...> - 2008-05-02 00:40:10
|
Revision: 1075
http://w3af.svn.sourceforge.net/w3af/?rev=1075&view=rev
Author: facundobatista
Date: 2008-05-01 17:40:06 -0700 (Thu, 01 May 2008)
Log Message:
-----------
First draft version of Fuzzy Requests window.
Modified Paths:
--------------
trunk/core/ui/gtkUi/craftedRequests.py
trunk/core/ui/gtkUi/main.py
trunk/core/ui/gtkUi/reqResViewer.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fac...@us...> - 2008-05-02 00:33:04
|
Revision: 1074
http://w3af.svn.sourceforge.net/w3af/?rev=1074&view=rev
Author: facundobatista
Date: 2008-05-01 17:33:01 -0700 (Thu, 01 May 2008)
Log Message:
-----------
Refactored the internals, to be able to use the request
or the response (not both).
Modified Paths:
--------------
trunk/core/ui/gtkUi/reqResViewer.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-05-01 23:27:50
|
Task #148224 has been updated. Project: w3af Subproject: gtkUi - OWASP SoC 2008 Summary: Resend request Complete: 0% Status: Open Authority : andresriancho Assigned to: facundobatista Description: When showing a req/res of a vuln in the results tab, also show a button that says "Send to request editor" that opens a "Manual request editor" with the request head and body filled with the request that triggers the vulnerability. Also and when the request fuzzer is ready, add a button that says "Send to request fuzzer" that does the same but with the request fuzzer. This easy buttons "merge" these three parts of the software that were separated before =) Follow-Ups: ------------------------------------------------------- Date: 2008-05-01 20:27 By: andresriancho Comment: Add the same buttons in the request response navigator. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=148224&group_id=170274&group_project_id=56282 |
|
From: <fac...@us...> - 2008-05-01 22:13:51
|
Revision: 1073
http://w3af.svn.sourceforge.net/w3af/?rev=1073&view=rev
Author: facundobatista
Date: 2008-05-01 15:13:39 -0700 (Thu, 01 May 2008)
Log Message:
-----------
Extracted the part of the Windows machinery that will be used
a lot, and put it in entries.py. Also simplified how the example
is written.
Modified Paths:
--------------
trunk/core/ui/gtkUi/craftedRequests.py
trunk/core/ui/gtkUi/entries.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-05-01 22:11:46
|
Revision: 1072
http://w3af.svn.sourceforge.net/w3af/?rev=1072&view=rev
Author: andresriancho
Date: 2008-05-01 15:11:44 -0700 (Thu, 01 May 2008)
Log Message:
-----------
Better documentation of the halberd plugin. This was done while trying to fix a bug.
Modified Paths:
--------------
trunk/plugins/discovery/halberd.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-05-01 22:08:46
|
Revision: 1071
http://w3af.svn.sourceforge.net/w3af/?rev=1071&view=rev
Author: andresriancho
Date: 2008-05-01 15:08:44 -0700 (Thu, 01 May 2008)
Log Message:
-----------
Better error handling for all the files in this commit. This error handling improves stability. All this was achieved while trying to fix a bug in the way w3af uses ports.
Modified Paths:
--------------
trunk/core/controllers/daemons/webserver.py
trunk/core/controllers/payloadTransfer/basePayloadTransfer.py
trunk/core/controllers/w3afAgent/client/w3afAgentClient.py
trunk/core/controllers/w3afAgent/server/w3afAgentServer.py
trunk/core/controllers/w3afAgent/w3afAgentManager.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-05-01 22:04:34
|
Revision: 1070
http://w3af.svn.sourceforge.net/w3af/?rev=1070&view=rev
Author: andresriancho
Date: 2008-05-01 15:04:27 -0700 (Thu, 01 May 2008)
Log Message:
-----------
New documentation that fixes document bug that mentions error404page.
Modified Paths:
--------------
trunk/readme/w3afUsersGuide.html
trunk/readme/w3afUsersGuide.odt
trunk/readme/w3afUsersGuide.pdf
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-05-01 21:55:22
|
Task #148224 has been updated. Project: w3af Subproject: gtkUi - OWASP SoC 2008 Summary: Resend request Complete: 0% Status: Open Authority : andresriancho Assigned to: facundobatista Description: When showing a req/res of a vuln in the results tab, also show a button that says "Send to request editor" that opens a "Manual request editor" with the request head and body filled with the request that triggers the vulnerability. Also and when the request fuzzer is ready, add a button that says "Send to request fuzzer" that does the same but with the request fuzzer. This easy buttons "merge" these three parts of the software that were separated before =) ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=148224&group_id=170274&group_project_id=56282 |
|
From: <and...@us...> - 2008-05-01 21:34:25
|
Revision: 1069
http://w3af.svn.sourceforge.net/w3af/?rev=1069&view=rev
Author: andresriancho
Date: 2008-05-01 14:34:21 -0700 (Thu, 01 May 2008)
Log Message:
-----------
Fixing bug #1955271.
Modified Paths:
--------------
trunk/plugins/discovery/yahooSiteExplorer.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-05-01 21:26:12
|
Revision: 1068
http://w3af.svn.sourceforge.net/w3af/?rev=1068&view=rev
Author: andresriancho
Date: 2008-05-01 14:26:08 -0700 (Thu, 01 May 2008)
Log Message:
-----------
Small changes to crafted requests.
Modified Paths:
--------------
trunk/core/ui/gtkUi/craftedRequests.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-05-01 20:26:35
|
Task #148110 has been updated. Project: w3af Subproject: gtkUi - OWASP SoC 2008 Summary: Manually send a request and analyze the response. Complete: 100% Status: Closed Authority : facundobatista Assigned to: facundobatista Description: A new option "Manual Request" (search for an icon), in the toolbar and the menu (in "Tools"). It will open a new window. At the beginning, the response/body part is greyed out. When the user clicks on "send", the request written in the request/post part is sent and the result is shown in the response/body part. The "send" stays active, the user can send multiple times, everytime the response is updated. Andres needs to implement something in the core for this. If there's an error in the procedure, it'll be a w3afException, the error will be shown in a popup, and the response/boyd part will be greyed out. Follow-Ups: ------------------------------------------------------- Date: 2008-05-01 17:26 By: facundobatista Comment: Completed in r1067. ------------------------------------------------------- Date: 2008-04-27 11:48 By: facundobatista Comment: GUI design: http://www.taniquetil.com.ar/facundo/owasp/soc08-148110.svg ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=148110&group_id=170274&group_project_id=56282 |
|
From: <fac...@us...> - 2008-05-01 20:12:42
|
Revision: 1067
http://w3af.svn.sourceforge.net/w3af/?rev=1067&view=rev
Author: facundobatista
Date: 2008-05-01 13:12:33 -0700 (Thu, 01 May 2008)
Log Message:
-----------
Finished the manually request implementation. Had to fix the uriSender,
for it to support empty lines (it just discards it, and previously
generated a difficult to understand message error). Also, created a
clearPanes() method in the requestResponseViewer.
Modified Paths:
--------------
trunk/core/data/url/xUrllib.py
trunk/core/ui/gtkUi/craftedRequests.py
trunk/core/ui/gtkUi/main.py
trunk/core/ui/gtkUi/reqResViewer.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-05-01 19:05:04
|
Task #148220 has been updated.
Project: w3af
Subproject: gtkUi - OWASP SoC 2008
Summary: Colorize KB Browser names
Complete: 0%
Status: Open
Authority : andresriancho
Assigned to: facundobatista
Description: In the KB browser, the names of the first and second level should be colorized according to this rules:
- RED if it contains a high or medium severity vulnerability
- Yellow if it contains a low severity vulnerability
- Black (leave as it is) if it contains informations
Example, when we have this case:
- osCommanding (1)
- osCommanding (2)
- critical vuln (3)
- information (4)
(1) , (2) and (3) should be red
(4) should be black
-------------------------------------------------------
For more info, visit:
http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=148220&group_id=170274&group_project_id=56282
|
|
From: <ab...@us...> - 2008-05-01 12:47:36
|
Revision: 1066
http://w3af.svn.sourceforge.net/w3af/?rev=1066&view=rev
Author: aberezh
Date: 2008-05-01 05:47:30 -0700 (Thu, 01 May 2008)
Log Message:
-----------
Small completion fixes.
Deferred disabling of the console.
It seems, we are ready to merge to trunk.
Modified Paths:
--------------
branches/sasha/core/ui/consoleUi/consoleUi.py
branches/sasha/core/ui/consoleUi/plugins.py
branches/sasha/core/ui/consoleUi/rootMenu.py
branches/sasha/core/ui/consoleUi/util.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-04-30 20:16:30
|
Task #148198 has been updated. Project: w3af Subproject: gtkUi - OWASP SoC 2008 Summary: log graph - debug lines overwrite axis Complete: 0% Status: Open Authority : andresriancho Assigned to: facundobatista Description: In the log graph, the debug lines start from within the X axis, overwriting the axis in one pixel. It would look nicer if the debug line would start one pixel higher. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=148198&group_id=170274&group_project_id=56282 |
|
From: <and...@us...> - 2008-04-30 19:17:05
|
Revision: 1065
http://w3af.svn.sourceforge.net/w3af/?rev=1065&view=rev
Author: andresriancho
Date: 2008-04-30 12:16:56 -0700 (Wed, 30 Apr 2008)
Log Message:
-----------
Now w3af detects http://thedailywtf.com/Articles/Oklahoma-Leaks-Tens-of-Thousands-of-Social-Security-Numbers,-Other-Sensitive-Data.aspx .
Modified Paths:
--------------
trunk/plugins/grep/strangeParameters.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-04-30 19:16:32
|
Task #147867 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: w3af should find this! Complete: 100% Status: Closed Authority : andresriancho Assigned to: andresriancho Description: http://thedailywtf.com/Articles/Oklahoma-Leaks-Tens-of-Thousands-of-Social-Security-Numbers,-Other-Sensitive-Data.aspx ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=147867&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-04-30 19:00:47
|
Task #148008 has been updated. Project: w3af Subproject: Plugin TODO v1.20 Summary: add this to serverHeader Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: HTTP hokus pokus ;) http://www.nessus.org/plugins/index.php?view=viewsrc&id=11239 The problem with this is that it needs to send RAW requests... I think that the framework should have the feature to send them without using socket.socket() ... ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=148008&group_id=170274&group_project_id=51670 |
|
From: SourceForge.net <no...@so...> - 2008-04-30 19:00:13
|
Task #148194 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: HTTP 403.6 - Forbidden: IP address rejected Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: <h2 style="font:8pt/11pt verdana; color:000000">HTTP 403.6 - Forbidden: IP address rejected<br> ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=148194&group_id=170274&group_project_id=50603 |
|
From: <and...@us...> - 2008-04-30 18:28:58
|
Revision: 1064
http://w3af.svn.sourceforge.net/w3af/?rev=1064&view=rev
Author: andresriancho
Date: 2008-04-30 11:28:03 -0700 (Wed, 30 Apr 2008)
Log Message:
-----------
New icons for vulnerabilities and informations.
Modified Paths:
--------------
trunk/core/ui/gtkUi/data/information.png
trunk/core/ui/gtkUi/data/vulnerability_h.png
trunk/core/ui/gtkUi/data/vulnerability_l.png
trunk/core/ui/gtkUi/data/vulnerability_m.png
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-04-30 17:21:54
|
Revision: 1063
http://w3af.svn.sourceforge.net/w3af/?rev=1063&view=rev
Author: andresriancho
Date: 2008-04-30 10:21:03 -0700 (Wed, 30 Apr 2008)
Log Message:
-----------
Added Seba Ardita as contributor.
Modified Paths:
--------------
trunk/readme/CONTRIBUTORS
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-04-30 17:20:17
|
Revision: 1062
http://w3af.svn.sourceforge.net/w3af/?rev=1062&view=rev
Author: andresriancho
Date: 2008-04-30 10:19:27 -0700 (Wed, 30 Apr 2008)
Log Message:
-----------
Trying to fix bug that raises w3afMustStopException.
Modified Paths:
--------------
trunk/core/data/url/xUrllib.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-04-30 03:00:13
|
Revision: 1061
http://w3af.svn.sourceforge.net/w3af/?rev=1061&view=rev
Author: andresriancho
Date: 2008-04-29 20:00:10 -0700 (Tue, 29 Apr 2008)
Log Message:
-----------
Fixing bug #1953644 and added better error handling in factory.
Modified Paths:
--------------
trunk/core/controllers/misc/factory.py
trunk/core/ui/consoleUi/plugins.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-04-30 02:05:39
|
Revision: 1060
http://w3af.svn.sourceforge.net/w3af/?rev=1060&view=rev
Author: andresriancho
Date: 2008-04-29 19:05:36 -0700 (Tue, 29 Apr 2008)
Log Message:
-----------
Attack plugins now generate shell objects with help command.
Modified Paths:
--------------
trunk/plugins/attack/localFileReader.py
trunk/plugins/attack/sqlmap.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-04-29 13:29:25
|
Task #148150 has been updated. Project: w3af Subproject: gtkUi - Phase 4 Summary: clear cache and scan history button Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: > I realized that w3af saves the history from the targets. > I found it after a short search in > ~/.w3af/urllib2cache/ > ~/.w3af/sessions/ > ~/.w3af/urlhistory.pkl > .... > It is not from the policy allowed to share results and > what we are doing. > It exists no possibilty to delete this with the GUI. > For my no problem. I delete it now with the .bash_logout. > Maybe you can add a comment in the docu or make a button > to clean the history for users whichdo not like the cmd_line. I think that I'll document it so users can remove them if needed, and in the future we'll add a "Clear cache and scan history" button somewhere. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=148150&group_id=170274&group_project_id=55676 |
