w3af-svn-notify Mailing List for w3af (Page 267)
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
w3af-svn-notify — This mailing list has a copy of the SVN Commit logs and each modified file
You can subscribe to this list here.
| 2008 |
Jan
|
Feb
(235) |
Mar
(336) |
Apr
(280) |
May
(278) |
Jun
(159) |
Jul
(270) |
Aug
(240) |
Sep
(121) |
Oct
(110) |
Nov
(199) |
Dec
(228) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2009 |
Jan
(251) |
Feb
(206) |
Mar
(115) |
Apr
(45) |
May
(27) |
Jun
(67) |
Jul
(49) |
Aug
(38) |
Sep
(10) |
Oct
(131) |
Nov
(89) |
Dec
(38) |
| 2010 |
Jan
(85) |
Feb
(71) |
Mar
(45) |
Apr
(23) |
May
(12) |
Jun
|
Jul
(11) |
Aug
(7) |
Sep
(81) |
Oct
(79) |
Nov
(165) |
Dec
(62) |
| 2011 |
Jan
(134) |
Feb
(73) |
Mar
(34) |
Apr
(63) |
May
(147) |
Jun
(43) |
Jul
(21) |
Aug
(26) |
Sep
(43) |
Oct
(34) |
Nov
(44) |
Dec
(112) |
| 2012 |
Jan
(47) |
Feb
(44) |
Mar
(72) |
Apr
(209) |
May
(54) |
Jun
(279) |
Jul
(151) |
Aug
(332) |
Sep
(39) |
Oct
(268) |
Nov
(116) |
Dec
(368) |
| 2013 |
Jan
(73) |
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <fac...@us...> - 2008-03-06 19:00:01
|
Revision: 809
http://w3af.svn.sourceforge.net/w3af/?rev=809&view=rev
Author: facundobatista
Date: 2008-03-06 10:59:53 -0800 (Thu, 06 Mar 2008)
Log Message:
-----------
Added info to ease the following from two opened
bugs.
Modified Paths:
--------------
trunk/core/ui/gtkUi/confpanel.py
trunk/core/ui/gtkUi/pluginconfig.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-03-06 18:34:20
|
Revision: 808
http://w3af.svn.sourceforge.net/w3af/?rev=808&view=rev
Author: andresriancho
Date: 2008-03-06 10:34:06 -0800 (Thu, 06 Mar 2008)
Log Message:
-----------
Added a method that returns the options for a plugin that was already configured in the core.
Modified Paths:
--------------
trunk/core/controllers/w3afCore.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fac...@us...> - 2008-03-06 18:28:59
|
Revision: 807
http://w3af.svn.sourceforge.net/w3af/?rev=807&view=rev
Author: facundobatista
Date: 2008-03-06 10:28:53 -0800 (Thu, 06 Mar 2008)
Log Message:
-----------
Adding profiles. Not yet working, but most of the infrastructure
is in place.
Modified Paths:
--------------
trunk/core/ui/gtkUi/confpanel.py
trunk/core/ui/gtkUi/main.py
trunk/core/ui/gtkUi/pluginconfig.py
Added Paths:
-----------
trunk/core/ui/gtkUi/profiles.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-03-06 18:21:59
|
Revision: 806
http://w3af.svn.sourceforge.net/w3af/?rev=806&view=rev
Author: andresriancho
Date: 2008-03-06 10:21:47 -0800 (Thu, 06 Mar 2008)
Log Message:
-----------
Replaced getPlugins by getEnabledPlugins in w3afCore.
Modified Paths:
--------------
trunk/core/controllers/w3afCore.py
trunk/core/ui/consoleUi/plugins.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-03-06 18:01:32
|
Task #146911 has been updated. Project: w3af Subproject: gtkUi - Phase 2 Summary: rename getPlugins( self, pluginType ) in core Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: rename getPlugins( self, pluginType ) in core; it should be getEnabledPlugins. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146911&group_id=170274&group_project_id=55112 |
|
From: SourceForge.net <no...@so...> - 2008-03-06 17:54:58
|
Task #146910 has been updated. Project: w3af Subproject: gtkUi - Phase 2 Summary: Core should be able to reset plugin configs Complete: 0% Status: Open Authority : facundobatista Assigned to: facundobatista Description: The Core should accept None in the useProfile() method. When receives None, it resets all the configurations to their clean default state. Follow-Ups: ------------------------------------------------------- Date: 2008-03-06 14:31 By: andresriancho Comment: Done, please test and if it works close the task. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146910&group_id=170274&group_project_id=55112 |
|
From: <and...@us...> - 2008-03-06 17:30:29
|
Revision: 805
http://w3af.svn.sourceforge.net/w3af/?rev=805&view=rev
Author: andresriancho
Date: 2008-03-06 09:30:12 -0800 (Thu, 06 Mar 2008)
Log Message:
-----------
Modified the core to support profile cleaning.
Modified Paths:
--------------
trunk/core/controllers/w3afCore.py
trunk/w3af.e3p
trunk/w3af.e3t
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-03-06 17:21:45
|
Task #146910 has been updated. Project: w3af Subproject: gtkUi - Phase 2 Summary: Core should be able to reset plugin configs Complete: 0% Status: Open Authority : facundobatista Assigned to: andresriancho Description: The Core should accept None in the useProfile() method. When receives None, it resets all the configurations to their clean default state. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146910&group_id=170274&group_project_id=55112 |
|
From: SourceForge.net <no...@so...> - 2008-03-06 13:08:35
|
Task #146903 has been updated. Project: w3af Subproject: TODO v1.00 Summary: os.environ['HOME'] in windows ? Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: http://mail.python.org/pipermail/python-list/2006-July/393819.html Follow-Ups: ------------------------------------------------------- Date: 2008-03-06 10:08 By: facundobatista Comment: C:\>python Python 2.5.1 (r251:54863, Apr 18 2007, 08:51:08) [MSC v.1310 32 bit (Intel)] on win32 Type "help", "copyright", "credits" or "license" for more information. >>> import user >>> user.home 'C:\\Documents and Settings\\efacbat' >>> ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146903&group_id=170274&group_project_id=48542 |
|
From: SourceForge.net <no...@so...> - 2008-03-06 12:01:13
|
Task #146908 has been updated. Project: w3af Subproject: gtkUi - Phase 3 Summary: Autosuggest in Target URL Complete: 0% Status: Open Authority : facundobatista Assigned to: facundobatista Description: When typing in the target URL, and stop writing for a second or so, the widget should suggest you the previously entered URLs that match with what you wrote. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146908&group_id=170274&group_project_id=55113 |
|
From: SourceForge.net <no...@so...> - 2008-03-06 11:56:49
|
Task #146907 has been updated. Project: w3af Subproject: gtkUi - Phase 2 Summary: Scan should start with CTRL-S Complete: 0% Status: Open Authority : facundobatista Assigned to: facundobatista Description: Doing CTRL-S should be the same than clicking on the "start button". ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146907&group_id=170274&group_project_id=55112 |
|
From: SourceForge.net <no...@so...> - 2008-03-06 11:39:04
|
Task #146906 has been updated. Project: w3af Subproject: gtkUi - Phase 2 Summary: Target URL to remember previous entry Complete: 0% Status: Open Authority : facundobatista Assigned to: facundobatista Description: The target URL should have a combobox, that let you choose previously entered URLs (when you choose a previously entered one, all the target info is restored, including the Advanced on). The URLs are "saved" when you Start the scan. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146906&group_id=170274&group_project_id=55112 |
|
From: SourceForge.net <no...@so...> - 2008-03-06 11:27:16
|
Task #146687 has been updated. Project: w3af Subproject: gtkUi - Phase 2 Summary: Wrap the vuln exploit Complete: 100% Status: Closed Authority : facundobatista Assigned to: facundobatista Description: When exploiting a vulnerability, it should be wrapped to show a better message if something happens. See for example "remote File Include Shell" Follow-Ups: ------------------------------------------------------- Date: 2008-03-06 08:27 By: facundobatista Comment: Done in r804. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146687&group_id=170274&group_project_id=55112 |
|
From: <fac...@us...> - 2008-03-06 11:26:55
|
Revision: 804
http://w3af.svn.sourceforge.net/w3af/?rev=804&view=rev
Author: facundobatista
Date: 2008-03-06 03:26:52 -0800 (Thu, 06 Mar 2008)
Log Message:
-----------
Wrapped the check about exploit suitability, to be able to
show the user a good message in a w3afException.
Modified Paths:
--------------
trunk/core/ui/gtkUi/exploittab.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-03-06 09:53:28
|
Task #146903 has been updated. Project: w3af Subproject: TODO v1.00 Summary: os.environ['HOME'] in windows ? Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: http://mail.python.org/pipermail/python-list/2006-July/393819.html ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146903&group_id=170274&group_project_id=48542 |
|
From: <and...@us...> - 2008-03-06 09:46:55
|
Revision: 803
http://w3af.svn.sourceforge.net/w3af/?rev=803&view=rev
Author: andresriancho
Date: 2008-03-06 01:46:50 -0800 (Thu, 06 Mar 2008)
Log Message:
-----------
More debugging for stop and pause in the core.
Modified Paths:
--------------
trunk/core/controllers/w3afCore.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-03-06 09:34:21
|
Task #146871 has been updated. Project: w3af Subproject: Plugin TODO v1.10 Summary: interesting commands and SSI false positive Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: A comment with the string "pass" was found in: http://www.edesur.com.ar/grandes_clientes/fr_grandes_clientes.asp . This could be interesting. This information was found in the request with id 1812. <frame name="body" src="<!--#include file="/etc/passwd"-->" marginwidth="0" marginheight="0"> ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146871&group_id=170274&group_project_id=55629 |
|
From: <and...@us...> - 2008-03-06 09:29:27
|
Revision: 802
http://w3af.svn.sourceforge.net/w3af/?rev=802&view=rev
Author: andresriancho
Date: 2008-03-06 01:29:18 -0800 (Thu, 06 Mar 2008)
Log Message:
-----------
Fixed a bug that repeated the found comments.
Modified Paths:
--------------
trunk/plugins/grep/findComments.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-03-06 09:28:34
|
Task #146850 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: one comment in one URL, repeated messages of finding it Complete: 0% Status: Closed Authority : andresriancho Assigned to: andresriancho Description: The comment : "MAPA\r\n\t\t<td valign="middle">\t\t\r\n\t\t\t \r\n\t\t\t\t <a href="javascript:mapa(\'-58.473387\',\'-34.541948\',\'76\');">\r\n\t\t\t\t <img src="images/icon-map.jpg" alt="Ver el Mapa de la Sucursal ARIAS" width="21" height="21" border="0" /></a>\r\n\t\t\t \r\n\t\t\t\t </td>\r\n <td valign="middle">\t\t\t\t \r\n\t\t \r\n\t\t\t\t<a href="javascript:buscaRecorrido(\'76\');">\r\n\t\t\t\t\t<img src="images/icon-como.jpg" width="21" height="21" border="0" alt="Vea c\xf3mo llegar a la Sucursal ARIAS" />\t\t\t\t</a>\r\n\t\t\t\r\n\t\t\t\r\n\t\t\t</td>FIN COMO LLEGAR " was found on this URL(s): - http://www.farmacity.com.ar/ar/rrhh.asp (with id:6290) - http://www.farmacity.com.ar/ar/rrhh.asp (with id:12013) - http://www.farmacity.com.ar/ar\\rrhh.asp (with id:6434) - http://www.farmacity.com.ar/ar/rrhh.asp (with id:11222) - http://www.farmacity.com.ar/ar/rrhh.asp (with id:11850) - http://www.farmacity.com.ar/ar/rrhh.asp (with id:9340) - http://www.farmacity.com.ar/ar/rrhh.asp (with id:6247) - http://www.farmacity.com.ar/ar/rrhh.asp (with id:9769) - http://www.farmacity.com.ar/ar/rrhh.asp (with id:11555) - http://www.farmacity.com.ar/ar/rrhh.asp (with id:10588) - http://www.farmacity.com.ar/ar/rrhh.asp (with id:11488) - http://www.farmacity.com.ar/ar/rrhh.asp (with id:11557) - http://www.farmacity.com.ar/ar/rrhh.asp (with id:6306) Follow-Ups: ------------------------------------------------------- Date: 2008-03-06 06:28 By: andresriancho Comment: Fixed in r802. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146850&group_id=170274&group_project_id=50603 |
|
From: <and...@us...> - 2008-03-06 01:00:56
|
Revision: 801
http://w3af.svn.sourceforge.net/w3af/?rev=801&view=rev
Author: andresriancho
Date: 2008-03-05 17:00:53 -0800 (Wed, 05 Mar 2008)
Log Message:
-----------
Fixed false positives in the plugins and modified the script to work with the "new" interact command.
Modified Paths:
--------------
trunk/plugins/audit/mxInjection.py
trunk/plugins/audit/osCommanding.py
trunk/plugins/discovery/spiderMan.py
trunk/plugins/grep/strangeParameters.py
trunk/scripts/script-osCommanding-win-vdaemon.w3af
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-03-06 00:54:15
|
Task #146847 has been updated. Project: w3af Subproject: Plugin TODO v1.10 Summary: Repeated messages in strangeHeaders Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: The URL : http://www.farmacity.com.ar/farma_maps/simple_cmd.php sent the Header: "microsoftofficewebserver" with value: "5.0_Pub". This information was found in the request with id 8268. The URL : http://www.farmacity.com.ar/farma_maps/Uploader.php sent the Header: "microsoftofficewebserver" with value: "5.0_Pub". This information was found in the request with id 8270. The URL : http://www.farmacity.com.ar/farma_maps/zacosmall.php sent the Header: "microsoftofficewebserver" with value: "5.0_Pub". This information was found in the request with id 8272. The URL : http://www.farmacity.com.ar/farma_maps/perlcmd.cgi sent the Header: "microsoftofficewebserver" with value: "5.0_Pub". This information was found in the request with id 8274. The URL : http://www.farmacity.com.ar/farma_maps/cmd.pl sent the Header: "microsoftofficewebserver" with value: "5.0_Pub". This information was found in the request with id 8276. The URL : http://www.farmacity.com.ar/farma_maps/jsp-reverse.jsp sent the Header: "microsoftofficewebserver" with value: "5.0_Pub". This information was found in the request with id 8278. The URL : http://www.farmacity.com.ar/farma_maps/cmdjsp.jsp sent the Header: "microsoftofficewebserver" with value: "5.0_Pub". This information was found in the request with id 8280. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146847&group_id=170274&group_project_id=55629 |
|
From: SourceForge.net <no...@so...> - 2008-03-06 00:50:17
|
Task #146848 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: mx injection false positive Complete: 0% Status: Closed Authority : andresriancho Assigned to: andresriancho Description: Found MX injection. The error showed by the web application is (only a fragment is shown): "a000". The error was found on response with id 9739. Found MX injection. The error showed by the web application is (only a fragment is shown): "a000". The error was found on response with id 9741. Found MX injection. The error showed by the web application is (only a fragment is shown): "a000". The error was found on response with id 9743. Follow-Ups: ------------------------------------------------------- Date: 2008-03-05 21:50 By: andresriancho Comment: Solved in revision 801. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146848&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-03-06 00:47:51
|
Task #146870 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: strangeParameter false positive Complete: 0% Status: Closed Authority : andresriancho Assigned to: andresriancho Description: The URI : http://www.edesur.com.ar/servicios_cliente/fr_servicios_cliente.asp?direccion=pop_accidentes_electr has a parameter named: "direccion" with value: "pop_accidentes_electr", which is quite odd. This information was found in the request with id 55. The URI : http://www.edesur.com.ar/grandes_clientes/fr_grandes_clientes.asp?direccion=consultas_habituales.htm has a parameter named: "direccion" with value: "consultas_habituales.htm", which is quite odd. This information was found in the request with id 95. The URI : http://www.edesur.com.ar/servicios_empresas/fr_servicios_empresas.asp?direccion=nuevos_prodyserv.htm has a parameter named: "direccion" with value: "nuevos_prodyserv.htm", which is quite odd. This information was found in the request with id 95. The URI : http://www.edesur.com.ar/servicios_municipios/fr_servicios_municipios.asp?direccion=afavor_MA.htm has a parameter named: "direccion" with value: "afavor_MA.htm", which is quite odd. This information was found in the request with id 116. Follow-Ups: ------------------------------------------------------- Date: 2008-03-05 21:47 By: andresriancho Comment: Solved in revision 801. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146870&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-03-06 00:42:37
|
Task #146849 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: osCommanding false positive Complete: 0% Status: Closed Authority : andresriancho Assigned to: andresriancho Description: OS Commanding was found at: http://www.farmacity.com.ar/ar/locales-head.swf . Using method: GET. The data sent was: sucursales=run+ping+-n+5+localhost. The vulnerability was found in the request with id 10631. Follow-Ups: ------------------------------------------------------- Date: 2008-03-05 21:42 By: andresriancho Comment: No, accepting false positive. ------------------------------------------------------- Date: 2008-03-05 21:41 By: andresriancho Comment: Solved in revision 801 when implemented a "benchmarking" functionality for unfuzzed requests. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146849&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-03-06 00:41:34
|
Task #146849 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: osCommanding false positive Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: OS Commanding was found at: http://www.farmacity.com.ar/ar/locales-head.swf . Using method: GET. The data sent was: sucursales=run+ping+-n+5+localhost. The vulnerability was found in the request with id 10631. Follow-Ups: ------------------------------------------------------- Date: 2008-03-05 21:41 By: andresriancho Comment: Solved in revision 801 when implemented a "benchmarking" functionality for unfuzzed requests. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146849&group_id=170274&group_project_id=50603 |
