Hi there,
The "string1"."string2" --> .match("string1string2") strategy of eval.py turned
out to produce false-positives when the webapp strips out everything but
[a-zA-Z0-9_-].
Instead of "Error 404 "string1"."string2", string1string2 will be returned.
Why not implementing it like this:
Case 1) ."random_string"*5
Case 2) ."random_string"x5
If the response content contains
"random_stringrandom_stringrandom_stringrandom_stringrandom_string" we can be
sure that it is not a false-positive.
What do you think?
Best,
Dan
------------------------------------------------------------------------------
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here
http://p.sf.net/sfu/sfd2d-msazure
_______________________________________________
W3af-develop mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-develop
