Daniel,
On Tue, Aug 28, 2012 at 5:11 PM, Daniel Zulla wrote:
> Hi there,
> I have recognized scapy as a dependency of the current w3af.
Cool,
> Also, the current osCommanding plugin seems to use "ping" on a remote host
> to verify a vulnerability.
>
> That's smart. :)
I'm sure I stole it from
Hi there,
I have recognized scapy as a dependency of the current w3af.
Also, the current osCommanding plugin seems to use "ping" on a remote host
to verify a vulnerability.
That's smart. :)
But isn't it smarter / equally smart to let the remote host ping / netcat
*OUR* server, and check via raw
Evgeny,
On Tue, Aug 28, 2012 at 11:14 AM, Evgeny Tolmachev
wrote:
> Andres,
>
>> The file protocol should be able to specify relative locations, correct?
>> After finishing this paragraph I tested it with Python and it seems to work:
>
urllib2.urlopen('file:///etc/passwd').readlines()[0]
>
Andres,
> The file protocol should be able to specify relative locations, correct?
> After finishing this paragraph I tested it with Python and it seems to work:
>>> urllib2.urlopen('file:///etc/passwd').readlines()[0]
'root:x:0:0:root:/root:/bin/bash\n'
>>> urllib2.urlopen('file:w3af_console').
Evgeny,
On Tue, Aug 28, 2012 at 9:39 AM, Evgeny Tolmachev
wrote:
> Andres,
>
>> I think I understand what you're proposing here, but just to make things
>> clear: You want to include the http protocol in the XXE plugin in order to,
>> by starting an HTTP server on the box running w3af, be able
Andres,
> I think I understand what you're proposing here, but just to make things
> clear: You want to include the http protocol in the XXE plugin in order to,
> by starting an HTTP server on the box running w3af, be able to verify if the
> target web application connects to it after sending t
Evgeny,
On Tue, Aug 28, 2012 at 3:22 AM, Evgeny Tolmachev
wrote:
> Hi, list.
>
> The latest one case which I had was XXE in PHPMyAdmin, which allow reading
> files after export with special crafted *.xml file and exploit looked like
> this:
>
>
>
> ]>
> xmlns:pma="http://www.phpmyadmin.ne
