Got it! What about the original bug? Were you able to get past it by doing the manual update?
On Mon, Oct 17, 2011 at 4:41 PM, Chris Clements <[email protected]> wrote: > I created a share space on our online vault with the file. Please let me > know if you can't get it. > Chris > > On Oct 17, 2011, at 2:25 PM, Andres Riancho wrote: > > Chris, > > If you've got any web server where you can upload it, please do so > and then send me the link. If not, any file sharing service will do. > Where is no private information there. > > Regards, > > On Mon, Oct 17, 2011 at 4:16 PM, Chris Clements <[email protected]> > wrote: >> The resulting bz file is ~40MB. This is too large for my email limit. >> What >> is the best way to get it to you? >> Chris >> >> On Oct 17, 2011, at 2:03 PM, Andres Riancho wrote: >> >> Chris, >> >> The bug your're reporting is already fixed in our SVN. >> >> This seems like the auto-update bug once again :S It seems you >> have the latest version, but... you actually don't. This is something >> related to the auto-update bug. Could you please send me your w3af >> installation directory in a bz2 file? I need ALL the files, including >> the ".svn" directories. Sending me that information will allow us to >> debug the auto-update bug. >> >> For fixing your installation, please use "svn co" to download the >> latest version from the SVN manually. >> >> Regards, >> >> On Mon, Oct 17, 2011 at 12:07 PM, Chris Clements >> <[email protected]> wrote: >>> >From w3af_console rev. 4445: >>> >>> The thread: <WorkerThread(Thread-14, started daemon 139755663562496)> >>> raised an exception while running the request: <bound method >>> webSpider._verify_reference of <plugins.discovery.webSpider.webSpider >>> instance at 0x39ecb00>> >>> Exception: The "url" parameter of setURL @ fuzzableRequest must be of >>> urlParser.url_object type. >>> Finished grep_worker for response: < httpResponse | 404 | >>> http://demo.testfire.net/bank/XMDws.asmx | id:245 > >>> Adding relative reference "http://demo.testfire.net/bank/ws.asmx"; to the >>> resp. >>> Traceback: Traceback (most recent call last): >>> File "/pentest/web/w3af/core/controllers/threads/threadpool.py", line >>> 108, in run >>> self.resultQueue.put( (request, request.callable(*request.args, >>> **request.kwds)) ) >>> File "/pentest/web/w3af/plugins/discovery/webSpider.py", line 330, in >>> _verify_reference >>> fuzzable_request_list = self._createFuzzableRequests( resp, >>> request=original_request ) >>> File >>> "/pentest/web/w3af/core/controllers/basePlugin/baseDiscoveryPlugin.py", >>> line >>> 63, in _createFuzzableRequests >>> return createFuzzableRequests( httpResponse, request, add_self ) >>> File "/pentest/web/w3af/core/data/request/frFactory.py", line 116, in >>> createFuzzableRequests >>> wspdr.setURL( remoteMethod.getLocation() ) >>> File "/pentest/web/w3af/core/data/request/fuzzableRequest.py", line 367, >>> in setURL >>> raise ValueError( msg ) >>> ValueError: The "url" parameter of setURL @ fuzzableRequest must be of >>> urlParser.url_object type. >>> >>> >>> Unhandled error, traceback: Traceback (most recent call last): >>> File "/pentest/web/w3af/core/controllers/w3afCore.py", line 441, in >>> start >>> self._realStart() >>> File "/pentest/web/w3af/core/controllers/w3afCore.py", line 542, in >>> _realStart >>> self._fuzzableRequestList = self._discover_and_bruteforce() >>> File "/pentest/web/w3af/core/controllers/w3afCore.py", line 352, in >>> _discover_and_bruteforce >>> discovered_fr_list = self._discover( tmp_list ) >>> File "/pentest/web/w3af/core/controllers/w3afCore.py", line 774, in >>> _discover >>> result = self._discoverWorker( toWalk ) >>> File "/pentest/web/w3af/core/controllers/w3afCore.py", line 846, in >>> _discoverWorker >>> pluginResult = plugin.discover_wrapper( fr ) >>> File >>> "/pentest/web/w3af/core/controllers/basePlugin/baseDiscoveryPlugin.py", >>> line >>> 48, in discover_wrapper >>> return self.discover( fuzzable_request_copy ) >>> File "/pentest/web/w3af/plugins/discovery/webSpider.py", line 202, in >>> discover >>> self._tm.join( self ) >>> File "/pentest/web/w3af/core/controllers/threads/threadManager.py", line >>> 120, in join >>> self._threadPool.wait( ownerObj, joinAll ) >>> File "/pentest/web/w3af/core/controllers/threads/threadpool.py", line >>> 271, in wait >>> self.poll(block=True, ownerObj=ownerObj, joinAll=joinAll) >>> File "/pentest/web/w3af/core/controllers/threads/threadpool.py", line >>> 108, in run >>> self.resultQueue.put( (request, request.callable(*request.args, >>> **request.kwds)) ) >>> File "/pentest/web/w3af/plugins/discovery/webSpider.py", line 330, in >>> _verify_reference >>> fuzzable_request_list = self._createFuzzableRequests( resp, >>> request=original_request ) >>> File >>> "/pentest/web/w3af/core/controllers/basePlugin/baseDiscoveryPlugin.py", >>> line >>> 63, in _createFuzzableRequests >>> return createFuzzableRequests( httpResponse, request, add_self ) >>> File "/pentest/web/w3af/core/data/request/frFactory.py", line 116, in >>> createFuzzableRequests >>> wspdr.setURL( remoteMethod.getLocation() ) >>> File "/pentest/web/w3af/core/data/request/fuzzableRequest.py", line 367, >>> in setURL >>> raise ValueError( msg ) >>> ValueError: The "url" parameter of setURL @ fuzzableRequest must be of >>> urlParser.url_object type. >>> >>> >>> Scan finished in 11 seconds. >>> Exception in thread Thread-28: >>> Traceback (most recent call last): >>> File "/usr/lib/python2.6/threading.py", line 532, in __bootstrap_inner >>> self.run() >>> File "/usr/lib/python2.6/threading.py", line 484, in run >>> self.__target(*self.__args, **self.__kwargs) >>> File "/pentest/web/w3af/core/ui/consoleUi/rootMenu.py", line 119, in >>> _real_start >>> raise e >>> ValueError: The "url" parameter of setURL @ fuzzableRequest must be of >>> urlParser.url_object type. >>> >>> >>> ------------------------------------------------------------------------------ >>> All the data continuously generated in your IT infrastructure contains a >>> definitive record of customers, application performance, security >>> threats, fraudulent activity and more. Splunk takes this data and makes >>> sense of it. Business sense. IT sense. Common sense. >>> http://p.sf.net/sfu/splunk-d2d-oct >>> _______________________________________________ >>> W3af-users mailing list >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/w3af-users >>> >> >> >> >> -- >> Andrés Riancho >> Director of Web Security at Rapid7 LLC >> Founder at Bonsai Information Security >> Project Leader at w3af >> > > > > -- > Andrés Riancho > Director of Web Security at Rapid7 LLC > Founder at Bonsai Information Security > Project Leader at w3af > -- Andrés Riancho Director of Web Security at Rapid7 LLC Founder at Bonsai Information Security Project Leader at w3af ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2d-oct _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
