2009/10/22 Andres Riancho <andres.rian...@gmail.com>: > Sébastien, > > 2009/10/22 Sébastien Duquette <ekse...@gmail.com>: >> I have an improvement suggestion for this check. It is possible to >> define a custom icon name in the html with the <link rel="shortcut >> icon"> tag. It would be useful to catch those icons also. Maybe this >> should be implemented as a grep plugin ? > > This improvement needs to be added to the current plugin, I agree. The > only detail is that the whole plugin must be of the discovery type. > The thing with grep plugins is that they DO NOT perform any requests > to the remote web server. Basically, what we need is to add the > following steps to the current plugin: > > - On the first time it is called, request the "/" resource. > - Parse the possible location of the shortcut icon > - Request the customized shortcut icon instead of the default one.
Yeah, I should have specified that I meant a separate plugin from this one. The reason why I suggested to implement this feature as a grep plugin is because a lot of applications are redirecting the index to another page with javascript, so I think w3af would miss the tag in this case. Also, you can have multiple applications on the same web server. >> I have added some md5sums to the database and sorted the file by the >> names of applications so it's easier to see if it's already in there. >> >> e4888ee8491b4eb75501996e41af6460:Openfire >> 082559a7867cf27acab7e9867a8b320f:pfSense 1.2 >> ba84999dfc070065f37a082ab0e36017:Prelude Prewikka > > Great! I just commited this to the trunk =) > This is extreme programming ;) > >> Have a nice day, > > You too, > >> Sébastien >> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry(R) Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9 - 12, 2009. Register now! >> http://p.sf.net/sfu/devconference >> _______________________________________________ >> W3af-develop mailing list >> W3af-develop@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/w3af-develop >> >> > > > > -- > Andrés Riancho > Founder, Bonsai - Information Security > http://www.bonsai-sec.com/ > http://w3af.sf.net/ > ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
