search

andresriancho / w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.
http://w3af.org/
4.53k stars 1.21k forks source link

[Auto-Generated] Bug Report - raise self._value #1310

Closed 1d3df9903ad closed 10 years ago

1d3df9903ad commented 10 years ago

User description

No user description was provided for this bug report given that it was related to handled exceptions in scan with id 910448f445

Version Information

  Python version: 2.7.3 (default, Jan  2 2013, 16:53:07) [GCC 4.7.2]
  GTK version: 2.24.10
  PyGTK version: 2.24.0
  w3af version:
    w3af - Web Application Attack and Audit Framework
    Version: 1.5
    Revision: 95842dfd50 - 27 Feb 2014 18:31
    Author: Andres Riancho and the w3af team.

Traceback

An exception was found while running crawl.phpinfo on "http://domain/res/theme/res/custom.js | Method: GET". The exception was: "deque mutated during iteration" at pool.py:get():554.The full traceback is:
  File "/usr/share/w3af/w3af/core/controllers/core_helpers/consumers/crawl_infrastructure.py", line 387, in _discover_worker
    result = plugin.discover_wrapper(fuzzable_request)
  File "/usr/share/w3af/w3af/core/controllers/plugins/crawl_plugin.py", line 47, in crawl_wrapper
    return self.crawl(fuzzable_request_copy)
  File "/usr/share/w3af/w3af/plugins/crawl/phpinfo.py", line 74, in crawl
    self.worker_pool.map_multi_args(self._check_and_analyze, args)
  File "/usr/share/w3af/w3af/core/controllers/threads/threadpool.py", line 81, in map_multi_args
    return self.map_async(one_to_many(func), iterable, chunksize).get()
  File "/usr/lib/python2.7/multiprocessing/pool.py", line 554, in get
    raise self._value

Enabled Plugins

{'attack': {},
 'audit': {u'blind_sqli': <OptionList: eq_limit>,
           u'buffer_overflow': <OptionList: >,
           u'cors_origin': <OptionList: origin_header_value>,
           u'csrf': <OptionList: >,
           u'dav': <OptionList: >,
           u'eval': <OptionList: use_time_delay|use_echo>,
           u'file_upload': <OptionList: extensions>,
           u'format_string': <OptionList: >,
           u'frontpage': <OptionList: >,
           u'generic': <OptionList: diff_ratio>,
           u'global_redirect': <OptionList: >,
           u'htaccess_methods': <OptionList: >,
           u'ldapi': <OptionList: >,
           u'lfi': <OptionList: >,
           u'mx_injection': <OptionList: >,
           u'os_commanding': <OptionList: >,
           u'phishing_vector': <OptionList: >,
           u'preg_replace': <OptionList: >,
           u'redos': <OptionList: >,
           u'response_splitting': <OptionList: >,
           u'rfi': <OptionList: listen_address|listen_port|use_w3af_site>,
           u'sqli': <OptionList: >,
           u'ssi': <OptionList: >,
           u'ssl_certificate': <OptionList: minExpireDays|caFileName>,
           u'un_ssl': <OptionList: >,
           u'xpath': <OptionList: >,
           u'xss': <OptionList: persistent_xss>,
           u'xst': <OptionList: >},
 'auth': {},
 'bruteforce': {u'basic_auth': <OptionList: usersFile|passwdFile|useSvnUsers|stopOnFirst|passEqUser|useLeetPasswd|useEmails|useProfiling|profilingNumber|comboFile|comboSeparator>,
                u'form_auth': <OptionList: usersFile|passwdFile|useSvnUsers|stopOnFirst|passEqUser|useLeetPasswd|useEmails|useProfiling|profilingNumber|comboFile|comboSeparator>},
 'crawl': {u'bing_spider': <OptionList: result_limit>,
           u'oracle_discovery': <OptionList: >,
           u'phishtank': <OptionList: >,
           u'phpinfo': <OptionList: >,
           u'robots_txt': <OptionList: >,
           u'sitemap_xml': <OptionList: >,
           u'spider_man': <OptionList: listen_address|listen_port>,
           u'user_dir': <OptionList: identify_os|identify_apps>,
           u'web_spider': <OptionList: only_forward|follow_regex|ignore_regex>},
 'evasion': {},
 'grep': {u'ajax': <OptionList: >,
          u'analyze_cookies': <OptionList: >,
          u'blank_body': <OptionList: >,
          u'cache_control': <OptionList: >,
          u'click_jacking': <OptionList: >,
          u'code_disclosure': <OptionList: >,
          u'credit_cards': <OptionList: >,
          u'cross_domain_js': <OptionList: >,
          u'directory_indexing': <OptionList: >,
          u'dom_xss': <OptionList: >,
          u'dot_net_event_validation': <OptionList: >,
          u'error_500': <OptionList: >,
          u'error_pages': <OptionList: >,
          u'feeds': <OptionList: >,
          u'file_upload': <OptionList: >,
          u'form_autocomplete': <OptionList: >,
          u'get_emails': <OptionList: only_target_domain>,
          u'hash_analysis': <OptionList: >,
          u'html_comments': <OptionList: >,
          u'http_auth_detect': <OptionList: >,
          u'http_in_body': <OptionList: >,
          u'lang': <OptionList: >,
          u'meta_tags': <OptionList: >,
          u'motw': <OptionList: >,
          u'objects': <OptionList: >,
          u'oracle': <OptionList: >,
          u'password_profiling': <OptionList: >,
          u'path_disclosure': <OptionList: >,
          u'private_ip': <OptionList: >,
          u'ssn': <OptionList: >,
          u'strange_headers': <OptionList: >,
          u'strange_http_codes': <OptionList: >,
          u'strange_parameters': <OptionList: >,
          u'strange_reason': <OptionList: >,
          u'svn_users': <OptionList: >,
          u'symfony': <OptionList: override>,
          u'url_session': <OptionList: >,
          u'user_defined_regex': <OptionList: single_regex|regex_file_path>,
          u'wsdl_greper': <OptionList: >,
          u'xss_protection_header': <OptionList: >},
 'infrastructure': {u'afd': <OptionList: >,
                    u'allowed_methods': <OptionList: execOneTime|reportDavOnly>,
                    u'detect_reverse_proxy': <OptionList: >,
                    u'detect_transparent_proxy': <OptionList: >,
                    u'dns_wildcard': <OptionList: >,
                    u'domain_dot': <OptionList: >,
                    u'dot_net_errors': <OptionList: >,
                    u'favicon_identification': <OptionList: >,
                    u'find_jboss': <OptionList: >,
                    u'find_vhosts': <OptionList: >,
                    u'finger_bing': <OptionList: result_limit>,
                    u'finger_google': <OptionList: result_limit|fast_search>,
                    u'finger_pks': <OptionList: >,
                    u'fingerprint_WAF': <OptionList: >,
                    u'fingerprint_os': <OptionList: >,
                    u'frontpage_version': <OptionList: >,
                    u'halberd': <OptionList: >,
                    u'hmap': <OptionList: gen_fingerprint>,
                    u'http_vs_https_dist': <OptionList: httpPort|httpsPort>,
                    u'php_eggs': <OptionList: >,
                    u'server_header': <OptionList: >,
                    u'server_status': <OptionList: >,
                    u'shared_hosting': <OptionList: result_limit>,
                    u'xssed_dot_com': <OptionList: >,
                    u'zone_h': <OptionList: >},
 'mangle': {},
 'output': {u'console': <OptionList: verbose>,
            u'text_file': <OptionList: verbose|output_file|http_output_file>}}
andresriancho commented 10 years ago

Duplicates #1311