Kost,
On Fri, Oct 16, 2009 at 7:05 AM, Vlatko Kosturjak <k...@linux.hr> wrote:
> Here's patch(against SVN trunk of w3af) for new plugin to perform favicon
> identification.
I love this plugin! I loved the idea when you told me about it in
France, and I love it much more now that I see how simple the code is.
These are the things I modified in the plugin before commiting it to
the trunk:
- There were lines with tab indentation instead of the PEP-8
recommended 4-space indentation. I changed them.
- Moved the "self._exec = False" to the top of the plugin, mostly
because I don't want it to run many times if there is some problem
with the plugin. For example, if for some reason the md5 file is not
found, the original "self._exec = False" would never be executed, and
the plugin would run many times.
- Changed the reporting a little bit. Now an information object is
only saved to the kb if the favicon.ico is actually identified.
- Removed the unused "self._fuzzableRequests = []" and "dirs = []"
- I added a test script named
"scripts/script-favicon_identification.w3af" that helps test the
plugin you created by running "./w3af_console -s
scripts/script-favicon_identification.w3af"
To sum up, I did nothing and you did a great job ;) If you perform a
"svn up" of w3af's trunk, you'll find your plugin there.
> In order to learn more about it to, refer to:
> http://kost.com.hr/favicon.phpiimplement mplement
> http://www.owasp.org/index.php/Category:OWASP_Favicon_Database_Project
I see that you guys are trying to expand this database by running
"Internet wide" scans. I have a server that could be used for this
purpose, if you send me a couple of commands that you need me to run,
I'll be more than happy to run them and then send you the response.
Maybe you could assign me the address range for Argentina, Chile,
Uruguay, Bolivia and Paraguay, and I would the results back to you?
Thank you for supporting w3af, and other open source projects like
openvas and nessus!
Cheers,
> Kost
>
--
Andrés Riancho
Founder, Bonsai - Information Security
http://www.bonsai-sec.com/
http://w3af.sf.net/
------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
