Fabrizio, 2008/12/18 Fabrizio Francione <[email protected]>: > > Ok sorry but i'm using different pc >> so the final post is: >> >> Starting LDAPi plugin execution. >> Starting phishingVector plugin execution. >> Starting frontpage plugin execution. >> Server uses 200 instead of HTTP 404 error code. >> frontpage plugin failed to find a 404 page. This is mostly because of an >> error in 404 page detection. >> Starting responseSplitting plugin execution. >> The cookie: "ps_sess_id=2afd38999da41ecf29fab615c254a1fa; path=/" was sent >> by these URLs: >> - http://xxx.xxx.xxx.xxx >> Finished scanning process. >> w3af>>> exploit >> w3af/exploit>>> exploit * >> remoteFileIncludeShell plugin has to be correctly configured to use. >> No [blind] sql injection vulnerabilities have been found. >> Hint #1: Try to find vulnerabilities using the audit plugins. >> Hint #2: Use the set command to enter the values yourself, and then >> exploit >> it using fastExploit. >> Using plugin: googleProxy >> google proxy listening on 127.0.0.1:44446 >> Vulnerability successfully exploited. >> This is a list of available shells: >> - [0] <proxy server at: 127.0.0.1:44446> >> Please use the interact command to interact with the shell objects. >> w3af/exploit>>> interact >> This is a list of available shells: >> - [0] <proxy server at: 127.0.0.1:44446> >> w3af/exploit>>> interact 0 >> You should implement the getName method of classes that inherit from >> "proxy" >> w3af/exploit>>>
Please for noticing this problem. It's not a bug "per se", but it's something to be fixed, because you CAN'T interact with proxies, you interact with SHELLS. Cheers, -- Andres Riancho http://w3af.sourceforge.net/ Web Application Attack and Audit Framework ------------------------------------------------------------------------------ SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
