Re: [W3af-develop] RESTful : URL parts fuzzing problem

Mon, 09 Jan 2012 12:23:49 -0800 

Hey Guys,

Please notice that xss.py changed somewhat in r4632 (for example, now there
is a class variable named XSS_TESTS, as @laurent correctly pointed out a
couple mails ago in this thread).

Thanks,

Javier

On Mon, Jan 9, 2012 at 5:05 PM, Andres Riancho <andres.rian...@gmail.com>wrote:

> Taras,
>
> On Fri, Jan 6, 2012 at 6:16 PM, Taras <ox...@oxdef.info> wrote:
> > Hi, all and happy new year! :)
> >
> > Laurent thanks for paying attention to fuzzURLParts functionality! :)
> > Especially that we also had a small conversation here about double
> encoding.
> >
> >
> >>> Sorry for that, I attached the proper cleaned patch. In fact :
> >>>
> >>> * m is single encoded version, so we need it
> >>> * m3 is double-encoded version, so we need it
> >>> * m2 : I re-use this code from _createFileNameMutants() method, this is
> >>> perhaps
> >>> not really useful in this case?
> >>
> >>
> >>     Taras, since you've written that piece of code, would you mind
> >> reviewing / testing / commiting the change to SVN?
> >
> >
> > Andres, I will do it in the nearest days.
>
> Sounds good! Laurent will test the fix when you commit it :)
>
> >
> > --
> > Taras
> > http://oxdef.info
> > ----
> > "Software is like sex: it's better when it's free." - Linus Torvalds
>
>
>
> --
> Andrés Riancho
> Director of Web Security at Rapid7 LLC
> Founder at Bonsai Information Security
> Project Leader at w3af
>
>
> ------------------------------------------------------------------------------
> Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
> infrastructure or vast IT resources to deliver seamless, secure access to
> virtual desktops. With this all-in-one solution, easily deploy virtual
> desktops for less than the cost of PCs and save 60% on VDI infrastructure
> costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
> _______________________________________________
> W3af-develop mailing list
> W3af-develop@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/w3af-develop
>

------------------------------------------------------------------------------
Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
infrastructure or vast IT resources to deliver seamless, secure access to
virtual desktops. With this all-in-one solution, easily deploy virtual 
desktops for less than the cost of PCs and save 60% on VDI infrastructure 
costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop

Reply via email to