Found a bug that I am working on now. 2009/6/7 Ryan Dewhurst <[email protected]>: > w00t w00t! > > All tested and working! > > Thanks to everyone for their help especially Andres for putting up > with my noobness. I will look into implementing the vulns for each > version and then eventually a wp plugin version finder. > > Feedback and suggestions welcome! :-) > > 2009/6/7 Andres Riancho <[email protected]>: >> Ryan, >> >> On Sat, Jun 6, 2009 at 10:20 PM, Ryan Dewhurst<[email protected]> wrote: >>> I decided to move over to my Linux box for the development of the >>> plugin. One of the reasons I could not get the plugin to run through >>> w3af was that the plugin file name was not the same as the class name. >> >> Ok, makes sense, >> >>> It now runs through w3af with out any errors. The only thing is that >>> the info output is not showing in kb. >> >> Are you saving it to the kb? >> >>> Im using this which I found in another plugin: >>> >>> # Save it to the kb! >>> i = info.info() >>> i.setName('WordPress version') >>> i.setURL( wp_index_url ) >>> i.setId( http_response.id ) >>> i.setDesc( 'WordPress version "'+ self._version +'" found in the >>> index header.' ) >>> kb.kb.append( self, 'WordPress version', i ) >>> om.out.information( i.getDesc() ) >> >> That seems to be enough to save the version to the kb, >> >>> Attached is the latest version. >> >> I applied some minor changes: >> >> - Changed the name of the plugin to wordpress_plugin, because >> wpvChecker is cryptic to users. >> - The code has some serious errors, that are possibly the reason you >> don't see anything: >> >> ...@brick:~/w3af/w3af/trunk$ pylint >> --rcfile=../extras/misc/pylint.rc /tmp/wordpress_version.py -e >> ************* Module wordpress_version >> E: 98:wordpress_version.discover: Undefined variable 're' >> E:109:wordpress_version.discover: Undefined variable 'http_response' >> E:150:wordpress_version.discover: Undefined variable 'http_response' >> >> Have you tested the plugin? Do you get a big traceback when running it? >> >> - This line in the fingerprint DB: >> >> ('/wp-admin/async-upload.php','200','2.5'), >> >> Doesn't match this line: >> >> if self._wp_fingerprint[1] == 200 and not >> is_404(response): >> >> '200' and 200 aren't equal in python: >> >> >>> '200' == 200 >> False >> >> You should change your database to 200, instead of '200' where necessary. >> >> - One more detail, is that it would be nice to compare the version in >> the HTML header, with the fingerprinted version, and report if they >> differ. >> >> You're on the right path, I think that with these recommendations >> you'll be able to complete the development of your first w3af plugin >> =) >> >> PS: You should answer inline. >> >>> Ryan >>> >>> 2009/6/6 Andres Riancho <[email protected]>: >>>> Ryan, >>>> >>>> On Sat, Jun 6, 2009 at 6:22 PM, Ryan Dewhurst<[email protected]> >>>> wrote: >>>>>>Also delete the .pyc file, and no reinstall is needed. >>>>> >>>>> There was none. >>>>> >>>>>> Yes, many. >>>>>> You are missing some required methods, like setOptions, getOptions, >>>>>> getLongDescription, etc. Please see other plugins for a complete list, >>>>> >>>>> They are already in the code: >>>>> >>>>> # W3af options and output >>>>> def getOptions( self ): >>>>> ''' >>>>> �...@return: A list of option objects for this plugin. >>>>> ''' >>>>> ol = optionList() >>>>> return ol >>>>> >>>>> def setOptions( self, OptionList ): >>>>> ''' >>>>> This method sets all the options that are configured using the >>>>> user interface >>>>> generated by the framework using the result of getOptions(). >>>>> >>>>> �...@parameter OptionList: A dictionary with the options for the >>>>> plugin. >>>>> �...@return: No value is returned. >>>>> ''' >>>>> pass >>>>> >>>>> def getPluginDeps( self ): >>>>> ''' >>>>> �...@return: A list with the names of the plugins that should be >>>>> runned before the >>>>> current one. >>>>> ''' >>>>> return [] >>>>> >>>>> def getLongDesc( self ): >>>>> ''' >>>>> �...@return: A DETAILED description of the plugin functions and >>>>> features. >>>>> ''' >>>>> return ''' >>>>> This plugin searches for client side differences between >>>>> different versions of WordPress. >>>>> ''' >>>> >>>> Then try to run w3af from a console: >>>> >>>> in cmd.exe run python w3af_console.py >>>> >>>>> >>>>> 2009/6/6 Andres Riancho <[email protected]>: >>>>>> Ryan, >>>>>> >>>>>> On Sat, Jun 6, 2009 at 1:57 PM, Ryan Dewhurst <[email protected]> >>>>>> wrote: >>>>>>> I moved the wpvchecker.py file into the /plugin/discovery folder. When >>>>>>> I try to launch w3af I get an error (screenshot attached), the prompt >>>>>>> only lasts a few seconds so could not copy/paste the full error >>>>>>> output. >>>>>>> >>>>>>> When I remove the wpvchecker.py file out of the dir the error persists >>>>>>> and I have to un/re install w3af to get it working again. >>>>>> >>>>>> Also delete the .pyc file, and no reinstall is needed. >>>>>> >>>>>>> Any ideas? >>>>>> >>>>>> Yes, many. >>>>>> You are missing some required methods, like setOptions, getOptions, >>>>>> getLongDescription, etc. Please see other plugins for a complete list, >>>>>> >>>>>>> Thanks again, >>>>>>> Ryan >>>>>>> >>>>>>> 2009/6/6 Andres Riancho <[email protected]>: >>>>>>>> Ryan, >>>>>>>> >>>>>>>> On Sat, Jun 6, 2009 at 10:59 AM, Ryan Dewhurst >>>>>>>> <[email protected]> wrote: >>>>>>>>> Hello, >>>>>>>>> Sorry its been so long with the wrodpress version checker plugin, had >>>>>>>>> some life problems. >>>>>>>> >>>>>>>> No problem man, I hope things are going better now. >>>>>>>> >>>>>>>>> Anyway... >>>>>>>>> >>>>>>>>> I have come to a logic problem which I cannot seem to solve and was >>>>>>>>> wondering if any one could give me some pointers... >>>>>>>>> >>>>>>>>> Versions '2.5', '2.3.1, 2.3.2 or 2.3.3' and '2.2' are detected by a >>>>>>>>> file/image being present i.e status 200 >>>>>>>>> >>>>>>>>> I cannot figure out how to check for this while using the >>>>>>>>> self._wp_fingerprint array. >>>>>>>> >>>>>>>> The for loop that works with the array looks like this: >>>>>>>> >>>>>>>> for data in self._wp_fingerprint: >>>>>>>> >>>>>>>> # Complete URL to test, url+file >>>>>>>> test_URL = urlParser.urlJoin( base_url, >>>>>>>> self._wp_fingerprint[0] ) >>>>>>>> >>>>>>>> if self._wp_fingerprint[1] in response: >>>>>>>> version = self._wp_fingerprint[2] >>>>>>>> break >>>>>>>> else: >>>>>>>> version = 'Version lower than 2.2' >>>>>>>> >>>>>>>> But there are some parts missing, like actually requesting to the >>>>>>>> server the test_URL. On the other part, the "200" logic could be >>>>>>>> easily done like this: >>>>>>>> >>>>>>>> if self._wp_fingerprint[1] == 200 and not >>>>>>>> is_404(response): >>>>>>>> # it was found! >>>>>>>> elif self._wp_fingerprint[1] in response: >>>>>>>> version = self._wp_fingerprint[2] >>>>>>>> break >>>>>>>> else: >>>>>>>> version = 'Version lower than 2.2' >>>>>>>> >>>>>>>> To make this work, you should change the '' in the fingerprint array >>>>>>>> by a 200, and it should all work. >>>>>>>> >>>>>>>>> Here is the code so far, I have not yet tested it out, but should give >>>>>>>>> you a basic idea of how it will run. >>>>>>>> >>>>>>>> Yes, and it makes much more sense to me this way. The older version >>>>>>>> was "ugly" :) >>>>>>>> >>>>>>>>> I was also thinking of >>>>>>>>> implementing a plugin version checker as there are many plugins with >>>>>>>>> vulns. >>>>>>>> >>>>>>>> Sure, but lets go step by step, lets finish this plugin, test it a >>>>>>>> little bit, and then we can go for the next one. >>>>>>>> >>>>>>>>> Thank you, >>>>>>>>> Ryan >>>>>>>>> >>>>>>>>> P.S. To test it through w3af, do I just pop the py file into the >>>>>>>>> plugin folder or is there any other code to be changed? >>>>>>>> >>>>>>>> Yes, you have to move this file to the discovery directory and that's >>>>>>>> it. >>>>>>>> >>>>>>>>> 2009/5/31 Ryan Dewhurst <[email protected]>: >>>>>>>>>> Just to let everyone know where I am with the plugin. >>>>>>>>>> >>>>>>>>>> I'm a complete n00b at re and couldnt get backbone's code to work, so >>>>>>>>>> I read a couple of manuals and finally got it working with: >>>>>>>>>> <meta name="generator" content="[Ww]ord[Pp]ress (\d\.\d\.?\d?)" /> >>>>>>>>>> >>>>>>>>>> An explanation of what the plugin will do: >>>>>>>>>> ----------------------------------------------------------- >>>>>>>>>> >>>>>>>>>> It will first check to see if the server has the following file >>>>>>>>>> "/wp-admin/index.php". >>>>>>>>>> >>>>>>>>>> If it does >>>>>>>>>> >>>>>>>>>> It will check to see whether or not the version is in the index >>>>>>>>>> header. >>>>>>>>>> >>>>>>>>>> If it finds the version it will store it in a variable. >>>>>>>>>> >>>>>>>>>> It will then run through the checks from my original code to try and >>>>>>>>>> guess the version. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> The output will be as follows: >>>>>>>>>> ------------------------------------------ >>>>>>>>>> >>>>>>>>>> If the version is not in the index and not found with the data = >>>>>>>>>> "version under 2.2" >>>>>>>>>> If the version is in the index and in the data are the same = >>>>>>>>>> "whatever version was found" >>>>>>>>>> If the version is in the index and in the data are different = >>>>>>>>>> ""Version shows as $version in index header however the data shows >>>>>>>>>> $version" >>>>>>>>>> >>>>>>>>>> I still need to implement the data checks however my girlfriend has >>>>>>>>>> fallen ill and has been admitted to hospital for an emergency >>>>>>>>>> operation. I don't think I will be able to finish the plugin this >>>>>>>>>> weekend as promised earlier however will still be working on it next >>>>>>>>>> week. >>>>>>>>>> >>>>>>>>>> I was also thinking on listing the vulnerabilitys for each version >>>>>>>>>> (if >>>>>>>>>> any) on the output. >>>>>>>>>> >>>>>>>>>> Ryan >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> 2009/5/29 Andres Riancho <[email protected]>: >>>>>>>>>>> Ryan, >>>>>>>>>>> >>>>>>>>>>> On Thu, May 28, 2009 at 10:11 PM, Ryan Dewhurst >>>>>>>>>>> <[email protected]> wrote: >>>>>>>>>>>> Im loooking into searching the response html of the index page for >>>>>>>>>>>> the >>>>>>>>>>>> following string: >>>>>>>>>>>> <meta name="generator" content="WordPress $version" /> >>>>>>>>>>>> >>>>>>>>>>>> Ive tried with regular expressions and am unable to get it to work, >>>>>>>>>>> >>>>>>>>>>> backbone sent you a solution, >>>>>>>>>>> >>>>>>>>>>>> Ive read that re is bad for parsing HTML and that BeautifulSoup >>>>>>>>>>>> should be used. >>>>>>>>>>>> >>>>>>>>>>>> Does w3af already have BeautifulSoup in its dependency list? >>>>>>>>>>> >>>>>>>>>>> Yes, it's in the dependency list, but we aren't using it "for that". >>>>>>>>>>> Long story short, please use the re =) >>>>>>>>>>> >>>>>>>>>>>> Ryan >>>>>>>>>>>> >>>>>>>>>>>> P.S. Thanks for the advice backbone46, I'll have a look into that >>>>>>>>>>>> once >>>>>>>>>>>> Ive sorted this out. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> 2009/5/28 <[email protected]>: >>>>>>>>>>>>> Sorry to bump in just like that in the discussion, about the meta >>>>>>>>>>>>> tag that >>>>>>>>>>>>> displays >>>>>>>>>>>>> the WordPress version. >>>>>>>>>>>>> >>>>>>>>>>>>> Only since version 2.7 the generator function is in the core of >>>>>>>>>>>>> WordPress, >>>>>>>>>>>>> on >>>>>>>>>>>>> earlier versions it was only in the theme. >>>>>>>>>>>>> >>>>>>>>>>>>> Just wanted to mention that. :) >>>>>>>>>>>>> >>>>>>>>>>>>> --- >>>>>>>>>>>>> http://insanesecurity.info >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> On Thu, May 28, 2009 at 10:53 PM, Ryan Dewhurst >>>>>>>>>>>>> <[email protected]> >>>>>>>>>>>>> wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>> Yes, I dont see why not. Should be easy enough tro implement. >>>>>>>>>>>>>> >>>>>>>>>>>>>> You mentioned during our email conversation that wordpress echos >>>>>>>>>>>>>> its >>>>>>>>>>>>>> version number in the page head. I managed to find an example of >>>>>>>>>>>>>> it. >>>>>>>>>>>>>> Your right I do have a security plugin installed which must have >>>>>>>>>>>>>> removed it from my blog. >>>>>>>>>>>>>> >>>>>>>>>>>>>> Here is an example: >>>>>>>>>>>>>> <meta name="generator" content="WordPress 2.7.1" /> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> 2009/5/28 Andres Riancho <[email protected]>: >>>>>>>>>>>>>> > Ryan, >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > On Wed, May 27, 2009 at 10:18 PM, Andres Riancho >>>>>>>>>>>>>> > <[email protected]> wrote: >>>>>>>>>>>>>> >> Ryan, >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >> On Wed, May 27, 2009 at 9:58 PM, Ryan Dewhurst >>>>>>>>>>>>>> >> <[email protected]> >>>>>>>>>>>>>> >> wrote: >>>>>>>>>>>>>> >>> Hello, >>>>>>>>>>>>>> >>> Im new to mailing lists so im not sure if this will be sent >>>>>>>>>>>>>> >>> there. >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >> It depends on the mailing list. This one is configured to >>>>>>>>>>>>>> >> accept >>>>>>>>>>>>>> >> attachments, >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >>> I'll have a look into intergrating the script into w3af over >>>>>>>>>>>>>> >>> the next >>>>>>>>>>>>>> >>> couple of days and hopefully have a working version by the >>>>>>>>>>>>>> >>> weekend. >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >> Excellent, if you need ANY help, just let us know. >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >>> The script is quite simple once you have the gathered the >>>>>>>>>>>>>> >>> nesesary >>>>>>>>>>>>>> >>> data. I went through versions 2.2 to 2.7.1 and manually >>>>>>>>>>>>>> >>> found client >>>>>>>>>>>>>> >>> side differences in most of them, I also used the official >>>>>>>>>>>>>> >>> changelogs >>>>>>>>>>>>>> >>> to help identify them. >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >> Ohhh, you are the guy that wrote that blog post with the >>>>>>>>>>>>>> >> "diffs" of >>>>>>>>>>>>>> >> different wordpress release packages? >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >>> The client side differences are in files such as CSS, >>>>>>>>>>>>>> >>> javascript and >>>>>>>>>>>>>> >>> HTML. Some versions did not have any differences apart from >>>>>>>>>>>>>> >>> having >>>>>>>>>>>>>> >>> extra files, which can easliy be identified with HTTP >>>>>>>>>>>>>> >>> response codes. >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> >>> It works as such... >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> >>> Starting from version 2.7.1 (latest), the script tries to >>>>>>>>>>>>>> >>> find >>>>>>>>>>>>>> >>> something that 2.7 doesnt have, if it finds that something >>>>>>>>>>>>>> >>> then the >>>>>>>>>>>>>> >>> script stops and echos the version number. >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> >>> If the script doesnt find the difference it moves onto >>>>>>>>>>>>>> >>> identifying the >>>>>>>>>>>>>> >>> next version, i.e. does 2.7 have something the earlier >>>>>>>>>>>>>> >>> version doesnt >>>>>>>>>>>>>> >>> have. and so on and so forth. >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >> Ok, makes sense. >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >> Some comments regarding your code: >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >> - w3af uses PEP-8, with among other things says 4-spaces for >>>>>>>>>>>>>> >> indentations. Your code has 1-space (?) indentations. Please >>>>>>>>>>>>>> >> correct >>>>>>>>>>>>>> >> that. >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >> - The code is pretty simple, but i think it could be done in >>>>>>>>>>>>>> >> a better >>>>>>>>>>>>>> >> way. Having that many functions (wp22 to wp271) doesn't seem >>>>>>>>>>>>>> >> to be a >>>>>>>>>>>>>> >> good option. Do you think that the code could be changed a >>>>>>>>>>>>>> >> little bit, >>>>>>>>>>>>>> >> and create a database (which can be easily updated) and then >>>>>>>>>>>>>> >> use that >>>>>>>>>>>>>> >> database to store the information? Example of the databse >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >> self._wp_fingerprint = >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >> [('/wp-includes/js/thickbox/thickbox.css','-ms-filter:'),('/wp-admin/css/farbtastic.css', >>>>>>>>>>>>>> >> 'farbtastic')] >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >> - Also, by default wordpress publishes the version number in >>>>>>>>>>>>>> >> every >>>>>>>>>>>>>> >> page head. Maybe it would be a good idea to parse that, and >>>>>>>>>>>>>> >> compare it >>>>>>>>>>>>>> >> with the result of the fingerprinting. What do you think? >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > A good idea would be to have a first step, before all the >>>>>>>>>>>>>> > version >>>>>>>>>>>>>> > specific checks, that verifies something that's true for all >>>>>>>>>>>>>> > wordpress >>>>>>>>>>>>>> > installations (some X file has to be present) before even >>>>>>>>>>>>>> > starting the >>>>>>>>>>>>>> > fingerprinting. Could this be done? >>>>>>>>>>>>>> > >>>>>>>>>>>>>> >> Cheers, >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >>> Ryan >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> >>> 2009/5/28 Andres Riancho <[email protected]>: >>>>>>>>>>>>>> >>>> Ryan, >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> On Wed, May 27, 2009 at 5:07 PM, Ryan Dewhurst >>>>>>>>>>>>>> >>>> <[email protected]> wrote: >>>>>>>>>>>>>> >>>>> Hello, >>>>>>>>>>>>>> >>>>> I have developed a python script that can detect the >>>>>>>>>>>>>> >>>>> version of a >>>>>>>>>>>>>> >>>>> wordpress installation. I think it would fit well within >>>>>>>>>>>>>> >>>>> w3af, >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> Yes, it seems that it's something good to have in the >>>>>>>>>>>>>> >>>> framework. >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> I have like a ton of questions about how it works, could >>>>>>>>>>>>>> >>>> you please >>>>>>>>>>>>>> >>>> send the script (as it is) to this mailing list for us to >>>>>>>>>>>>>> >>>> read it? >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>>> the >>>>>>>>>>>>>> >>>>> only problem being is that I have been unable to find a >>>>>>>>>>>>>> >>>>> plugin >>>>>>>>>>>>>> >>>>> development manual to be able to implement my script. >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> There is no development manual :( >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> For the type of feature that you want to add, the correct >>>>>>>>>>>>>> >>>> thing is to >>>>>>>>>>>>>> >>>> use a discovery plugin. discovery plugins are simple, they >>>>>>>>>>>>>> >>>> follow >>>>>>>>>>>>>> >>>> these rules: >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> - the entry point is the discover method >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> - the discover method takes a fuzzable request object as a >>>>>>>>>>>>>> >>>> parameter, >>>>>>>>>>>>>> >>>> and returns a list of fuzzable requests >>>>>>>>>>>>>> >>>> (fuzzable requests are representations of GET/POST >>>>>>>>>>>>>> >>>> requests, which >>>>>>>>>>>>>> >>>> represent links, and forms) >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> - the discover method is called several times in the same >>>>>>>>>>>>>> >>>> scan, with >>>>>>>>>>>>>> >>>> the different links that (for example) the webSpider finds. >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> I think that the best thing you can do is to read one or two >>>>>>>>>>>>>> >>>> discovery >>>>>>>>>>>>>> >>>> plugins (my recommendations are discovery.crossDomain and >>>>>>>>>>>>>> >>>> discovery.userDir), and start building your own plugin >>>>>>>>>>>>>> >>>> based on one >>>>>>>>>>>>>> >>>> of >>>>>>>>>>>>>> >>>> those. >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>>> Is there a dev manual out there? >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> No >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>>> Does any one have some tips/advice on writting a plugin? >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> Yes, see above, >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>>> Does any one want me to send them the script for them to >>>>>>>>>>>>>> >>>>> develop the >>>>>>>>>>>>>> >>>>> plugin? >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> You should develop the plugin yourself, is fun and good for >>>>>>>>>>>>>> >>>> the >>>>>>>>>>>>>> >>>> project =) >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> Cheers, >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>>> Thank you, >>>>>>>>>>>>>> >>>>> Ryan >>>>>>>>>>>>>> >>>>> >>>>>>>>>>>>>> >>>>> >>>>>>>>>>>>>> >>>>> ------------------------------------------------------------------------------ >>>>>>>>>>>>>> >>>>> Register Now for Creativity and Technology (CaT), June >>>>>>>>>>>>>> >>>>> 3rd, NYC. CaT >>>>>>>>>>>>>> >>>>> is a gathering of tech-side developers & brand creativity >>>>>>>>>>>>>> >>>>> professionals. Meet >>>>>>>>>>>>>> >>>>> the minds behind Google Creative Lab, Visual Complexity, >>>>>>>>>>>>>> >>>>> Processing, >>>>>>>>>>>>>> >>>>> & >>>>>>>>>>>>>> >>>>> iPhoneDevCamp as they present alongside digital >>>>>>>>>>>>>> >>>>> heavyweights like >>>>>>>>>>>>>> >>>>> Barbarian >>>>>>>>>>>>>> >>>>> Group, R/GA, & Big Spaceship. >>>>>>>>>>>>>> >>>>> http://p.sf.net/sfu/creativitycat-com >>>>>>>>>>>>>> >>>>> _______________________________________________ >>>>>>>>>>>>>> >>>>> W3af-develop mailing list >>>>>>>>>>>>>> >>>>> [email protected] >>>>>>>>>>>>>> >>>>> https://lists.sourceforge.net/lists/listinfo/w3af-develop >>>>>>>>>>>>>> >>>>> >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>>> -- >>>>>>>>>>>>>> >>>> Andrés Riancho >>>>>>>>>>>>>> >>>> Founder, Bonsai - Information Security >>>>>>>>>>>>>> >>>> http://www.bonsai-sec.com/ >>>>>>>>>>>>>> >>>> http://w3af.sf.net/ >>>>>>>>>>>>>> >>>> >>>>>>>>>>>>>> >>> >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> >> -- >>>>>>>>>>>>>> >> Andrés Riancho >>>>>>>>>>>>>> >> Founder, Bonsai - Information Security >>>>>>>>>>>>>> >> http://www.bonsai-sec.com/ >>>>>>>>>>>>>> >> http://w3af.sf.net/ >>>>>>>>>>>>>> >> >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> > -- >>>>>>>>>>>>>> > Andrés Riancho >>>>>>>>>>>>>> > Founder, Bonsai - Information Security >>>>>>>>>>>>>> > http://www.bonsai-sec.com/ >>>>>>>>>>>>>> > http://w3af.sf.net/ >>>>>>>>>>>>>> > >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>>>>>>> Register Now for Creativity and Technology (CaT), June 3rd, NYC. >>>>>>>>>>>>>> CaT >>>>>>>>>>>>>> is a gathering of tech-side developers & brand creativity >>>>>>>>>>>>>> professionals. >>>>>>>>>>>>>> Meet >>>>>>>>>>>>>> the minds behind Google Creative Lab, Visual Complexity, >>>>>>>>>>>>>> Processing, & >>>>>>>>>>>>>> iPhoneDevCamp as they present alongside digital heavyweights like >>>>>>>>>>>>>> Barbarian >>>>>>>>>>>>>> Group, R/GA, & Big Spaceship. >>>>>>>>>>>>>> http://p.sf.net/sfu/creativitycat-com >>>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>>> W3af-develop mailing list >>>>>>>>>>>>>> [email protected] >>>>>>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/w3af-develop >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> Andrés Riancho >>>>>>>>>>> Founder, Bonsai - Information Security >>>>>>>>>>> http://www.bonsai-sec.com/ >>>>>>>>>>> http://w3af.sf.net/ >>>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Andrés Riancho >>>>>>>> Founder, Bonsai - Information Security >>>>>>>> http://www.bonsai-sec.com/ >>>>>>>> http://w3af.sf.net/ >>>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Andrés Riancho >>>>>> Founder, Bonsai - Information Security >>>>>> http://www.bonsai-sec.com/ >>>>>> http://w3af.sf.net/ >>>>>> >>>>> >>>> >>>> >>>> >>>> -- >>>> Andrés Riancho >>>> Founder, Bonsai - Information Security >>>> http://www.bonsai-sec.com/ >>>> http://w3af.sf.net/ >>>> >>> >> >> >> >> -- >> Andrés Riancho >> Founder, Bonsai - Information Security >> http://www.bonsai-sec.com/ >> http://w3af.sf.net/ >> >
------------------------------------------------------------------------------ OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get _______________________________________________ W3af-develop mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-develop
