search

andresriancho / w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.
http://w3af.org/
4.56k stars 1.22k forks source link

[Auto-Generated] Bug Report - (data_string, format)) #688

Closed 1d3df9903ad closed 11 years ago

1d3df9903ad commented 11 years ago

User description

No user description was provided for this bug report given that it was related to handled exceptions in scan with id 3d7b3b6c9d

Version Information

  Python version: 2.7.3 (default, Apr 10 2013, 05:13:16) [GCC 4.7.2]
  GTK version: 2.24.13
  PyGTK version: 2.24.0
  w3af version:
    w3af - Web Application Attack and Audit Framework
    Version: 1.5
    Revision: db956b8abd - 17 kesä 2013 12:20
    Author: Andres Riancho and the w3af team.

Traceback

An exception was found while running audit.ssl_certificate on "https://domain/ | Method: GET". The exception was: "time data 'May  6 23:59:59 2014 GMT' does not match format '%b %d %H:%M:%S %Y GMT'" at _strptime.py:_strptime():325.The full traceback is:
  File "/root/w3af/core/controllers/core_helpers/consumers/audit.py", line 111, in _audit
    plugin.audit_with_copy(fuzzable_request, orig_resp)
  File "/root/w3af/core/controllers/plugins/audit_plugin.py", line 126, in audit_with_copy
    return self.audit(fuzzable_request.copy(), orig_resp)
  File "/root/w3af/plugins/audit/ssl_certificate.py", line 77, in audit
    self._analyze_ssl_cert(url, domain)
  File "/root/w3af/plugins/audit/ssl_certificate.py", line 156, in _analyze_ssl_cert
    exp_date = gmtime(ssl.cert_time_to_seconds(cert['notAfter']))
  File "/usr/lib/python2.7/ssl.py", line 393, in cert_time_to_seconds
    return time.mktime(time.strptime(cert_time, "%b %d %H:%M:%S %Y GMT"))
  File "/usr/lib/python2.7/_strptime.py", line 467, in _strptime_time
    return _strptime(data_string, format)[0]
  File "/usr/lib/python2.7/_strptime.py", line 325, in _strptime
    (data_string, format))

Enabled Plugins

{'attack': {},
 'audit': {u'blind_sqli': <OptionList: eq_limit>,
           u'buffer_overflow': <OptionList: >,
           u'csrf': <OptionList: >,
           u'dav': <OptionList: >,
           u'eval': <OptionList: use_time_delay|use_echo>,
           u'file_upload': <OptionList: extensions>,
           u'format_string': <OptionList: >,
           u'frontpage': <OptionList: >,
           u'generic': <OptionList: diff_ratio>,
           u'global_redirect': <OptionList: >,
           u'htaccess_methods': <OptionList: >,
           u'ldapi': <OptionList: >,
           u'lfi': <OptionList: >,
           u'mx_injection': <OptionList: >,
           u'os_commanding': <OptionList: >,
           u'phishing_vector': <OptionList: >,
           u'preg_replace': <OptionList: >,
           u'redos': <OptionList: >,
           u'response_splitting': <OptionList: >,
           u'rfi': <OptionList: listen_address|listen_port|use_w3af_site>,
           u'sqli': <OptionList: >,
           u'ssi': <OptionList: >,
           u'ssl_certificate': <OptionList: minExpireDays|caFileName>,
           u'un_ssl': <OptionList: >,
           u'xpath': <OptionList: >,
           u'xss': <OptionList: persistent_xss>,
           u'xst': <OptionList: >},
 'auth': {},
 'bruteforce': {},
 'crawl': {u'bing_spider': <OptionList: result_limit>,
           u'oracle_discovery': <OptionList: >,
           u'phishtank': <OptionList: >,
           u'phpinfo': <OptionList: >,
           u'robots_txt': <OptionList: >,
           u'sitemap_xml': <OptionList: >,
           u'user_dir': <OptionList: identify_os|identify_apps>,
           u'web_spider': <OptionList: only_forward|follow_regex|ignore_regex>},
 'evasion': {},
 'grep': {u'ajax': <OptionList: >,
          u'analyze_cookies': <OptionList: >,
          u'blank_body': <OptionList: >,
          u'click_jacking': <OptionList: >,
          u'code_disclosure': <OptionList: >,
          u'credit_cards': <OptionList: >,
          u'directory_indexing': <OptionList: >,
          u'dom_xss': <OptionList: >,
          u'dot_net_event_validation': <OptionList: >,
          u'error_500': <OptionList: >,
          u'error_pages': <OptionList: >,
          u'feeds': <OptionList: >,
          u'file_upload': <OptionList: >,
          u'form_autocomplete': <OptionList: >,
          u'get_emails': <OptionList: only_target_domain>,
          u'hash_analysis': <OptionList: >,
          u'html_comments': <OptionList: >,
          u'http_auth_detect': <OptionList: >,
          u'http_in_body': <OptionList: >,
          u'lang': <OptionList: >,
          u'meta_tags': <OptionList: >,
          u'motw': <OptionList: >,
          u'objects': <OptionList: >,
          u'oracle': <OptionList: >,
          u'password_profiling': <OptionList: >,
          u'path_disclosure': <OptionList: >,
          u'private_ip': <OptionList: >,
          u'ssn': <OptionList: >,
          u'strange_headers': <OptionList: >,
          u'strange_http_codes': <OptionList: >,
          u'strange_parameters': <OptionList: >,
          u'strange_reason': <OptionList: >,
          u'svn_users': <OptionList: >,
          u'symfony': <OptionList: override>,
          u'wsdl_greper': <OptionList: >},
 'infrastructure': {u'afd': <OptionList: >,
                    u'allowed_methods': <OptionList: execOneTime|reportDavOnly>,
                    u'detect_reverse_proxy': <OptionList: >,
                    u'detect_transparent_proxy': <OptionList: >,
                    u'dns_wildcard': <OptionList: >,
                    u'dot_net_errors': <OptionList: >,
                    u'find_vhosts': <OptionList: >,
                    'finger_bing': {},
                    'finger_google': {},
                    'finger_pks': {},
                    u'fingerprint_WAF': <OptionList: >,
                    u'fingerprint_os': <OptionList: >,
                    'frontpage_version': {},
                    u'halberd': <OptionList: >,
                    u'hmap': <OptionList: genFpF>,
                    u'php_eggs': <OptionList: >,
                    u'server_header': <OptionList: >,
                    u'server_status': <OptionList: >,
                    u'shared_hosting': <OptionList: result_limit>},
 'mangle': {},
 'output': {u'console': <OptionList: verbose>,
            u'html_file': <OptionList: output_file|verbose>,
            u'text_file': <OptionList: verbose|output_file|http_output_file>}}
andresriancho commented 11 years ago

Already fixed