Re: [W3af-develop] Wordpress version discovery plugin
Hello,
Im new to mailing lists so im not sure if this will be sent there.
I'll have a look into intergrating the script into w3af over the next
couple of days and hopefully have a working version by the weekend.
The script is quite simple once you have the gathered the nesesary
data. I went through versions 2.2 to 2.7.1 and manually found client
side differences in most of them, I also used the official changelogs
to help identify them.
The client side differences are in files such as CSS, javascript and
HTML. Some versions did not have any differences apart from having
extra files, which can easliy be identified with HTTP response codes.
It works as such...
Starting from version 2.7.1 (latest), the script tries to find
something that 2.7 doesnt have, if it finds that something then the
script stops and echos the version number.
If the script doesnt find the difference it moves onto identifying the
next version, i.e. does 2.7 have something the earlier version doesnt
have. and so on and so forth.
Ryan
2009/5/28 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Wed, May 27, 2009 at 5:07 PM, Ryan Dewhurst ryandewhu...@gmail.com wrote:
Hello,
I have developed a python script that can detect the version of a
wordpress installation. I think it would fit well within w3af,
Yes, it seems that it's something good to have in the framework.
I have like a ton of questions about how it works, could you please
send the script (as it is) to this mailing list for us to read it?
the
only problem being is that I have been unable to find a plugin
development manual to be able to implement my script.
There is no development manual :(
For the type of feature that you want to add, the correct thing is to
use a discovery plugin. discovery plugins are simple, they follow
these rules:
- the entry point is the discover method
- the discover method takes a fuzzable request object as a parameter,
and returns a list of fuzzable requests
(fuzzable requests are representations of GET/POST requests, which
represent links, and forms)
- the discover method is called several times in the same scan, with
the different links that (for example) the webSpider finds.
I think that the best thing you can do is to read one or two discovery
plugins (my recommendations are discovery.crossDomain and
discovery.userDir), and start building your own plugin based on one of
those.
Is there a dev manual out there?
No
Does any one have some tips/advice on writting a plugin?
Yes, see above,
Does any one want me to send them the script for them to develop the plugin?
You should develop the plugin yourself, is fun and good for the project =)
Cheers,
Thank you,
Ryan
--
Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT
is a gathering of tech-side developers brand creativity professionals. Meet
the minds behind Google Creative Lab, Visual Complexity, Processing,
iPhoneDevCamp as they present alongside digital heavyweights like Barbarian
Group, R/GA, Big Spaceship. http://p.sf.net/sfu/creativitycat-com
___
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
--
Andrés Riancho
Founder, Bonsai - Information Security
http://www.bonsai-sec.com/
http://w3af.sf.net/
#!usr/bin/python
import httplib, urllib2, socket, sys
#wpurl = raw_input(Enter the WP URL you want to find the version of: )
wpurl = sys.argv[1].replace(http://,;)
wpurl = wpurl.replace(www.,)
errors = '404'
def wp271():
url = wpurl + '/wp-includes/js/thickbox/thickbox.css'
# Get page HTML
try:
Request = urllib2.urlopen('http://' + url)
difference = '-ms-filter:'
if difference in Request.read():
return 'true'
except urllib2.HTTPError:
return 'false'
def wp27():
url = wpurl + '/wp-admin/css/farbtastic.css'
# Get page HTML
try:
Request = urllib2.urlopen('http://' + url)
difference = 'farbtastic'
if difference in Request.read():
return 'true'
except urllib2.HTTPError:
return 'false'
def wp26():
try:
url = wpurl + '/wp-includes/js/tinymce/wordpress.css'
# Get page HTML
Request = urllib2.urlopen('http://' + url)
difference = '-khtml-border-radius:'
if difference in Request.read():
return 'true'
except urllib2.HTTPError:
return 'false'
def wp251():
url = wpurl + '/wp-includes/js/tinymce/tiny_mce.js'
# Get page HTML
try:
Request = urllib2.urlopen('http://' + url)
difference = '0.7'
if difference in Request.read():
return 'true'
except urllib2.HTTPError:
return 'false'
def wp25():
url = wpurl + '/wp-admin/async-upload.php'
# Get page HTML
try:
Request = urllib2.urlopen('http://' + url)
return 'true'
except urllib2.HTTPError, e:
if e.code == 403:
return 'true'
else:
return 'false'
def wp231():
url = wpurl + '/wp
Re: [W3af-develop] Wordpress version discovery plugin
Yes, I dont see why not. Should be easy enough tro implement.
You mentioned during our email conversation that wordpress echos its
version number in the page head. I managed to find an example of it.
Your right I do have a security plugin installed which must have
removed it from my blog.
Here is an example:
meta name=generator content=WordPress 2.7.1 /
2009/5/28 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Wed, May 27, 2009 at 10:18 PM, Andres Riancho
andres.rian...@gmail.com wrote:
Ryan,
On Wed, May 27, 2009 at 9:58 PM, Ryan Dewhurst ryandewhu...@gmail.com
wrote:
Hello,
Im new to mailing lists so im not sure if this will be sent there.
It depends on the mailing list. This one is configured to accept attachments,
I'll have a look into intergrating the script into w3af over the next
couple of days and hopefully have a working version by the weekend.
Excellent, if you need ANY help, just let us know.
The script is quite simple once you have the gathered the nesesary
data. I went through versions 2.2 to 2.7.1 and manually found client
side differences in most of them, I also used the official changelogs
to help identify them.
Ohhh, you are the guy that wrote that blog post with the diffs of
different wordpress release packages?
The client side differences are in files such as CSS, javascript and
HTML. Some versions did not have any differences apart from having
extra files, which can easliy be identified with HTTP response codes.
It works as such...
Starting from version 2.7.1 (latest), the script tries to find
something that 2.7 doesnt have, if it finds that something then the
script stops and echos the version number.
If the script doesnt find the difference it moves onto identifying the
next version, i.e. does 2.7 have something the earlier version doesnt
have. and so on and so forth.
Ok, makes sense.
Some comments regarding your code:
- w3af uses PEP-8, with among other things says 4-spaces for
indentations. Your code has 1-space (?) indentations. Please correct
that.
- The code is pretty simple, but i think it could be done in a better
way. Having that many functions (wp22 to wp271) doesn't seem to be a
good option. Do you think that the code could be changed a little bit,
and create a database (which can be easily updated) and then use that
database to store the information? Example of the databse
self._wp_fingerprint =
[('/wp-includes/js/thickbox/thickbox.css','-ms-filter:'),('/wp-admin/css/farbtastic.css',
'farbtastic')]
- Also, by default wordpress publishes the version number in every
page head. Maybe it would be a good idea to parse that, and compare it
with the result of the fingerprinting. What do you think?
A good idea would be to have a first step, before all the version
specific checks, that verifies something that's true for all wordpress
installations (some X file has to be present) before even starting the
fingerprinting. Could this be done?
Cheers,
Ryan
2009/5/28 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Wed, May 27, 2009 at 5:07 PM, Ryan Dewhurst ryandewhu...@gmail.com
wrote:
Hello,
I have developed a python script that can detect the version of a
wordpress installation. I think it would fit well within w3af,
Yes, it seems that it's something good to have in the framework.
I have like a ton of questions about how it works, could you please
send the script (as it is) to this mailing list for us to read it?
the
only problem being is that I have been unable to find a plugin
development manual to be able to implement my script.
There is no development manual :(
For the type of feature that you want to add, the correct thing is to
use a discovery plugin. discovery plugins are simple, they follow
these rules:
- the entry point is the discover method
- the discover method takes a fuzzable request object as a parameter,
and returns a list of fuzzable requests
(fuzzable requests are representations of GET/POST requests, which
represent links, and forms)
- the discover method is called several times in the same scan, with
the different links that (for example) the webSpider finds.
I think that the best thing you can do is to read one or two discovery
plugins (my recommendations are discovery.crossDomain and
discovery.userDir), and start building your own plugin based on one of
those.
Is there a dev manual out there?
No
Does any one have some tips/advice on writting a plugin?
Yes, see above,
Does any one want me to send them the script for them to develop the
plugin?
You should develop the plugin yourself, is fun and good for the project =)
Cheers,
Thank you,
Ryan
--
Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT
is a gathering of tech-side developers brand creativity professionals.
Meet
the minds behind Google Creative Lab, Visual Complexity
Re: [W3af-develop] Wordpress version discovery plugin
Im loooking into searching the response html of the index page for the
following string:
meta name=generator content=WordPress $version /
Ive tried with regular expressions and am unable to get it to work,
Ive read that re is bad for parsing HTML and that BeautifulSoup
should be used.
Does w3af already have BeautifulSoup in its dependency list?
Ryan
P.S. Thanks for the advice backbone46, I'll have a look into that once
Ive sorted this out.
2009/5/28 backbon...@gmail.com:
Sorry to bump in just like that in the discussion, about the meta tag that
displays
the WordPress version.
Only since version 2.7 the generator function is in the core of WordPress,
on
earlier versions it was only in the theme.
Just wanted to mention that. :)
---
http://insanesecurity.info
On Thu, May 28, 2009 at 10:53 PM, Ryan Dewhurst ryandewhu...@gmail.com
wrote:
Yes, I dont see why not. Should be easy enough tro implement.
You mentioned during our email conversation that wordpress echos its
version number in the page head. I managed to find an example of it.
Your right I do have a security plugin installed which must have
removed it from my blog.
Here is an example:
meta name=generator content=WordPress 2.7.1 /
2009/5/28 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Wed, May 27, 2009 at 10:18 PM, Andres Riancho
andres.rian...@gmail.com wrote:
Ryan,
On Wed, May 27, 2009 at 9:58 PM, Ryan Dewhurst ryandewhu...@gmail.com
wrote:
Hello,
Im new to mailing lists so im not sure if this will be sent there.
It depends on the mailing list. This one is configured to accept
attachments,
I'll have a look into intergrating the script into w3af over the next
couple of days and hopefully have a working version by the weekend.
Excellent, if you need ANY help, just let us know.
The script is quite simple once you have the gathered the nesesary
data. I went through versions 2.2 to 2.7.1 and manually found client
side differences in most of them, I also used the official changelogs
to help identify them.
Ohhh, you are the guy that wrote that blog post with the diffs of
different wordpress release packages?
The client side differences are in files such as CSS, javascript and
HTML. Some versions did not have any differences apart from having
extra files, which can easliy be identified with HTTP response codes.
It works as such...
Starting from version 2.7.1 (latest), the script tries to find
something that 2.7 doesnt have, if it finds that something then the
script stops and echos the version number.
If the script doesnt find the difference it moves onto identifying the
next version, i.e. does 2.7 have something the earlier version doesnt
have. and so on and so forth.
Ok, makes sense.
Some comments regarding your code:
- w3af uses PEP-8, with among other things says 4-spaces for
indentations. Your code has 1-space (?) indentations. Please correct
that.
- The code is pretty simple, but i think it could be done in a better
way. Having that many functions (wp22 to wp271) doesn't seem to be a
good option. Do you think that the code could be changed a little bit,
and create a database (which can be easily updated) and then use that
database to store the information? Example of the databse
self._wp_fingerprint =
[('/wp-includes/js/thickbox/thickbox.css','-ms-filter:'),('/wp-admin/css/farbtastic.css',
'farbtastic')]
- Also, by default wordpress publishes the version number in every
page head. Maybe it would be a good idea to parse that, and compare it
with the result of the fingerprinting. What do you think?
A good idea would be to have a first step, before all the version
specific checks, that verifies something that's true for all wordpress
installations (some X file has to be present) before even starting the
fingerprinting. Could this be done?
Cheers,
Ryan
2009/5/28 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Wed, May 27, 2009 at 5:07 PM, Ryan Dewhurst
ryandewhu...@gmail.com wrote:
Hello,
I have developed a python script that can detect the version of a
wordpress installation. I think it would fit well within w3af,
Yes, it seems that it's something good to have in the framework.
I have like a ton of questions about how it works, could you please
send the script (as it is) to this mailing list for us to read it?
the
only problem being is that I have been unable to find a plugin
development manual to be able to implement my script.
There is no development manual :(
For the type of feature that you want to add, the correct thing is to
use a discovery plugin. discovery plugins are simple, they follow
these rules:
- the entry point is the discover method
- the discover method takes a fuzzable request object as a parameter,
and returns a list of fuzzable requests
(fuzzable requests are representations of GET/POST
Re: [W3af-develop] Wordpress version discovery plugin
Managed to work it out and now making good progress. :)
2009/6/7 Ryan Dewhurst ryandewhu...@gmail.com:
I decided to move over to my Linux box for the development of the
plugin. One of the reasons I could not get the plugin to run through
w3af was that the plugin file name was not the same as the class name.
It now runs through w3af with out any errors. The only thing is that
the info output is not showing in kb.
Im using this which I found in another plugin:
# Save it to the kb!
i = info.info()
i.setName('WordPress version')
i.setURL( wp_index_url )
i.setId( http_response.id )
i.setDesc( 'WordPress version '+ self._version +' found in the
index header.' )
kb.kb.append( self, 'WordPress version', i )
om.out.information( i.getDesc() )
Attached is the latest version.
Ryan
2009/6/6 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sat, Jun 6, 2009 at 6:22 PM, Ryan Dewhurstryandewhu...@gmail.com wrote:
Also delete the .pyc file, and no reinstall is needed.
There was none.
Yes, many.
You are missing some required methods, like setOptions, getOptions,
getLongDescription, etc. Please see other plugins for a complete list,
They are already in the code:
# W3af options and output
def getOptions( self ):
'''
�...@return: A list of option objects for this plugin.
'''
ol = optionList()
return ol
def setOptions( self, OptionList ):
'''
This method sets all the options that are configured using the
user interface
generated by the framework using the result of getOptions().
�...@parameter OptionList: A dictionary with the options for the
plugin.
�...@return: No value is returned.
'''
pass
def getPluginDeps( self ):
'''
�...@return: A list with the names of the plugins that should be
runned before the
current one.
'''
return []
def getLongDesc( self ):
'''
�...@return: A DETAILED description of the plugin functions and
features.
'''
return '''
This plugin searches for client side differences between
different versions of WordPress.
'''
Then try to run w3af from a console:
in cmd.exe run python w3af_console.py
2009/6/6 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sat, Jun 6, 2009 at 1:57 PM, Ryan Dewhurst ryandewhu...@gmail.com
wrote:
I moved the wpvchecker.py file into the /plugin/discovery folder. When
I try to launch w3af I get an error (screenshot attached), the prompt
only lasts a few seconds so could not copy/paste the full error
output.
When I remove the wpvchecker.py file out of the dir the error persists
and I have to un/re install w3af to get it working again.
Also delete the .pyc file, and no reinstall is needed.
Any ideas?
Yes, many.
You are missing some required methods, like setOptions, getOptions,
getLongDescription, etc. Please see other plugins for a complete list,
Thanks again,
Ryan
2009/6/6 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sat, Jun 6, 2009 at 10:59 AM, Ryan Dewhurst ryandewhu...@gmail.com
wrote:
Hello,
Sorry its been so long with the wrodpress version checker plugin, had
some life problems.
No problem man, I hope things are going better now.
Anyway...
I have come to a logic problem which I cannot seem to solve and was
wondering if any one could give me some pointers...
Versions '2.5', '2.3.1, 2.3.2 or 2.3.3' and '2.2' are detected by a
file/image being present i.e status 200
I cannot figure out how to check for this while using the
self._wp_fingerprint array.
The for loop that works with the array looks like this:
for data in self._wp_fingerprint:
# Complete URL to test, url+file
test_URL = urlParser.urlJoin( base_url,
self._wp_fingerprint[0] )
if self._wp_fingerprint[1] in response:
version = self._wp_fingerprint[2]
break
else:
version = 'Version lower than 2.2'
But there are some parts missing, like actually requesting to the
server the test_URL. On the other part, the 200 logic could be
easily done like this:
if self._wp_fingerprint[1] == 200 and not
is_404(response):
# it was found!
elif self._wp_fingerprint[1] in response:
version = self._wp_fingerprint[2]
break
else:
version = 'Version lower than 2.2'
To make this work, you should change the '' in the fingerprint array
by a 200, and it should all work.
Here is the code so far, I have not yet tested it out, but should give
you a basic idea of how it will run.
Yes, and it makes much more sense to me this way. The older version
was ugly :)
I was also thinking of
implementing a plugin
Re: [W3af-develop] Wordpress version discovery plugin
w00t w00t!
All tested and working!
Thanks to everyone for their help especially Andres for putting up
with my noobness. I will look into implementing the vulns for each
version and then eventually a wp plugin version finder.
Feedback and suggestions welcome! :-)
2009/6/7 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sat, Jun 6, 2009 at 10:20 PM, Ryan Dewhurstryandewhu...@gmail.com wrote:
I decided to move over to my Linux box for the development of the
plugin. One of the reasons I could not get the plugin to run through
w3af was that the plugin file name was not the same as the class name.
Ok, makes sense,
It now runs through w3af with out any errors. The only thing is that
the info output is not showing in kb.
Are you saving it to the kb?
Im using this which I found in another plugin:
# Save it to the kb!
i = info.info()
i.setName('WordPress version')
i.setURL( wp_index_url )
i.setId( http_response.id )
i.setDesc( 'WordPress version '+ self._version +' found in the
index header.' )
kb.kb.append( self, 'WordPress version', i )
om.out.information( i.getDesc() )
That seems to be enough to save the version to the kb,
Attached is the latest version.
I applied some minor changes:
- Changed the name of the plugin to wordpress_plugin, because
wpvChecker is cryptic to users.
- The code has some serious errors, that are possibly the reason you
don't see anything:
...@brick:~/w3af/w3af/trunk$ pylint
--rcfile=../extras/misc/pylint.rc /tmp/wordpress_version.py -e
* Module wordpress_version
E: 98:wordpress_version.discover: Undefined variable 're'
E:109:wordpress_version.discover: Undefined variable 'http_response'
E:150:wordpress_version.discover: Undefined variable 'http_response'
Have you tested the plugin? Do you get a big traceback when running it?
- This line in the fingerprint DB:
('/wp-admin/async-upload.php','200','2.5'),
Doesn't match this line:
if self._wp_fingerprint[1] == 200 and not is_404(response):
'200' and 200 aren't equal in python:
'200' == 200
False
You should change your database to 200, instead of '200' where necessary.
- One more detail, is that it would be nice to compare the version in
the HTML header, with the fingerprinted version, and report if they
differ.
You're on the right path, I think that with these recommendations
you'll be able to complete the development of your first w3af plugin
=)
PS: You should answer inline.
Ryan
2009/6/6 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sat, Jun 6, 2009 at 6:22 PM, Ryan Dewhurstryandewhu...@gmail.com wrote:
Also delete the .pyc file, and no reinstall is needed.
There was none.
Yes, many.
You are missing some required methods, like setOptions, getOptions,
getLongDescription, etc. Please see other plugins for a complete list,
They are already in the code:
# W3af options and output
def getOptions( self ):
'''
�...@return: A list of option objects for this plugin.
'''
ol = optionList()
return ol
def setOptions( self, OptionList ):
'''
This method sets all the options that are configured using the
user interface
generated by the framework using the result of getOptions().
�...@parameter OptionList: A dictionary with the options for the
plugin.
�...@return: No value is returned.
'''
pass
def getPluginDeps( self ):
'''
�...@return: A list with the names of the plugins that should be
runned before the
current one.
'''
return []
def getLongDesc( self ):
'''
�...@return: A DETAILED description of the plugin functions and
features.
'''
return '''
This plugin searches for client side differences between
different versions of WordPress.
'''
Then try to run w3af from a console:
in cmd.exe run python w3af_console.py
2009/6/6 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sat, Jun 6, 2009 at 1:57 PM, Ryan Dewhurst ryandewhu...@gmail.com
wrote:
I moved the wpvchecker.py file into the /plugin/discovery folder. When
I try to launch w3af I get an error (screenshot attached), the prompt
only lasts a few seconds so could not copy/paste the full error
output.
When I remove the wpvchecker.py file out of the dir the error persists
and I have to un/re install w3af to get it working again.
Also delete the .pyc file, and no reinstall is needed.
Any ideas?
Yes, many.
You are missing some required methods, like setOptions, getOptions,
getLongDescription, etc. Please see other plugins for a complete list,
Thanks again,
Ryan
2009/6/6 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sat, Jun 6, 2009 at 10:59 AM, Ryan Dewhurst ryandewhu...@gmail.com
wrote:
Hello,
Sorry its been so long with the wrodpress version checker plugin
Re: [W3af-develop] Wordpress version discovery plugin
Found a bug that I am working on now.
2009/6/7 Ryan Dewhurst ryandewhu...@gmail.com:
w00t w00t!
All tested and working!
Thanks to everyone for their help especially Andres for putting up
with my noobness. I will look into implementing the vulns for each
version and then eventually a wp plugin version finder.
Feedback and suggestions welcome! :-)
2009/6/7 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sat, Jun 6, 2009 at 10:20 PM, Ryan Dewhurstryandewhu...@gmail.com wrote:
I decided to move over to my Linux box for the development of the
plugin. One of the reasons I could not get the plugin to run through
w3af was that the plugin file name was not the same as the class name.
Ok, makes sense,
It now runs through w3af with out any errors. The only thing is that
the info output is not showing in kb.
Are you saving it to the kb?
Im using this which I found in another plugin:
# Save it to the kb!
i = info.info()
i.setName('WordPress version')
i.setURL( wp_index_url )
i.setId( http_response.id )
i.setDesc( 'WordPress version '+ self._version +' found in the
index header.' )
kb.kb.append( self, 'WordPress version', i )
om.out.information( i.getDesc() )
That seems to be enough to save the version to the kb,
Attached is the latest version.
I applied some minor changes:
- Changed the name of the plugin to wordpress_plugin, because
wpvChecker is cryptic to users.
- The code has some serious errors, that are possibly the reason you
don't see anything:
...@brick:~/w3af/w3af/trunk$ pylint
--rcfile=../extras/misc/pylint.rc /tmp/wordpress_version.py -e
* Module wordpress_version
E: 98:wordpress_version.discover: Undefined variable 're'
E:109:wordpress_version.discover: Undefined variable 'http_response'
E:150:wordpress_version.discover: Undefined variable 'http_response'
Have you tested the plugin? Do you get a big traceback when running it?
- This line in the fingerprint DB:
('/wp-admin/async-upload.php','200','2.5'),
Doesn't match this line:
if self._wp_fingerprint[1] == 200 and not
is_404(response):
'200' and 200 aren't equal in python:
'200' == 200
False
You should change your database to 200, instead of '200' where necessary.
- One more detail, is that it would be nice to compare the version in
the HTML header, with the fingerprinted version, and report if they
differ.
You're on the right path, I think that with these recommendations
you'll be able to complete the development of your first w3af plugin
=)
PS: You should answer inline.
Ryan
2009/6/6 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sat, Jun 6, 2009 at 6:22 PM, Ryan Dewhurstryandewhu...@gmail.com
wrote:
Also delete the .pyc file, and no reinstall is needed.
There was none.
Yes, many.
You are missing some required methods, like setOptions, getOptions,
getLongDescription, etc. Please see other plugins for a complete list,
They are already in the code:
# W3af options and output
def getOptions( self ):
'''
�...@return: A list of option objects for this plugin.
'''
ol = optionList()
return ol
def setOptions( self, OptionList ):
'''
This method sets all the options that are configured using the
user interface
generated by the framework using the result of getOptions().
�...@parameter OptionList: A dictionary with the options for the
plugin.
�...@return: No value is returned.
'''
pass
def getPluginDeps( self ):
'''
�...@return: A list with the names of the plugins that should be
runned before the
current one.
'''
return []
def getLongDesc( self ):
'''
�...@return: A DETAILED description of the plugin functions and
features.
'''
return '''
This plugin searches for client side differences between
different versions of WordPress.
'''
Then try to run w3af from a console:
in cmd.exe run python w3af_console.py
2009/6/6 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sat, Jun 6, 2009 at 1:57 PM, Ryan Dewhurst ryandewhu...@gmail.com
wrote:
I moved the wpvchecker.py file into the /plugin/discovery folder. When
I try to launch w3af I get an error (screenshot attached), the prompt
only lasts a few seconds so could not copy/paste the full error
output.
When I remove the wpvchecker.py file out of the dir the error persists
and I have to un/re install w3af to get it working again.
Also delete the .pyc file, and no reinstall is needed.
Any ideas?
Yes, many.
You are missing some required methods, like setOptions, getOptions,
getLongDescription, etc. Please see other plugins for a complete list,
Thanks again,
Ryan
2009/6/6 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sat, Jun 6, 2009 at 10:59 AM, Ryan Dewhurst
Re: [W3af-develop] Wordpress version discovery plugin
Sorry, I left some debug code in the last one and forgot to change
some variables.
2009/6/8 Ryan Dewhurst ryandewhu...@gmail.com:
2009/6/7 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sun, Jun 7, 2009 at 12:31 PM, Ryan Dewhurstryandewhu...@gmail.com wrote:
Here is the final version. (I hope)
I just tried your plugin with http://www.bonsai-sec.com/blog/ as a
target, and it's failing to find anything. I think that the problem is
in:
base_url = urlParser.baseUrl( fuzzableRequest.getURL() )
wp_unique_url = urlParser.urlJoin( base_url , '/wp-login.php' )
Which will always return http://host.tld/wp-login.php , no matter what
the fuzzableRequest.getURL() was: in my case it was
http://www.bonsai-sec.com/blog/ .
Fixed this with:
wp_unique_url = fuzzableRequest.getURL() + '/wp-login.php'
response = self._urlOpener.GET( wp_unique_url, useCache=True )
And also on the way that self._exec is ALWAYS set to false. I think
that self._exec should be set to false only after actually finding a
wordpress installation and fingerprinting it.
Implemented this.
Please test the plugin a little more with different wordpress
installs, and then let us know how it worked out =)
Tested on about 5 different installations so far, all working.
PS: Please use inline for answering emails, top posting sucks.
Sorry, always forget about this, lol.
Any other changes/feedback let me know. Attached is the latest version. :)
2009/6/7 Ryan Dewhurst ryandewhu...@gmail.com:
Found a bug that I am working on now.
2009/6/7 Ryan Dewhurst ryandewhu...@gmail.com:
w00t w00t!
All tested and working!
Thanks to everyone for their help especially Andres for putting up
with my noobness. I will look into implementing the vulns for each
version and then eventually a wp plugin version finder.
Feedback and suggestions welcome! :-)
2009/6/7 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sat, Jun 6, 2009 at 10:20 PM, Ryan Dewhurstryandewhu...@gmail.com
wrote:
I decided to move over to my Linux box for the development of the
plugin. One of the reasons I could not get the plugin to run through
w3af was that the plugin file name was not the same as the class name.
Ok, makes sense,
It now runs through w3af with out any errors. The only thing is that
the info output is not showing in kb.
Are you saving it to the kb?
Im using this which I found in another plugin:
# Save it to the kb!
i = info.info()
i.setName('WordPress version')
i.setURL( wp_index_url )
i.setId( http_response.id )
i.setDesc( 'WordPress version '+ self._version +' found in the
index header.' )
kb.kb.append( self, 'WordPress version', i )
om.out.information( i.getDesc() )
That seems to be enough to save the version to the kb,
Attached is the latest version.
I applied some minor changes:
- Changed the name of the plugin to wordpress_plugin, because
wpvChecker is cryptic to users.
- The code has some serious errors, that are possibly the reason you
don't see anything:
...@brick:~/w3af/w3af/trunk$ pylint
--rcfile=../extras/misc/pylint.rc /tmp/wordpress_version.py -e
* Module wordpress_version
E: 98:wordpress_version.discover: Undefined variable 're'
E:109:wordpress_version.discover: Undefined variable 'http_response'
E:150:wordpress_version.discover: Undefined variable 'http_response'
Have you tested the plugin? Do you get a big traceback when running it?
- This line in the fingerprint DB:
('/wp-admin/async-upload.php','200','2.5'),
Doesn't match this line:
if self._wp_fingerprint[1] == 200 and not
is_404(response):
'200' and 200 aren't equal in python:
'200' == 200
False
You should change your database to 200, instead of '200' where necessary.
- One more detail, is that it would be nice to compare the version in
the HTML header, with the fingerprinted version, and report if they
differ.
You're on the right path, I think that with these recommendations
you'll be able to complete the development of your first w3af plugin
=)
PS: You should answer inline.
Ryan
2009/6/6 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sat, Jun 6, 2009 at 6:22 PM, Ryan Dewhurstryandewhu...@gmail.com
wrote:
Also delete the .pyc file, and no reinstall is needed.
There was none.
Yes, many.
You are missing some required methods, like setOptions, getOptions,
getLongDescription, etc. Please see other plugins for a complete
list,
They are already in the code:
# W3af options and output
def getOptions( self ):
'''
�...@return: A list of option objects for this plugin.
'''
ol = optionList()
return ol
def setOptions( self, OptionList ):
'''
This method sets all the options that are configured using the
user interface
generated by the framework using the result
Re: [W3af-develop] Wordpress version discovery plugin
2009/6/8 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Mon, Jun 8, 2009 at 10:18 AM, Ryan Dewhurstryandewhu...@gmail.com wrote:
2009/6/7 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sun, Jun 7, 2009 at 12:31 PM, Ryan Dewhurstryandewhu...@gmail.com
wrote:
Here is the final version. (I hope)
I just tried your plugin with http://www.bonsai-sec.com/blog/ as a
target, and it's failing to find anything. I think that the problem is
in:
base_url = urlParser.baseUrl( fuzzableRequest.getURL() )
wp_unique_url = urlParser.urlJoin( base_url , '/wp-login.php' )
Which will always return http://host.tld/wp-login.php , no matter what
the fuzzableRequest.getURL() was: in my case it was
http://www.bonsai-sec.com/blog/ .
Fixed this with:
wp_unique_url = fuzzableRequest.getURL() + '/wp-login.php'
response = self._urlOpener.GET( wp_unique_url, useCache=True )
If the URL is http://www.bonsai-sec.com/blog/ and you perform that,
you end up with http://www.bonsai-sec.com/blog//wp-login.php , which
is not what you want. I think that the solution was this one:
base_url = urlParser.getDomainPath( fuzzableRequest.getURL() )
wp_unique_url = urlParser.urlJoin( base_url , 'wp-login.php' )
But I'm not sure, you should test it.
I tried this yesterday and had no luck however I will give it another
go as I did not spend too much time on it.
And also on the way that self._exec is ALWAYS set to false. I think
that self._exec should be set to false only after actually finding a
wordpress installation and fingerprinting it.
Implemented this.
Cool,
Please test the plugin a little more with different wordpress
installs, and then let us know how it worked out =)
Tested on about 5 different installations so far, all working.
Cool,
PS: Please use inline for answering emails, top posting sucks.
Sorry, always forget about this, lol.
Any other changes/feedback let me know. Attached is the latest version. :)
I think we're almost ready to put it in the trunk, what do you think?
Yup! :-)
As soon as I have fixed the URL issue I dont see why not. One thing I
would like you to look at is the output, is it accurately worded to
the w3af style? Does it have too little or too much output?
2009/6/7 Ryan Dewhurst ryandewhu...@gmail.com:
Found a bug that I am working on now.
2009/6/7 Ryan Dewhurst ryandewhu...@gmail.com:
w00t w00t!
All tested and working!
Thanks to everyone for their help especially Andres for putting up
with my noobness. I will look into implementing the vulns for each
version and then eventually a wp plugin version finder.
Feedback and suggestions welcome! :-)
2009/6/7 Andres Riancho andres.rian...@gmail.com:
Ryan,
On Sat, Jun 6, 2009 at 10:20 PM, Ryan Dewhurstryandewhu...@gmail.com
wrote:
I decided to move over to my Linux box for the development of the
plugin. One of the reasons I could not get the plugin to run through
w3af was that the plugin file name was not the same as the class name.
Ok, makes sense,
It now runs through w3af with out any errors. The only thing is that
the info output is not showing in kb.
Are you saving it to the kb?
Im using this which I found in another plugin:
# Save it to the kb!
i = info.info()
i.setName('WordPress version')
i.setURL( wp_index_url )
i.setId( http_response.id )
i.setDesc( 'WordPress version '+ self._version +' found in the
index header.' )
kb.kb.append( self, 'WordPress version', i )
om.out.information( i.getDesc() )
That seems to be enough to save the version to the kb,
Attached is the latest version.
I applied some minor changes:
- Changed the name of the plugin to wordpress_plugin, because
wpvChecker is cryptic to users.
- The code has some serious errors, that are possibly the reason you
don't see anything:
...@brick:~/w3af/w3af/trunk$ pylint
--rcfile=../extras/misc/pylint.rc /tmp/wordpress_version.py -e
* Module wordpress_version
E: 98:wordpress_version.discover: Undefined variable 're'
E:109:wordpress_version.discover: Undefined variable 'http_response'
E:150:wordpress_version.discover: Undefined variable 'http_response'
Have you tested the plugin? Do you get a big traceback when running it?
- This line in the fingerprint DB:
('/wp-admin/async-upload.php','200','2.5'),
Doesn't match this line:
if self._wp_fingerprint[1] == 200 and not
is_404(response):
'200' and 200 aren't equal in python:
'200' == 200
False
You should change your database to 200, instead of '200' where
necessary.
- One more detail, is that it would be nice to compare the version in
the HTML header, with the fingerprinted version, and report if they
differ.
You're on the right path, I think that with these recommendations
you'll be able to complete the development of your first w3af plugin
=)
PS: You
Re: [W3af-develop] Enhancements to wordpress_fingerprint.py
I have implemented the re and data checker, to compare them both and output as appropriate. Seems to be working however in KB the request/response windows are incorrect. Ryan ''' wordpress_fingerprint.py Copyright 2006 Andres Riancho This file is part of w3af, w3af.sourceforge.net . w3af is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License. w3af is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with w3af; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA ''' import core.controllers.outputManager as om # Import options import re from core.data.options.option import option from core.data.options.optionList import optionList from core.controllers.basePlugin.baseDiscoveryPlugin import baseDiscoveryPlugin import core.data.kb.knowledgeBase as kb import core.data.kb.vuln as vuln import core.data.kb.info as info import core.data.constants.severity as severity import core.data.parsers.urlParser as urlParser from core.controllers.w3afException import w3afException, w3afRunOnce # Main class class wordpress_fingerprint(baseDiscoveryPlugin): ''' Finds the version of a WordPress installation. @author: Ryan Dewhurst ( ryandewhu...@gmail.com ) www.ethicalhack3r.co.uk ''' def __init__(self): baseDiscoveryPlugin.__init__(self) # Internal variables self._exec = True self._data_version = 'None' self._re_version = 'None' def discover(self, fuzzableRequest ): ''' Finds the version of a WordPress installation. @parameter fuzzableRequest: A fuzzableRequest instance that contains (among other things) the URL to test. ''' dirs = [] if not self._exec : # This will remove the plugin from the discovery plugins to be runned. raise w3afRunOnce() else: # ## Check if the server is running wp ## # # 404 error messages is_404 = kb.kb.getData( 'error404page', '404' ) self._fuzzableRequests = [] # Main scan URL passed from w3af + unique wp file wp_unique_url = urlParser.getDomainPath( fuzzableRequest.getURL() ) + '/wp-login.php' response = self._urlOpener.GET( wp_unique_url, useCache=True ) # If wp_unique_url is not 404, wordpress = true if not is_404( response ): dirs.extend( self._createFuzzableRequests( response ) ) ## ## Check if the wp version is in index header ## ## # Main scan URL passed from w3af + wp index page wp_index_url = urlParser.getDomainPath( fuzzableRequest.getURL() ) + '/index.php' response = self._urlOpener.GET( wp_index_url, useCache=True ) # Find the string in the response html find = 'meta name=generator content=[Ww]ord[Pp]ress (\d\.\d\.?\d?) /' m = re.search(find, response.getBody()) # If string found, group version if m: m = m.group(1) self._re_version = m # ## Find wordpress version from data ## # # Wordpress version unique data, file/data/version self._wp_fingerprint = [['/wp-includes/js/thickbox/thickbox.css','-ms-filter:','2.7.1'], ['/wp-admin/css/farbtastic.css','.farbtastic','2.7'], ['/wp-includes/js/tinymce/wordpress.css','-khtml-border-radius:','2.6.1, 2.6.2, 2.6.3 or 2.6.5'], ['/wp-includes/js/tinymce/tiny_mce.js','0.7','2.5.1'], ['/wp-admin/async-upload.php','200','2.5'], ['/wp-includes/images/rss.png','200','2.3.1, 2.3.2 or 2.3.3'], ['/readme.html','2.3','2.3'], ['/wp-includes/rtl.css','#adminmenu a','2.2.3'], ['/wp-includes/js/wp-ajax.js','var a = $H();','2.2.1'], ['/wp-app.php','200','2.2']] # For each row in data, send a HTTP request for row in self._wp_fingerprint: test_url = urlParser.getDomainPath( fuzzableRequest.getURL() ) + row[0] response = self._urlOpener.GET( test_url, useCache=True ) if row[1] == '200' and not is_404(response): self._data_version = row[2] break
Re: [W3af-develop] Enhancements to wordpress_fingerprint.py
2009/6/8 Andres Riancho andres.rian...@gmail.com: Ryan, On Mon, Jun 8, 2009 at 4:50 PM, Ryan Dewhurstryandewhu...@gmail.com wrote: I have implemented the re and data checker, to compare them both and output as appropriate. That part seems to be ok, Seems to be working however in KB the request/response windows are incorrect. Could you elaborate more on this? If you look at the kb info the request/response windows after the plugin has run it shows inacurate HTTP request/responses. i.e. the version was found from the regular expression in the index.php header, the request/response window will show the http request/response for one of the files in the database rather than the correct index.php. Im finding the above hard to explain, ill take a screenshot to elaborate more. Related: - You didn't used the version in the SVN to create the new version, they are some inconsistencies. Please use the SVN version to build from it. I did use the SVN version. - It doesn't make sense to check for index.php instead of wp-login.php , the index.php would be a match for almost every web application running PHP. The idea is to check for wp-login.php to be able to be more performant and don't request all files in the fingerprint database for every directory in the web application. Cheers, It does check for wp-login.php rather than index.php. # Main scan URL passed from w3af + unique wp file wp_unique_url = urlParser.getDomainPath( fuzzableRequest.getURL() ) + '/wp-login.php' response = self._urlOpener.GET( wp_unique_url, useCache=True ) # If wp_unique_url is not 404, wordpress = true if not is_404( response ): Am I missing the point? Ryan Ryan -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
Re: [W3af-develop] Enhancements to wordpress_fingerprint.py
2009/6/10 Andres Riancho andres.rian...@gmail.com: Stefano, All, On Mon, Jun 8, 2009 at 12:36 PM, Stefano Di Paolawi...@wisec.it wrote: Guys, Sorry for getting into the middle of this thread without knocking... Inline since I hate bottom posting :) Il giorno lun, 08/06/2009 alle 12.05 -0300, Andres Riancho ha scritto: Ryan, First of all, I would like to congratulate you for a job well done. The wordpress_fingerprint plugin is now part of w3af. I just commited it [0] to the trunk with a couple of changes (please review those changes, they are important). On the other hand, we still need to work a little more on this plugin. One of the features that I think should be implemented is the comparison between the fingerprinted version, and the version that's retrieved with the regular expression, could you do that? I know is a bit out of scope with the actual implementation of the wordpress_fingerprint plugin, but I just finished reading this interesting post: Web App Version detection using fingerprinting http://sucuri.net/?page=docstitle=webapp-version-detection Also related, and from the same guys: http://sucuri.net/index.php?page=docstitle=state-wordpress-security Here he says that the readme.html bears the wordpress version, however this is not always true. http://sucuri.net/?page=docstitle=wordpress-hardening Here is what I found: 2.7.1 shows 2.7 2.7 shows 2.7 2.6.5 shows 2.6.1 2.6.3 shows 2.6.1 2.6.2 shows 2.6.1 2.6.1 shows 2.6.1 2.6 shows 2.6 2.5.1 shows 2.5 2.5 shows 2.5 2.3.3 shows 2.3 2.3.2 shows 2.3 2.3.1 shows 2.3 2.3 shows 2.3 2.2.3 shows 2.2 As you can see it is not a reliable source for fingerprinting the wordpress version. in particular: 2- Wordpress Version Detection 3- Wordpress version fingerprinting - Comparing files which I think is on topic at least to some extent. It should not be too difficult to add a txt file and check for the existence of those files to get a double check confirmation of the WP version. Also related, I just twitted about this [1] [0] http://w3af.svn.sourceforge.net/viewvc/w3af/trunk/plugins/discovery/wordpress_fingerprint.py?view=markup [1] http://twitter.com/w3af Cheers, Cheers, -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
Re: [W3af-develop] Enhancements to wordpress_fingerprint.py
2009/6/10 Andres Riancho andres.rian...@gmail.com: Ryan, On Tue, Jun 9, 2009 at 9:39 PM, Ryan Dewhurstryandewhu...@gmail.com wrote: 2009/6/10 Andres Riancho andres.rian...@gmail.com: Stefano, All, On Mon, Jun 8, 2009 at 12:36 PM, Stefano Di Paolawi...@wisec.it wrote: Guys, Sorry for getting into the middle of this thread without knocking... Inline since I hate bottom posting :) Il giorno lun, 08/06/2009 alle 12.05 -0300, Andres Riancho ha scritto: Ryan, First of all, I would like to congratulate you for a job well done. The wordpress_fingerprint plugin is now part of w3af. I just commited it [0] to the trunk with a couple of changes (please review those changes, they are important). On the other hand, we still need to work a little more on this plugin. One of the features that I think should be implemented is the comparison between the fingerprinted version, and the version that's retrieved with the regular expression, could you do that? I know is a bit out of scope with the actual implementation of the wordpress_fingerprint plugin, but I just finished reading this interesting post: Web App Version detection using fingerprinting http://sucuri.net/?page=docstitle=webapp-version-detection Also related, and from the same guys: http://sucuri.net/index.php?page=docstitle=state-wordpress-security Here he says that the readme.html bears the wordpress version, however this is not always true. http://sucuri.net/?page=docstitle=wordpress-hardening Here is what I found: 2.7.1 shows 2.7 2.7 shows 2.7 2.6.5 shows 2.6.1 2.6.3 shows 2.6.1 2.6.2 shows 2.6.1 2.6.1 shows 2.6.1 2.6 shows 2.6 2.5.1 shows 2.5 2.5 shows 2.5 2.3.3 shows 2.3 2.3.2 shows 2.3 2.3.1 shows 2.3 2.3 shows 2.3 2.2.3 shows 2.2 As you can see it is not a reliable source for fingerprinting the wordpress version. But it's one more source of version information, I think it should be added and properly documented in the same way that you explain in this email. In the best case scenario, the user would have three information objects in the kb: - One with the fingerprinted version that says 2.7.1 - One with the readme.html version that says 2.7 - One with the index.php header information that says 2.7.1 If in one case we see something like readme.html==2.6 and fingerprinted version==2.7.1, maybe we can report to the user that this is a 2.6 version that was upgraded to 2.7.1? Just ideas that should be researched a little more and maybe implemented into code. Cheers, Aye, I see what you mean. I'll have a look into it over the weekend. I like the way sucuri's information gathering tool finds the wordpress installation path from server errors also. in particular: 2- Wordpress Version Detection 3- Wordpress version fingerprinting - Comparing files which I think is on topic at least to some extent. It should not be too difficult to add a txt file and check for the existence of those files to get a double check confirmation of the WP version. Also related, I just twitted about this [1] [0] http://w3af.svn.sourceforge.net/viewvc/w3af/trunk/plugins/discovery/wordpress_fingerprint.py?view=markup [1] http://twitter.com/w3af Cheers, Cheers, -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
Re: [W3af-develop] HTML OUTPUT
Hi Andres, I have changed machines (Ubuntu Karmic) and am using a fresh install of w3af. 1. sudo apt-get install w3af - (Version 1.0-rc2 from Debian Package 1.0-rc2svn2845-1ubuntu2) 2. $ w3af 3. Select OWASP Top10 profile. 4. Enable output/htmlFile 5. Set fileName option to to /home/ryan/Desktop/report.html 6. Enter target URL 7. Press start. All above done via /w3af_gui. No changes made at all to w3af apart from the above. If you need any more info let me know. Ryan 2009/12/2 Andres Riancho andres.rian...@gmail.com: Ryan, On Wed, Dec 2, 2009 at 5:23 PM, Ryan Dewhurst ryandewhu...@gmail.com wrote: Hi, I was using a script to run w3af. The script set a profile and named the output file. Apart from that I don't think anything was different. I will set up w3af on my new system and see if I get the same results on there. Ok, please try to send me the step-by-step instructions to reproduce it. Thanks! Thank you, Ryan 2009/12/2 Andres Riancho andres.rian...@gmail.com: Ryan, On Mon, Nov 30, 2009 at 6:55 PM, Ryan Dewhurst ryandewhu...@gmail.com wrote: Hello all, If HTML output is chosen the w3af target URL's part is never populated when the report.html file is generated. Works for me. How're you running w3af? Could you send me step by step procedure to reproduce this issue? Thanks! Cheers, -- Ryan Dewhurst http://www.ethicalhack3r.co.uk http://www.dvwa.co.uk http://www.twitter.com/ethicalhack3r -- Join us December 9, 2009 for the Red Hat Virtual Experience, a free event focused on virtualization and cloud computing. Attend in-depth sessions from your desk. Your couch. Anywhere. http://p.sf.net/sfu/redhat-sfdev2dev ___ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ -- Ryan Dewhurst http://www.ethicalhack3r.co.uk http://www.dvwa.co.uk http://www.twitter.com/ethicalhack3r -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ -- Ryan Dewhurst http://www.ethicalhack3r.co.uk http://www.dvwa.co.uk http://www.twitter.com/ethicalhack3r -- Join us December 9, 2009 for the Red Hat Virtual Experience, a free event focused on virtualization and cloud computing. Attend in-depth sessions from your desk. Your couch. Anywhere. http://p.sf.net/sfu/redhat-sfdev2dev ___ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
[W3af-develop] You have to install nltk.
When I first run the latest SVN revision (3956) of w3af_gui on BackTrack4 RC2, I got the following error: You have to install nltk. - On Debian based distributions: apt-get install python-nltk As far as I'm aware BT4 RC2 is based off of Ubuntu which is a Debian system. When running 'apt-get install python-nltk' (as root) it cannot find the package. To get it working I took the following steps: wget http://pyyaml.org/download/pyyaml/PyYAML-3.09.tar.gz tar -xzvf PyYAML-3.09.tar.gz cd PyYAML-3.09 python setup.py install cd .. wget http://nltk.googlecode.com/files/nltk-2.0b9.tar.gz tar -xzvf nltk-2.0b9.tar.gz cd nltk-2.0b9 python setup.py install After that w3af_gui would run. Just thought I would put it here in case anyone else came across the same situation. Ryan Ryan Dewhurst blog www.ethicalhack3r.co.uk projects www.dvwa.co.uk | www.webwordcount.com twitter www.twitter.com/ethicalhack3r -- Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl ___ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
