Re: [W3af-users] spiderman proxy seesm to be storing blank cookies too

Tue, 24 Jul 2012 06:28:21 -0700 

Ketan,

    Thank you so much for the bug report could you record the HTTP
traffic using wireshark and/or a local proxy like burpsuite and send
it to us in a zip file? If you're worried about private information
being disclosed, just send the capture to me. I'll fix the bug when I
come back to w3af by the end of this week.

Regards,

On Fri, Jul 20, 2012 at 3:12 PM, Ketan <ketanka...@gmail.com> wrote:
> I have run w3af with Spiderman proxy to audit
> my internal website. When I log into
>  the website- a proper cookie is
> created but
> when I click on any other link , the
> first thing that happens is that a blank
> cookie with this signature
> "Login=;Expires=(date is 1 year before today date)" is
> recorded. After that the user is asked to relogin.
> Is this a bug as no such cookie comes back.
>
> Thanks,
> Ketan
>
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> W3af-users mailing list
> W3af-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/w3af-users



-- 
Andrés Riancho
Project Leader at w3af - http://w3af.org/
Web Application Attack and Audit Framework
Twitter: @w3af
GPG: 0x93C344F3

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
W3af-users mailing list
W3af-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-users

Reply via email to