On Wed, Mar 11, 2009 at 02:10:20PM -0200, Andres Riancho wrote: > > > The webSpider module gets confused by Apache error pages and gets stuck in > > a loop as the log shows:
> > New URL found by webSpider plugin: > > http://10.80.2.1/support/admin/Apache/Apache/Apache/Apache/Apache/1.3.23 > > > > Where /support/admin looks like: > > > > HTTP/1.1 403 Forbidden > > date: Mon, 09 Mar 2009 15:54:21 GMT > > transfer-encoding: chunked > > content-type: text/html; charset=iso-8859-1 > > server: Apache/1.3.23 (Unix) PHP/4.1.2 > > > > > > <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> > > <HTML><HEAD> > > <TITLE>403 Forbidden</TITLE> > > </HEAD><BODY> > > <H1>Forbidden</H1> > > You don't have permission to access /support/admin/ > > on this server.<P> > > <HR> > > <ADDRESS>Apache/1.3.23 Server at xxx.xxx.xxx.xxx Port 80</ADDRESS> > > </BODY></HTML> > > hmmm, I haven't tested it, but I think that if you "svn update" your > "branches/1.0" directory, you'll find a version that fixes this bug. I > simply changed the way that w3af detects 404 pages. The default was > "autodetect", which has proven to suck in practice; now I changed it > to "by Directory And Extension". Sorry, that doesn't seem to help.. [ Thu 12 Mar 2009 05:18:10 PM CET - debug ] GET http://10.80.2.1/support/admin/Apache/Apache/1.3.23 returned HTTP code "403" - id: 13374 [ Thu 12 Mar 2009 05:18:10 PM CET - debug ] Starting grepWorker for response: < httpResponse | 403 | http://10.80.2.1/support/admin/Apache/Apache/1.3.23 | id:13374 > [ Thu 12 Mar 2009 05:18:11 PM CET - debug ] Finished grepWorker for response: < httpResponse | 403 | http://10.80.2.1/support/admin/Apache/Apache/1.3.23 | id:13374 > [ Thu 12 Mar 2009 05:18:11 PM CET - debug ] HEAD http://10.80.2.1/support/admin/Apache/Apache/Apache/1.3.23 [ Thu 12 Mar 2009 05:18:11 PM CET - debug ] HEAD http://10.80.2.1/support/admin/Apache/Apache/Apache/1.3.23 returned HTTP code "403" - id: 13375 [ Thu 12 Mar 2009 05:18:11 PM CET - debug ] Starting grepWorker for response: < httpResponse | 403 | http://10.80.2.1/support/admin/Apache/Apache/Apache/1.3.23 | id:13375 > [ Thu 12 Mar 2009 05:18:11 PM CET - debug ] Finished grepWorker for response: < httpResponse | 403 | http://10.80.2.1/support/admin/Apache/Apache/Apache/1.3.23 | id:13375 > [ Thu 12 Mar 2009 05:18:11 PM CET - debug ] GET http://10.80.2.1/support/admin/Apache/Apache/Apache/1.3.23 returned HTTP code "403" - id: 13376 [ Thu 12 Mar 2009 05:18:11 PM CET - debug ] Starting grepWorker for response: < httpResponse | 403 | http://10.80.2.1/support/admin/Apache/Apache/Apache/1.3.23 | id:13376 > [ Thu 12 Mar 2009 05:18:12 PM CET - debug ] Finished grepWorker for response: < httpResponse | 403 | http://10.80.2.1/support/admin/Apache/Apache/Apache/1.3.23 | id:13376 > [ Thu 12 Mar 2009 05:22:29 PM CET - debug ] GET http://10.80.2.1/support/admin/Apache/Apache/1.3.23 returned HTTP code "403" - id: 14717 [ Thu 12 Mar 2009 05:22:29 PM CET - debug ] Starting grepWorker for response: < httpResponse | 403 | http://10.80.2.1/support/admin/Apache/Apache/1.3.23 | id:14717 > [ Thu 12 Mar 2009 05:22:30 PM CET - debug ] Finished grepWorker for response: < httpResponse | 403 | http://10.80.2.1/support/admin/Apache/Apache/1.3.23 | id:14717 > [ Thu 12 Mar 2009 05:22:37 PM CET - information ] New URL found by webSpider plugin: http://10.80.2.1/support/admin/Apache/Apache/Apache/1.3.23 Perhaps the solution should be for the webSpider NOT to pick up the Apache version from the <ADDRESS> tag as a link? /olle ------------------------------------------------------------------------------ Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
