Well I'd love to take this on with some help from you, Andres!
Many thanks
-Daniel
—
Sent from Mailbox for iPhone
On Fri, May 10, 2013 at 9:11 AM, Andres Riancho andres.rian...@gmail.com
wrote:
Lists,
After reading Practical HTTP Host header attacks [0] I thought
it would be fun to
Great :) So lets start right away. Please read the article, and try to
identify the different vulnerabilities which are present there. Once
you've got that, think about which ones could be automated with w3af
and send an email to this thread.
At this point w3af's features and code doesn't matter,
Dom,
Thanks for this :) There was an old version here [0], hidden in
our repository. What do you think we should do? Remove the one in our
repo and keep the one in vim.org? Keep both updated seems dumb...
maybe our w3af.vim should point users to the one in vim.org?
[0]
Hi Andres,
I think managing single version on vim.org is a good idea because from now
when I search w3af vim on google the first link is the right. Furthermore
I have maded a ref to the W3AF website ...We can update old vim
file replacing the content with a link to the page vim.org :o)
I will
Andres,
In which Github repository did you manage W3AF documentation files ?
I asked this because in doc folder of the master branch the ODT and PDF
files are not sync for FR/EN and I want to add the VIM syntax file URL into
the documentation...
Thanks in advance
--
Cordialement, Best regards,
Hi Andrés
I've already compiled a short list of variants of the host header attack.
Some of them are simple to build, some of them are more tricky. Same is
for the checks to be implemented to identify the vulnerability.
The most tricky part will be that you often need 2 or 3 requests and then
Achim,
On Fri, May 10, 2013 at 12:58 PM, Achim Hoffmann webse...@sic-sec.org wrote:
Hi Andrés
I've already compiled a short list of variants of the host header attack.
Some of them are simple to build, some of them are more tricky. Same is
for the checks to be implemented to identify the