w3af-svn-notify Mailing List for w3af (Page 253)
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
w3af-svn-notify — This mailing list has a copy of the SVN Commit logs and each modified file
You can subscribe to this list here.
| 2008 |
Jan
|
Feb
(235) |
Mar
(336) |
Apr
(280) |
May
(278) |
Jun
(159) |
Jul
(270) |
Aug
(240) |
Sep
(121) |
Oct
(110) |
Nov
(199) |
Dec
(228) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2009 |
Jan
(251) |
Feb
(206) |
Mar
(115) |
Apr
(45) |
May
(27) |
Jun
(67) |
Jul
(49) |
Aug
(38) |
Sep
(10) |
Oct
(131) |
Nov
(89) |
Dec
(38) |
| 2010 |
Jan
(85) |
Feb
(71) |
Mar
(45) |
Apr
(23) |
May
(12) |
Jun
|
Jul
(11) |
Aug
(7) |
Sep
(81) |
Oct
(79) |
Nov
(165) |
Dec
(62) |
| 2011 |
Jan
(134) |
Feb
(73) |
Mar
(34) |
Apr
(63) |
May
(147) |
Jun
(43) |
Jul
(21) |
Aug
(26) |
Sep
(43) |
Oct
(34) |
Nov
(44) |
Dec
(112) |
| 2012 |
Jan
(47) |
Feb
(44) |
Mar
(72) |
Apr
(209) |
May
(54) |
Jun
(279) |
Jul
(151) |
Aug
(332) |
Sep
(39) |
Oct
(268) |
Nov
(116) |
Dec
(368) |
| 2013 |
Jan
(73) |
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <and...@us...> - 2008-04-09 15:16:11
|
Revision: 957
http://w3af.svn.sourceforge.net/w3af/?rev=957&view=rev
Author: andresriancho
Date: 2008-04-09 08:15:01 -0700 (Wed, 09 Apr 2008)
Log Message:
-----------
Fixed bug #1938731.
Modified Paths:
--------------
trunk/core/ui/gtkUi/profiles.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ab...@us...> - 2008-04-09 07:42:22
|
Revision: 956
http://w3af.svn.sourceforge.net/w3af/?rev=956&view=rev
Author: aberezh
Date: 2008-04-09 00:42:06 -0700 (Wed, 09 Apr 2008)
Log Message:
-----------
creditCards plugin: Fixed #1925724 (highlighted credit cards)
Modified Paths:
--------------
trunk/plugins/grep/creditCards.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ab...@us...> - 2008-04-09 07:14:00
|
Revision: 955
http://w3af.svn.sourceforge.net/w3af/?rev=955&view=rev
Author: aberezh
Date: 2008-04-09 00:13:58 -0700 (Wed, 09 Apr 2008)
Log Message:
-----------
creditCards plugin: fixed #1925718 (verified only one found regexp by Luhn)
Modified Paths:
--------------
trunk/plugins/grep/creditCards.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-04-09 04:10:43
|
Task #147656 has been updated. Project: w3af Subproject: Package TODO Summary: Update dependencies that live in extlib Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: Update dependencies that live in extlib to their latest versions. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=147656&group_id=170274&group_project_id=50604 |
|
From: <and...@us...> - 2008-04-09 03:39:44
|
Revision: 954
http://w3af.svn.sourceforge.net/w3af/?rev=954&view=rev
Author: andresriancho
Date: 2008-04-08 20:39:37 -0700 (Tue, 08 Apr 2008)
Log Message:
-----------
Fixed a bug I introduced to the plugin while fixing another bug.
Modified Paths:
--------------
trunk/plugins/audit/osCommanding.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-04-09 03:28:32
|
Task #147554 has been updated. Project: w3af Subproject: gtkUi - Phase 3 Summary: Show profile description Complete: 5% Status: Open Authority : andresriancho Assigned to: facundobatista Description: When clicking on a profile, the big gray square (that is now filled with the owl) should show the profile description (which you get by doing a getDesc() on a profile object). The image of the owl should still be there as the background. Follow-Ups: ------------------------------------------------------- Date: 2008-04-09 00:28 By: andresriancho Comment: Lets do: 3. centered, make the owl dissapear when put this text. ------------------------------------------------------- Date: 2008-04-08 16:32 By: facundobatista Comment: Can not put a background image in part of a window. I can start playing with transparencies, but it won't be ok in some systems (it depends of the windowing system). In any case, the text over the owl will be difficult to read. I propose to put the text 1. above the owl. 2. under the owl. 3. centered, make the owl dissapear when put this text. What do you think? ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=147554&group_id=170274&group_project_id=55113 |
|
From: <and...@us...> - 2008-04-09 03:16:14
|
Revision: 953
http://w3af.svn.sourceforge.net/w3af/?rev=953&view=rev
Author: andresriancho
Date: 2008-04-08 20:16:09 -0700 (Tue, 08 Apr 2008)
Log Message:
-----------
Fixed bug #1938058.
Modified Paths:
--------------
trunk/core/controllers/basePlugin/baseGrepPlugin.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fac...@us...> - 2008-04-09 03:11:01
|
Revision: 952
http://w3af.svn.sourceforge.net/w3af/?rev=952&view=rev
Author: facundobatista
Date: 2008-04-08 20:10:59 -0700 (Tue, 08 Apr 2008)
Log Message:
-----------
Fixed some behaviour regarding the sensitivity of the start button
in consideration of target url.
Modified Paths:
--------------
trunk/core/ui/gtkUi/entries.py
trunk/core/ui/gtkUi/pluginconfig.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-04-09 02:35:54
|
Task #146171 has been updated.
Project: w3af
Subproject: gtkUi - Phase 3
Summary: exploit <plugin> ; exploit * ; exploit * stopOnFirst
Complete: 100%
Status: Closed
Authority : andresriancho
Assigned to: facundobatista
Description: What is implemented and works perfect:
exploit <pluginName> <vuln-id>
What must be implemented in the near future:
exploit <pluginName>
exploit *
exploit * stopOnFirst
The "exploit <pluginName>" case should be handled like this:
- User right clicks over an attack plugin, and a menu pop-ups. The menu should have: "Exploit all vulnerabilities"
- When clicked, you just call exploitPluginInstance.exploit()
To know how to handle the * cases please see:
core/ui/consoleUi/exploit.py
def _exploitAll( self, stopOnFirst = True ):
If you copy+paste this code without modifications please let me know, so I create a file with it inside the framework so any modifications to that code impact all user interfaces.
The * cases should be handled like this in the GUI:
- In the menu were the "save session" and "resume session" buttons are (THAT SHOULD BE REMOVED BECAUSE THEY HAVE BEEN DEPRECATED) you should add a button that says "Exploit All".
- When the user clicks on it a pop-up window should appear that says: "Are you sure you want to exploit all vulnerabilities using all exploits?". The options for the user are: "Yes/No" and in the window it should also be a checkbox that says: "Stop on first successfully exploited vulnerability" that is On by default.
Follow-Ups:
-------------------------------------------------------
Date: 2008-04-08 23:35
By: facundobatista
Comment:
Finished in r951.
-------------------------------------------------------
Date: 2008-04-03 21:15
By: facundobatista
Comment:
Some details:
- Name: Multiple Exploit.
- The "stop on first" option should be not selected by default; it should be "First successful", and it should have a tooltip "Stop on first successful exploit".
- Right button should have two options: "Exploit ALL vulns", "Exploit all until first successful"
-------------------------------------------------------
Date: 2008-03-26 16:02
By: facundobatista
Comment:
Relocated in phase 3.
-------------------------------------------------------
Date: 2008-03-21 23:29
By: facundobatista
Comment:
Andres Riancho said:
> I just defined a method in the attack plugins that will be useful
> for the exploit tab. The method is named "getExploitableVulns" and
> returns a list of vulnerability objects that *could* be exploited by
> an attack plugin. Please note that I said *could*; to verify if the
> plugin can really exploit the vulnerability you should use the
> "canExploit" method.
So, with this, we will able to exploit massively some vulns.
The interface will be:
- A button in the toolbar that says "Exploit all", for all-exploits to all-vulns. A pop-up will appear for you to select which exploits to use, and you'll have a "stop on first successfully exploited vuln" button, enabled by default.
- Right button on any exploit will have a new option "Exploit all vulns".
In any case, the selected vulns to test will be the ones that this new filter gives
-------------------------------------------------------
Date: 2008-02-29 08:45
By: facundobatista
Comment:
Changing this to Andres: as we talk, he needs to make a small study to determine which use cases are more common and which are not normally executed, and then we should define the best interface to enable those use cases (then this task will come back to me).
-------------------------------------------------------
For more info, visit:
http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146171&group_id=170274&group_project_id=55113
|
|
From: <fac...@us...> - 2008-04-09 02:35:36
|
Revision: 951
http://w3af.svn.sourceforge.net/w3af/?rev=951&view=rev
Author: facundobatista
Date: 2008-04-08 19:35:31 -0700 (Tue, 08 Apr 2008)
Log Message:
-----------
Finished all details regarding multiple exploits.
Modified Paths:
--------------
trunk/core/ui/gtkUi/exploittab.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-04-09 02:28:21
|
Revision: 950
http://w3af.svn.sourceforge.net/w3af/?rev=950&view=rev
Author: andresriancho
Date: 2008-04-08 19:28:19 -0700 (Tue, 08 Apr 2008)
Log Message:
-----------
Created a directory to store all the scripts, images, and other installer related stuff.
Added Paths:
-----------
windows_installer/
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fac...@us...> - 2008-04-09 02:24:31
|
Revision: 949
http://w3af.svn.sourceforge.net/w3af/?rev=949&view=rev
Author: facundobatista
Date: 2008-04-08 19:24:29 -0700 (Tue, 08 Apr 2008)
Log Message:
-----------
Put the text inside scrollbars.
Modified Paths:
--------------
trunk/core/ui/gtkUi/entries.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-04-09 02:24:17
|
Revision: 948
http://w3af.svn.sourceforge.net/w3af/?rev=948&view=rev
Author: andresriancho
Date: 2008-04-08 19:24:07 -0700 (Tue, 08 Apr 2008)
Log Message:
-----------
Fixed bug #1938189
Modified Paths:
--------------
trunk/core/data/parsers/pdfParser.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-04-09 01:55:44
|
Task #146171 has been updated.
Project: w3af
Subproject: gtkUi - Phase 3
Summary: exploit <plugin> ; exploit * ; exploit * stopOnFirst
Complete: 30%
Status: Open
Authority : andresriancho
Assigned to: facundobatista
Description: What is implemented and works perfect:
exploit <pluginName> <vuln-id>
What must be implemented in the near future:
exploit <pluginName>
exploit *
exploit * stopOnFirst
The "exploit <pluginName>" case should be handled like this:
- User right clicks over an attack plugin, and a menu pop-ups. The menu should have: "Exploit all vulnerabilities"
- When clicked, you just call exploitPluginInstance.exploit()
To know how to handle the * cases please see:
core/ui/consoleUi/exploit.py
def _exploitAll( self, stopOnFirst = True ):
If you copy+paste this code without modifications please let me know, so I create a file with it inside the framework so any modifications to that code impact all user interfaces.
The * cases should be handled like this in the GUI:
- In the menu were the "save session" and "resume session" buttons are (THAT SHOULD BE REMOVED BECAUSE THEY HAVE BEEN DEPRECATED) you should add a button that says "Exploit All".
- When the user clicks on it a pop-up window should appear that says: "Are you sure you want to exploit all vulnerabilities using all exploits?". The options for the user are: "Yes/No" and in the window it should also be a checkbox that says: "Stop on first successfully exploited vulnerability" that is On by default.
Follow-Ups:
-------------------------------------------------------
Date: 2008-04-03 21:15
By: facundobatista
Comment:
Some details:
- Name: Multiple Exploit.
- The "stop on first" option should be not selected by default; it should be "First successful", and it should have a tooltip "Stop on first successful exploit".
- Right button should have two options: "Exploit ALL vulns", "Exploit all until first successful"
-------------------------------------------------------
Date: 2008-03-26 16:02
By: facundobatista
Comment:
Relocated in phase 3.
-------------------------------------------------------
Date: 2008-03-21 23:29
By: facundobatista
Comment:
Andres Riancho said:
> I just defined a method in the attack plugins that will be useful
> for the exploit tab. The method is named "getExploitableVulns" and
> returns a list of vulnerability objects that *could* be exploited by
> an attack plugin. Please note that I said *could*; to verify if the
> plugin can really exploit the vulnerability you should use the
> "canExploit" method.
So, with this, we will able to exploit massively some vulns.
The interface will be:
- A button in the toolbar that says "Exploit all", for all-exploits to all-vulns. A pop-up will appear for you to select which exploits to use, and you'll have a "stop on first successfully exploited vuln" button, enabled by default.
- Right button on any exploit will have a new option "Exploit all vulns".
In any case, the selected vulns to test will be the ones that this new filter gives
-------------------------------------------------------
Date: 2008-02-29 08:45
By: facundobatista
Comment:
Changing this to Andres: as we talk, he needs to make a small study to determine which use cases are more common and which are not normally executed, and then we should define the best interface to enable those use cases (then this task will come back to me).
-------------------------------------------------------
For more info, visit:
http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146171&group_id=170274&group_project_id=55113
|
|
From: <fac...@us...> - 2008-04-09 01:35:46
|
Revision: 947
http://w3af.svn.sourceforge.net/w3af/?rev=947&view=rev
Author: facundobatista
Date: 2008-04-08 18:35:41 -0700 (Tue, 08 Apr 2008)
Log Message:
-----------
Avanced with multiple exploit.
Modified Paths:
--------------
trunk/core/ui/gtkUi/exploittab.py
trunk/core/ui/gtkUi/helpers.py
trunk/core/ui/gtkUi/main.py
trunk/core/ui/gtkUi/pluginconfig.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-04-08 19:32:44
|
Task #147554 has been updated. Project: w3af Subproject: gtkUi - Phase 3 Summary: Show profile description Complete: 5% Status: Open Authority : andresriancho Assigned to: andresriancho Description: When clicking on a profile, the big gray square (that is now filled with the owl) should show the profile description (which you get by doing a getDesc() on a profile object). The image of the owl should still be there as the background. Follow-Ups: ------------------------------------------------------- Date: 2008-04-08 16:32 By: facundobatista Comment: Can not put a background image in part of a window. I can start playing with transparencies, but it won't be ok in some systems (it depends of the windowing system). In any case, the text over the owl will be difficult to read. I propose to put the text 1. above the owl. 2. under the owl. 3. centered, make the owl dissapear when put this text. What do you think? ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=147554&group_id=170274&group_project_id=55113 |
|
From: <and...@us...> - 2008-04-08 15:29:10
|
Revision: 946
http://w3af.svn.sourceforge.net/w3af/?rev=946&view=rev
Author: andresriancho
Date: 2008-04-08 08:28:30 -0700 (Tue, 08 Apr 2008)
Log Message:
-----------
xhtml can't be opened by default in windows, so I changed to html.
Modified Paths:
--------------
trunk/core/ui/gtkUi/main.py
Added Paths:
-----------
trunk/readme/w3afUsersGuide.html
Removed Paths:
-------------
trunk/readme/w3afUsersGuide.xhtml
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-04-08 14:51:04
|
Revision: 945
http://w3af.svn.sourceforge.net/w3af/?rev=945&view=rev
Author: andresriancho
Date: 2008-04-08 07:50:47 -0700 (Tue, 08 Apr 2008)
Log Message:
-----------
Changed version in splash image, based on Sebastian Garcia comments.
Modified Paths:
--------------
trunk/core/ui/gtkUi/data/splash.png
Added Paths:
-----------
trunk/core/ui/gtkUi/data/splash-without-version.png
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-04-08 14:08:16
|
Revision: 944
http://w3af.svn.sourceforge.net/w3af/?rev=944&view=rev
Author: andresriancho
Date: 2008-04-08 07:07:33 -0700 (Tue, 08 Apr 2008)
Log Message:
-----------
Fixed a false positive in the osCommanding detection.
Modified Paths:
--------------
trunk/plugins/audit/osCommanding.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-04-08 13:41:16
|
Revision: 943
http://w3af.svn.sourceforge.net/w3af/?rev=943&view=rev
Author: andresriancho
Date: 2008-04-08 06:41:04 -0700 (Tue, 08 Apr 2008)
Log Message:
-----------
Fixed a bug of an undefined variable.
Modified Paths:
--------------
trunk/plugins/discovery/fingerGoogle.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-04-08 12:25:43
|
Task #147531 has been updated. Project: w3af Subproject: documentation Summary: Howto - Find XSS vulnerabilities Complete: 0% Status: Open Authority : andresriancho Assigned to: keroseno Description: This should be a step by step guide on how to find XSS vulnerabilities. Objective: Let the user know about the usage of audit.xss and it's options. User interface: consoleUi (./w3af) ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=147531&group_id=170274&group_project_id=56046 |
|
From: <and...@us...> - 2008-04-08 12:19:30
|
Revision: 942
http://w3af.svn.sourceforge.net/w3af/?rev=942&view=rev
Author: andresriancho
Date: 2008-04-08 05:18:55 -0700 (Tue, 08 Apr 2008)
Log Message:
-----------
Added stock icons to help menu.
Modified Paths:
--------------
trunk/core/ui/gtkUi/main.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-04-08 03:40:26
|
Revision: 941
http://w3af.svn.sourceforge.net/w3af/?rev=941&view=rev
Author: andresriancho
Date: 2008-04-07 20:40:23 -0700 (Mon, 07 Apr 2008)
Log Message:
-----------
Fixed bug #1936665
Modified Paths:
--------------
trunk/plugins/discovery/spiderMan.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-04-08 03:34:25
|
Revision: 940
http://w3af.svn.sourceforge.net/w3af/?rev=940&view=rev
Author: andresriancho
Date: 2008-04-07 20:34:19 -0700 (Mon, 07 Apr 2008)
Log Message:
-----------
Fixed bug #1937272, buggy profiles and plugins are handled correctly.
Modified Paths:
--------------
trunk/core/controllers/w3afCore.py
trunk/core/ui/gtkUi/profiles.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-04-08 03:26:48
|
Revision: 939
http://w3af.svn.sourceforge.net/w3af/?rev=939&view=rev
Author: andresriancho
Date: 2008-04-07 20:26:42 -0700 (Mon, 07 Apr 2008)
Log Message:
-----------
Now the bug in the plugins is REALLY fixed.
Modified Paths:
--------------
trunk/plugins/grep/creditCards.py
trunk/plugins/grep/ssn.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
