Hi All,
I am new to W3AF. Can someone help me with the authenticated scans please?
I am unable to scan past the authentication page.
I selected the Generic Auth plugin and gave the following values for the
POST request mentioned at the end. Kindly let me know if am wrong.
Username: Administrator
Password: Dragon@1234
Username_field: usernameInput
Password_field: passwordInput
Auth_url: https://local_host:port/
Check_url: https://local_host:port/j_security_check
Check_string: Administrator
POST https://local_host:port/j_security_check HTTP/1.1
Host: local_host:port
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:25.0) Gecko/20100101
Firefox/25.0 Paros/3.2.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Referer: https:// local_host:port /
Cookie: JSESSIONID=xxxxxxxxxxxxxxxxxxxxxxxxxx; mx-time-zone=Asia/Calcutta
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 158
j_username=Administrator&j_password=172.16.X.X%3BDragon@1234&mxnego_auto_login=disabled&usernameInput=Administrator&passwordInput=
Dragon @1234&domainInput=
Thanks in advance. Your help/suggestion is very much appreciated.
Prakash
------------------------------------------------------------------------------
Sponsored by Intel(R) XDK
Develop, test and display web and hybrid apps with a single code base.
Download it for free now!
http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
_______________________________________________
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users
