Cesar,
Sorry for the late response, I'm catching up with my old emails =)
On Mon, Jun 22, 2009 at 12:19 PM, cesar bourlot<[email protected]> wrote:
> Hi Andres/List:
> This is not so important, but can contribute to fix some bugs.
> I had this info in a report:
>
> "A fake FrontPage Configuration Information file was found at:
> "http://localhost:800/_vti_inf.html";. This may be an indication of a
> honeypot, a WAF or an IPS. This information was found in the request with id
> 374."
>
> This is the request:
> GET http://localhost:800/_vti_inf.html HTTP/1.1
> Host: localhost:800
> Accept-encoding: identity
> Accept: */*
> User-agent: w3af.sourceforge.net
>
> And this is the response:
> HTTP/1.1 404 Not Found
> date: Mon, 22 Jun 2009 14:30:58 GMT
> content-length: 271
> content-type: text/html; charset=iso-8859-1
> server: Apache
>
> Note that the response was "HTTP/1.1 404 Not Found", so why "A fake
> FrontPage Configuration Information file was found..."?
hmmm, one more time, the 404 detection is working poorly... it seems
that in your case the response is not being detected as a 404, so it's
analyzed:
# Check if it's a Fronpage Info file
if not is_404( response ):
fuzzable_return_value.extend(
self._createFuzzableRequests( response ) )
self._analyze_response( response )
return fuzzable_return_value
The analysis result is a "fake FrontPage Configuration..." because the
code is trying to parse the 404 and fails...
This is not a bug in the discovery.front_page plugin, it's a much
serious bug in the 404 detection in the framework. I'll work with this
over the evening.
Thanks for reporting, and please keep doing it =)
Cheers,
> Cheers.
>
>
> --
> Cesar R. Bourlot
>
>
> ------------------------------------------------------------------------------
> Are you an open source citizen? Join us for the Open Source Bridge
> conference!
> Portland, OR, June 17-19. Two days of sessions, one day of unconference:
> $250.
> Need another reason to go? 24-hour hacker lounge. Register today!
> http://ad.doubleclick.net/clk;215844324;13503038;v?http://opensourcebridge.org
> _______________________________________________
> W3af-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/w3af-users
>
>
--
Andrés Riancho
Founder, Bonsai - Information Security
http://www.bonsai-sec.com/
http://w3af.sf.net/
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
W3af-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-users
