2008
01.24
Found some vulnerable software today. I sometimes wonder what qualifies as stable these days.
Perhaps someone should consider updating the definition to include security as well.
http://packetstormsecurity.org/filedesc/seagull-063-xss.txt.html
http://packetstormsecurity.org/filedesc/efront-312-xss.txt.html
This was rather old, but I forgot to post it when I found it:
http://packetstormsecurity.org/0801-exploits/pMachinePro-241-xss.txt
I almost feel bad for posting XSS, but these guys need to fix their software, and sometimes the only way to get that done is to have their users bitch about it on their forums, etc.
2008
01.17
Requirements:
Python 2.5.1 (install first):
http://www.python.org/download/
A windows Subversion client like TortoiseSVN:
http://tortoisesvn.net/downloads/
uTidylib:
http://developer.berlios.de/project/showfiles.php?group_id=1810
pyOpenSSL:
http://webcleaner.sourceforge.net/pyOpenSSL-0.6.win32-py2.5.exe
Win32 OpenSSL:
http://www.shininglightpro.com/products/Win32OpenSSL.html
Create a folder somewhere named w3af
Right click on it and hit SVN Checkout…
URL:
https://w3af.svn.sourceforge.net/svnroot/w3af/
Leave other options at defaults
Hit Ok to checkout
It is currently just under 25MB so be patient.
Ensure that the Python install folder is in your path
Open a command prompt (WinKey-R, cmd, ok)
cd to you w3af folder ie: cd Desktop\w3af if you created the folder on your desktop
cd extlib
cd fpconst-0.7.2
python setup.py install
cd ..
cd pygoogle
python setup.py install
cd ..
cd pywordnet
python setup.py install
cd ..
cd SOAPpy
python setup.py install
cd ..
cd pyPdf
python setup.py install
cd ..
cd ..
python w3af
All done!
