Sorry
Andres Riancho wrote:
Please reply to the mailing list.
On Fri, Mar 16, 2012 at 10:54 AM, Anne
Bouquet <[email protected]>
wrote:
Thanks Andres
I think I can't connect to this site because I'm on an internal network
without external output on the www
but you're right i'm trying to disable discovery.fingerPKS but I don't
find how to ...
I've unckeck the box Active for this plugin but I've the same error ...
I rename the file fingerPKS.py and fingerPKS.pyc but at the start of
scan I've an error :
There was an error while importing plugins.discovery.fingerPKS: "No
module named fingerPKS"
I don't know why it tries to load the plugin even if I don't ask to use
this plugin.
Perhaps it's asked by a config file?
Thanks for your help
Anne
Andres Riancho wrote:
Anne,
On Fri, Mar 16, 2012 at 5:14 AM, Anne Bouquet
<[email protected]> wrote:
Hi all
I'm scanning a web application with w3af gui version 1.1 revision 4473
and the scan ends very early with time out error
here is the error :
Thu 15 Mar 2012 10:40:22 AM CET - debug ] Ending plugin: serverHeader
[ Thu 15 Mar 2012 10:40:22 AM CET - debug ] Starting plugin: serverHeader
[ Thu 15 Mar 2012 10:40:22 AM CET - debug ] Ending plugin: serverHeader
[ Thu 15 Mar 2012 10:40:22 AM CET - debug ] Starting plugin: serverHeader
[ Thu 15 Mar 2012 10:40:22 AM CET - debug ] Ending plugin: serverHeader
[ Thu 15 Mar 2012 10:40:22 AM CET - debug ] Starting plugin: fingerPKS
Maybe the issue is that the guys from pgp.mit.edu are blocking
connections from your IP, or detecting w3af and closing connections
that come from that IP? Have you tried to disable discovery.fingerPKS?
[ Thu 15 Mar 2012 10:40:22 AM CET - debug ] keepalive: added one
connection, len(self._hostmap["pgp.mit.edu:11371"]): 1
[ Thu 15 Mar 2012 10:40:22 AM CET - debug ] DNS response from DNS server
for domain: pgp.mit.edu
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] keepalive: removed one
connection, len(self._hostmap["pgp.mit.edu:11371"]): 0
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] Incrementing global error
count. GEC: 0
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] w3af failed to reach the
server while requesting:
"http://pgp.mit.edu:11371/pks/lookup?search=252&op=index".
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] Reason: "[Errno 110]
Connection timed out"; going to retry.
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] Traceback for this error:
Traceback (most recent call last):
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] File
"/home/abouquet/W3af/w3af/core/data/url/xUrllib.py", line 519, in _send
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] res = self._opener.open(req)
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] File
"/usr/lib/python2.6/urllib2.py", line 391, in open
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] response =
self._open(req, data)
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] File
"/usr/lib/python2.6/urllib2.py", line 409, in _open
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] '_open', req)
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] File
"/usr/lib/python2.6/urllib2.py", line 369, in _call_chain
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] result = func(*args)
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] File
"/home/abouquet/W3af/w3af/core/data/url/handlers/keepalive.py", line
743, in http_open
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] return self.do_open(req)
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] File
"/home/abouquet/W3af/w3af/core/data/url/handlers/keepalive.py", line
627, in do_open
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] raise _err
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] URLError: <urlopen error
[Errno 110] Connection timed out>
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ]
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] Re-sending request...
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] keepalive: added one
connection, len(self._hostmap["pgp.mit.edu:11371"]): 1
[ Thu 15 Mar 2012 10:40:43 AM CET - debug ] Cached DNS response for
domain: pgp.mit.edu
[ Thu 15 Mar 2012 10:41:04 AM CET - debug ] keepalive: removed one
connection, len(self._hostmap["pgp.mit.edu:11371"]): 0
[ Thu 15 Mar 2012 10:41:04 AM CET - debug ] Incrementing global error
count. GEC: 1
[ Thu 15 Mar 2012 10:41:04 AM CET - debug ] w3af failed to reach the
server while requesting:
"http://pgp.mit.edu:11371/pks/lookup?search=252&op=index".
[ Thu 15 Mar 2012 10:41:04 AM CET - debug ] Reason: "[Errno 110]
Connection timed out"; going to retry.
[ Thu 15 Mar 2012 10:41:04 AM CET - debug ] Traceback for this error:
Traceback (most recent call last):
[ Thu 15 Mar 2012 10:41:04 AM CET - debug ] File
"/home/abouquet/W3af/w3af/core/data/url/xUrllib.py", line 519, in _send
[ Thu 15 Mar 2012 10:41:04 AM CET - debug ] res = self._opener.open(req)
[ Thu 15 Mar 2012 10:41:04 AM CET - debug ] File
"/usr/lib/python2.6/urllib2.py", line 391, in open
[ Thu 15 Mar 2012 10:41:04 AM CET - debug ] response =
self._open(req, data)
I've already made a scan with older version (the version integrated in
samurai) and I didn't have the error
My tests are made on an internal network so the external web site are
unreachable
Could someone help me, have an idea of what causes this error?
Thanks a lot
Anne
------------------------------------------------------------------------------
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here
http://p.sf.net/sfu/sfd2d-msazure
_______________________________________________
W3af-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-users
--
|
Anne Bouquet
Integration epayment
engineer |
 |
|
Parc Lafayette - 6 rue Isaac Newton
25075 Besancon - Doubs - FR |
Phone +33 381 544 875
Fax +33 381 546
967
[email protected]
www.parkeon.com |
 |
|
--
Andrés Riancho
Director of Web Security at Rapid7 LLC
Founder at Bonsai Information Security
Project Leader at w3af
--
|
Anne Bouquet
Integration epayment engineer |
 |
|
Parc Lafayette - 6 rue Isaac Newton
25075 Besancon - Doubs - FR |
Phone +33 381 544 875
Fax +33 381 546 967
[email protected]
www.parkeon.com |
 |
|
|
