Anirban, On Wed, Mar 25, 2009 at 5:41 PM, Anirban Banerjee <[email protected]> wrote: > Dear all, > I am a w3af newbie. I have searched for an answer to my > question but have not found something spot on and hence this mail. > > I ran a scan against a site and this is what came up among other things. > > A web backdoor was found at: > http://www.xxxxxxxxxxx.com/php-backdoor.php ; this could indicate that > your server was hacked. The vulnerability was found in the request with > id 326. > > URL : http://www.xxxxxxxxxxx.com/php-backdoor.php > > I have checked the server and have not found any file like this, I have > used search engines to see if they picked up anything and they didn't. I > have tried the URL and got 404 errors. Should I use netcat to connect or > something? I have looked at the output-http.txt file and located > Request/Response 326 and see a 404 error there. Any advice would be > greatly appreciated :)
Seems to be a false positive, w3af fails to detect 404 error messages sometimes. > Thanks :-) > > > > ------------------------------------------------------------------------------ > _______________________________________________ > W3af-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/w3af-users > -- Andrés Riancho http://www.bonsai-sec.com/ http://w3af.sourceforge.net/ ------------------------------------------------------------------------------ _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
