wow!
Thanks Andres!! I'll wait!
2010/2/12 Andres Riancho <[email protected]>
> null0xff0x00,
>
> I'm working on a login bruteforcer that supports password only forms
> right now. If you wait 10 more mins you'll be able to perform a "svn
> up" and get the new feature.
>
> Thanks,
>
> On Fri, Feb 12, 2010 at 11:53 AM, <[email protected]> wrote:
> > Solved!
> >
> > I use http fuzzer and works... Thanks.
> >
> > 2010/2/12 <[email protected]>
> >>
> >> Hello!!
> >>
> >> I am setting w3af for formAuthBrute but not working. The form only has a
> >> password box and w3af detects it... but doesn't the brute force attack:
> The
> >> configuration of formAuthBrute is default and the output is this:
> >>
> >> The page language is: en
> >> Starting formAuthBrute plugin execution.
> >> http://192.168.100.10/index.php detected a form with a password field
> and
> >> no username field.
> >> http://192.168.100.10/index.php detected a form with a password field
> and
> >> no username field.
> >> Found 1 URLs and 2 different points of injection.
> >> The list of URLs is:
> >> - http://192.168.100.10/index.php
> >> The list of fuzzable requests is:
> >> - http://192.168.100.10/index.php | Method: GET
> >> - http://192.168.100.10/index.php | Method: GET | Parameters:
> >> (password="")
> >> Password profiling TOP 100:
> >> - [1] enable with 1 repetitions.
> >> - [2] JavaScript with 1 repetitions.
> >> - [3] turned with 1 repetitions.
> >> - [4] auth with 1 repetitions.
> >> - [5] Your with 1 repetitions.
> >> - [6] enter with 1 repetitions.
> >> - [7] your with 1 repetitions.
> >> Finished scanning process.
> >>
> >> Thanks for help!
> >> --
> >> - Null
> >
> >
> >
> > --
> > - Null
> >
> ------------------------------------------------------------------------------
> > SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
> > Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
> > http://p.sf.net/sfu/solaris-dev2dev
> > _______________________________________________
> > W3af-users mailing list
> > [email protected]
> > https://lists.sourceforge.net/lists/listinfo/w3af-users
> >
> >
>
>
>
> --
> Andrés Riancho
> Founder, Bonsai - Information Security
> http://www.bonsai-sec.com/
> http://w3af.sf.net/
>
--
- Frank
Sent from Barcelona, Spain
------------------------------------------------------------------------------
SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
http://p.sf.net/sfu/solaris-dev2dev
_______________________________________________
W3af-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-users
