The resulting bz file is ~40MB. This is too large for my email limit. What is
the best way to get it to you?
Chris
On Oct 17, 2011, at 2:03 PM, Andres Riancho wrote:
> Chris,
>
> The bug your're reporting is already fixed in our SVN.
>
> This seems like the auto-update bug once again :S It seems you
> have the latest version, but... you actually don't. This is something
> related to the auto-update bug. Could you please send me your w3af
> installation directory in a bz2 file? I need ALL the files, including
> the ".svn" directories. Sending me that information will allow us to
> debug the auto-update bug.
>
> For fixing your installation, please use "svn co" to download the
> latest version from the SVN manually.
>
> Regards,
>
> On Mon, Oct 17, 2011 at 12:07 PM, Chris Clements
> <[email protected]> wrote:
> > >From w3af_console rev. 4445:
> >
> > The thread: <WorkerThread(Thread-14, started daemon 139755663562496)>
> > raised an exception while running the request: <bound method
> > webSpider._verify_reference of <plugins.discovery.webSpider.webSpider
> > instance at 0x39ecb00>>
> > Exception: The "url" parameter of setURL @ fuzzableRequest must be of
> > urlParser.url_object type.
> > Finished grep_worker for response: < httpResponse | 404 |
> > http://demo.testfire.net/bank/XMDws.asmx | id:245 >
> > Adding relative reference "http://demo.testfire.net/bank/ws.asmx"; to the
> > resp.
> > Traceback: Traceback (most recent call last):
> > File "/pentest/web/w3af/core/controllers/threads/threadpool.py", line 108,
> > in run
> > self.resultQueue.put( (request, request.callable(*request.args,
> > **request.kwds)) )
> > File "/pentest/web/w3af/plugins/discovery/webSpider.py", line 330, in
> > _verify_reference
> > fuzzable_request_list = self._createFuzzableRequests( resp,
> > request=original_request )
> > File
> > "/pentest/web/w3af/core/controllers/basePlugin/baseDiscoveryPlugin.py",
> > line 63, in _createFuzzableRequests
> > return createFuzzableRequests( httpResponse, request, add_self )
> > File "/pentest/web/w3af/core/data/request/frFactory.py", line 116, in
> > createFuzzableRequests
> > wspdr.setURL( remoteMethod.getLocation() )
> > File "/pentest/web/w3af/core/data/request/fuzzableRequest.py", line 367,
> > in setURL
> > raise ValueError( msg )
> > ValueError: The "url" parameter of setURL @ fuzzableRequest must be of
> > urlParser.url_object type.
> >
> >
> > Unhandled error, traceback: Traceback (most recent call last):
> > File "/pentest/web/w3af/core/controllers/w3afCore.py", line 441, in start
> > self._realStart()
> > File "/pentest/web/w3af/core/controllers/w3afCore.py", line 542, in
> > _realStart
> > self._fuzzableRequestList = self._discover_and_bruteforce()
> > File "/pentest/web/w3af/core/controllers/w3afCore.py", line 352, in
> > _discover_and_bruteforce
> > discovered_fr_list = self._discover( tmp_list )
> > File "/pentest/web/w3af/core/controllers/w3afCore.py", line 774, in
> > _discover
> > result = self._discoverWorker( toWalk )
> > File "/pentest/web/w3af/core/controllers/w3afCore.py", line 846, in
> > _discoverWorker
> > pluginResult = plugin.discover_wrapper( fr )
> > File
> > "/pentest/web/w3af/core/controllers/basePlugin/baseDiscoveryPlugin.py",
> > line 48, in discover_wrapper
> > return self.discover( fuzzable_request_copy )
> > File "/pentest/web/w3af/plugins/discovery/webSpider.py", line 202, in
> > discover
> > self._tm.join( self )
> > File "/pentest/web/w3af/core/controllers/threads/threadManager.py", line
> > 120, in join
> > self._threadPool.wait( ownerObj, joinAll )
> > File "/pentest/web/w3af/core/controllers/threads/threadpool.py", line 271,
> > in wait
> > self.poll(block=True, ownerObj=ownerObj, joinAll=joinAll)
> > File "/pentest/web/w3af/core/controllers/threads/threadpool.py", line 108,
> > in run
> > self.resultQueue.put( (request, request.callable(*request.args,
> > **request.kwds)) )
> > File "/pentest/web/w3af/plugins/discovery/webSpider.py", line 330, in
> > _verify_reference
> > fuzzable_request_list = self._createFuzzableRequests( resp,
> > request=original_request )
> > File
> > "/pentest/web/w3af/core/controllers/basePlugin/baseDiscoveryPlugin.py",
> > line 63, in _createFuzzableRequests
> > return createFuzzableRequests( httpResponse, request, add_self )
> > File "/pentest/web/w3af/core/data/request/frFactory.py", line 116, in
> > createFuzzableRequests
> > wspdr.setURL( remoteMethod.getLocation() )
> > File "/pentest/web/w3af/core/data/request/fuzzableRequest.py", line 367,
> > in setURL
> > raise ValueError( msg )
> > ValueError: The "url" parameter of setURL @ fuzzableRequest must be of
> > urlParser.url_object type.
> >
> >
> > Scan finished in 11 seconds.
> > Exception in thread Thread-28:
> > Traceback (most recent call last):
> > File "/usr/lib/python2.6/threading.py", line 532, in __bootstrap_inner
> > self.run()
> > File "/usr/lib/python2.6/threading.py", line 484, in run
> > self.__target(*self.__args, **self.__kwargs)
> > File "/pentest/web/w3af/core/ui/consoleUi/rootMenu.py", line 119, in
> > _real_start
> > raise e
> > ValueError: The "url" parameter of setURL @ fuzzableRequest must be of
> > urlParser.url_object type.
> > ------------------------------------------------------------------------------
> > All the data continuously generated in your IT infrastructure contains a
> > definitive record of customers, application performance, security
> > threats, fraudulent activity and more. Splunk takes this data and makes
> > sense of it. Business sense. IT sense. Common sense.
> > http://p.sf.net/sfu/splunk-d2d-oct
> > _______________________________________________
> > W3af-users mailing list
> > [email protected]
> > https://lists.sourceforge.net/lists/listinfo/w3af-users
> >
>
>
>
> --
> Andrés Riancho
> Director of Web Security at Rapid7 LLC
> Founder at Bonsai Information Security
> Project Leader at w3af
>
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
W3af-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-users
