Found a bug that I am working on now.
2009/6/7 Ryan Dewhurst <ryandewhu...@gmail.com>:
> w00t w00t!
>
> All tested and working!
>
> Thanks to everyone for their help especially Andres for putting up
> with my noobness. I will look into implementing the vulns for each
> version and then eventually a wp plugin version finder.
>
> Feedback and suggestions welcome! :-)
>
> 2009/6/7 Andres Riancho <andres.rian...@gmail.com>:
>> Ryan,
>>
>> On Sat, Jun 6, 2009 at 10:20 PM, Ryan Dewhurst<ryandewhu...@gmail.com> wrote:
>>> I decided to move over to my Linux box for the development of the
>>> plugin. One of the reasons I could not get the plugin to run through
>>> w3af was that the plugin file name was not the same as the class name.
>>
>> Ok, makes sense,
>>
>>> It now runs through w3af with out any errors. The only thing is that
>>> the info output is not showing in kb.
>>
>> Are you saving it to the kb?
>>
>>> Im using this which I found in another plugin:
>>>
>>> # Save it to the kb!
>>> i = info.info()
>>> i.setName('WordPress version')
>>> i.setURL( wp_index_url )
>>> i.setId( http_response.id )
>>> i.setDesc( 'WordPress version "'+ self._version +'" found in the
>>> index header.' )
>>> kb.kb.append( self, 'WordPress version', i )
>>> om.out.information( i.getDesc() )
>>
>> That seems to be enough to save the version to the kb,
>>
>>> Attached is the latest version.
>>
>> I applied some minor changes:
>>
>> - Changed the name of the plugin to wordpress_plugin, because
>> wpvChecker is cryptic to users.
>> - The code has some serious errors, that are possibly the reason you
>> don't see anything:
>>
>> ...@brick:~/w3af/w3af/trunk$ pylint
>> --rcfile=../extras/misc/pylint.rc /tmp/wordpress_version.py -e
>> ************* Module wordpress_version
>> E: 98:wordpress_version.discover: Undefined variable 're'
>> E:109:wordpress_version.discover: Undefined variable 'http_response'
>> E:150:wordpress_version.discover: Undefined variable 'http_response'
>>
>> Have you tested the plugin? Do you get a big traceback when running it?
>>
>> - This line in the fingerprint DB:
>>
>> ('/wp-admin/async-upload.php','200','2.5'),
>>
>> Doesn't match this line:
>>
>> if self._wp_fingerprint[1] == 200 and not
>> is_404(response):
>>
>> '200' and 200 aren't equal in python:
>>
>> >>> '200' == 200
>> False
>>
>> You should change your database to 200, instead of '200' where necessary.
>>
>> - One more detail, is that it would be nice to compare the version in
>> the HTML header, with the fingerprinted version, and report if they
>> differ.
>>
>> You're on the right path, I think that with these recommendations
>> you'll be able to complete the development of your first w3af plugin
>> =)
>>
>> PS: You should answer inline.
>>
>>> Ryan
>>>
>>> 2009/6/6 Andres Riancho <andres.rian...@gmail.com>:
>>>> Ryan,
>>>>
>>>> On Sat, Jun 6, 2009 at 6:22 PM, Ryan Dewhurst<ryandewhu...@gmail.com>
>>>> wrote:
>>>>>>Also delete the .pyc file, and no reinstall is needed.
>>>>>
>>>>> There was none.
>>>>>
>>>>>> Yes, many.
>>>>>> You are missing some required methods, like setOptions, getOptions,
>>>>>> getLongDescription, etc. Please see other plugins for a complete list,
>>>>>
>>>>> They are already in the code:
>>>>>
>>>>> # W3af options and output
>>>>> def getOptions( self ):
>>>>> '''
>>>>> �...@return: A list of option objects for this plugin.
>>>>> '''
>>>>> ol = optionList()
>>>>> return ol
>>>>>
>>>>> def setOptions( self, OptionList ):
>>>>> '''
>>>>> This method sets all the options that are configured using the
>>>>> user interface
>>>>> generated by the framework using the result of getOptions().
>>>>>
>>>>> �...@parameter OptionList: A dictionary with the options for the
>>>>> plugin.
>>>>> �...@return: No value is returned.
>>>>> '''
>>>>> pass
>>>>>
>>>>> def getPluginDeps( self ):
>>>>> '''
>>>>> �...@return: A list with the names of the plugins that should be
>>>>> runned before the
>>>>> current one.
>>>>> '''
>>>>> return []
>>>>>
>>>>> def getLongDesc( self ):
>>>>> '''
>>>>> �...@return: A DETAILED description of the plugin functions and
>>>>> features.
>>>>> '''
>>>>> return '''
>>>>> This plugin searches for client side differences between
>>>>> different versions of WordPress.
>>>>> '''
>>>>
>>>> Then try to run w3af from a console:
>>>>
>>>> in cmd.exe run python w3af_console.py
>>>>
>>>>>
>>>>> 2009/6/6 Andres Riancho <andres.rian...@gmail.com>:
>>>>>> Ryan,
>>>>>>
>>>>>> On Sat, Jun 6, 2009 at 1:57 PM, Ryan Dewhurst <ryandewhu...@gmail.com>
>>>>>> wrote:
>>>>>>> I moved the wpvchecker.py file into the /plugin/discovery folder. When
>>>>>>> I try to launch w3af I get an error (screenshot attached), the prompt
>>>>>>> only lasts a few seconds so could not copy/paste the full error
>>>>>>> output.
>>>>>>>
>>>>>>> When I remove the wpvchecker.py file out of the dir the error persists
>>>>>>> and I have to un/re install w3af to get it working again.
>>>>>>
>>>>>> Also delete the .pyc file, and no reinstall is needed.
>>>>>>
>>>>>>> Any ideas?
>>>>>>
>>>>>> Yes, many.
>>>>>> You are missing some required methods, like setOptions, getOptions,
>>>>>> getLongDescription, etc. Please see other plugins for a complete list,
>>>>>>
>>>>>>> Thanks again,
>>>>>>> Ryan
>>>>>>>
>>>>>>> 2009/6/6 Andres Riancho <andres.rian...@gmail.com>:
>>>>>>>> Ryan,
>>>>>>>>
>>>>>>>> On Sat, Jun 6, 2009 at 10:59 AM, Ryan Dewhurst
>>>>>>>> <ryandewhu...@gmail.com> wrote:
>>>>>>>>> Hello,
>>>>>>>>> Sorry its been so long with the wrodpress version checker plugin, had
>>>>>>>>> some life problems.
>>>>>>>>
>>>>>>>> No problem man, I hope things are going better now.
>>>>>>>>
>>>>>>>>> Anyway...
>>>>>>>>>
>>>>>>>>> I have come to a logic problem which I cannot seem to solve and was
>>>>>>>>> wondering if any one could give me some pointers...
>>>>>>>>>
>>>>>>>>> Versions '2.5', '2.3.1, 2.3.2 or 2.3.3' and '2.2' are detected by a
>>>>>>>>> file/image being present i.e status 200
>>>>>>>>>
>>>>>>>>> I cannot figure out how to check for this while using the
>>>>>>>>> self._wp_fingerprint array.
>>>>>>>>
>>>>>>>> The for loop that works with the array looks like this:
>>>>>>>>
>>>>>>>> for data in self._wp_fingerprint:
>>>>>>>>
>>>>>>>> # Complete URL to test, url+file
>>>>>>>> test_URL = urlParser.urlJoin( base_url,
>>>>>>>> self._wp_fingerprint[0] )
>>>>>>>>
>>>>>>>> if self._wp_fingerprint[1] in response:
>>>>>>>> version = self._wp_fingerprint[2]
>>>>>>>> break
>>>>>>>> else:
>>>>>>>> version = 'Version lower than 2.2'
>>>>>>>>
>>>>>>>> But there are some parts missing, like actually requesting to the
>>>>>>>> server the test_URL. On the other part, the "200" logic could be
>>>>>>>> easily done like this:
>>>>>>>>
>>>>>>>> if self._wp_fingerprint[1] == 200 and not
>>>>>>>> is_404(response):
>>>>>>>> # it was found!
>>>>>>>> elif self._wp_fingerprint[1] in response:
>>>>>>>> version = self._wp_fingerprint[2]
>>>>>>>> break
>>>>>>>> else:
>>>>>>>> version = 'Version lower than 2.2'
>>>>>>>>
>>>>>>>> To make this work, you should change the '' in the fingerprint array
>>>>>>>> by a 200, and it should all work.
>>>>>>>>
>>>>>>>>> Here is the code so far, I have not yet tested it out, but should give
>>>>>>>>> you a basic idea of how it will run.
>>>>>>>>
>>>>>>>> Yes, and it makes much more sense to me this way. The older version
>>>>>>>> was "ugly" :)
>>>>>>>>
>>>>>>>>> I was also thinking of
>>>>>>>>> implementing a plugin version checker as there are many plugins with
>>>>>>>>> vulns.
>>>>>>>>
>>>>>>>> Sure, but lets go step by step, lets finish this plugin, test it a
>>>>>>>> little bit, and then we can go for the next one.
>>>>>>>>
>>>>>>>>> Thank you,
>>>>>>>>> Ryan
>>>>>>>>>
>>>>>>>>> P.S. To test it through w3af, do I just pop the py file into the
>>>>>>>>> plugin folder or is there any other code to be changed?
>>>>>>>>
>>>>>>>> Yes, you have to move this file to the discovery directory and that's
>>>>>>>> it.
>>>>>>>>
>>>>>>>>> 2009/5/31 Ryan Dewhurst <ryandewhu...@gmail.com>:
>>>>>>>>>> Just to let everyone know where I am with the plugin.
>>>>>>>>>>
>>>>>>>>>> I'm a complete n00b at re and couldnt get backbone's code to work, so
>>>>>>>>>> I read a couple of manuals and finally got it working with:
>>>>>>>>>> <meta name="generator" content="[Ww]ord[Pp]ress (\d\.\d\.?\d?)" />
>>>>>>>>>>
>>>>>>>>>> An explanation of what the plugin will do:
>>>>>>>>>> -----------------------------------------------------------
>>>>>>>>>>
>>>>>>>>>> It will first check to see if the server has the following file
>>>>>>>>>> "/wp-admin/index.php".
>>>>>>>>>>
>>>>>>>>>> If it does
>>>>>>>>>>
>>>>>>>>>> It will check to see whether or not the version is in the index
>>>>>>>>>> header.
>>>>>>>>>>
>>>>>>>>>> If it finds the version it will store it in a variable.
>>>>>>>>>>
>>>>>>>>>> It will then run through the checks from my original code to try and
>>>>>>>>>> guess the version.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> The output will be as follows:
>>>>>>>>>> ------------------------------------------
>>>>>>>>>>
>>>>>>>>>> If the version is not in the index and not found with the data =
>>>>>>>>>> "version under 2.2"
>>>>>>>>>> If the version is in the index and in the data are the same =
>>>>>>>>>> "whatever version was found"
>>>>>>>>>> If the version is in the index and in the data are different =
>>>>>>>>>> ""Version shows as $version in index header however the data shows
>>>>>>>>>> $version"
>>>>>>>>>>
>>>>>>>>>> I still need to implement the data checks however my girlfriend has
>>>>>>>>>> fallen ill and has been admitted to hospital for an emergency
>>>>>>>>>> operation. I don't think I will be able to finish the plugin this
>>>>>>>>>> weekend as promised earlier however will still be working on it next
>>>>>>>>>> week.
>>>>>>>>>>
>>>>>>>>>> I was also thinking on listing the vulnerabilitys for each version
>>>>>>>>>> (if
>>>>>>>>>> any) on the output.
>>>>>>>>>>
>>>>>>>>>> Ryan
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> 2009/5/29 Andres Riancho <andres.rian...@gmail.com>:
>>>>>>>>>>> Ryan,
>>>>>>>>>>>
>>>>>>>>>>> On Thu, May 28, 2009 at 10:11 PM, Ryan Dewhurst
>>>>>>>>>>> <ryandewhu...@gmail.com> wrote:
>>>>>>>>>>>> Im loooking into searching the response html of the index page for
>>>>>>>>>>>> the
>>>>>>>>>>>> following string:
>>>>>>>>>>>> <meta name="generator" content="WordPress $version" />
>>>>>>>>>>>>
>>>>>>>>>>>> Ive tried with regular expressions and am unable to get it to work,
>>>>>>>>>>>
>>>>>>>>>>> backbone sent you a solution,
>>>>>>>>>>>
>>>>>>>>>>>> Ive read that re is bad for parsing HTML and that BeautifulSoup
>>>>>>>>>>>> should be used.
>>>>>>>>>>>>
>>>>>>>>>>>> Does w3af already have BeautifulSoup in its dependency list?
>>>>>>>>>>>
>>>>>>>>>>> Yes, it's in the dependency list, but we aren't using it "for that".
>>>>>>>>>>> Long story short, please use the re =)
>>>>>>>>>>>
>>>>>>>>>>>> Ryan
>>>>>>>>>>>>
>>>>>>>>>>>> P.S. Thanks for the advice backbone46, I'll have a look into that
>>>>>>>>>>>> once
>>>>>>>>>>>> Ive sorted this out.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> 2009/5/28 <backbon...@gmail.com>:
>>>>>>>>>>>>> Sorry to bump in just like that in the discussion, about the meta
>>>>>>>>>>>>> tag that
>>>>>>>>>>>>> displays
>>>>>>>>>>>>> the WordPress version.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Only since version 2.7 the generator function is in the core of
>>>>>>>>>>>>> WordPress,
>>>>>>>>>>>>> on
>>>>>>>>>>>>> earlier versions it was only in the theme.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Just wanted to mention that. :)
>>>>>>>>>>>>>
>>>>>>>>>>>>> ---
>>>>>>>>>>>>> http://insanesecurity.info
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Thu, May 28, 2009 at 10:53 PM, Ryan Dewhurst
>>>>>>>>>>>>> <ryandewhu...@gmail.com>
>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Yes, I dont see why not. Should be easy enough tro implement.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> You mentioned during our email conversation that wordpress echos
>>>>>>>>>>>>>> its
>>>>>>>>>>>>>> version number in the page head. I managed to find an example of
>>>>>>>>>>>>>> it.
>>>>>>>>>>>>>> Your right I do have a security plugin installed which must have
>>>>>>>>>>>>>> removed it from my blog.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Here is an example:
>>>>>>>>>>>>>> <meta name="generator" content="WordPress 2.7.1" />
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> 2009/5/28 Andres Riancho <andres.rian...@gmail.com>:
>>>>>>>>>>>>>> > Ryan,
>>>>>>>>>>>>>> >
>>>>>>>>>>>>>> > On Wed, May 27, 2009 at 10:18 PM, Andres Riancho
>>>>>>>>>>>>>> > <andres.rian...@gmail.com> wrote:
>>>>>>>>>>>>>> >> Ryan,
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >> On Wed, May 27, 2009 at 9:58 PM, Ryan Dewhurst
>>>>>>>>>>>>>> >> <ryandewhu...@gmail.com>
>>>>>>>>>>>>>> >> wrote:
>>>>>>>>>>>>>> >>> Hello,
>>>>>>>>>>>>>> >>> Im new to mailing lists so im not sure if this will be sent
>>>>>>>>>>>>>> >>> there.
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >> It depends on the mailing list. This one is configured to
>>>>>>>>>>>>>> >> accept
>>>>>>>>>>>>>> >> attachments,
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >>> I'll have a look into intergrating the script into w3af over
>>>>>>>>>>>>>> >>> the next
>>>>>>>>>>>>>> >>> couple of days and hopefully have a working version by the
>>>>>>>>>>>>>> >>> weekend.
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >> Excellent, if you need ANY help, just let us know.
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >>> The script is quite simple once you have the gathered the
>>>>>>>>>>>>>> >>> nesesary
>>>>>>>>>>>>>> >>> data. I went through versions 2.2 to 2.7.1 and manually
>>>>>>>>>>>>>> >>> found client
>>>>>>>>>>>>>> >>> side differences in most of them, I also used the official
>>>>>>>>>>>>>> >>> changelogs
>>>>>>>>>>>>>> >>> to help identify them.
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >> Ohhh, you are the guy that wrote that blog post with the
>>>>>>>>>>>>>> >> "diffs" of
>>>>>>>>>>>>>> >> different wordpress release packages?
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >>> The client side differences are in files such as CSS,
>>>>>>>>>>>>>> >>> javascript and
>>>>>>>>>>>>>> >>> HTML. Some versions did not have any differences apart from
>>>>>>>>>>>>>> >>> having
>>>>>>>>>>>>>> >>> extra files, which can easliy be identified with HTTP
>>>>>>>>>>>>>> >>> response codes.
>>>>>>>>>>>>>> >>>
>>>>>>>>>>>>>> >>> It works as such...
>>>>>>>>>>>>>> >>>
>>>>>>>>>>>>>> >>> Starting from version 2.7.1 (latest), the script tries to
>>>>>>>>>>>>>> >>> find
>>>>>>>>>>>>>> >>> something that 2.7 doesnt have, if it finds that something
>>>>>>>>>>>>>> >>> then the
>>>>>>>>>>>>>> >>> script stops and echos the version number.
>>>>>>>>>>>>>> >>>
>>>>>>>>>>>>>> >>> If the script doesnt find the difference it moves onto
>>>>>>>>>>>>>> >>> identifying the
>>>>>>>>>>>>>> >>> next version, i.e. does 2.7 have something the earlier
>>>>>>>>>>>>>> >>> version doesnt
>>>>>>>>>>>>>> >>> have. and so on and so forth.
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >> Ok, makes sense.
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >> Some comments regarding your code:
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >> - w3af uses PEP-8, with among other things says 4-spaces for
>>>>>>>>>>>>>> >> indentations. Your code has 1-space (?) indentations. Please
>>>>>>>>>>>>>> >> correct
>>>>>>>>>>>>>> >> that.
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >> - The code is pretty simple, but i think it could be done in
>>>>>>>>>>>>>> >> a better
>>>>>>>>>>>>>> >> way. Having that many functions (wp22 to wp271) doesn't seem
>>>>>>>>>>>>>> >> to be a
>>>>>>>>>>>>>> >> good option. Do you think that the code could be changed a
>>>>>>>>>>>>>> >> little bit,
>>>>>>>>>>>>>> >> and create a database (which can be easily updated) and then
>>>>>>>>>>>>>> >> use that
>>>>>>>>>>>>>> >> database to store the information? Example of the databse
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >> self._wp_fingerprint =
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >> [('/wp-includes/js/thickbox/thickbox.css','-ms-filter:'),('/wp-admin/css/farbtastic.css',
>>>>>>>>>>>>>> >> 'farbtastic')]
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >> - Also, by default wordpress publishes the version number in
>>>>>>>>>>>>>> >> every
>>>>>>>>>>>>>> >> page head. Maybe it would be a good idea to parse that, and
>>>>>>>>>>>>>> >> compare it
>>>>>>>>>>>>>> >> with the result of the fingerprinting. What do you think?
>>>>>>>>>>>>>> >
>>>>>>>>>>>>>> > A good idea would be to have a first step, before all the
>>>>>>>>>>>>>> > version
>>>>>>>>>>>>>> > specific checks, that verifies something that's true for all
>>>>>>>>>>>>>> > wordpress
>>>>>>>>>>>>>> > installations (some X file has to be present) before even
>>>>>>>>>>>>>> > starting the
>>>>>>>>>>>>>> > fingerprinting. Could this be done?
>>>>>>>>>>>>>> >
>>>>>>>>>>>>>> >> Cheers,
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >>> Ryan
>>>>>>>>>>>>>> >>>
>>>>>>>>>>>>>> >>>
>>>>>>>>>>>>>> >>> 2009/5/28 Andres Riancho <andres.rian...@gmail.com>:
>>>>>>>>>>>>>> >>>> Ryan,
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>> On Wed, May 27, 2009 at 5:07 PM, Ryan Dewhurst
>>>>>>>>>>>>>> >>>> <ryandewhu...@gmail.com> wrote:
>>>>>>>>>>>>>> >>>>> Hello,
>>>>>>>>>>>>>> >>>>> I have developed a python script that can detect the
>>>>>>>>>>>>>> >>>>> version of a
>>>>>>>>>>>>>> >>>>> wordpress installation. I think it would fit well within
>>>>>>>>>>>>>> >>>>> w3af,
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>> Yes, it seems that it's something good to have in the
>>>>>>>>>>>>>> >>>> framework.
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>> I have like a ton of questions about how it works, could
>>>>>>>>>>>>>> >>>> you please
>>>>>>>>>>>>>> >>>> send the script (as it is) to this mailing list for us to
>>>>>>>>>>>>>> >>>> read it?
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>>> the
>>>>>>>>>>>>>> >>>>> only problem being is that I have been unable to find a
>>>>>>>>>>>>>> >>>>> plugin
>>>>>>>>>>>>>> >>>>> development manual to be able to implement my script.
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>> There is no development manual :(
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>> For the type of feature that you want to add, the correct
>>>>>>>>>>>>>> >>>> thing is to
>>>>>>>>>>>>>> >>>> use a discovery plugin. discovery plugins are simple, they
>>>>>>>>>>>>>> >>>> follow
>>>>>>>>>>>>>> >>>> these rules:
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>> - the entry point is the discover method
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>> - the discover method takes a fuzzable request object as a
>>>>>>>>>>>>>> >>>> parameter,
>>>>>>>>>>>>>> >>>> and returns a list of fuzzable requests
>>>>>>>>>>>>>> >>>> (fuzzable requests are representations of GET/POST
>>>>>>>>>>>>>> >>>> requests, which
>>>>>>>>>>>>>> >>>> represent links, and forms)
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>> - the discover method is called several times in the same
>>>>>>>>>>>>>> >>>> scan, with
>>>>>>>>>>>>>> >>>> the different links that (for example) the webSpider finds.
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>> I think that the best thing you can do is to read one or two
>>>>>>>>>>>>>> >>>> discovery
>>>>>>>>>>>>>> >>>> plugins (my recommendations are discovery.crossDomain and
>>>>>>>>>>>>>> >>>> discovery.userDir), and start building your own plugin
>>>>>>>>>>>>>> >>>> based on one
>>>>>>>>>>>>>> >>>> of
>>>>>>>>>>>>>> >>>> those.
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>>> Is there a dev manual out there?
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>> No
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>>> Does any one have some tips/advice on writting a plugin?
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>> Yes, see above,
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>>> Does any one want me to send them the script for them to
>>>>>>>>>>>>>> >>>>> develop the
>>>>>>>>>>>>>> >>>>> plugin?
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>> You should develop the plugin yourself, is fun and good for
>>>>>>>>>>>>>> >>>> the
>>>>>>>>>>>>>> >>>> project =)
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>> Cheers,
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>>> Thank you,
>>>>>>>>>>>>>> >>>>> Ryan
>>>>>>>>>>>>>> >>>>>
>>>>>>>>>>>>>> >>>>>
>>>>>>>>>>>>>> >>>>> ------------------------------------------------------------------------------
>>>>>>>>>>>>>> >>>>> Register Now for Creativity and Technology (CaT), June
>>>>>>>>>>>>>> >>>>> 3rd, NYC. CaT
>>>>>>>>>>>>>> >>>>> is a gathering of tech-side developers & brand creativity
>>>>>>>>>>>>>> >>>>> professionals. Meet
>>>>>>>>>>>>>> >>>>> the minds behind Google Creative Lab, Visual Complexity,
>>>>>>>>>>>>>> >>>>> Processing,
>>>>>>>>>>>>>> >>>>> &
>>>>>>>>>>>>>> >>>>> iPhoneDevCamp as they present alongside digital
>>>>>>>>>>>>>> >>>>> heavyweights like
>>>>>>>>>>>>>> >>>>> Barbarian
>>>>>>>>>>>>>> >>>>> Group, R/GA, & Big Spaceship.
>>>>>>>>>>>>>> >>>>> http://p.sf.net/sfu/creativitycat-com
>>>>>>>>>>>>>> >>>>> _______________________________________________
>>>>>>>>>>>>>> >>>>> W3af-develop mailing list
>>>>>>>>>>>>>> >>>>> W3af-develop@lists.sourceforge.net
>>>>>>>>>>>>>> >>>>> https://lists.sourceforge.net/lists/listinfo/w3af-develop
>>>>>>>>>>>>>> >>>>>
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>> --
>>>>>>>>>>>>>> >>>> Andrés Riancho
>>>>>>>>>>>>>> >>>> Founder, Bonsai - Information Security
>>>>>>>>>>>>>> >>>> http://www.bonsai-sec.com/
>>>>>>>>>>>>>> >>>> http://w3af.sf.net/
>>>>>>>>>>>>>> >>>>
>>>>>>>>>>>>>> >>>
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >> --
>>>>>>>>>>>>>> >> Andrés Riancho
>>>>>>>>>>>>>> >> Founder, Bonsai - Information Security
>>>>>>>>>>>>>> >> http://www.bonsai-sec.com/
>>>>>>>>>>>>>> >> http://w3af.sf.net/
>>>>>>>>>>>>>> >>
>>>>>>>>>>>>>> >
>>>>>>>>>>>>>> >
>>>>>>>>>>>>>> >
>>>>>>>>>>>>>> > --
>>>>>>>>>>>>>> > Andrés Riancho
>>>>>>>>>>>>>> > Founder, Bonsai - Information Security
>>>>>>>>>>>>>> > http://www.bonsai-sec.com/
>>>>>>>>>>>>>> > http://w3af.sf.net/
>>>>>>>>>>>>>> >
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> ------------------------------------------------------------------------------
>>>>>>>>>>>>>> Register Now for Creativity and Technology (CaT), June 3rd, NYC.
>>>>>>>>>>>>>> CaT
>>>>>>>>>>>>>> is a gathering of tech-side developers & brand creativity
>>>>>>>>>>>>>> professionals.
>>>>>>>>>>>>>> Meet
>>>>>>>>>>>>>> the minds behind Google Creative Lab, Visual Complexity,
>>>>>>>>>>>>>> Processing, &
>>>>>>>>>>>>>> iPhoneDevCamp as they present alongside digital heavyweights like
>>>>>>>>>>>>>> Barbarian
>>>>>>>>>>>>>> Group, R/GA, & Big Spaceship.
>>>>>>>>>>>>>> http://p.sf.net/sfu/creativitycat-com
>>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>>> W3af-develop mailing list
>>>>>>>>>>>>>> W3af-develop@lists.sourceforge.net
>>>>>>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/w3af-develop
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> Andrés Riancho
>>>>>>>>>>> Founder, Bonsai - Information Security
>>>>>>>>>>> http://www.bonsai-sec.com/
>>>>>>>>>>> http://w3af.sf.net/
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Andrés Riancho
>>>>>>>> Founder, Bonsai - Information Security
>>>>>>>> http://www.bonsai-sec.com/
>>>>>>>> http://w3af.sf.net/
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Andrés Riancho
>>>>>> Founder, Bonsai - Information Security
>>>>>> http://www.bonsai-sec.com/
>>>>>> http://w3af.sf.net/
>>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Andrés Riancho
>>>> Founder, Bonsai - Information Security
>>>> http://www.bonsai-sec.com/
>>>> http://w3af.sf.net/
>>>>
>>>
>>
>>
>>
>> --
>> Andrés Riancho
>> Founder, Bonsai - Information Security
>> http://www.bonsai-sec.com/
>> http://w3af.sf.net/
>>
>
------------------------------------------------------------------------------
OpenSolaris 2009.06 is a cutting edge operating system for enterprises
looking to deploy the next generation of Solaris that includes the latest
innovations from Sun and the OpenSource community. Download a copy and
enjoy capabilities such as Networking, Storage and Virtualization.
Go to: http://p.sf.net/sfu/opensolaris-get
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
