Marthe, On Mon, Jul 20, 2009 at 10:20 AM, Marthe Engebretsen<[email protected]> wrote: > Dear list, > > > > I’ve been testing W3AF for some weeks now, as part of a large project > concerning web application security and web application vulnerability > scanning. W3AF is one of my absolute favorites of the tools tested, but > recently I’ve got some problems when scanning my “known vulnerable test > site” for SQL Injections. > > > > In order to check how the tool manage blind SQL injections my test site has > been modified to not show database error messages (MySQL-database). When the > blindSqli plugin is enabled it only returns:” Too many retries when trying > to get: … URL…”. I’ve tried to tune both blindSqli-plugin settings and > http-settings, but I still get the same result. > > > > Any ideas on what the problem is, and how to get the plugin to work > properly?
Are you using some kind of IPS, that could be closing TCP connections based on the packet payloads? Cheers, > > > Thanks in advance and best regards, > > Marthe Engebretsen > > > > ------------------------------------------------------------------------------ > Enter the BlackBerry Developer Challenge > This is your chance to win up to $100,000 in prizes! For a limited time, > vendors submitting new applications to BlackBerry App World(TM) will have > the opportunity to enter the BlackBerry Developer Challenge. See full prize > details at: http://p.sf.net/sfu/Challenge > _______________________________________________ > W3af-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/w3af-users > > -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
