I made a little cms to exploit it in localhost. It can be downlaoded from: http://asapload.com/222129 http://www.mediafire.com/download.php?mfjntztejme
MD5: 1722e37f69a919 fc60c151177c2b a99d cms.tar.gz I used pipper to find a login zone an then I used it again to brute force the password: ------------------------------ s...@debian:~/pipper/pipper$ perl pipper "http://localhost/cms/whoami/[file]"; -v file=logins.txt -hc 404 ==[Options]============================================================================ Url : http://localhost/cms/whoami/[file] Vars : file=logins.txt Payloads Path : /home/xxxxxxxx/pipper/pipper Hide Codes : 404 Download Page : no (using HEADs) Threads : 20 - Payload : file - Aprox Requests : 12220 Response Codes : 200 OK 204 Empty 301 Mved 401 Unauth. 404 NotFound 500 SrvError ==[Begin 17:00]======================================================================== Server : Apache/??? ======================================================================================= #00001 200 6 24 cms/whoami/ #06000 301 6= 26 cms/whoami/idiomas ==[End]================================================================================ s...@debian:~/pipper/pipper$ perl pipper "http://localhost/cms/whoami/[file].php"; -v file=logins.txt -hc 404 ==[Options]============================================================================ Url : http://localhost/cms/whoami/[file].php Vars : file=logins.txt Payloads Path : /home/xxxxxxxxx/pipper/pipper Hide Codes : 404 Download Page : no (using HEADs) Threads : 20 - Payload : file - Aprox Requests : 12220 Response Codes : 200 OK 204 Empty 301 Mved 401 Unauth. 404 NotFound 500 SrvError ==[Begin 17:08]======================================================================== Server : Apache/??? ======================================================================================= #00310 200 6 24 cms/whoami/admin.php #06069 200 6 24 cms/whoami/index.php ==[End]================================================================================ s...@debian:~/pipper/pipper$ perl pipper "http://localhost/cms/whoami/admin.php"; pass=[file] -v file=big.txt -hw 63 -t 50 ==[Options]============================================================================ Url : http://localhost/cms/whoami/admin.php Post Data : pass=[file] Vars : file=big.txt Payloads Path : /home/xxxxxxxx/pipper/pipper Hide Words : 63 Download Page : yes Threads : 50 - Payload : file - Aprox Requests : 3046 Response Codes : 200 OK 204 Empty 301 Mved 401 Unauth. 404 NotFound 500 SrvError ==[Begin 18:37]======================================================================== Server : Apache/??? ======================================================================================= #02033 200 18 68 cms/whoami/admin.php pass=pass ==[End]================================================================================ ------------------------ It was very easy, of course, but I thinked it can be easiest with w3af. First I runed a scan with the two brute force plugins and some of discovery, but it never found /cms/whoami/admin.php I tried with all the plugins and it didn't worked: ---------- [vie 22 may 2009 21:37:00 ART] Server uses 204 instead of HTTP 404 error code. [vie 22 may 2009 21:37:28 ART] Your ISP has no transparent proxy. [vie 22 may 2009 21:37:28 ART] The remote HTTP Server ommited the "server" header in it's response. This information was found in the request with id 26685. [vie 22 may 2009 21:37:28 ART] webDiff plugin: You have to configure the local and remote directory to compare. [vie 22 may 2009 21:37:28 ART] [vie 22 may 2009 21:37:28 ART] **IMPORTANT** The following error was detected by w3af and couldn't be resolved: The xUrllib found too much consecutive errors. The remote webserver doesn't seem to be reachable anymore; please verify manually. [vie 22 may 2009 21:37:28 ART] [vie 22 may 2009 21:37:28 ART] Could not determine the language of the site. ----------- I'm using XAMPP for linux 1.7.1 has w3af a plugin to find url's bruteforcing? how can I fix the xUrllib error? was this email easy to understand? I can write it in spanish if not ------------------------------------------------------------------------------ Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers & brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, & iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian Group, R/GA, & Big Spaceship. http://www.creativitycat.com _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
