Hi All,

I am new to W3AF. Can someone help me with the authenticated scans please?
I am unable to scan past the authentication page.

I selected the Generic Auth plugin and gave the following values for the
POST request mentioned at the end. Kindly let me know if am wrong.


Username: Administrator

Password: Dragon@1234

Username_field: usernameInput

Password_field: passwordInput

Auth_url: https://local_host:port/

Check_url: https://local_host:port/j_security_check

Check_string: Administrator


POST https://local_host:port/j_security_check HTTP/1.1

Host: local_host:port

User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:25.0) Gecko/20100101
Firefox/25.0 Paros/3.2.13

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: en-US,en;q=0.5

Referer: https:// local_host:port /

Cookie: JSESSIONID=xxxxxxxxxxxxxxxxxxxxxxxxxx; mx-time-zone=Asia/Calcutta

Connection: keep-alive

Content-Type: application/x-www-form-urlencoded

Content-Length: 158


j_username=Administrator&j_password=172.16.X.X%3BDragon@1234&mxnego_auto_login=disabled&usernameInput=Administrator&passwordInput=
Dragon @1234&domainInput=


Thanks in advance. Your help/suggestion is very much appreciated.

Prakash
------------------------------------------------------------------------------
Sponsored by Intel(R) XDK 
Develop, test and display web and hybrid apps with a single code base.
Download it for free now!
http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
_______________________________________________
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users

Reply via email to