I'll have to take a look at this later when i have some time, but I
previously wrote a proxy log parser that would work on any logs, not
just burp. We should merge these together and make sure its generic
enough to handle the common proxy logs. Also, when I took a quick
look at the sqlmap parsing code I didn't see anything for handling
multipart post, does it handle this?
- Jon
On Jul 27, 2009, at 4:36 PM, Patrick Hof wrote:
> Hi list,
>
> as promised, I've implement an import for WebScarab conversations. I
> was able to
> pilfer large amounts of code from sqlmap's[0] WebScarab import, so
> most of the
> credit belongs to them. Open Source FTW :). I modified the code for
> w3af and
> also changed the coding style so it fits better with w3af. I've
> added the
> support in almost the same way Jon did for Burp (see his email from
> before
> yesterday).
>
> While implementing this I also found an interesting bug in w3af.
> This took me a
> while to figure out. At first, my import didn't seem to work,
> although the
> result from my import, the list containing fuzzableRequests, seemed
> to be
> perfectly fine. See my pdb session for the solution:
>
> ---------------------------8<-----------------------------------------
>> /home/patrick/w3af/core/controllers/w3afCore.py(724)_discoverWorker()
> -> if iFr not in self._alreadyWalked and
> urlParser.baseUrl( iFr.getURL() ) in cf.cf.getData('baseURLs'):
> (Pdb) urlParser.baseUrl( iFr.getURL() ) in cf.cf.getData('baseURLs')
> False
> (Pdb) iFr
> <QS fuzzable request | GET | http://192.168.56.101:80/ >
> (Pdb) cf.cf.getData('baseURLs')
> ['http://192.168.56.101/']
>
> --------------------------->8-----------------------------------------
>
> The problem is that RFC2616 deems the URLs above equivalent (3.2.2:
> "If the port
> is empty or not given, port 80 is assumed"), but w3af does not. I
> guess the same
> holds true for https and port 443. WebScarab always seems to add the
> port, which
> is where the problem arose from. When I added ":80" to my target
> URL, w3af
> happily imported my WebScarab conversations. This is a rather subtle
> bug people
> might trip over easily without ever realizing what's wrong.
>
> Have fun with the code and I hope it's usable. If there are still
> bugs, they
> must be from the sqlmap guys ;).
>
>
> Patrick
>
>
> [0] http://sqlmap.sourceforge.net
>
> --
> The Plague: You wanted to know who I am, Zero Cool? Well, let me
> explain
> the New World Order. Governments and corporations need
> people
> like you and me. We are Samurai... the Keyboard
> Cowboys... and
> all those other people who have no idea what's going on are
> the cattle... Moooo.
> (Hackers)
> <
> importResults
> .py
> >
> ------------------------------------------------------------------------------
> _______________________________________________
> W3af-develop mailing list
> W3af-develop@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/w3af-develop
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
