Hi,
here I am sending the traceback I get:
----------------------------------------
Exception happened during processing of request from ('127.0.0.1', 44787)
Traceback (most recent call last):
File "/usr/lib/python2.7/SocketServer.py", line 284, in
_handle_request_noblock
self.process_request(request, client_address)
File "/usr/lib/python2.7/SocketServer.py", line 310, in process_request
self.finish_request(request, client_address)
File "/usr/lib/python2.7/SocketServer.py", line 323, in finish_request
self.RequestHandlerClass(request, client_address, self)
File
"/home/vojta/software/pentesting/w3af/plugins/crawl/spider_man.py", line
109, in constructor
return ProxyHandler(request, client_addr, server, self)
File
"/home/vojta/software/pentesting/w3af/plugins/crawl/spider_man.py", line
183, in __init__
w3afProxyHandler.__init__(self, request, client_address, server)
File "/usr/lib/python2.7/SocketServer.py", line 638, in __init__
self.handle()
File "/usr/lib/python2.7/BaseHTTPServer.py", line 340, in handle
self.handle_one_request()
File
"/home/vojta/software/pentesting/w3af/core/controllers/daemons/proxy.py", line
54, in handle_one_request
self.raw_requestline = self.rfile.readline()
File "/usr/lib/python2.7/socket.py", line 447, in readline
data = self._sock.recv(self._rbufsize)
timeout: timed out
----------------------------------------
Dne 22.1.2014 00:14, Vojtěch Polášek napsal(a):
After that scanning seems to continue but when I want to access
http://127.7.7.7/spiderman?terminate
I get:
There was an error while requesting
"http://127.7.7.7/spiderman?terminate=";. Reason: [Errno 111] Connection
refused
http://127.7.7.7/spiderman | Method: GET
What could be the problem?
Vojta
> Hi,
> I am doing some penetration testing on a web application. This
> application doesn't offer any great functions without actually logging in.
> I found some posts about authenticated scans from earlier times here on
> this list.
> So I use spider-man and I set correct regex pattern for ignoring some
> parts of the application.
> I selected various combinations of plugins and I always end with some
> w3af proxy traceback.
> I suppose that this is due because of some aggressive test interfering
> with application logic.
> unfortunatelly I can't give you more specific info about the application.
> I wonder if following would be possible:
> 1. Scan just structure of the application with spiderman and webspider,
> probably some little URL fuzzing but maybe not.
> 2. export all found URLs.
> 3. run W3Af again with these URLs imported and valid user session token
> (cookie) supplied.
> Or is there any other thing that would help me?
> Like running tests in strictly given order?
> thank oyu very much,
> Vojta
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users
