[W3af-users] NotImplementedError: Plugin is not implementing required method getRootProbability

Wed, 14 Mar 2012 10:50:53 -0700 

Hi,

I'm a PhD student looking into the effects on the security and privacy of
web servers that errors in configuration files have. To this end, I inject
errors into such servers' configuration files, and then run W3AF against
them to see if any damage can be done.

In doing so, I stumbled upon an interesting situation. I got W3AF to
display this:

Traceback (most recent call last):
  File "/w3af/w3af_console", line 153, in <module>
    errCode = main()
  File "/w3af/w3af_console", line 149, in main
    console.sh()
  File "/w3af/core/ui/consoleUi/consoleUi.py", line 142, in sh
    self._executePending()
  File "/w3af/core/ui/consoleUi/consoleUi.py", line 165, in _executePending
    self._onEnter()
  File "/w3af/core/ui/consoleUi/consoleUi.py", line 303, in _onEnter
    self._execute()
  File "/w3af/core/ui/consoleUi/consoleUi.py", line 271, in _execute
    menu = self._context.execute(params)
  File "/w3af/core/ui/consoleUi/menu.py", line 170, in execute
    return handler( params )
  File "/w3af/core/ui/consoleUi/exploit.py", line 81, in _cmd_exploit
    return self._exploitAll( params )
  File "/w3af/core/ui/consoleUi/exploit.py", line 137, in _exploitAll
    instanceList.sort( sortfunc )
  File "/w3af/core/ui/consoleUi/exploit.py", line 136, in sortfunc
    return cmp( y.getRootProbability(), x.getRootProbability() )
  File "/w3af/core/controllers/basePlugin/baseAttackPlugin.py", line 130,
in getRootProbability
    raise NotImplementedError( 'Plugin is not implementing required method
getRootProbability' )
NotImplementedError: Plugin is not implementing required method
getRootProbability

I'm testing IIS 7 on Windows XP.

Is this something I should be happy about, in that W3AF broke into IIS7 and
got a shell?

Thanks,
Silviu

------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing 
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users

Reply via email to