Hi Andres,
As i suspected by default the textFile output plugin is verbose, so it looks
like it logs full reuquests.
In addition i've also found that w3af was ran with:
misc-settings
set fuzzFileName True
set fuzzCookie True
set fuzzFormComboValues all
set maxDiscoveryTime 240
The framework was ran from inside owtf , so i guess pretty much explains the
results, right?
Regards,
A.
________________________________
From: Adi Mutu <adi_mut...@yahoo.com>
To: Andres Riancho <andres.rian...@gmail.com>
Cc: "w3af-users@lists.sourceforge.net" <w3af-users@lists.sourceforge.net>
Sent: Monday, March 12, 2012 8:59 PM
Subject: Re: [W3af-users] html output file incomplete
Andres,
Thanks for the help, but didn't had any time to work on this lately.
When i'll find some free time , i'll retry and if the problem will persist
i'll get back to you.
Regards,
A.
________________________________
From: Andres Riancho <andres.rian...@gmail.com>
To: Adi Mutu <adi_mut...@yahoo.com>
Cc: "w3af-users@lists.sourceforge.net" <w3af-users@lists.sourceforge.net>
Sent: Monday, March 12, 2012 8:16 PM
Subject: Re: [W3af-users] html output file incomplete
Adi,
If you're still having problems with this scan, please send me the
scan log in private and I'll take a look. It bugs me to see that the
scan is taking so much time and there are no obvious problems with the
config.
Regards,
On Tue, Mar 6, 2012 at 5:12 PM, Adi Mutu <adi_mut...@yahoo.com> wrote:
>
> So the discovery plugins i used were:
>
> sharedHosting,allowedMethods,digitSum,content_negotiation,robotsReader,serverStatus,importResults
>
> From these plugins, i suspect only content_negotation could cause such a
> large output file....?
> The importResults includes a file of 1200 lines/requests.
>
> Anyway, i will have to redo the scan. I'll also redo the crawling and after
> importing the result i will also use the auth plugin, because i've missed
> that fist
time!
>
> ________________________________
> From: Adi Mutu <adi_mut...@yahoo.com>
> To: Andres Riancho <andres.rian...@gmail.com>
> Cc: "w3af-users@lists.sourceforge.net" <w3af-users@lists.sourceforge.net>
> Sent: Monday, March 5, 2012 6:39 PM
>
> Subject: Re: [W3af-users] html output file incomplete
>
> Andres,
>
> The site was crawled manually with Spiderman, exported and then imported and
> scanned.
> I'm not sure if i have enabled other discovery plugins, but i'll check
>
later.
>
> Thanks,
> A.
>
> ________________________________
> From: Andres Riancho <andres.rian...@gmail.com>
> To: Adi Mutu <adi_mut...@yahoo.com>
> Cc: "w3af-users@lists.sourceforge.net" <w3af-users@lists.sourceforge.net>
> Sent: Monday, March 5, 2012 6:25 PM
> Subject: Re: [W3af-users] html output file incomplete
>
> Adi,
>
> On Sun, Mar 4, 2012 at 6:18 AM, Adi Mutu <adi_mut...@yahoo.com> wrote:
>>
>>
>> Hello,
>>
>> The html output file is incomplete. After <body> is empty. Do you think
>> it's
>> because i've deleted the .txt output because it was getting to large? over
>> 1.5 Gb?
>
> No,
>
>> Now i'm thinking that probably the file was used and parse to generate the
>> html file.....
>
> No it is NOT used for that.
>
> An output.txt file of 1.5GB shows that there is something wrong with
> your scan, you're either scanning a massive site, hitted a w3af bug,
> or have an incorrect configuration for the target domain. Try enabling
> discovery.webSpider only, I bet you're using discovery.*
>
> Regards,
>
>> Cheers,
>> A.
>>
>>
>> ------------------------------------------------------------------------------
>>
Virtualization & Cloud Management Using Capacity Planning
>> Cloud computing makes use of virtualization - but cloud computing
>> also focuses on allowing computing to be delivered as a service.
>> http://www.accelacomm.com/jaw/sfnl/114/51521223/
>> _______________________________________________
>> W3af-users mailing list
>> W3af-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/w3af-users
>>
>
>
>
> --
> Andrés Riancho
> Director of Web Security at Rapid7 LLC
> Founder at Bonsai Information Security
> Project Leader at w3af
>
>
>
>
------------------------------------------------------------------------------
> Try before you buy = See our experts in action!
> The most comprehensive online learning library for Microsoft developers
> is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
> Metro Style Apps, more. Free future releases when you subscribe now!
> http://p.sf.net/sfu/learndevnow-dev2
>
> _______________________________________________
> W3af-users mailing list
> W3af-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/w3af-users
>
>
--
Andrés Riancho
Director of Web Security at Rapid7 LLC
Founder at Bonsai Information Security
Project Leader at
w3af
------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users
------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users
