Re: [W3af-users] qusetion

Tue, 29 Nov 2011 05:43:15 -0800 

孙松柏,

    I've run the same scan using w3af_gui and for me it finishes in 1
minute 26 seconds. with the following findings:

        - 2 SQL injections
        - 1 HTTP Basic Authentication
        - 18 Unhandled errors in web application

    You're not configuring it right.

Regards,

On Tue, Nov 29, 2011 at 10:03 AM, 孙松柏 <[email protected]> wrote:
> hi everyone
> today i use w3af to test http://www.testfire.net this website.
> i use this script to
> plugins
> audit sqli
> discovery webSpider
> discovery config  webSpider
> set onlyForward True
> back
> back
> target
> set target http://www.testfire.net
> back
> plugins
> output htmlFile
> output config htmlFile
> set verbose True
> set fileName testfire.html
> back
> back
> start
> /w3af_console -s test.w3af
> at the same time i configure this in the gui version .
> and the result shows that
> the gui finish scan in 3min
> but the w3af can not stop in 4 hours!  i do not know why ?
> --
> FIT1-213
> Department of Computer Science
> Tsinghua University, Beijing, 100084
> http://about.me/anakin/bio
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure
> contains a definitive record of customers, application performance,
> security threats, fraudulent activity, and more. Splunk takes this
> data and makes sense of it. IT sense. And common sense.
> http://p.sf.net/sfu/splunk-novd2d
> _______________________________________________
> W3af-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/w3af-users
>
>



-- 
Andrés Riancho
Director of Web Security at Rapid7 LLC
Founder at Bonsai Information Security
Project Leader at w3af

------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure 
contains a definitive record of customers, application performance, 
security threats, fraudulent activity, and more. Splunk takes this 
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
W3af-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-users

Reply via email to