Andres,
Is there a way I could manually verify a url? (as in using Nmap or wget and
checking the response)
I did it twice on a url and once it says it was vulnerable and the other says
it wasn't
On ٢٥ سبتمبر، ٢٠١٤ ٧:١٨:٣٦ م GMT+03:00, Andres Riancho
<andres.rian...@gmail.com> wrote:
>Check the github repository issues, mailing list, etc. This issue (for
>mac?) has workarounds documented somewhere
>
>On Thu, Sep 25, 2014 at 1:04 PM, Ali Khalfan <ali.khal...@gmail.com>
>wrote:
>> i keep trying to run the git version of w3af and it says that phply
>is
>> missing, yet I have it:
>>
>>
>>
>> /usr/local/lib/python2.7/dist-packages/phply-0.9.1-nspkg.pth
>> /usr/local/lib/python2.7/dist-packages/phply-0.9.1.egg-info
>> /usr/local/lib/python2.7/dist-packages/phply.egg-link
>> /usr/local/lib/python2.7/dist-packages/phply/phpast.py
>> /usr/local/lib/python2.7/dist-packages/phply/phpast.pyc
>> /usr/local/lib/python2.7/dist-packages/phply/phplex.py
>> /usr/local/lib/python2.7/dist-packages/phply/phplex.pyc
>> /usr/local/lib/python2.7/dist-packages/phply/phpparse.py
>> /usr/local/lib/python2.7/dist-packages/phply/phpparse.pyc
>> /usr/local/lib/python2.7/dist-packages/phply/pythonast.py
>> /usr/local/lib/python2.7/dist-packages/phply/pythonast.pyc
>> /usr/local/lib/python2.7/dist-packages/phply-0.9.1.egg-info/PKG-INFO
>>
>/usr/local/lib/python2.7/dist-packages/phply-0.9.1.egg-info/SOURCES.txt
>>
>/usr/local/lib/python2.7/dist-packages/phply-0.9.1.egg-info/dependency_links.txt
>>
>/usr/local/lib/python2.7/dist-packages/phply-0.9.1.egg-info/installed-files.txt
>>
>/usr/local/lib/python2.7/dist-packages/phply-0.9.1.egg-info/namespace_packages.txt
>>
>/usr/local/lib/python2.7/dist-packages/phply-0.9.1.egg-info/not-zip-safe
>>
>/usr/local/lib/python2.7/dist-packages/phply-0.9.1.egg-info/requires.txt
>>
>/usr/local/lib/python2.7/dist-packages/phply-0.9.1.egg-info/top_level.txt
>>
>>
>> On 09/25/2014 03:22 PM, Andres Riancho wrote:
>>> List,
>>>
>>> Take a look at the w3af plugin I've just finished coding [0], it
>>> detects shell shock vulnerabilities by using time delays. Pull
>>> requests with improvements are welcome :)
>>>
>>> [0] https://gist.github.com/andresriancho/4ef11d75c1f517c24f94
>>>
>>> Regards,
>>>
>>
>>
>------------------------------------------------------------------------------
>> Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
>> Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS
>Reports
>> Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
>> Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
>>
>http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
>> _______________________________________________
>> W3af-users mailing list
>> W3af-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/w3af-users
>
>
>
>--
>Andrés Riancho
>Project Leader at w3af - http://w3af.org/
>Web Application Attack and Audit Framework
>Twitter: @w3af
>GPG: 0x93C344F3
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users