2009/12/2 Andres Riancho <[email protected]>: > Ryan, > > On Mon, Nov 30, 2009 at 10:28 AM, Ryan Dewhurst <[email protected]> > wrote: >> Hello all, >> Getting this error when enabling some of the plugins: > > You get the error when enabling the plugin, or after the scan starts? >
After the scan started. It only happened sometimes, not every time. >> Unhandled error, traceback: Traceback (most recent call last): File >> "/home/ryan/w3af/core/controllers/w3afCore.py", line 397, in start >> self._realStart() File "/home/ryan/w3af/core/controllers/w3afCore.py", line >> 457, in _realStart self._fuzzableRequestList = self._discoverAndBF() File >> "/home/ryan/w3af/core/controllers/w3afCore.py", line 342, in _discoverAndBF >> discoveredFrList = self._discover( tmpList ) File >> "/home/ryan/w3af/core/controllers/w3afCore.py", line 611, in _discover >> result = self._discoverWorker( toWalk ) File >> "/home/ryan/w3af/core/controllers/w3afCore.py", line 657, in _discoverWorker >> pluginResult = plugin.discover_wrapper( fr ) File >> "/home/ryan/w3af/core/controllers/basePlugin/baseDiscoveryPlugin.py", line >> 47, in discover_wrapper return self.discover( fuzzable_request_copy ) File >> "/home/ryan/w3af/plugins/discovery/dir_bruter.py", line 87, in discover >> self._bruteforce_directories( base_path ) File >> "/home/ryan/w3af/plugins/discovery/dir_bruter.py", line 106, in >> _bruteforce_directories if not is_404( http_response ): TypeError: >> 'NoneType' object is not callable > > Strange.... > >> It seems that the errror is steming from the is_404() function located in >> ./core/controllers/coreHelpers/fingerprint_404.py. At first I thought it may >> be a dependency issue however fingerprint_404.py only really uses urllib, >> thread and cgi which I think are standard Python libraries. >> >> Any ideas? > > is_404 is set to None at the beginning of "fingerprint_404.py", which > could trigger the "'NoneType' object is not callable" error. The > problem is that this should never happen... this is wierd... > > I just changed some pieces of the code in "fingerprint_404.py" to try > to fix this vulnerability. Please let me know if you can still > reproduce the issue. > I will download the latest version later on today/tomorrow. Thanks for the response! > Thank you very much for your bug report, > >> Thanks. >> >> -- >> Ryan Dewhurst >> >> http://www.ethicalhack3r.co.uk >> http://www.dvwa.co.uk >> http://www.twitter.com/ethicalhack3r >> >> ------------------------------------------------------------------------------ >> Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day >> trial. Simplify your report design, integration and deployment - and focus >> on >> what you do best, core application coding. Discover what's new with >> Crystal Reports now. http://p.sf.net/sfu/bobj-july >> _______________________________________________ >> W3af-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/w3af-users >> >> > > > > -- > Andrés Riancho > Founder, Bonsai - Information Security > http://www.bonsai-sec.com/ > http://w3af.sf.net/ > -- Ryan Dewhurst http://www.ethicalhack3r.co.uk http://www.dvwa.co.uk http://www.twitter.com/ethicalhack3r ------------------------------------------------------------------------------ Join us December 9, 2009 for the Red Hat Virtual Experience, a free event focused on virtualization and cloud computing. Attend in-depth sessions from your desk. Your couch. Anywhere. http://p.sf.net/sfu/redhat-sfdev2dev _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
