No user description was provided for this bug report given that it was related to handled exceptions in scan with id 60fb098f2c
Version Information
Python version: 2.7.3 (default, Feb 27 2014, 20:00:17) [GCC 4.6.3]
GTK version: 2.24.10
PyGTK version: 2.24.0
w3af version:
w3af - Web Application Attack and Audit Framework
Version: 1.6
Revision: f7d67d8022 - 01 4月 2014 12:03
Branch: master
Local changes: No
Author: Andres Riancho and the w3af team.
Traceback
An exception was found while running audit.csrf on "http://domain/reg/process.php | Method: POST | Parameters: (email="", password="", confirm_password="", pname="", engname="", bogi="女性", tel1="", tel2="", school="", office="", veg="數位設計領域")". The exception was: "math domain error" at csrf.py:is_csrf_token():247.The full traceback is:
File "/home/user/w3af/w3af/core/controllers/core_helpers/consumers/audit.py", line 114, in _audit
plugin.audit_with_copy(fuzzable_request, orig_resp)
File "/home/user/w3af/w3af/core/controllers/plugins/audit_plugin.py", line 126, in audit_with_copy
return self.audit(fuzzable_request.copy(), orig_resp)
File "/home/user/w3af/w3af/plugins/audit/csrf.py", line 86, in audit
if self._find_csrf_token(freq):
File "/home/user/w3af/w3af/plugins/audit/csrf.py", line 170, in _find_csrf_token
if self.is_csrf_token(param_name, element_value):
File "/home/user/w3af/w3af/plugins/audit/csrf.py", line 247, in is_csrf_token
entropy = floor(log(total) * (len(value) / log(2)))
User description
No user description was provided for this bug report given that it was related to handled exceptions in scan with id 60fb098f2c
Version Information
Traceback
Enabled Plugins