While creating a package of the latest SVN release, I noticed some incorrect behavior of w3af_console. If you enter the console and run the "version" command, you get a stack trace:
$ svn update At revision 2310. $ ./w3af_console You won't be able to use the web20Spider without zc.testbrowser.real library installed. Exception: No module named testbrowser.src.zc.testbrowser.real global name 'Browser' is not defined. You can get MozRepl at http://hyperstruct.net/projects/mozlab . w3af>>> version Traceback (most recent call last): File "/home/mtesauro/w3af/core/ui/consoleUi/consoleUi.py", line 171, in _handleKey self._handlers[key]() File "/home/mtesauro/w3af/core/ui/consoleUi/consoleUi.py", line 265, in _onEnter self._execute() File "/home/mtesauro/w3af/core/ui/consoleUi/consoleUi.py", line 233, in _execute menu = self._context.execute(params) File "/home/mtesauro/w3af/core/ui/consoleUi/menu.py", line 169, in execute return handler( params ) File "/home/mtesauro/w3af/core/ui/consoleUi/rootMenu.py", line 121, in _cmd_version om.out.console( self._w3af.getVersion() ) AttributeError: w3afCore instance has no attribute 'getVersion' In looking at the problem, it would appear that getVersion is called but never defined. $ grep -R -n "getVersion" ./* Binary file ./core/ui/consoleUi/rootMenu.pyc matches ./core/ui/consoleUi/rootMenu.py:121: om.out.console( self._w3af.getVersion() ) ./core/ui/consoleUi/.svn/text-base/rootMenu.py.svn-base:121: om.out.console( self._w3af.getVersion() ) $ wc -l core/ui/consoleUi/rootMenu.py 121 core/ui/consoleUi/rootMenu.py $ tail -n 6 core/ui/consoleUi/rootMenu.py def _cmd_version(self, params): ''' Show the w3af version and exit ''' om.out.console( self._w3af.getVersion() ) I've used the w3af_console version command to check installs previously with success: # ./w3af_console You won't be able to use the web20Spider without zc.testbrowser.real library installed. Exception: No module named testbrowser.src.zc.testbrowser.real global name 'Browser' is not defined. You can get MozRepl at http://hyperstruct.net/projects/mozlab . w3af>>> version w3af - Web Application Attack and Audit Framework Version: beta7 Revision: 1903 Author: Andres Riancho and the w3af team. w3af>>> exit Note: The above was copy and pasted from here: http://mtesauro.com/livecd/index.php?title=Making_the_w3af_module (search for "beta7" to find the spot on that very long page) You can see the diff between the current release (2310) and the one above which worked previously (1903) with the following command: $ svn diff https://w3af.svn.sourceforge.net/svnroot/w3af/trunk/core/ui/consoleUi/rootmenu...@2310 https://w3af.svn.sourceforge.net/svnroot/w3af/trunk/core/ui/consoleUi/rootmenu...@1903 but I didn't find anything blatant in that diff. Just to make sure, I pulled a fresh svn checkout of trunk (r2310) into a newly created directory and the stack trace remains. Don't tell Andres and ruin his vacation ; ) -- -- Matt Tesauro OWASP Live CD Project Lead http://www.owasp.org/index.php/Category:OWASP_Live_CD_2008_Project http://mtesauro.com/livecd/ - Documentation Wiki ------------------------------------------------------------------------------ _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
