Robert, On Sun, Nov 30, 2008 at 6:26 PM, Robert Larsen <[EMAIL PROTECTED]> wrote: > Hi all > > I've been playing with w3af for a month now and I am very impressed. > Great work guys.
Thanks! =) > In fact, next wednesday I am doing a 15 minutes w3af demo to the first > OWASP meeting in Denmark, but I have a bit of a problem. I'm glad you are going to give a w3af talk/demo! If you want to, I can review your slides/speed/demo procedure/whatever =) > I created a web application that suffers from a remote file inclusion > vulnerability and w3af finds it in seconds so I go to the "Exploit" tab > and clicks the "Remote file inclusion vulnerability" in the > "Vulnerabilities" list. "remoteFileIncludeShell" and "rfiProxy" is now > bold, indicating that I can use them, so I drag them onto the vulnerability. > > "remoteFileIncludeShell" says: > Checking suitability... > Sorry, this attack plugin can not exploit this vulnerability > > > ...and "rfiProxy" says: > Checking suitability... > ok > Exploiting... > No remote file inclusion vulnerabilities have been found. > > Why is this ? I have way enough material to do a good demo but I would > like to show everything. 0- Please update to the latest version of w3af (from the svn), I just fixed some minimal things in the RFI exploitation phase. 1- Please configure the plugin 2- Run and enjoy =) > Sincerely, > Robert Larsen > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > W3af-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/w3af-users > -- Andres Riancho http://w3af.sourceforge.net/ Web Application Attack and Audit Framework ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
