I just did some pentesting for a customer and recognized a interesting vulnerability: A blind local file inclusion. Thought about detecting it in a fully automated manner for 2 minutes : ../../../../../../../../../../dev/urandom -> Timeout
Time Delay, lfi.py extension? Good Idea, Bad Idea? Feedback welcome. All the best, Dan ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
