Aman, On Tue, Jul 29, 2014 at 5:05 PM, Aman Thakur <aman.thakur.1...@gmail.com> wrote: > Hi Guys, > Good Day!! > > I am trying to scan a website for malware using the clamav.py grep plugin. I > wanted to confirm if i am doing it right or not. > What is did is this: > > $ w3af_console > w3af>> plugins > w3af/plugins>> grep clamav > w3af/plugins>> crawl web_spider > w3af/plugins>> output console > w3af/plugins>> back > w3af>> target > w3af/config:target>> set target mydomain.com > w3af/config:target>> back > w3af>> start > > Then it prints the output something like: > Using ClamAV 0.98.1/19240/Tue Jul 29 18:39:04 2014 for scanning HTTP > response bodies.
This shows that your clamavd setup is correct > Found 1 URLs and 1 different injections points. > The URL list is: > - http://mydomain.com/ > The list of fuzzable requests is: > - Method: GET | http://mydomain.com/ > Scan finished in 26 seconds. And this shows that only the web root is being scanned. This might be because any number of reasons: * The page redirects to https, w3af won't follow anything outside the defined target protocol+domain * The page uses lots of Flash/JavaScript * The web root HTML triggers some issue in w3af's crawler > Stopping the core... > > > I wanted to confirm that is it scanning the whole website? or it is only > scanning he home page?? > > Thanks > > With Regards > Aman Thakur > > ------------------------------------------------------------------------------ > Infragistics Professional > Build stunning WinForms apps today! > Reboot your WinForms applications with our WinForms controls. > Build a bridge from your legacy apps to the future. > http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk > _______________________________________________ > W3af-users mailing list > W3af-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/w3af-users > -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 ------------------------------------------------------------------------------ Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk _______________________________________________ W3af-users mailing list W3af-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-users
