w3af-svn-notify Mailing List for w3af (Page 269)
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
w3af-svn-notify — This mailing list has a copy of the SVN Commit logs and each modified file
You can subscribe to this list here.
| 2008 |
Jan
|
Feb
(235) |
Mar
(336) |
Apr
(280) |
May
(278) |
Jun
(159) |
Jul
(270) |
Aug
(240) |
Sep
(121) |
Oct
(110) |
Nov
(199) |
Dec
(228) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2009 |
Jan
(251) |
Feb
(206) |
Mar
(115) |
Apr
(45) |
May
(27) |
Jun
(67) |
Jul
(49) |
Aug
(38) |
Sep
(10) |
Oct
(131) |
Nov
(89) |
Dec
(38) |
| 2010 |
Jan
(85) |
Feb
(71) |
Mar
(45) |
Apr
(23) |
May
(12) |
Jun
|
Jul
(11) |
Aug
(7) |
Sep
(81) |
Oct
(79) |
Nov
(165) |
Dec
(62) |
| 2011 |
Jan
(134) |
Feb
(73) |
Mar
(34) |
Apr
(63) |
May
(147) |
Jun
(43) |
Jul
(21) |
Aug
(26) |
Sep
(43) |
Oct
(34) |
Nov
(44) |
Dec
(112) |
| 2012 |
Jan
(47) |
Feb
(44) |
Mar
(72) |
Apr
(209) |
May
(54) |
Jun
(279) |
Jul
(151) |
Aug
(332) |
Sep
(39) |
Oct
(268) |
Nov
(116) |
Dec
(368) |
| 2013 |
Jan
(73) |
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: SourceForge.net <no...@so...> - 2008-03-04 11:31:32
|
Task #146849 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: osCommanding false positive Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: OS Commanding was found at: http://www.farmacity.com.ar/ar/locales-head.swf . Using method: GET. The data sent was: sucursales=run+ping+-n+5+localhost. The vulnerability was found in the request with id 10631. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146849&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-03-04 11:28:38
|
Task #146848 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: mx injection false positive Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: Found MX injection. The error showed by the web application is (only a fragment is shown): "a000". The error was found on response with id 9739. Found MX injection. The error showed by the web application is (only a fragment is shown): "a000". The error was found on response with id 9741. Found MX injection. The error showed by the web application is (only a fragment is shown): "a000". The error was found on response with id 9743. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146848&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-03-04 11:24:02
|
Task #146847 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: Repeated messages in strangeHeaders Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: The URL : http://www.farmacity.com.ar/farma_maps/simple_cmd.php sent the Header: "microsoftofficewebserver" with value: "5.0_Pub". This information was found in the request with id 8268. The URL : http://www.farmacity.com.ar/farma_maps/Uploader.php sent the Header: "microsoftofficewebserver" with value: "5.0_Pub". This information was found in the request with id 8270. The URL : http://www.farmacity.com.ar/farma_maps/zacosmall.php sent the Header: "microsoftofficewebserver" with value: "5.0_Pub". This information was found in the request with id 8272. The URL : http://www.farmacity.com.ar/farma_maps/perlcmd.cgi sent the Header: "microsoftofficewebserver" with value: "5.0_Pub". This information was found in the request with id 8274. The URL : http://www.farmacity.com.ar/farma_maps/cmd.pl sent the Header: "microsoftofficewebserver" with value: "5.0_Pub". This information was found in the request with id 8276. The URL : http://www.farmacity.com.ar/farma_maps/jsp-reverse.jsp sent the Header: "microsoftofficewebserver" with value: "5.0_Pub". This information was found in the request with id 8278. The URL : http://www.farmacity.com.ar/farma_maps/cmdjsp.jsp sent the Header: "microsoftofficewebserver" with value: "5.0_Pub". This information was found in the request with id 8280. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146847&group_id=170274&group_project_id=50603 |
|
From: <and...@us...> - 2008-03-04 00:49:31
|
Revision: 790
http://w3af.svn.sourceforge.net/w3af/?rev=790&view=rev
Author: andresriancho
Date: 2008-03-03 16:49:29 -0800 (Mon, 03 Mar 2008)
Log Message:
-----------
Fixed two bugs in the XML returned by attack plugins and created a script to test that they are ok.
Modified Paths:
--------------
trunk/plugins/attack/mysqlWebShell.py
trunk/plugins/attack/osCommandingShell.py
Added Paths:
-----------
trunk/scripts/script-test-exploit-config.w3af
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-03-04 00:37:10
|
Revision: 789
http://w3af.svn.sourceforge.net/w3af/?rev=789&view=rev
Author: andresriancho
Date: 2008-03-03 16:37:07 -0800 (Mon, 03 Mar 2008)
Log Message:
-----------
Fixed some bugs that I found while testing a client site.
Modified Paths:
--------------
trunk/core/controllers/coreHelpers/fingerprint404Page.py
trunk/plugins/discovery/findBackdoor.py
trunk/plugins/discovery/hmap.py
trunk/plugins/grep/httpAuthDetect.py
trunk/plugins/grep/httpInBody.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-03-04 00:36:37
|
Task #146831 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: httpAuthDetect show a lot, save none to kb ? Complete: 0% Status: Closed Authority : andresriancho Assigned to: andresriancho Description: httpAuthDetect show a lot of: The resource: http://www.farmacity.com.ar/_vti_bin/_vti_aut/author.dll requires authentication. The message is: Negotiate, NTLM . This information was found in the request with id 3271. The resource: http://www.farmacity.com.ar/_vti_bin/_vti_aut/author.exe requires authentication. The message is: Negotiate, NTLM . This information was found in the request with id 3273. Save none to kb ? Follow-Ups: ------------------------------------------------------- Date: 2008-03-03 21:36 By: andresriancho Comment: Fixed. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146831&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-03-04 00:34:23
|
Task #146829 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: False positive in httpInBody Complete: 100% Status: Closed Authority : andresriancho Assigned to: andresriancho Description: <body><h2>HTTP/1.1 501 Not Implemented</h2></body> Follow-Ups: ------------------------------------------------------- Date: 2008-03-03 21:34 By: andresriancho Comment: Fixed. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146829&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-03-04 00:31:57
|
Task #146830 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: False positive in httpAuthDetect Complete: 100% Status: Closed Authority : andresriancho Assigned to: andresriancho Description: The resource: http://www.farmacity.com.ar/user.php?op=confirmnewuser&module=NS-NewUser&uname=%22%3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&email=te...@te... has a user and password in the URI . The vulnerability was found in the request with id 3003. Follow-Ups: ------------------------------------------------------- Date: 2008-03-03 21:31 By: andresriancho Comment: Fixed. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146830&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-03-04 00:30:05
|
Task #146832 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: space in URL findBackdoor + false positive in is404 Complete: 100% Status: Closed Authority : andresriancho Assigned to: andresriancho Description: New URL found by findBackdoor plugin: http://www.farmacity.com.ar/JspWebshell%201.2.jsp New URL found by findBackdoor plugin: http://www.farmacity.com.ar/cmdasp.aspx New URL found by findBackdoor plugin: http://www.farmacity.com.ar/cmd.aspx Follow-Ups: ------------------------------------------------------- Date: 2008-03-03 21:30 By: andresriancho Comment: Fixed. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146832&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-03-04 00:10:46
|
Task #146833 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: repeated messages Complete: 0% Status: Closed Authority : andresriancho Assigned to: andresriancho Description: Fingerprinted this host as a Microsoft Windows system. This information was found in the request with id 6412. Fingerprinted this host as a Microsoft Windows system. This information was found in the request with id 6414. Fingerprinted this host as a Microsoft Windows system. This information was found in the request with id 6416. Fingerprinted this host as a Microsoft Windows system. This information was found in the request with id 6418. Fingerprinted this host as a Microsoft Windows system. This information was found in the request with id 6420. Fingerprinted this host as a Microsoft Windows system. This information was found in the request with id 6422. Fingerprinted this host as a Microsoft Windows system. This information was found in the request with id 6424. Follow-Ups: ------------------------------------------------------- Date: 2008-03-03 21:10 By: andresriancho Comment: Fixed. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146833&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-03-03 19:20:17
|
Task #146834 has been updated. Project: w3af Subproject: gtkUi - Phase 4 Summary: URL tree driven HTTP Log ? Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: URL tree driven HTTP Log ? When I click on the URL tree, I see the first request/response that was applied to that URL; or maybe I see a search result with all of the req/res to that URL? ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146834&group_id=170274&group_project_id=55676 |
|
From: SourceForge.net <no...@so...> - 2008-03-03 19:15:16
|
Task #146833 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: repeated messages Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: Fingerprinted this host as a Microsoft Windows system. This information was found in the request with id 6412. Fingerprinted this host as a Microsoft Windows system. This information was found in the request with id 6414. Fingerprinted this host as a Microsoft Windows system. This information was found in the request with id 6416. Fingerprinted this host as a Microsoft Windows system. This information was found in the request with id 6418. Fingerprinted this host as a Microsoft Windows system. This information was found in the request with id 6420. Fingerprinted this host as a Microsoft Windows system. This information was found in the request with id 6422. Fingerprinted this host as a Microsoft Windows system. This information was found in the request with id 6424. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146833&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-03-03 19:08:35
|
Task #146832 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: space in URL findBackdoor + false positive in is404 Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: New URL found by findBackdoor plugin: http://www.farmacity.com.ar/JspWebshell%201.2.jsp New URL found by findBackdoor plugin: http://www.farmacity.com.ar/cmdasp.aspx New URL found by findBackdoor plugin: http://www.farmacity.com.ar/cmd.aspx ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146832&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-03-03 18:52:27
|
Task #146831 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: httpAuthDetect show a lot, save none to kb ? Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: httpAuthDetect show a lot of: The resource: http://www.farmacity.com.ar/_vti_bin/_vti_aut/author.dll requires authentication. The message is: Negotiate, NTLM . This information was found in the request with id 3271. The resource: http://www.farmacity.com.ar/_vti_bin/_vti_aut/author.exe requires authentication. The message is: Negotiate, NTLM . This information was found in the request with id 3273. Save none to kb ? ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146831&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-03-03 18:44:54
|
Task #146830 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: False positive in httpAuthDetect Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: The resource: http://www.farmacity.com.ar/user.php?op=confirmnewuser&module=NS-NewUser&uname=%22%3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&email=te...@te... has a user and password in the URI . The vulnerability was found in the request with id 3003. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146830&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-03-03 18:37:23
|
Task #146829 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: False positive in httpInBody Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: <body><h2>HTTP/1.1 501 Not Implemented</h2></body> ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146829&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-03-03 16:01:03
|
Task #146765 has been updated. Project: w3af Subproject: gtkUi - Phase 2 Summary: Tabs "refactoring" Complete: 100% Status: Closed Authority : andresriancho Assigned to: facundobatista Description: First tab, "Scan config": Has the plugin configuration and the target settings. Target settings go up. Advanced settings button shouldn't say "Advanced", in order to be smaller and be in the same line with the URL and the Start Scan button. Order of this: "URL - ADV - Start Scan" Second Tab, Results: Has two tabs, one for the URLs and one for the "KB Explorer" (which I should rename to something nicer). Third Tab, Log: The message window. Fourth Tab, Exploit: Just like it looks right now; but without the log window. (or maybe the log window is there, but hidden by default ?!?!) Follow-Ups: ------------------------------------------------------- Date: 2008-03-03 13:00 By: facundobatista Comment: Finished in 788. ------------------------------------------------------- Date: 2008-02-29 16:52 By: facundobatista Comment: Initial reordering is done, a lot more is needed. The code is usable in the start, wait until finished, clear, start secuence. ------------------------------------------------------- Date: 2008-02-29 13:12 By: facundobatista Comment: Raising its priority, as the "running feedback" are broken. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146765&group_id=170274&group_project_id=55112 |
|
From: <fac...@us...> - 2008-03-03 15:56:21
|
Revision: 788
http://w3af.svn.sourceforge.net/w3af/?rev=788&view=rev
Author: facundobatista
Date: 2008-03-03 07:55:47 -0800 (Mon, 03 Mar 2008)
Log Message:
-----------
Eliminated the log windows in their old places.
Modified Paths:
--------------
trunk/core/ui/gtkUi/exploittab.py
trunk/core/ui/gtkUi/main.py
trunk/core/ui/gtkUi/scanrun.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fac...@us...> - 2008-03-03 15:33:23
|
Revision: 787
http://w3af.svn.sourceforge.net/w3af/?rev=787&view=rev
Author: facundobatista
Date: 2008-03-03 07:33:17 -0800 (Mon, 03 Mar 2008)
Log Message:
-----------
Enhanced the way the views menu are treated for each tab.
Modified Paths:
--------------
trunk/core/ui/gtkUi/main.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fac...@us...> - 2008-03-03 14:57:10
|
Revision: 786
http://w3af.svn.sourceforge.net/w3af/?rev=786&view=rev
Author: facundobatista
Date: 2008-03-03 06:56:51 -0800 (Mon, 03 Mar 2008)
Log Message:
-----------
Slight modification to Searchable to make it more
easily reusable.
Modified Paths:
--------------
trunk/core/ui/gtkUi/entries.py
trunk/core/ui/gtkUi/messages.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fac...@us...> - 2008-03-03 14:37:49
|
Revision: 785
http://w3af.svn.sourceforge.net/w3af/?rev=785&view=rev
Author: facundobatista
Date: 2008-03-03 06:36:15 -0800 (Mon, 03 Mar 2008)
Log Message:
-----------
Ignore the error file created by crashes.
Property Changed:
----------------
trunk/
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-03-03 14:33:24
|
Task #146816 has been updated. Project: w3af Subproject: TODO v1.00 Summary: buzhug database should be in home directory Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: buzhug database should be in home directory ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146816&group_id=170274&group_project_id=48542 |
|
From: <fac...@us...> - 2008-03-03 14:31:30
|
Revision: 784
http://w3af.svn.sourceforge.net/w3af/?rev=784&view=rev
Author: facundobatista
Date: 2008-03-03 06:31:24 -0800 (Mon, 03 Mar 2008)
Log Message:
-----------
Added a start/stop button in the target url bar. For this,
I implemented a BroadcastWrapper that sends the same
message to all the widgets it has.
Modified Paths:
--------------
trunk/core/ui/gtkUi/helpers.py
trunk/core/ui/gtkUi/main.py
trunk/core/ui/gtkUi/pluginconfig.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-03-03 14:22:33
|
Revision: 783
http://w3af.svn.sourceforge.net/w3af/?rev=783&view=rev
Author: andresriancho
Date: 2008-03-03 06:22:19 -0800 (Mon, 03 Mar 2008)
Log Message:
-----------
w3afCore creates w3af directory inside users home directory.
Modified Paths:
--------------
trunk/core/controllers/w3afCore.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-03-03 14:06:16
|
Task #146815 has been updated. Project: w3af Subproject: gtkUi - Phase 2 Summary: "./w3af -g --profile=test" Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: Make this work in w3af.py ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146815&group_id=170274&group_project_id=55112 |
