Nicolas,
Please read inline,
On Wed, Oct 28, 2009 at 8:46 AM, Nicolas Krassas <[email protected]> wrote:
> Hi,
>
> Few days now and following always the svn version, I’m having
> problem with w3af, seems that it’s getting stuck. Here is the setup:
>
>
>
> w3af>>> plugins
>
> w3af/plugins>>> discovery
> wordpress_fingerprint,MSNSpider,userDir,webSpider,sharedHosting,serverStatus,serverHeader,hmap,allowedMethods
>
> w3af/plugins>>> audit
> xss,sqli,generic,dav,LDAPi,blindSqli,frontpage,osCommanding,localFileInclude
>
> w3af/plugins>>> output textFile
Setup looks ok, but you should enable debugging in the textFile output
plugin to analyze your problem.
> w3af/config:target>>> set target http://www.host
>
> w3af/config:target>>> back
>
> w3af>>> start
>
> Auto-enabling plugin: grep.error500
>
> Auto-enabling plugin: discovery.frontpage_version
>
> Auto-enabling plugin: grep.httpAuthDetect
>
> Auto-enabling plugin: discovery.fingerMSN
>
> Auto-enabling plugin: discovery.fingerGoogle
>
> Auto-enabling plugin: discovery.fingerPKS
>
> The server header for the remote web server is: "Apache/2.2.8 (Ubuntu)
> mod_jk/1.2.25 mod_python/3.3.1 Python/2 etc etc
>
>
>
> From then on, every now and then I’m pressing enter to check the progress
> and I’m getting the following
>
>
>
> Status: Running discovery.webSpider on http://www.host | Method: GET.
>
> Current phase status: 46.15 % - ETA: 00d 00h 02m 20s
>
>
>
> Status: Running discovery.webSpider on http://www.host | Method: GET.
>
> Current phase status: 46.15 % - ETA: 00d 00h 06m 22s
>
>
>
> Status: Running discovery.webSpider on http://www.host | Method: GET.
>
> Current phase status: 46.15 % - ETA: 00d 00h 07m 18s
>
>
>
> Status: Running discovery.webSpider on http://www.host | Method: GET.
>
> Current phase status: 46.15 % - ETA: 00d 00h 14m 01s
>
>
>
> Status: Running discovery.webSpider on http://www.host | Method: GET.
>
> Current phase status: 46.15 % - ETA: 00d 00h 15m 51s
>
>
>
> Status: Running discovery.webSpider on http://www.host | Method: GET.
>
> Current phase status: 46.15 % - ETA: 00d 00h 21m 01s
>
Yep, it seems that the spider is stuck, but with this info I'm not
able to see the bug. Could you please enable debugging in the textFile
plugin, run the scan again, and see what *really* happens?
>
> It doesn’t really matter if I’ll leave it more ( I’ve left it running for 40
> minutes with the same results it was just adding time ) .
>
>
>
> The website that I’m checking is the same like every month I didn’t had the
> problem in earlier version of w3af..
Don't worry, we'll fix it =)
>
>
> Regards,
>
> Dinos
>
> ------------------------------------------------------------------------------
> Come build with us! The BlackBerry(R) Developer Conference in SF, CA
> is the only developer event you need to attend this year. Jumpstart your
> developing skills, take BlackBerry mobile applications to market and stay
> ahead of the curve. Join us from November 9 - 12, 2009. Register now!
> http://p.sf.net/sfu/devconference
> _______________________________________________
> W3af-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/w3af-users
>
>
--
Andrés Riancho
Founder, Bonsai - Information Security
http://www.bonsai-sec.com/
http://w3af.sf.net/
------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
W3af-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-users
