I'm on version: 1.0-rc5 (from svn server) SVN Revision:3968
Shortly after starting I get too many retries then it stops: Cross site scripting was found at: "http://ws7e6ourdomain.com/content/sitesearch/sitesearch.html";, using HTTP method GET. The sent data was "searchterm=<SCrIPT> alert("AmTd")</SCrIPT>&Submit=search". This vulnerability affects ALL browsers. This vulnerability was found in the request with id 186. The thread: <WorkerThread(Thread-3, started daemon -1236673680)> raised an exception while running the request: <bound method formatString._sendMutant of <plugins.audit.formatString.formatString instance at 0xb01e62c>> Exception: Too many retries (2) while requesting: http://ws7e6ourdomain.com/content/sitesearch/sitesearch.html?searchterm=%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n&Submit=search The thread: <WorkerThread(Thread-4, started daemon -1245066384)> raised an exception while running the request: <bound method formatString._sendMutant of <plugins.audit.formatString.formatString instance at 0xb01e62c>> Exception: Too many retries (2) while requesting: http://ws7e6ourdomain.com/content/sitesearch/sitesearch.html?searchterm=%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n&Submit=search Traceback: Traceback (most recent call last): File "/w3af/core/controllers/threads/threadpool.py", line 106, in run self.resultQueue.put( (request, request.callable(*request.args, **request.kwds)) ) File "/w3af/core/controllers/basePlugin/basePlugin.py", line 179, in _sendMutant 'grepResult': grepResult, 'useCache': useCache}) File "/w3af/core/data/url/xUrllib.py", line 296, in GET return self._send( req , useCache=useCache, grepResult=grepResult) File "/w3af/core/data/url/xUrllib.py", line 531, in _send return self._retry(req, useCache) File "/w3af/core/data/url/xUrllib.py", line 618, in _retry return self._send(req, useCache) File "/w3af/core/data/url/xUrllib.py", line 531, in _send return self._retry(req, useCache) File "/w3af/core/data/url/xUrllib.py", line 625, in _retry raise w3afException(msg) w3afException: Too many retries (2) while requesting: http://ws7e6ourdomain.com/content/sitesearch/sitesearch.html?searchterm=%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n&Submit=search Traceback: Traceback (most recent call last): File "/w3af/core/controllers/threads/threadpool.py", line 106, in run self.resultQueue.put( (request, request.callable(*request.args, **request.kwds)) ) File "/w3af/core/controllers/basePlugin/basePlugin.py", line 179, in _sendMutant 'grepResult': grepResult, 'useCache': useCache}) File "/w3af/core/data/url/xUrllib.py", line 296, in GET return self._send( req , useCache=useCache, grepResult=grepResult) File "/w3af/core/data/url/xUrllib.py", line 531, in _send return self._retry(req, useCache) File "/w3af/core/data/url/xUrllib.py", line 618, in _retry return self._send(req, useCache) File "/w3af/core/data/url/xUrllib.py", line 531, in _send return self._retry(req, useCache) File "/w3af/core/data/url/xUrllib.py", line 625, in _retry raise w3afException(msg) w3afException: Too many retries (2) while requesting: http://ws7e6ourdomain.com/content/sitesearch/sitesearch.html?searchterm=%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n&Submit=search Too many retries (2) while requesting: http://ws7e6ourdomain.com/content/sitesearch/sitesearch.html?searchterm=%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n&Submit=search Too many retries (2) while requesting: http://ws7e6ourdomain.com/content/sitesearch/sitesearch.html?searchterm=%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n&Submit=search The cookie: "httpReferrer=;path=/;domain=ourdomain.com" was sent by these URLs: - http://ws7e6ourdomain.com/ - http://ws7e6ourdomain.com Unhandled error, traceback: Traceback (most recent call last): File "/w3af/core/controllers/w3afCore.py", line 419, in start self._realStart() File "/w3af/core/controllers/w3afCore.py", line 609, in _realStart raise e w3afException: Too many retries (2) while requesting: http://ws7e6ourdomain.com/content/sitesearch/sitesearch.html?searchterm=%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n&Submit=search Too many retries (2) while requesting: http://ws7e6ourdomain.com/content/sitesearch/sitesearch.html?searchterm=%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n%25n&Submit=search Any ideas on how to get past this error? ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
