Re: [W3af-users] can't import cookies file

Fri, 06 Apr 2012 08:21:19 -0700

I used Cooke Manager+ which was basically the first cookie addon i found for firefox... you can do backup and it backs it up in the correct format but you still need to change the header to say Netscape...
Unfortunately, w3af doesn't actually use the cookie even though it accepts it... 

Miguel

On , Adi Mutu <adi_mut...@yahoo.com> wrote:

Hello,




I have also tried to export the cookie from firefox using various addons  
but it didn't worked for me, w3af said they were not in the right format.

My technique is a bit un-orthodox but it works:




I have used a php script like:
http://www.electrictoolbox.com/php-curl-cookies/





which saves the cookie in the right format, w3af accepts it.
Btw, how did you export it from firefox , Miguel?




Cheers,









From: Miguel Lucero miguel.luc...@gmail.com>
To: w3af-users@lists.sourceforge.net
Sent: Friday, April 6, 2012 12:42 AM
Subject: Re: [W3af-users] can't import cookies file





I want to add to this help request... First, what I did is grabbed a  
cookie from firefox and just changed the header to say Netscape as those  
tutorials suggest. The script to manually generate a cookie in the first  
link was not functional for me though. I would suggest extracting the  
cookie after logging in through firefox... this seems to be the easiest  
way.




I am running the latest w3af on Ubuntu 11.10 and I am able to  
successfully load a cookieJarFile but it doesn't appear to be used when  
scanning. I know it's a working cookie because I tested it with another  
command line tool and was able to get passed the authentication but w3af  
doesn't seem to account for it.




This version of ubuntu runs python 2.7 which i know is not officially  
supported but everything appears to work except for this...



Any ideas on how I can get more verbose output, or something to help me  
figure out why the file isn't being used would be great...




Thanks



Miguel





------------------------------------------------------------------------------
Better than sec? Nothing is better than sec when it comes to
monitoring Big Data applications. Try Boundary one-second
resolution app monitoring today. Free.
http://p.sf.net/sfu/Boundary-dev2dev
_______________________________________________
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users









------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users






















					Reply via email to