List,
In some specific cases w3af hangs and the scan never finishes, one
of those cases was reported here [0] and today I was able to
(hopefully) fix it. It seems that the issue was the PDF parser we are
using, which has an endless loop.
We could try to fix the third party library, but in the future
they (or other third party lib) or even w3af's code might introduce
another of those ugly bugs, so I decided to add some timeouts here [1]
and there [2] to limit the amount of time that plugins and parsers can
run. The time limitation is rather high, so it should only be
triggered when something is really wrong.
If you've got some minutes during the holidays and want to
contribute with some testing please
cd w3af
git pull
git checkout feature/stopit
./w3af_console
# update pip
# install new dependency
./w3af_console
Run a couple of scans and let me know if something is really
wrong. Thanks and happy 2015!
[0] https://github.com/andresriancho/w3af/issues/6723
[1]
https://github.com/andresriancho/w3af/commit/735a3ed29378c430900254d66ca3f59ad366502f
[2]
https://github.com/andresriancho/w3af/commit/c5be6aac0657fe4c77e2e80cf726d58b2ccaa9d7
Regards,
--
Andrés Riancho
Project Leader at w3af - http://w3af.org/
Web Application Attack and Audit Framework
Twitter: @w3af
GPG: 0x93C344F3
------------------------------------------------------------------------------
Dive into the World of Parallel Programming! The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net
_______________________________________________
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users
