Though its not all that pretty, I've yet to throw a large file at vi/vim and have it fail. Also, the commands "less" and "more" may also work for a read-only view. I'd suggest you try those for your monster output-http.txt.
Also, you should look at the *nix "split" command which could break that huge file into manageable chunks. This is default installed on Linux and OS-X and I'd bet it could be added to Windows via Cygwin. http://linux.die.net/man/1/split http://www.cygwin.com/ Cheers. -- Matt Tesauro OWASP Live CD Project Lead http://www.owasp.org/index.php/Category:OWASP_Live_CD_2008_Project http://mtesauro.com/livecd/ - Documentation Wiki James Cole wrote: > Hi All > > Thank you for the excellent response. > > I have spoken to my client and his ISP and indeed after pulling down 85 > card numbers, I was told that there where only a few card numbers on my > clienst site and no card numbers on any other vhosts on the same server > platform. So I can asume that the plugin has reported false postivies. > > As for checking and verifing the data I was unbale to open the > output-http.txt as it just crashes, it is 600Mb so I will run the test > again over a short period so I can verifiy the data. > > I could open the output.txt file and also discovered the following > error, hopfully this will be helpful to you. > > [ Thu 12 Mar 2009 10:07:39 AM GMT - error - threadManager ] Error in > grep plugin, "passwordProfiling" raised the exception: 'queryString' > object has no attribute 'split'. Please report this bug to the w3af > sourceforge project page [ > http://sourceforge.net/tracker/?func=add&group_id=170274&atid=853652 > <http://sourceforge.net/tracker/?func=add&group_id=170274&atid=853652> ] > Exception: Traceback (most recent call last): > File "/usr/bin/samurai/w3af/core/data/url/xUrllib.py", line 697, in > _grepWorker > grepPlugin.grep_wrapper( request, response) > AttributeError: 'queryString' object has no attribute 'split' > > [ Thu 12 Mar 2009 10:07:39 AM GMT - error - threadManager ] Traceback > (most recent call last): > File "/usr/bin/samurai/w3af/core/data/url/xUrllib.py", line 697, in > _grepWorker > grepPlugin.grep_wrapper( request, response) > File > "/usr/bin/samurai/w3af/core/controllers/basePlugin/baseGrepPlugin.py", > line 60, in grep_wrapper > self.grep( fuzzableRequest, response ) > File "/usr/bin/samurai/w3af/plugins/grep/passwordProfiling.py", line > 96, in grep > and not self._wasSent( request, d ) and len(d) > 3 \ > File > "/usr/bin/samurai/w3af/core/controllers/basePlugin/baseGrepPlugin.py", > line 80, in _wasSent > sentData = urllib.unquote( sentData ) > File "/usr/lib/python2.5/urllib.py", line 1153, in unquote > res = s.split('%') > AttributeError: 'queryString' object has no attribute 'split' > > Thanks again > James > > > 2009/3/18 Andres Riancho <[email protected] > <mailto:[email protected]>> > > Sasha, > > On Wed, Mar 18, 2009 at 5:21 AM, Alexander Berezhnoy > <[email protected] > <mailto:[email protected]>> wrote: > > Hi James, > > > > That's me who has written this plugin, so I will respond =) > > > > 2009/3/16 James Cole <[email protected] > <mailto:[email protected]>>: > >> Hi > >> > >> I have been getting to grips with W3af for the last month and a great > >> opportunity came about when a client I am currently working for > asked me to > >> test there web application. > >> > >> The client has their site on a shared (VPS) server and wanted to > know if any > >> credit card number could be gleaned from the site. I setup W3af > on a hard > >> drive install VMware image of Samurai (updated W3af via svn) and > ran a high > >> risk scan. > >> > >> > >> > >> The first problem I ran into was after an hour (or there about) > the gui > >> interface would blank out and the process was running at around > 90%, I let > >> the scan finish which it did but could not recover the gui > interface from > >> its blank screen. > >> > >> > >> > >> A quick side line here I saved my data to a txt output and an > html output, > >> the html output did not record any data and was just blank, is > this the norm > >> at the moment. > >> > >> > >> > >> The good news was that before the GUI failed I was able to > recover 15 credit > >> card numbers. I ran the scan again but with only the credit card > number > >> plugin and recovered 85 credit card numbers. > >> > >> > >> > >> Now my main question is how I manually verify the data I have > collected is > >> indeed from my client’s server. There is not a great deal of > information on > >> the plugin and I would like to understand the process a little > better for my > >> report for my client. > >> > > > > The plugin detects those sequences of digits which pass the Luhn > > check, that's all. You can open the "Results" tab and see the > > responses which were reported as containing card numbers. > > I just remembered this bug I found some days ago, could you please > fix it? > > > https://sourceforge.net/tracker2/?func=detail&aid=2675396&group_id=170274&atid=853652 > > <https://sourceforge.net/tracker2/?func=detail&aid=2675396&group_id=170274&atid=853652> > > The bug is that we are identifying a CC number when we have > 11234CC3333, and we shouldn't. I mean... if we have a CC number, but > at the end or the beginning it has numbers, it's not a CC number. > > > Andres, it seems a good idea to implement the highlighting of the > > findings for the grep plugins, what do you think? > > The highlight feature is already implemented in the core, but only the > mxInjection plugin uses it: > > d...@brick:~/w3af/w3af/trunk$ grep setToHighlight plugins/* -Rs > plugins/audit/mxInjection.py: v.setToHighlight( > mx_error ) > d...@brick:~/w3af/w3af/trunk$ > > I implemented it in the core a couple of weeks ago, and I failed to do > it in all the plugins, which is just adding a lot of > "v.setToHighlight( error_string )" or "i.setToHighlight( error_string > )" in the code. > > Any volunteers for this task? > > Cheers, > > > Sasha. > > > > /////// > >> > >> > >> Thanks in advance for any help > >> > >> > >> > >> James > >> > > > > > > -- > Andrés Riancho > http://www.bonsai-sec.com/ > http://w3af.sourceforge.net/ > > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------------ > Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are > powering Web 2.0 with engaging, cross-platform capabilities. Quickly and > easily build your RIAs with Flex Builder, the Eclipse(TM)based development > software that enables intelligent coding and step-through debugging. > Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com > > > ------------------------------------------------------------------------ > > _______________________________________________ > W3af-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/w3af-users ------------------------------------------------------------------------------ Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
