Re: [W3af-develop] w3af q

Tue, 03 Mar 2015 04:02:38 -0800 

Electric Mind,

On Tue, Mar 3, 2015 at 5:40 AM, Electric Mind <mai...@zensecurity.su> wrote:
> Hello everyone!
>
> Here is my code sample:
>
> #!/usr/bin/env python
>
> from w3af.core.controllers.w3afCore import w3afCore
> from w3af.plugins.tests.helper import create_target_option_list
> from w3af.core.data.parsers.url import URL
> from w3af.core.data.options.option_list import OptionList
> from w3af.core.data.options.opt_factory import opt_factory
> from  w3af.core.data.kb import knowledge_base
>
> w3afcore = w3afCore()
> target_opts = create_target_option_list(URL("http://localhost";))
> w3afcore.target.set_options(target_opts)
>
> w3afcore.plugins.set_plugins(['click_jacking'] , 'grep')
>
> w3afcore.plugins.init_plugins()
> w3afcore.start()
>
>
> I’d like to understand where is method “OPTIONS * HTTP/1.0” get executed. I
> couldn’t find it in fingerprint_404 class...
>
> Below you could see my apache logs:
>
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428
> "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0;
> w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428
> "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0;
> w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428
> "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0;
> w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428
> "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0;
> w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428
> "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0;
> w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428
> "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0;
> w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428
> "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0;
> w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428
> "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0;
> w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428
> "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0;
> w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428
> "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0;
> w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428
> "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0;
> w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428
> "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0;
> w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428
> "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0;
> w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428
> "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0;
> w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET / HTTP/1.1" 200 428
> "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0;
> w3af.org)”
>
> ==> error.log <==
> [Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist:
> /var/www/lvX119D7.cgi
> [Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist:
> /var/www/BdfTExEg.do
>
> ==> other_vhosts_access.log <==
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /lvX119D7.cgi
> HTTP/1.1" 404 447 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;
> Trident/4.0; w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /BdfTExEg.do
> HTTP/1.1" 404 446 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;
> Trident/4.0; w3af.org)"
>
> ==> error.log <==
>
> [Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist:
> /var/www/zneaLKli.asp
> [Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist:
> /var/www/nj2Wub66.foobar
> [Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist:
> /var/www/mp5JzKQz.htm
> [Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist:
> /var/www/Ll5OAx0X.py
> [Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist:
> /var/www/VCVM34f7.gif
> [Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist:
> /var/www/348kxmyI.htmls
> [Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist:
> /var/www/lY3gD4if.jsp
> [Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist:
> /var/www/FJZ3bNfK.rb
>
> ==> other_vhosts_access.log <==
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /zneaLKli.asp
> HTTP/1.1" 404 446 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;
> Trident/4.0; w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /nj2Wub66.foobar
> HTTP/1.1" 404 450 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;
> Trident/4.0; w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /mp5JzKQz.htm
> HTTP/1.1" 404 448 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;
> Trident/4.0; w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /Ll5OAx0X.py
> HTTP/1.1" 404 447 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;
> Trident/4.0; w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /VCVM34f7.gif
> HTTP/1.1" 404 449 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;
> Trident/4.0; w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /348kxmyI.htmls
> HTTP/1.1" 404 448 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;
> Trident/4.0; w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /lY3gD4if.jsp
> HTTP/1.1" 404 448 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;
> Trident/4.0; w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /FJZ3bNfK.rb
> HTTP/1.1" 404 448 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;
> Trident/4.0; w3af.org)"
>
> ==> error.log <==
> [Mon Mar 02 03:46:44 2015] [error] [client ::1] File does not exist:
> /var/www/JxX8yBjT.xhtml
>
> ==> other_vhosts_access.log <==
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:44 -0500] "GET /JxX8yBjT.xhtml
> HTTP/1.1" 404 449 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;
> Trident/4.0; w3af.org)"
>
> ==> error.log <==
> [Mon Mar 02 03:46:45 2015] [error] [client ::1] script
> '/var/www/joHWRGWy.php' not found or unable to stat
> [Mon Mar 02 03:46:45 2015] [error] [client ::1] File does not exist:
> /var/www/GFDhaqJu.aspx
>
> ==> other_vhosts_access.log <==
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:45 -0500] "GET /joHWRGWy.php
> HTTP/1.1" 404 448 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;
> Trident/4.0; w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:45 -0500] "GET /GFDhaqJu.aspx
> HTTP/1.1" 404 448 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;
> Trident/4.0; w3af.org)"
>
> ==> error.log <==
> [Mon Mar 02 03:46:46 2015] [error] [client ::1] File does not exist:
> /var/www/1Qy6y9dj.pl
>
> ==> other_vhosts_access.log <==
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:46 -0500] "GET /1Qy6y9dj.pl
> HTTP/1.1" 404 447 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1;
> Trident/4.0; w3af.org)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:47 -0500] "OPTIONS * HTTP/1.0" 200
> 126 "-" "Apache/2.2.22 (Debian) (internal dummy connection)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:48 -0500] "OPTIONS * HTTP/1.0" 200
> 126 "-" "Apache/2.2.22 (Debian) (internal dummy connection)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:49 -0500] "OPTIONS * HTTP/1.0" 200
> 126 "-" "Apache/2.2.22 (Debian) (internal dummy connection)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:50 -0500] "OPTIONS * HTTP/1.0" 200
> 126 "-" "Apache/2.2.22 (Debian) (internal dummy connection)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:51 -0500] "OPTIONS * HTTP/1.0" 200
> 126 "-" "Apache/2.2.22 (Debian) (internal dummy connection)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:52 -0500] "OPTIONS * HTTP/1.0" 200
> 126 "-" "Apache/2.2.22 (Debian) (internal dummy connection)"
> 127.0.1.1:80 ::1 - - [02/Mar/2015:03:46:53 -0500] "OPTIONS * HTTP/1.0" 200
> 126 "-" "Apache/2.2.22 (Debian) (internal dummy connection)”

w3af doesn't send those HTTP requests, those are for internal
management of child processes in apache, see:
    https://wiki.apache.org/httpd/InternalDummyConnection

>
> Thanks!
>
>
> Best Regards.
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming The Go Parallel Website,
> sponsored
> by Intel and developed in partnership with Slashdot Media, is your hub for
> all
> things parallel software development, from weekly thought leadership blogs
> to
> news, videos, case studies, tutorials and more. Take a look and join the
> conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> W3af-develop mailing list
> W3af-develop@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/w3af-develop
>



-- 
Andrés Riancho
Project Leader at w3af - http://w3af.org/
Web Application Attack and Audit Framework
Twitter: @w3af
GPG: 0x93C344F3

------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop

Reply via email to