webspider is the only discovery plugin I am using.
You are right it does appear to ignore it if it is just a normal link. It looks
like the issue is when I want to ignore what is in the action=xxxxx.xxx for a
page.
I have a home page with two forms (both generate emails that I would like to
skip).
One has action="req_signup01.php"
The other has action="distemailhandler.php"
The webspider ignoreRegex has .*req_signup01[.]php |.*distemailhandler[.]php
However, both are checked and end up in the fuzzable list.
It also looks like if the action= goes to different server(s), it also gets
acted upon. I suppose I could/should include the external server references in
ignoreRegex once it works for action= references?
I used the following to run w3af:
misc-settings
set maxDiscoveryTime 1200
set maxThreads 0
# maxDepth not in rc3 1.1 3460
# set maxDepth 25
set exportFuzzableRequests FuzzableRequests.csv
set fuzzFormComboValues t
# set fuzzFileContent False
back
#plugins
# audit sqli, xss
# audit config xss
# set numberOfChecks 3
# back
# back
plugins
output htmlFile, textFile, console, xmlFile
back
plugins
discovery webSpider
discovery config webSpider
set onlyForward True
set ignoreRegex
(?i).*[.](pdf|doc|ram|mp3|mov|ppt|gif|jpg|png|ico)|.*75[rs]/senate/archive|.*75[rs]/senate/members/dist[0-9]*/pr|.*req_inv[.]php|.*req_svc[.]php|.*req_survey01[.]php|.*req_survey02[.]php|.*survey001[.]php|.*survey002[.]php|.*req_signup01[.]php|.*C820handler[.]php|.*distemailhandler[.]php|.*distemailhandler2[.]php|.*FHdists[.]php|.*FHwebadmin[.]php|.*harrisQhandler[.]php|.*ltgovhandler[.]php|.*NLhandler[.]php|.*QH090001[.]php|.*QH120001[.]php|.*QH230001[.]php|.*QH230002[.]php|.*SRChandler[.]php|.*webadminhandler[.]php|.*adminform[.]php
back
back
target
set target
http://www.test.senate.state.tx.us/75r/senate/members/dist7/dist7.htm
set targetOS windows
back
start
Thanks,
Daniel
-----Original Message-----
From: Andres Riancho [mailto:[email protected]]
Sent: Thursday, May 06, 2010 7:15 PM
To: Daniel Gaddis
Cc: [email protected]
Subject: Re: webSpider ignoreRegex functionality question
Daniel,
Please read inline,
On Thu, Apr 22, 2010 at 5:15 PM, Daniel Gaddis
<[email protected]> wrote:
> It looks like webSpider will find requests that match ignoreRegex entries
> and include them for the audit phase.
>
>
>
> For example, let's say home.php has a link to email.php and I would like to
> totally ignore email.php. It looks like just specifying ignoreRegex for
> email.php is not good enough but that I must specify ignoreRegex for the
> parent home.,php.
hmmm, wierd... are you ONLY enabling the webSpider plugin?
>
>
> While I do want to ignore email.php in this example, I don't really want to
> miss the other links in the home.php
>
>
>
> Am I seeing this correctly or am I missing something?
I just tested the ignoreRegex feature in a test webapp I have, and
it's working for me. Could you please send me this information? :
- list of enabled plugins
- parameters for those plugins
- global parameters (if any were changed from defaults)
>
>
> I am running w3af-1.0-rc3 (version 1.1 revision 3460) on windows.
Ok, that looks good.
>
>
> Thanks,
>
> Daniel
>
>
--
Andrés Riancho
Founder, Bonsai - Information Security
http://www.bonsai-sec.com/
http://w3af.sf.net/
------------------------------------------------------------------------------
_______________________________________________
W3af-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-users
