thanks,
I was wondering
I tried with pinc -c 1 , and ping -c 30 didn't notice any difference ,
would that be significant ?
Original Message
Subject: Re: [W3af-users] Shell shock plugin for w3af: Done!
From: Andres Riancho
To: Ali Khalfan
CC: "
Ali,
You can use curl -H"test: ..." http://foo.com/ to verify
Replace ... with the bash exploit
On Thu, Sep 25, 2014 at 2:11 PM, Ali Khalfan wrote:
> Andres,
> Is there a way I could manually verify a url? (as in using Nmap or wget and
> checking the response)
>
> I did it twice on a url and on
Andres,
Is there a way I could manually verify a url? (as in using Nmap or wget and
checking the response)
I did it twice on a url and once it says it was vulnerable and the other says
it wasn't
On ٢٥ سبتمبر، ٢٠١٤ ٧:١٨:٣٦ م GMT+03:00, Andres Riancho
wrote:
>Check the github repository issu
nah kali,
i just commented out the dependency_check line in the console
Original Message
Subject: Re: [W3af-users] Shell shock plugin for w3af: Done!
From: Andres Riancho
To: Ali Khalfan
CC: "w3af-users@lists.sourceforge.net"
Date: Thu Sep 25 2014 19:18:36 GMT
Check the github repository issues, mailing list, etc. This issue (for
mac?) has workarounds documented somewhere
On Thu, Sep 25, 2014 at 1:04 PM, Ali Khalfan wrote:
> i keep trying to run the git version of w3af and it says that phply is
> missing, yet I have it:
>
>
>
> /usr/local/lib/python2.7
i keep trying to run the git version of w3af and it says that phply is
missing, yet I have it:
/usr/local/lib/python2.7/dist-packages/phply-0.9.1-nspkg.pth
/usr/local/lib/python2.7/dist-packages/phply-0.9.1.egg-info
/usr/local/lib/python2.7/dist-packages/phply.egg-link
/usr/local/lib/python2.7/d
List,
Take a look at the w3af plugin I've just finished coding [0], it
detects shell shock vulnerabilities by using time delays. Pull
requests with improvements are welcome :)
[0] https://gist.github.com/andresriancho/4ef11d75c1f517c24f94
Regards,
--
Andrés Riancho
Project Leader at w3af -
