Hello, I'm trying to crawl a web application using the w3af WebSpider plugin. The application uses a simple login form to authenticate users. After successful authentication the session id isn't stored inside a cookie, the id is instead part of the URL like this:
https://foobar.../listinbox_en.jsp;[EMAIL PROTECTED] https://foobar.../listcounterpart_en.jsp;[EMAIL PROTECTED] In order to scan this application I set the target to the following URL/Host (using a valid session of course): https://foobar.../listinbox_en.jsp;[EMAIL PROTECTED] By looking at the URLs the WebSpider came up with, I see that the plugin never gets past the login form. I'm wondering if I'm doing something wrong or if the WebSpider isn't able to use the parameters inside the target URL correctly. If that's the case, is there a chance that this could be easily fixed? I'm also a developer and would be able to fix this with a little help (never done python before). Any help or suggestions appreciated. Thanks _________________________________________________________________ Explore the seven wonders of the world http://search.msn.com/results.aspx?q=7+wonders+world&mkt=en-US&form=QBRE ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
