search

andresriancho / w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.
http://w3af.org/
4.57k stars 1.22k forks source link

[Auto-Generated] Bug Report - response = self._uri_opener.GET(server_status_url, cache=True) #1014

Closed 1d3df9903ad closed 10 years ago

1d3df9903ad commented 10 years ago

User description

No user description was provided for this bug report given that it was related to handled exceptions in scan with id c03dd32319

Version Information

  Python version: 2.7.2+ (default, Jul 20 2012, 22:12:53) [GCC 4.6.1]
  GTK version: 2.24.6
  PyGTK version: 2.24.0
  w3af version:
    w3af - Web Application Attack and Audit Framework
    Version: 1.5
    Revision: 6a52226549 - 17 Dec 2013 18:51
    Author: Andres Riancho and the w3af team.

Traceback

An exception was found while running infrastructure.server_status on "http://domain/%%75F%460e\%%75%46F%34%63%uFF%328%uF%46%33%61%%75F%464%37%uF%4643%u%46%465%36%%75F%4638%%75%46F%34%63%uF%464b%%75%46F%34e%u%46F5%33%%75FF%334%uFF%35%37%%75FF%34%61%%75%46%464%61%uFF%35%34%%75FF%333%uFF5%36%u%46F2%38\%u%46F%30%65\%%75%46F0%65%%75F%46%2d12%uFF-11%%75%46F0e\%u%46F%30%65\ | Method: GET | Parameters: (Db8YO="5", Db8YO="O", Db8YO="L", Db8YO="a", Db8YO="2", Db8YO="7", Db8YO="k", Db8YO="L")". The exception was: "'NoneType' object has no attribute 'GET'" at server_status.py:discover():60.The full traceback is:
  File "/home/user/w3af/w3af/w3af/core/controllers/core_helpers/consumers/crawl_infrastructure.py", line 392, in _discover_worker
    result = plugin.discover_wrapper(fuzzable_request)
  File "/home/user/w3af/w3af/w3af/core/controllers/plugins/infrastructure_plugin.py", line 46, in discover_wrapper
    return self.discover(fuzzable_request_copy)
  File "/home/user/w3af/w3af/w3af/core/controllers/misc/decorators.py", line 40, in inner_runonce_meth
    return meth(self, *args)
  File "/home/user/w3af/w3af/w3af/plugins/infrastructure/server_status.py", line 60, in discover
    response = self._uri_opener.GET(server_status_url, cache=True)

Enabled Plugins

{'attack': {},
 'audit': {'blind_sqli': {},
           'buffer_overflow': {},
           'cors_origin': {},
           'csrf': {},
           'dav': {},
           'eval': {},
           'file_upload': {},
           'format_string': {},
           'frontpage': {},
           'generic': {},
           'global_redirect': {},
           'htaccess_methods': {},
           'ldapi': {},
           'lfi': {},
           'mx_injection': {},
           'os_commanding': {},
           'phishing_vector': {},
           'preg_replace': {},
           'redos': {},
           'response_splitting': {},
           'rfi': {},
           'sqli': {},
           'ssi': {},
           'ssl_certificate': {},
           'un_ssl': {},
           'xpath': {},
           'xss': {},
           'xst': {}},
 'auth': {},
 'bruteforce': {'basic_auth': {}, 'form_auth': {}},
 'crawl': {'web_spider': {}},
 'evasion': {'backspace_between_dots': {},
             'full_width_encode': {},
             'mod_security': {},
             'reversed_slashes': {},
             'rnd_case': {},
             'rnd_hex_encode': {},
             'rnd_param': {},
             'rnd_path': {},
             'self_reference': {},
             'shift_out_in_between_dots': {},
             'x_forwarded_for': {}},
 'grep': {'ajax': {},
          'analyze_cookies': {},
          'blank_body': {},
          'cache_control': {},
          'click_jacking': {},
          'code_disclosure': {},
          'credit_cards': {},
          'cross_domain_js': {},
          'directory_indexing': {},
          'dom_xss': {},
          'dot_net_event_validation': {},
          'error_500': {},
          'error_pages': {},
          'feeds': {},
          'form_autocomplete': {},
          'get_emails': {},
          'hash_analysis': {},
          'html_comments': {},
          'http_auth_detect': {},
          'http_in_body': {},
          'lang': {},
          'meta_tags': {},
          'motw': {},
          'objects': {},
          'oracle': {},
          'password_profiling': {},
          'path_disclosure': {},
          'private_ip': {},
          'ssn': {},
          'strange_headers': {},
          'strange_http_codes': {},
          'strange_parameters': {},
          'strange_reason': {},
          'svn_users': {},
          'symfony': {},
          'url_session': {},
          'user_defined_regex': {},
          'wsdl_greper': {},
          'xss_protection_header': {}},
 'infrastructure': {'afd': {},
                    'allowed_methods': {},
                    'detect_reverse_proxy': {},
                    'detect_transparent_proxy': {},
                    'dns_wildcard': {},
                    'domain_dot': {},
                    'favicon_identification': {},
                    'find_jboss': {},
                    'find_vhosts': {},
                    'fingerprint_WAF': {},
                    'fingerprint_os': {},
                    'frontpage_version': {},
                    'halberd': {},
                    'hmap': {},
                    'http_vs_https_dist': {},
                    'php_eggs': {},
                    'server_header': {},
                    'server_status': {}},
 'mangle': {},
 'output': {'console': {}, 'text_file': {}}}
andresriancho commented 10 years ago

Very rare race condition, closing.