Hello,
First of all, thanks for a great framework, it is really nice to work
with.
I found a bug in the bruteforcer, which makes it impossible to set other
user/password-lists than the ones that are pre-configured. The loaded
values were not passed onto the bruteforce plugin.
I am new to this list, and I don't know how you guys handle bugfixes,
but since I don't yet have any 'commit-bit' set, I'll just paste the
diff below.
mar...@fujitsux:~/tools/w3af$ svn diff
Index: core/controllers/basePlugin/baseBruteforcePlugin.py
===================================================================
--- core/controllers/basePlugin/baseBruteforcePlugin.py (revision 3033)
+++ core/controllers/basePlugin/baseBruteforcePlugin.py (working copy)
@@ -70,6 +70,9 @@
self._bruteforcer.setProfilingNumber( self._profilingNumber )
self._bruteforcer.setUseSvnUsers( self._profilingNumber )
self._bruteforcer.setLeetPasswd( self._l337_p4sswd )
+ self._bruteforcer.setUsersFile(self._usersFile);
+ self._bruteforcer.setPassFile(self._passwdFile);
+
self._bruteforcer.init()
def _fuzzRequests(self, freq ):
Regards,
Martin Holst Swende
------------------------------------------------------------------------------
Come build with us! The BlackBerry® Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9-12, 2009. Register now!
http://p.sf.net/sfu/devconf
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
