Error with domain scope
Wapiti is a web-application vulnerability scanner
Brought to you by:
devloop
Menu
▾
▴
#59 Error with domain scope
Hi There,
I am using Wapiti 3.0.1 version and am making sure am using Python3 as I am using Pyenv to create virtual env and I am working on Mac
I tried to scan one of our internal applications with scope of (url/page/folder) then I got empty report (no vuln is reported), not sure why even single vuln is reported and when I scan with domain scope I am getting the below error
Wapiti-3.0.1 (wapiti.sourceforge.net)
[*] You are lucky! Full moon tonight.
Traceback (most recent call last):
File "/Users/narlas01/.pyenv/versions/3.4.0/bin/wapiti", line 9, in <module>
load_entry_point('wapiti3==3.0.1', 'console_scripts', 'wapiti')()
File "/Users/XXX/.pyenv/versions/3.4.0/lib/python3.4/site-packages/wapiti3-3.0.1-py3.4.egg/wapitiCore/main/wapiti.py", line 991, in wapiti_main
wap.browse()
File "/Users/XXX/.pyenv/versions/3.4.0/lib/python3.4/site-packages/wapiti3-3.0.1-py3.4.egg/wapitiCore/main/wapiti.py", line 283, in browse
for resource in explorer.explore(self._start_urls, self._excluded_urls):
File "/Users/XXX/.pyenv/versions/3.4.0/lib/python3.4/site-packages/wapiti3-3.0.1-py3.4.egg/wapitiCore/net/crawler.py", line 1442, in explore
for extra_url in filter(self._crawler.is_in_scope, page.extra_urls):
File "/Users/XXX/.pyenv/versions/3.4.0/lib/python3.4/site-packages/wapiti3-3.0.1-py3.4.egg/wapitiCore/net/crawler.py", line 1015, in is_in_scope
return get_tld(resource) == get_tld(self._base.url)
File "/Users/XXX/.pyenv/versions/3.4.0/lib/python3.4/site-packages/tld-0.9.1-py3.4.egg/tld/utils.py", line 434, in get_tld
search_private=search_private
File "/Users/XXX/.pyenv/versions/3.4.0/lib/python3.4/site-packages/tld-0.9.1-py3.4.egg/tld/utils.py", line 291, in process_url
raise TldBadUrl(url=url)
tld.exceptions.TldBadUrl: Is not a valid URL https://:0/!</module>
Much appreciate your help.
Thanks,
Swapna
I am not sure why it is throwing it as an invalid url, I tried with other vulnerable app too, same problem
$ wapiti -u http://zero.webappsecurity.com/index.html --scope domain
Wapiti-3.0.1 (wapiti.sourceforge.net)
[*] You are lucky! Full moon tonight.
Traceback (most recent call last):
File "/Users/XXX/.pyenv/versions/3.4.0/bin/wapiti", line 9, in <module>
load_entry_point('wapiti3==3.0.1', 'console_scripts', 'wapiti')()
File "/Users/XXX/.pyenv/versions/3.4.0/lib/python3.4/site-packages/wapiti3-3.0.1-py3.4.egg/wapitiCore/main/wapiti.py", line 991, in wapiti_main
wap.browse()
File "/Users/XXX/.pyenv/versions/3.4.0/lib/python3.4/site-packages/wapiti3-3.0.1-py3.4.egg/wapitiCore/main/wapiti.py", line 283, in browse
for resource in explorer.explore(self._start_urls, self._excluded_urls):
File "/Users/XXX/.pyenv/versions/3.4.0/lib/python3.4/site-packages/wapiti3-3.0.1-py3.4.egg/wapitiCore/net/crawler.py", line 1451, in explore
if self._crawler.is_in_scope(form):
File "/Users/XXX/.pyenv/versions/3.4.0/lib/python3.4/site-packages/wapiti3-3.0.1-py3.4.egg/wapitiCore/net/crawler.py", line 1003, in is_in_scope
return get_tld(resource.url) == get_tld(self._base.url)
File "/Users/XXX/.pyenv/versions/3.4.0/lib/python3.4/site-packages/tld-0.9.1-py3.4.egg/tld/utils.py", line 434, in get_tld
search_private=search_private
File "/Users/XXX/.pyenv/versions/3.4.0/lib/python3.4/site-packages/tld-0.9.1-py3.4.egg/tld/utils.py", line 291, in process_url
raise TldBadUrl(url=url)
tld.exceptions.TldBadUrl: Is not a valid URL !</module>
Hi!
Thank you for reporting
Hi, Thanks for looking into it, let me know if you need any more details.
Except for http://testphp.vulnweb.com/ this, for any other application I try either it is not reporting any vulnerability or it is throwing error after scanning urls.
Bug was related to forms having an empty action attribute, now fixed
You can get the last version of the code :
git clone https://git.code.sf.net/p/wapiti/git wapiti-git