On Thu, Dec 5, 2013 at 12:15 PM, prakash jayabalan <prakashj...@gmail.com> wrote: > Hi All, > > I am new to W3AF. Can someone help me with the authenticated scans please? I > am unable to scan past the authentication page. > > I selected the Generic Auth plugin and gave the following values for the > POST request mentioned at the end. Kindly let me know if am wrong. > > > Username: Administrator > > Password: Dragon@1234 > > Username_field: usernameInput > > Password_field: passwordInput > > Auth_url: https://local_host:port/ > > Check_url: https://local_host:port/j_security_check > > Check_string: Administrator > > > POST https://local_host:port/j_security_check HTTP/1.1 > > Host: local_host:port > > User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:25.0) Gecko/20100101 > Firefox/25.0 Paros/3.2.13 > > Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > > Accept-Language: en-US,en;q=0.5 > > Referer: https:// local_host:port / > > Cookie: JSESSIONID=xxxxxxxxxxxxxxxxxxxxxxxxxx; mx-time-zone=Asia/Calcutta > > Connection: keep-alive > > Content-Type: application/x-www-form-urlencoded > > Content-Length: 158 > > > j_username=Administrator&j_password=172.16.X.X%3BDragon@1234&mxnego_auto_login=disabled&usernameInput=Administrator&passwordInput= > Dragon @1234&domainInput=
Is there a space before and after Dragon? > > Thanks in advance. Your help/suggestion is very much appreciated. > > Prakash > > > > ------------------------------------------------------------------------------ > Sponsored by Intel(R) XDK > Develop, test and display web and hybrid apps with a single code base. > Download it for free now! > http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk > _______________________________________________ > W3af-users mailing list > W3af-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/w3af-users > -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 ------------------------------------------------------------------------------ Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk _______________________________________________ W3af-users mailing list W3af-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-users
