Hi all,
Finally, I can use post method to start scan...
It spends me almost one week thanks everyone's help.
I tried to figure out how to change ip address and open port... I found it,
too!!!
So Thanks again.
Andres Riancho <[email protected]> 於 2015/7/29 (週三) 8:02 PM 寫道﹕
I modified the documentation to show a successful POST request and response:
http://docs.w3af.org/en/latest/api/scans.html#starting-a-scan
On Wed, Jul 29, 2015 at 12:29 AM, 冠庭 羅 <[email protected]> wrote:
> Hi,
> I think I got what you mean..
>
> @POST
> @SuppressWarnings("unchecked")
> @Path("/ScanTarget")
> @Consumes(MediaType.APPLICATION_JSON)
> @Produces(MediaType.APPLICATION_JSON)
> public void ScanIt() throws JSONException, IOException{
>
> File _file = new
> File("/home/tiff/w3af/profiles/fast_scan.pw3af");
>
> JSONObject jsonObject = new JSONObject();
>
> jsonObject.put("scan_profile",
> connect.convertFileToString(_file));
>
> JSONArray jsonArray = new JSONArray();
>
> jsonArray.put(target.get_tagetURL());
>
> jsonObject.put("target_url", jsonArray);
>
> System.out.println("output:" + jsonObject.toString());
>
> ClientConfig config = new DefaultClientConfig();
>
> Client client = Client.create(config);
>
> WebResource service =
> client.resource("http://127.0.0.1:5000/scans/";);
>
> ClientResponse client_response =
> service.accept(MediaType.APPLICATION_JSON).post(ClientResponse.class,
> jsonObject);
> }
>
> /*Convert file to Base64 String*/
> public String convertFileToString(File file) throws IOException{
> byte[] bytes = Files.readAllBytes(file.toPath());
> return new String(Base64.encode(bytes));
> }
>
> Although it still has clientHandlerException now.. but is this a correct
> direction what you want to tell me?
>
> Thanks
> Tiff
>
>
>
> Andres Riancho <[email protected]> 於 2015/7/28 (週二) 7:47 PM 寫道﹕
>
>
> Tiff,
>
> Why do you create a new email thread for each email you send?
>
> On Tue, Jul 28, 2015 at 12:13 AM, 冠庭 羅 <[email protected]> wrote:
>> Hi Andrés Riancho,
>>
>> Sorry.. That is language gap... I thought that filename is like
>> "fast_scan.pw3af" so that I keep trying on folder name
>> But anyway, I tried "../../fast_scan.pw3af" before...
>> my code is like this (only change to the scan_profile)
>> @POST
>> @SuppressWarnings("unchecked")
>> @Path("/ScanTarget")
>> @Consumes(MediaType.APPLICATION_JSON)
>> @Produces(MediaType.APPLICATION_JSON)
>> public int ScanIt() throws IOException {
>> JSONObject jsonObject = new JSONObject();
>> jsonObject.put("scan_profile",
>> "/home/tiff/w3af/profiles/fast_scan.pw3af");
>
> Once again, you need to send THE CONTENTS OF THE FILE, NOT THE FILE NAME.
>
>> JSONArray jsonArray = new JSONArray();
>> jsonArray.add("http://testaspnet.vulnweb.com/";);
>> jsonObject.put("target_url", jsonArray);
>> System.out.println("output:" + jsonObject.toJSONString());
>> connect.set_response(
>> connect.get_service().
>> request().
>> header("Content-Type", "application/json").
>> post(Entity.json(jsonObject.toJSONString())));
>> return connect.get_status();
>> }
>>
>> and I got the status 301 message from w3af_api console
>>
>> (venv)[root@localhost w3af]# ./w3af_api
>> * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)
>> 127.0.0.1 - - [27/Jul/2015 11:19:40] "POST /scans HTTP/1.1" 301 -
>> 127.0.0.1 - - [27/Jul/2015 11:19:40] "GET /scans/ HTTP/1.1" 200 -
>>
>> What's wrong in my web service or somewhere I lost it?
>>
>> Thanks
>>
>> Tiff
>>
>>
>>
>> ------------------------------------------------------------------------------
>>
>> _______________________________________________
>> W3af-develop mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/w3af-develop
>
>>
>
>
>
> --
> Andrés Riancho
>
> Project Leader at w3af - http://w3af.org/
> Web Application Attack and Audit Framework
> Twitter: @w3af
> GPG: 0x93C344F3
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> W3af-develop mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/w3af-develop
>
--
Andrés Riancho
Project Leader at w3af - http://w3af.org/
Web Application Attack and Audit Framework
Twitter: @w3af
GPG: 0x93C344F3
------------------------------------------------------------------------------
_______________________________________________
W3af-develop mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-develop
