andresriancho
commented
11 years ago From all the different problems you mention, I think that the only that could be real is the one about http/misc settings not being loaded. Could you please tell me the exact steps you're taking to reproduce the issue on my side?
The other issues you mention:
- Google/Bing not respecting limit of results: Well, the google/bing wrappers request 100 results (if I'm not mistaken) to Google/Bing each time they perform a request. If you put the setting to a value of 1, the plugin will make one request, bring 100 results and parse them. If you put the setting to 99, the same will happen. On the other hand, if you set the value to 101, two requests to google are made. Might be confusing, but shouldn't affect your scan in any way. I would be more than happy if you could confirm this by reading some code and/or running tests.
- w3af plugins have dependencies. Some plugins require others to run. You're experimenting that. It can be disabled somewhere in the misc settings.
BoxedResearch
I've noticed the HTTP/MISC settings aren't loaded along with the rest of the profile settings when selected in the UI after program restart. Furthermore, there seems to some settings that can not be overridden. For example, the bing spider + google spider do not seem to respect the limit of returned searches. For some sites like blogs/forums, the bing spider will return 100's of results in the log, even though 20 is selected (and saved) in the profile. Google spider seems the same.
Also the web spider seems to erratically come on even when disabled, while other plugins are selected. For example, the sitemap plugin seems to cause the webspider to come on (perhaps intentionally?).