Ksaok,
Which version of w3af are you using? If you're not using the
latest, please update :) If you're... please send me a private email
with the target domain/URL so I can try to debug it.
Regards,
On Tue, Oct 18, 2011 at 3:50 PM, <ks...@sociofob.com> wrote:
> hello all,again!
>
> trying to webSpider site and got this:
>
>
> ----------------
> w3af/plugins>>> back
> w3af>>> start
> Auto-enabling plugin: grep.httpAuthDetect
> Error in grep plugin, "httpAuthDetect" raised the exception: 'utf8' codec
> can't decode byte 0xd8 in position 0: invalid continuation byte. Please
> report this bug to the w3af sourceforge project page [
> https://sourceforge.net/apps/trac/w3af/newticket ]
> Exception: Traceback (most recent call last):
> File "/mnt/1/w3af/core/data/url/xUrllib.py", line 847, in _grep_worker
> timedout_grep_wrapper(request, response)
> UnicodeDecodeError: 'utf8' codec can't decode byte 0xd8 in position 0:
> invalid continuation byte
>
> Traceback (most recent call last):
> File "/mnt/1/w3af/core/controllers/misc/timeout_function.py", line 76,
> in run
> self._result_ = function(*args, **kwds)
> File "/mnt/1/w3af/core/controllers/basePlugin/baseGrepPlugin.py", line
> 61, in grep_wrapper
> self.grep(fuzzableRequest, response)
> File "/mnt/1/w3af/plugins/grep/httpAuthDetect.py", line 161, in grep
> self._find_auth_uri(response)
> File "/mnt/1/w3af/plugins/grep/httpAuthDetect.py", line 196, in
> _find_auth_uri
> documentParser = dpCache.dpc.getDocumentParserFor(response)
> File "/mnt/1/w3af/core/data/parsers/dpCache.py", line 69, in
> getDocumentParserFor
> res = documentParser.documentParser(httpResponse)
> File "/mnt/1/w3af/core/data/parsers/documentParser.py", line 54, in
> __init__
> parser = htmlParser.HTMLParser(httpResponse)
> File "/mnt/1/w3af/core/data/parsers/htmlParser.py", line 51, in __init__
> SGMLParser.__init__(self, http_resp)
> File "/mnt/1/w3af/core/data/parsers/sgmlParser.py", line 73, in __init__
> self._parse(http_resp)
> File "/mnt/1/w3af/core/data/parsers/sgmlParser.py", line 138, in _parse
> etree.fromstring(resp_body, parser)
> File "lxml.etree.pyx", line 2532, in lxml.etree.fromstring
> (src/lxml/lxml.etree.c:48634)
> File "parser.pxi", line 1545, in lxml.etree._parseMemoryDocument
> (src/lxml/lxml.etree.c:72245)
> File "parser.pxi", line 1424, in lxml.etree._parseDoc
> (src/lxml/lxml.etree.c:71106)
> File "parser.pxi", line 938, in lxml.etree._BaseParser._parseDoc
> (src/lxml/lxml.etree.c:67875)
> File "parsertarget.pxi", line 138, in
> lxml.etree._TargetParserContext._handleParseResultDoc
> (src/lxml/lxml.etree.c:78243)
> File "lxml.etree.pyx", line 230, in
> lxml.etree._ExceptionContext._raise_if_stored
> (src/lxml/lxml.etree.c:6821)
> File "saxparser.pxi", line 258, in lxml.etree._handleSaxData
> (src/lxml/lxml.etree.c:74548)
> UnicodeDecodeError: 'utf8' codec can't decode byte 0xd8 in position 0:
> invalid continuation byte
>
>
> Unhandled error, traceback: Traceback (most recent call last):
> File "/mnt/1/w3af/core/controllers/w3afCore.py", line 440, in start
> self._realStart()
> File "/mnt/1/w3af/core/controllers/w3afCore.py", line 539, in _realStart
> self._fuzzableRequestList = self._discover_and_bruteforce()
> File "/mnt/1/w3af/core/controllers/w3afCore.py", line 351, in
> _discover_and_bruteforce
> discovered_fr_list = self._discover( tmp_list )
> File "/mnt/1/w3af/core/controllers/w3afCore.py", line 770, in _discover
> result = self._discoverWorker( toWalk )
> File "/mnt/1/w3af/core/controllers/w3afCore.py", line 842, in
> _discoverWorker
> pluginResult = plugin.discover_wrapper( fr )
> File "/mnt/1/w3af/core/controllers/basePlugin/baseDiscoveryPlugin.py",
> line 48, in discover_wrapper
> return self.discover( fuzzable_request_copy )
> File "/mnt/1/w3af/plugins/discovery/webSpider.py", line 203, in discover
> self._tm.join(self)
> File "/mnt/1/w3af/core/controllers/threads/threadManager.py", line 120,
> in join
> self._threadPool.wait( ownerObj, joinAll )
> File "/mnt/1/w3af/core/controllers/threads/threadpool.py", line 271, in
> wait
> self.poll(block=True, ownerObj=ownerObj, joinAll=joinAll)
> File "/mnt/1/w3af/core/controllers/threads/threadpool.py", line 108, in run
> self.resultQueue.put( (request, request.callable(*request.args,
> **request.kwds)) )
> File "/mnt/1/w3af/plugins/discovery/webSpider.py", line 343, in
> _verify_reference
> request=original_request)
> File "/mnt/1/w3af/core/controllers/basePlugin/baseDiscoveryPlugin.py",
> line 63, in _createFuzzableRequests
> return createFuzzableRequests( httpResponse, request, add_self )
> File "/mnt/1/w3af/core/data/request/frFactory.py", line 89, in
> createFuzzableRequests
> dp = dpCache.dpc.getDocumentParserFor(httpResponse)
> File "/mnt/1/w3af/core/data/parsers/dpCache.py", line 69, in
> getDocumentParserFor
> res = documentParser.documentParser(httpResponse)
> File "/mnt/1/w3af/core/data/parsers/documentParser.py", line 54, in
> __init__
> parser = htmlParser.HTMLParser(httpResponse)
> File "/mnt/1/w3af/core/data/parsers/htmlParser.py", line 51, in __init__
> SGMLParser.__init__(self, http_resp)
> File "/mnt/1/w3af/core/data/parsers/sgmlParser.py", line 73, in __init__
> self._parse(http_resp)
> File "/mnt/1/w3af/core/data/parsers/sgmlParser.py", line 138, in _parse
> etree.fromstring(resp_body, parser)
> File "lxml.etree.pyx", line 2532, in lxml.etree.fromstring
> (src/lxml/lxml.etree.c:48634)
> File "parser.pxi", line 1545, in lxml.etree._parseMemoryDocument
> (src/lxml/lxml.etree.c:72245)
> File "parser.pxi", line 1424, in lxml.etree._parseDoc
> (src/lxml/lxml.etree.c:71106)
> File "parser.pxi", line 938, in lxml.etree._BaseParser._parseDoc
> (src/lxml/lxml.etree.c:67875)
> File "parsertarget.pxi", line 138, in
> lxml.etree._TargetParserContext._handleParseResultDoc
> (src/lxml/lxml.etree.c:78243)
> File "lxml.etree.pyx", line 230, in
> lxml.etree._ExceptionContext._raise_if_stored
> (src/lxml/lxml.etree.c:6821)
> File "saxparser.pxi", line 258, in lxml.etree._handleSaxData
> (src/lxml/lxml.etree.c:74548)
> UnicodeDecodeError: 'utf8' codec can't decode byte 0xd8 in position 0:
> invalid continuation byte
>
>
> Scan finished in 16 seconds.
> Exception in thread Thread-11:
> Traceback (most recent call last):
> File "/usr/lib/python2.6/threading.py", line 532, in __bootstrap_inner
> self.run()
> File "/usr/lib/python2.6/threading.py", line 484, in run
> self.__target(*self.__args, **self.__kwargs)
> File "/mnt/1/w3af/core/ui/consoleUi/rootMenu.py", line 112, in _real_start
> self._w3af.start()
> File "/mnt/1/w3af/core/controllers/w3afCore.py", line 440, in start
> self._realStart()
> File "/mnt/1/w3af/core/controllers/w3afCore.py", line 539, in _realStart
> self._fuzzableRequestList = self._discover_and_bruteforce()
> File "/mnt/1/w3af/core/controllers/w3afCore.py", line 351, in
> _discover_and_bruteforce
> discovered_fr_list = self._discover( tmp_list )
> File "/mnt/1/w3af/core/controllers/w3afCore.py", line 770, in _discover
> result = self._discoverWorker( toWalk )
> File "/mnt/1/w3af/core/controllers/w3afCore.py", line 842, in
> _discoverWorker
> pluginResult = plugin.discover_wrapper( fr )
> File "/mnt/1/w3af/core/controllers/basePlugin/baseDiscoveryPlugin.py",
> line 48, in discover_wrapper
> return self.discover( fuzzable_request_copy )
> File "/mnt/1/w3af/plugins/discovery/webSpider.py", line 203, in discover
> self._tm.join(self)
> File "/mnt/1/w3af/core/controllers/threads/threadManager.py", line 120,
> in join
> self._threadPool.wait( ownerObj, joinAll )
> File "/mnt/1/w3af/core/controllers/threads/threadpool.py", line 271, in
> wait
> self.poll(block=True, ownerObj=ownerObj, joinAll=joinAll)
> File "/mnt/1/w3af/core/controllers/threads/threadpool.py", line 108, in run
> self.resultQueue.put( (request, request.callable(*request.args,
> **request.kwds)) )
> File "/mnt/1/w3af/plugins/discovery/webSpider.py", line 343, in
> _verify_reference
> request=original_request)
> File "/mnt/1/w3af/core/controllers/basePlugin/baseDiscoveryPlugin.py",
> line 63, in _createFuzzableRequests
> return createFuzzableRequests( httpResponse, request, add_self )
> File "/mnt/1/w3af/core/data/request/frFactory.py", line 89, in
> createFuzzableRequests
> dp = dpCache.dpc.getDocumentParserFor(httpResponse)
> File "/mnt/1/w3af/core/data/parsers/dpCache.py", line 69, in
> getDocumentParserFor
> res = documentParser.documentParser(httpResponse)
> File "/mnt/1/w3af/core/data/parsers/documentParser.py", line 54, in
> __init__
> parser = htmlParser.HTMLParser(httpResponse)
> File "/mnt/1/w3af/core/data/parsers/htmlParser.py", line 51, in __init__
> SGMLParser.__init__(self, http_resp)
> File "/mnt/1/w3af/core/data/parsers/sgmlParser.py", line 73, in __init__
> self._parse(http_resp)
> File "/mnt/1/w3af/core/data/parsers/sgmlParser.py", line 138, in _parse
> etree.fromstring(resp_body, parser)
> File "lxml.etree.pyx", line 2532, in lxml.etree.fromstring
> (src/lxml/lxml.etree.c:48634)
> File "parser.pxi", line 1545, in lxml.etree._parseMemoryDocument
> (src/lxml/lxml.etree.c:72245)
> File "parser.pxi", line 1424, in lxml.etree._parseDoc
> (src/lxml/lxml.etree.c:71106)
> File "parser.pxi", line 938, in lxml.etree._BaseParser._parseDoc
> (src/lxml/lxml.etree.c:67875)
> File "parsertarget.pxi", line 138, in
> lxml.etree._TargetParserContext._handleParseResultDoc
> (src/lxml/lxml.etree.c:78243)
> File "lxml.etree.pyx", line 230, in
> lxml.etree._ExceptionContext._raise_if_stored
> (src/lxml/lxml.etree.c:6821)
> File "saxparser.pxi", line 258, in lxml.etree._handleSaxData
> (src/lxml/lxml.etree.c:74548)
> UnicodeDecodeError: 'utf8' codec can't decode byte 0xd8 in position 0:
> invalid continuation byte
>
> Exception in thread Thread-3:
> Traceback (most recent call last):
> File "/usr/lib/python2.6/threading.py", line 532, in __bootstrap_inner
> self.run()
> File "/mnt/1/w3af/core/controllers/threads/threadpool.py", line 108, in run
> self.resultQueue.put( (request, request.callable(*request.args,
> **request.kwds)) )
> File "/mnt/1/w3af/plugins/discovery/webSpider.py", line 269, in
> _verify_reference
> headers=headers)
> File "/mnt/1/w3af/core/controllers/basePlugin/basePlugin.py", line 261,
> in meth
> return attr(*args, **kwargs)
> File "/mnt/1/w3af/core/data/url/xUrllib.py", line 321, in GET
> return self._send(req, useCache=useCache, grepResult=grepResult)
> File "/mnt/1/w3af/core/data/url/xUrllib.py", line 503, in _send
> self._callBeforeSend()
> File "/mnt/1/w3af/core/data/url/xUrllib.py", line 109, in _callBeforeSend
> self._sleepIfPausedDieIfStopped()
> File "/mnt/1/w3af/core/data/url/xUrllib.py", line 138, in
> _sleepIfPausedDieIfStopped
> raise KeyboardInterrupt
> KeyboardInterrupt
> -------------------
>
>
> cheers!
>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common sense.
> http://p.sf.net/sfu/splunk-d2d-oct
> _______________________________________________
> W3af-develop mailing list
> W3af-develop@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/w3af-develop
>
--
Andrés Riancho
Director of Web Security at Rapid7 LLC
Founder at Bonsai Information Security
Project Leader at w3af
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
