[Auto-Generated] Bug Report - raise ValueError('Invalid header value %r' % (one_value,))

[1d3df9903ad]

No user description was provided for this bug report given that it was related to handled exceptions in scan with id 2e2cd61579

Version Information

  Python version: 2.7.12 (default, Dec  4 2017, 14:50:18) [GCC 5.4.0 20160609]
  Platform: Ubuntu 16.04 xenial
  GTK version: 2.24.30
  PyGTK version: 2.24.0
  w3af version:
    w3af - Web Application Attack and Audit Framework
    Version: 2018.8.22
    Revision: bb29b9e34c - 22 Aug 2018 11:40
    Branch: master
    Local changes: Yes
    Author: Andres Riancho and the w3af team.

Traceback

A "ValueError" exception was found while running audit.rfi on "Method: GET | http://domain:8008/535366372775798298699572297101331457052/saveprofile | URL encoded form: (action, uid, pw, is_author)". The exception was: "Invalid header value 'GRUYERE=90923465|w3af; GRUYERE=42367666|w3af\rvulnerable073b: ae5cw3af||author'" at httplib.py:putheader():1035.The full traceback is:
  File "/home/user/tools/w3af/w3af/core/controllers/core_helpers/consumers/audit.py", line 177, in _audit
    plugin.audit_with_copy(fuzzable_request, orig_resp, debugging_id)
  File "/home/user/tools/w3af/w3af/core/controllers/plugins/audit_plugin.py", line 138, in audit_with_copy
    return self.audit(fuzzable_request, orig_resp, debugging_id)
  File "/home/user/tools/w3af/w3af/plugins/audit/rfi.py", line 96, in audit
    self._w3af_site_test_inclusion(freq, orig_response, debugging_id)
  File "/home/user/tools/w3af/w3af/plugins/audit/rfi.py", line 281, in _w3af_site_test_inclusion
    self._test_inclusion(freq, rfi_data, orig_response, debugging_id)
  File "/home/user/tools/w3af/w3af/plugins/audit/rfi.py", line 299, in _test_inclusion
    debugging_id=debugging_id)
  File "/home/user/tools/w3af/w3af/core/controllers/plugins/plugin.py", line 245, in _send_mutants_in_threads
    result.reraise()
  File "/usr/local/lib/python2.7/dist-packages/tblib/decorators.py", line 19, in reraise
    reraise(self.exc_type, self.exc_value, self.traceback)
  File "/usr/local/lib/python2.7/dist-packages/tblib/decorators.py", line 25, in return_exceptions_wrapper
    return func(*args, **kwargs)
  File "/home/user/tools/w3af/w3af/core/controllers/threads/decorators.py", line 9, in apply_with_return_error
    return args[0](*args[1:])
  File "/home/user/tools/w3af/w3af/core/controllers/threads/threadpool.py", line 70, in __call__
    return args, self.func(*args, **kwds)
  File "/home/user/tools/w3af/w3af/core/controllers/plugins/plugin.py", line 322, in url_opener_proxy
    return attr(*args, **kwargs)
  File "/home/user/tools/w3af/w3af/core/data/url/extended_urllib.py", line 650, in send_mutant
    res = functor(*args, **kwargs)
  File "/home/user/tools/w3af/w3af/core/data/url/extended_urllib.py", line 712, in GET
    return self.send(req, grep=grep)
  File "/home/user/tools/w3af/w3af/core/data/url/extended_urllib.py", line 935, in send
    res = self._opener.open(req)
  File "/home/user/tools/w3af/w3af/core/data/url/director.py", line 33, in open
    response = self._open(req, data)
  File "/usr/lib/python2.7/urllib2.py", line 447, in _open
    '_open', req)
  File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
    result = func(*args)
  File "/home/user/tools/w3af/w3af/core/data/url/handlers/keepalive/handler.py", line 359, in http_open
    return self.do_open(req)
  File "/home/user/tools/w3af/w3af/core/data/url/handlers/keepalive/handler.py", line 134, in do_open
    resp, start = self._get_response(conn, req)
  File "/home/user/tools/w3af/w3af/core/data/url/handlers/keepalive/handler.py", line 219, in _get_response
    self._start_transaction(conn, request)
  File "/home/user/tools/w3af/w3af/core/data/url/handlers/keepalive/handler.py", line 340, in _start_transaction
    to_utf8_raw(v))
  File "/usr/lib/python2.7/httplib.py", line 1035, in putheader
    raise ValueError('Invalid header value %r' % (one_value,))

Enabled Plugins

{'attack': {},
 'audit': {'blind_sqli': {},
           'buffer_overflow': {},
           'csrf': {},
           'dav': {},
           'eval': {},
           'file_upload': {},
           'format_string': {},
           'frontpage': {},
           'generic': {},
           'global_redirect': {},
           'htaccess_methods': {},
           'ldapi': {},
           'lfi': {},
           'mx_injection': {},
           'os_commanding': {},
           'phishing_vector': {},
           'preg_replace': {},
           'redos': {},
           'response_splitting': {},
           'rfi': {},
           'sqli': {},
           'ssi': {},
           'ssl_certificate': {},
           'un_ssl': {},
           'xpath': {},
           'xss': {},
           'xst': {}},
 'auth': {},
 'bruteforce': {},
 'crawl': {'bing_spider': {},
           'oracle_discovery': {},
           'phishtank': {},
           'phpinfo': {},
           'robots_txt': {},
           'sitemap_xml': {},
           'user_dir': {},
           'web_spider': {}},
 'evasion': {},
 'grep': {'analyze_cookies': {},
          'blank_body': {},
          'click_jacking': {},
          'code_disclosure': {},
          'credit_cards': {},
          'directory_indexing': {},
          'dom_xss': {},
          'dot_net_event_validation': {},
          'error_500': {},
          'error_pages': {},
          'feeds': {},
          'form_autocomplete': {},
          'get_emails': {},
          'hash_analysis': {},
          'html_comments': {},
          'http_auth_detect': {},
          'http_in_body': {},
          'lang': {},
          'meta_tags': {},
          'motw': {},
          'objects': {},
          'oracle': {},
          'password_profiling': {},
          'path_disclosure': {},
          'private_ip': {},
          'ssn': {},
          'strange_headers': {},
          'strange_http_codes': {},
          'strange_parameters': {},
          'strange_reason': {},
          'svn_users': {},
          'symfony': {},
          'wsdl_greper': {}},
 'infrastructure': {'afd': {},
                    'allowed_methods': {},
                    'detect_reverse_proxy': {},
                    'detect_transparent_proxy': {},
                    'dns_wildcard': {},
                    'dot_net_errors': {},
                    'find_vhosts': {},
                    'finger_bing': {},
                    'finger_google': {},
                    'finger_pks': {},
                    'fingerprint_WAF': {},
                    'fingerprint_os': {},
                    'frontpage_version': {},
                    'halberd': {},
                    'hmap': {},
                    'php_eggs': {},
                    'server_header': {},
                    'server_status': {},
                    'shared_hosting': {}},
 'mangle': {},
 'output': {'console': {}}}

[artem-smotrakov]

I see similar errors when I run audit.os_commanding and audit.os_commanding plugins for API endpoints:

A "ValueError" exception was found while running audit.os_commanding on "Method: GET | 
https://domain/api/sessions/MTgwNTEwNjE2NzQ5MjQ4MDk4NToxOTg0". The exception was: "Invalid 
header value '\ntype %SYSTEMROOT%\\win.ini'" at /usr/lib/python2.7/httplib.py:putheader()():1035. 
The scan will continue but some vulnerabilities might not be identified.

A "ValueError" exception was found while running audit.response_splitting on "Method: GET | 
https://domain/api/sessions/MTgwNTEwNjE2NzQ5MjQ4MDk4NToxOTg0". The exception was: "Invalid 
header value 'w3af\r\nvulnerable073b: ae5cw3af'" at /usr/lib/python2.7/httplib.py:putheader()():1035. 
The scan will continue but some vulnerabilities might not be identified.