search

andresriancho / w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.
http://w3af.org/
4.56k stars 1.22k forks source link

w3af 1.6 console can not show correctly on kali #996

Closed heayin closed 10 years ago

heayin commented 10 years ago
After configuring plugins, I use view to see what I have configured, it shows uncorrectly. The steps are as follows: root@localhost:~/work/w3af# ./w3af_console w3af>>> plugins w3af/plugins>>> crawl web_spider wordpress_fingerprint dot_listing content_negotiation spider_man robots_txt archive_dot_org ria_enumerator wordnet user_dir sitemap_xml bing_spider dir_file_bruter phpinfo find_dvcs import_results urllist_txt google_spider url_fuzzer find_backdoors find_captchas oracle_discovery wsdl_finder wordpress_enumerate_users web_diff pykto wordpress_fullpathdisclosure phishtank digit_sum ghdb w3af/plugins>>> crawl web_spider w3af/plugins>>> crawl con content_negotiation config
w3af/plugins>>> crawl config web_spider w3af/plugins/crawl/config:web_spider>>> view		 ---------------------------------------------------------------------------------------------------------------------- Setting Value Description
only_forward False When spidering, only search directories inside the one that was given as target
ignore_regex When spidering, DO NOT follow links that match this regular expression (has precedence over
follow_regex)
follow_regex .* When spidering, only follow links that match this regular expression (ignore_regex has
precedence over follow_regex)
----------------------------------------------------------------------------------------------------------------------
w3af/plugins/crawl/config:web_spider>>> set only_forward True w3af/plugins/crawl/config:web_spider>>> view ---------------------------------------------------------------------------------------------------------------------- Setting Value Description
only_forward False When spidering, only search directories inside the one that was given as target
ignore_regex When spidering, DO NOT follow links that match this regular expression (has precedence over
follow_regex)
follow_regex .* When spidering, only follow links that match this regular expression (ignore_regex has
precedence over follow_regex)
----------------------------------------------------------------------------------------------------------------------

w3af/plugins/crawl/config:web_spider>>> back The configuration has been saved. w3af/plugins>>> back w3af>>> version w3af - Web Application Attack and Audit Framework Version: 1.6 Revision: 5460aa0377 - 04 Dec 2013 13:51 Author: Andres Riancho and the w3af team. w3af>>>

heayin commented 10 years ago

I scan the dvwa website on metasploitable2. when i scan after configuring webspider(set the onlyforward option), this option does not work.I configure the target which is http://10.10.10.130/dvwa/. But the result has twiki . When I try to stop the scan ,it fails too.

andresriancho commented 10 years ago

I've been working on a fix for the plugin options, please try to use the feature/module branch. To do that please use:

cd w3af/
git pull
git checkout feature/branch
./w3af_console
andresriancho commented 10 years ago

Duplicates #998

heayin commented 10 years ago

When I do as you said, it reports error

root@localhost:~/work/w3af# pwd /root/work/w3af root@localhost:~/work/w3af# git pull Already up-to-date. root@localhost:~/work/w3af# git checkout feature/branch error: pathspec 'feature/branch' did not match any file(s) known to git. root@localhost:~/work/w3af# git checkout feature/branch error: pathspec 'feature/branch' did not match any file(s) known to git.

andresriancho commented 10 years ago

Make sure you're running those commands from within a clone of our repository.

mkdir w3af-repo/
cd w3af-repo/
git clone https://github.com/andresriancho/w3af.git
cd w3af/
git pull
git checkout feature/branch
./w3af_console
heayin commented 10 years ago

I have done as you said, it can not work. The steps are as follows: root@localhost:~/work# mkdir w3af-repo/ root@localhost:~/work# ls install_ssh.sh myw3afscript.w3af test_report.html w3af w3af-repo mkdir rzsz-3.48.tar.gz test_report.html.bak w3af-1.5 myscript-web_spider-only_forward.w3af src

root@localhost:~/work/w3af-repo# git clone https://github.com/andresriancho/w3af.git Cloning into 'w3af'... remote: Reusing existing pack: 106007, done. remote: Total 106007 (delta 0), reused 0 (delta 0) Receiving objects: 100% (106007/106007), 113.36 MiB | 151 KiB/s, done. Resolving deltas: 100% (81000/81000), done. root@localhost:~/work/w3af-repo# root@localhost:~/work/w3af-repo# root@localhost:~/work/w3af-repo# ls w3af root@localhost:~/work/w3af-repo# cd w3af root@localhost:~/work/w3af-repo/w3af# ls core doc locales plugins profiles scripts tools w3af_console w3af_gui root@localhost:~/work/w3af-repo/w3af# git pull Already up-to-date. root@localhost:~/work/w3af-repo/w3af# git checkout feature/branch error: pathspec 'feature/branch' did not match any file(s) known to git. root@localhost:~/work/w3af-repo/w3af# | -bash: syntax error near unexpected token `|' root@localhost:~/work/w3af-repo/w3af# root@localhost:~/work/w3af-repo/w3af# root@localhost:~/work/w3af-repo/w3af#

------------------ 原始邮件 ------------------ 发件人: "andresriancho";notifications@github.com; 发送时间: 2014年1月1日(星期三) 凌晨3:43 收件人: "andresriancho/w3af"w3af@noreply.github.com; 抄送: "易 "21562936@qq.com; 主题: Re: [w3af] w3af 1.6 console can not show correctly on kali (#996)

Make sure you're running those commands from within a clone of our repository. mkdir w3af-repo/ cd w3af-repo/ git clone https://github.com/andresriancho/w3af.git cd w3af/ git pull git checkout feature/branch ./w3af_console

— Reply to this email directly or view it on GitHub.

andresriancho commented 10 years ago

Sorry about that, it was git checkout feature/module !

andresriancho commented 10 years ago

Closing, please let me know if the error persists and I'll re-open.