Hi
I'm currently playing a bit with w3af and WackoPicko and used the spiderMan
plugin to identify
all pages. Reviewing the results of the discovery phase, I noticed that w3af
didn't have all input fields in the
list of fuzzable requests. Especially the values of the POST requests have
not been parsed correctly.
Example:
POST request to passcheck.php (a page with a know command injection
vulnerability) with the "password input field"
resulted in a empty POST request.
Here is the list of the fuzzable requests from w3af:
The list of fuzzable requests is:
- http://192.168.16.128 | Method: GET
- http://192.168.16.128/passcheck.php | Method: POST
- http://192.168.16.128/pictures/search.php | Method: GET | Parameters:
(query="")
Finished scanning process.
I tried to localize the cause of the problem and I think I found it inside
the "createFuzzableRequestRaw"Method in the file frFactory.py.
This method doesn't set the data container of the fuzzableRequest if the
request correctly)
Anyone noticed the same problem?
WackoPicko (the vulnerable app I used during the test) can be found here:
https://github.com/adamdoupe/WackoPicko
Please let me know if you have any questions!
Kind regards
Hans-Martin
------------------------------------------------------------------------------
The modern datacenter depends on network connectivity to access resources
and provide services. The best practices for maximizing a physical server's
connectivity to a physical network are well understood - see how these
rules translate into the virtual world?
http://p.sf.net/sfu/oracle-sfdevnlfb
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
