search

andresriancho / w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.
http://w3af.org/
4.56k stars 1.22k forks source link

[Auto-Generated] Bug Report - old_data[d] = data[d] #1117

Closed 1d3df9903ad closed 10 years ago

1d3df9903ad commented 10 years ago

User description

No user description was provided for this bug report given that it was related to handled exceptions in scan with id f190dd58de

Version Information

  Python version: 2.7.5+ (default, Sep 19 2013, 13:48:49) [GCC 4.8.1]
  GTK version: 2.24.20
  PyGTK version: 2.24.0
  w3af version:
    w3af - Web Application Attack and Audit Framework
    Version: 1.5
    Revision: unknown
    Distribution: Debian
    Author: Andres Riancho and the w3af team.

Traceback

An exception was found while running grep.password_profiling on "http://domain/ | Method: GET". The exception was: "list indices must be integers, not str" at password_profiling.py:merge_maps():151.The full traceback is:
  File "/usr/share/w3af/core/controllers/core_helpers/consumers/grep.py", line 65, in run
    plugin.grep_wrapper(request, response)
  File "/usr/share/w3af/core/controllers/plugins/grep_plugin.py", line 65, in grep_wrapper
    self.grep(fuzzable_request, response)
  File "/usr/share/w3af/plugins/grep/password_profiling.py", line 81, in grep
    self.captured_lang)
  File "/usr/share/w3af/plugins/grep/password_profiling.py", line 151, in merge_maps
    old_data[d] = data[d]

Enabled Plugins

{'attack': {},
 'audit': {u'blind_sqli': <OptionList: eq_limit>,
           u'buffer_overflow': <OptionList: >,
           'cors_origin': {},
           u'csrf': <OptionList: >,
           u'dav': <OptionList: >,
           u'eval': <OptionList: use_time_delay|use_echo>,
           u'file_upload': <OptionList: extensions>,
           u'format_string': <OptionList: >,
           u'frontpage': <OptionList: >,
           u'generic': <OptionList: diff_ratio>,
           u'global_redirect': <OptionList: >,
           u'htaccess_methods': <OptionList: >,
           u'ldapi': <OptionList: >,
           u'lfi': <OptionList: >,
           u'mx_injection': <OptionList: >,
           u'os_commanding': <OptionList: >,
           u'phishing_vector': <OptionList: >,
           u'preg_replace': <OptionList: >,
           u'redos': <OptionList: >,
           u'response_splitting': <OptionList: >,
           u'rfi': <OptionList: listen_address|listen_port|use_w3af_site>,
           u'sqli': <OptionList: >,
           u'ssi': <OptionList: >,
           u'ssl_certificate': <OptionList: minExpireDays|caFileName>,
           u'un_ssl': <OptionList: >,
           u'xpath': <OptionList: >,
           u'xss': <OptionList: persistent_xss>,
           u'xst': <OptionList: >},
 'auth': {'detailed': {}},
 'bruteforce': {u'basic_auth': <OptionList: usersFile|passwdFile|useSvnUsers|stopOnFirst|passEqUser|useLeetPasswd|useEmails|useProfiling|profilingNumber|comboFile|comboSeparator>,
                u'form_auth': <OptionList: usersFile|passwdFile|useSvnUsers|stopOnFirst|passEqUser|useLeetPasswd|useEmails|useProfiling|profilingNumber|comboFile|comboSeparator>},
 'crawl': {u'archive_dot_org': <OptionList: max_depth>,
           u'bing_spider': <OptionList: result_limit>,
           u'google_spider': <OptionList: result_limit>,
           u'oracle_discovery': <OptionList: >,
           u'phishtank': <OptionList: >,
           u'phpinfo': <OptionList: >,
           u'robots_txt': <OptionList: >,
           u'sitemap_xml': <OptionList: >,
           u'urllist_txt': <OptionList: >,
           u'user_dir': <OptionList: identify_os|identify_apps>,
           u'web_spider': <OptionList: only_forward|follow_regex|ignore_regex>},
 'evasion': {},
 'grep': {u'ajax': <OptionList: >,
          u'analyze_cookies': <OptionList: >,
          u'blank_body': <OptionList: >,
          'cache_control': {},
          'clamav': {},
          u'click_jacking': <OptionList: >,
          u'code_disclosure': <OptionList: >,
          u'credit_cards': <OptionList: >,
          'cross_domain_js': {},
          'csp': {},
          u'directory_indexing': <OptionList: >,
          u'dom_xss': <OptionList: >,
          u'dot_net_event_validation': <OptionList: >,
          u'error_500': <OptionList: >,
          u'error_pages': <OptionList: >,
          u'feeds': <OptionList: >,
          u'file_upload': <OptionList: >,
          u'form_autocomplete': <OptionList: >,
          u'get_emails': <OptionList: only_target_domain>,
          u'hash_analysis': <OptionList: >,
          u'html_comments': <OptionList: >,
          u'http_auth_detect': <OptionList: >,
          u'http_in_body': <OptionList: >,
          u'lang': <OptionList: >,
          u'meta_tags': <OptionList: >,
          u'motw': <OptionList: >,
          u'objects': <OptionList: >,
          u'oracle': <OptionList: >,
          u'password_profiling': <OptionList: >,
          u'path_disclosure': <OptionList: >,
          u'private_ip': <OptionList: >,
          u'ssn': <OptionList: >,
          u'strange_headers': <OptionList: >,
          u'strange_http_codes': <OptionList: >,
          u'strange_parameters': <OptionList: >,
          u'strange_reason': <OptionList: >,
          u'svn_users': <OptionList: >,
          u'symfony': <OptionList: override>,
          'url_session': {},
          'user_defined_regex': {},
          u'wsdl_greper': <OptionList: >,
          'xss_protection_header': {}},
 'infrastructure': {u'afd': <OptionList: >,
                    u'allowed_methods': <OptionList: execOneTime|reportDavOnly>,
                    u'detect_reverse_proxy': <OptionList: >,
                    u'detect_transparent_proxy': <OptionList: >,
                    u'dns_wildcard': <OptionList: >,
                    u'domain_dot': <OptionList: >,
                    u'dot_net_errors': <OptionList: >,
                    u'favicon_identification': <OptionList: >,
                    u'find_jboss': <OptionList: >,
                    u'find_vhosts': <OptionList: >,
                    u'finger_bing': <OptionList: result_limit>,
                    u'finger_google': <OptionList: result_limit|fast_search>,
                    u'finger_pks': <OptionList: >,
                    u'fingerprint_WAF': <OptionList: >,
                    u'fingerprint_os': <OptionList: >,
                    'frontpage_version': {},
                    u'halberd': <OptionList: >,
                    u'hmap': <OptionList: genFpF>,
                    u'http_vs_https_dist': <OptionList: httpPort|httpsPort>,
                    u'php_eggs': <OptionList: >,
                    u'server_header': <OptionList: >,
                    u'server_status': <OptionList: >,
                    u'shared_hosting': <OptionList: result_limit>,
                    u'xssed_dot_com': <OptionList: >,
                    u'zone_h': <OptionList: >},
 'mangle': {},
 'output': {u'console': <OptionList: verbose>}}
andresriancho commented 10 years ago

Duplicates #703