Conrad,
On Mon, May 2, 2011 at 8:30 PM, Andres Riancho <[email protected]> wrote:
> Conrad,
>
> On Mon, May 2, 2011 at 4:39 PM, [email protected]
> <[email protected]> wrote:
>> I'm running 4173. I spider several pages, looking for strings that I know
>> are there (I can find them with "display page source" , but w3af can't flag
>> them. I've been using spiderMan and/or webSpider.
>>
>
> That's strange, it might be because of HTML normalization
> happening BEFORE regular expressions being applied. In other words...
> w3af is mangling with the HTML in order to enhance it before passing
> it to the plugins, and that might change its content (even slight
> changes like removing whitespaces might affect your regex)
After some checking, normalization does NOT apply in this case,
BUT decoding (as in unicode, UTF-8, UTF-16, ISO-xxxx, etc.) does
apply, and might affect the end result of this plugin. As with HTML
normalization, decoding modifies (slightly) the HTML that comes from
the wire before your regular expressions match against it.
>>
>> I even tried "<head>", and it did find that, but only on the first page; it
>> wasn't flagged on any others.
>>
>
> That I can not explain.
Reviewed baseGrepPlugin and found that each http response/request
is only sent to the grep plugin if the answer isn't coming from the
cache. In other words... if w3af requests the exact same URL twice,
the grep plugin will see the first one, and ignore the second one (and
all the following ones for the same URL).
> I've created a ticket in our Trac in order to investigate further
> (maybe tonight?)
> https://sourceforge.net/apps/trac/w3af/ticket/163029
Improved some parts of the plugin and commited in r4176.
>>
>> There must be some trick to using the grep plugins that I haven't figured
>> out yet. Any suggestions appreciated.
>
> I'll let you know if there are any news, but it seems that this is
> the plugin having some issues. Would you mind sending the HTML (as you
> see it in your browser) and the regular expression you're using, so I
> can reproduce the issue here? Thanks!
All this makes sense, but you might still be hitting a bug. If so,
please let me know.
> Regards,
>
>>
>>
>> ------------------------------------------------------------------------------
>> WhatsUp Gold - Download Free Network Management Software
>> The most intuitive, comprehensive, and cost-effective network
>> management toolset available today. Delivers lowest initial
>> acquisition cost and overall TCO of any competing solution.
>> http://p.sf.net/sfu/whatsupgold-sd
>> _______________________________________________
>> W3af-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/w3af-users
>>
>>
>
>
>
> --
> Andrés Riancho
> Director of Web Security at Rapid7 LLC
> Founder at Bonsai Information Security
> Project Leader at w3af
>
--
Andrés Riancho
Director of Web Security at Rapid7 LLC
Founder at Bonsai Information Security
Project Leader at w3af
------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
W3af-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-users
