Hey Frank, Can you please update by performing a regular "svn update" and try again? Seems that w3af's update procedure is failing for some reason.
Thanks Javier On 08/27/2011 09:23 AM, Frank van der Loo wrote: > Hi, > > I have updated w3af to r4391, but the results are still the same: > frank@darkstar:/tmp/w3af$ ./w3af_console > w3af>>> target > w3af/config:target>>> set target http://localhost/test/button.php > w3af/config:target>>> back > w3af>>> plugins > w3af/plugins>>> audit xss > w3af/plugins>>> back > w3af>>> start > Found 1 URLs and 2 different points of injection. > The list of URLs is: > - http://localhost/test/button.php > The list of fuzzable requests is: > - http://localhost/test/button.php | Method: GET > - http://localhost/test/button.php | Method: POST | Parameters: (inp="") > Scan finished in 0 seconds. > w3af>>> version > w3af - Web Application Attack and Audit Framework > Version: 1.0-stable-4286 (from SVN server) > Revision: 4391 > Author: Andres Riancho and the w3af team. > > I have attached the log of the packet sniffer, that shows that the > name/value pair of the submit-button is not sent here. > > Regards, > Frank > > On 26-08-11 21:01, Javier Andalia wrote: >> Hey Frank, >> >> Can you give it a try? We've just submitted the fix for this problem. >> >> Thanks, >> >> Javier >> >> >> On 08/25/2011 09:05 PM, Andres Riancho wrote: >>> Frank, >>> >>> Good you confirmed this. I found a bug! But it's not in the process of >>> parsing/injecting/etc. It's in the way we print stuff to the console. >>> I'll explain this to Javier tomorrow (it has something to do with the >>> unicode change he did a couple of weeks ago). >>> ------------------------------------------------------------------------------ EMC VNX: the world's simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient. Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
