Chris, On Tue, Mar 1, 2011 at 12:37 PM, Chris Clements <[email protected]> wrote: > Andres, > From: Andres Riancho <[email protected]> > Date: Mon, 28 Feb 2011 15:55:05 -0300 > To: Chris Clements <[email protected]> > Cc: <[email protected]> > Subject: Re: [W3af-users] Crash while scanning > > Chris, > > On Mon, Feb 28, 2011 at 1:19 PM, Chris Clements <[email protected]> > wrote: >> Andres, >> On Feb 26, 2011, at 1:56 PM, Andres Riancho wrote: >> >> Chris, >> >> On Wed, Feb 23, 2011 at 4:07 PM, Christopher Clements >> <[email protected]> wrote: >>> Python version: >>> 2.6.6 (r266:84292, Sep 15 2010, 16:22:56) >>> [GCC 4.4.5] >>> GTK version:2.22.0 >>> PyGTK version:2.21.0 >>> >>> w3af - Web Application Attack and Audit Framework >>> Version: 1.1 (from SVN server) >>> Revision: 4054 >>> Author: Andres Riancho and the w3af team.Traceback (most recent call >>> last): >>> File "/root/tools/w3af/trunk/core/ui/gtkUi/main.py", line 635, in >>> startScanWrap >>> self.w3af.start() >>> File "/root/tools/w3af/trunk/core/controllers/w3afCore.py", line 418, >>> in >>> start >>> self._realStart() >>> File "/root/tools/w3af/trunk/core/controllers/w3afCore.py", line 618, >>> in >>> _realStart >>> raise e >>> w3afException: Too many retries (2) while requesting: >>> http://server01.somedomain.net/webmail/src/redirect.php > >>> This redirect.php script is the URL that's requested? Is that the URL >>> you set in the target? What happens if you set another URL? > > The URL set for the target is simply the > root http://server01.somedomain.net/ > The webspider crawls the site until it hits the redirect page, then bombs > out with the aforementioned error.
"/webmail/src/redirect.php" sounds like squirrelmail to me. Am I right? Which version of Squirrelmail are you guys using? Any customizations to the code? I'm thinking about setting up out own squirrelmail installation in order to try to reproduce this issue. Regards, -- Andrés Riancho Director of Web Security at Rapid7 LLC Founder at Bonsai Information Security Project Leader at w3af ------------------------------------------------------------------------------ Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
