Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Auto-Generated] Bug Report - byteCls = self._mModel['classTable'][ord(c)] #12310

Closed
1d3df9903ad opened this issue Aug 18, 2015 · 0 comments
Closed

[Auto-Generated] Bug Report - byteCls = self._mModel['classTable'][ord(c)] #12310

1d3df9903ad opened this issue Aug 18, 2015 · 0 comments

Comments

@1d3df9903ad
Copy link

No user description was provided for this bug report given that it was related to handled exceptions in scan with id 888774116a

Version Information

  Python version: 2.7.9 (default, Mar  1 2015, 12:57:24) [GCC 4.9.2]
  Platform: Kali 2.0 sana
  GTK version: 2.24.25
  PyGTK version: 2.24.0
  w3af version:
    w3af - Web Application Attack and Audit Framework
    Version: 1.7.6
    Revision: 011a74f2c8 - 17 Aug 2015 14:26
    Branch: develop
    Local changes: No
    Author: Andres Riancho and the w3af team.

Traceback

A "TypeError" exception was found while running audit.eval on "Method: GET | http://domain/pages/mailbox/compose.html | Multipart/post: (q, compose-textarea, attachment)". The exception was: "ord() expected a character, but string of length 278 found" at codingstatemachine.py:next_state():44.The full traceback is:
  File "/root/w3af/w3af/core/controllers/core_helpers/consumers/audit.py", line 126, in _audit
    plugin.audit_with_copy(fuzzable_request, orig_resp)
  File "/root/w3af/w3af/core/controllers/plugins/audit_plugin.py", line 138, in audit_with_copy
    return self.audit(fuzzable_request, orig_resp)
  File "/root/w3af/w3af/plugins/audit/eval.py", line 95, in audit
    self._fuzz_with_echo(freq, orig_response)
  File "/root/w3af/w3af/plugins/audit/eval.py", line 111, in _fuzz_with_echo
    self._analyze_echo)
  File "/root/w3af/w3af/core/controllers/plugins/plugin.py", line 210, in _send_mutants_in_threads
    result.reraise()
  File "/usr/lib/python2.7/dist-packages/tblib/decorators.py", line 19, in reraise
    reraise(self.exc_type, self.exc_value, self.traceback)
  File "/usr/lib/python2.7/dist-packages/tblib/decorators.py", line 25, in return_exceptions_wrapper
    return func(*args, **kwargs)
  File "/root/w3af/w3af/core/controllers/threads/decorators.py", line 9, in apply_with_return_error
    return args[0](*args[1:])
  File "/root/w3af/w3af/core/controllers/threads/threadpool.py", line 62, in __call__
    return args, self.func(*args, **kwds)
  File "/root/w3af/w3af/core/controllers/plugins/plugin.py", line 278, in url_opener_proxy
    return attr(*args, **kwargs)
  File "/root/w3af/w3af/core/data/url/extended_urllib.py", line 576, in send_mutant
    res = functor(*args, **kwargs)
  File "/root/w3af/w3af/core/data/url/extended_urllib.py", line 630, in GET
    use_basic_auth=use_basic_auth, use_proxy=use_proxy)
  File "/root/w3af/w3af/core/data/url/HTTPRequest.py", line 73, in __init__
    urllib2.Request.__init__(self, url.url_encode(), data,
  File "/root/w3af/w3af/core/data/parsers/doc/url.py", line 720, in url_encode
    self_str = str(self)
  File "/root/w3af/w3af/core/data/parsers/doc/url.py", line 67, in cache_wrapper
    value = meth(self, *args, **kwargs)
  File "/root/w3af/w3af/core/data/parsers/doc/url.py", line 827, in __str__
    self.url_string,
  File "/root/w3af/w3af/core/data/parsers/doc/url.py", line 67, in cache_wrapper
    value = meth(self, *args, **kwargs)
  File "/root/w3af/w3af/core/data/parsers/doc/url.py", line 289, in url_string
    self.params, unicode(self.querystring),
  File "/root/w3af/w3af/core/data/dc/generic/kv_container.py", line 101, in __unicode__
    return self._to_str_with_separators(u'=', u'&', errors='percent_encode')
  File "/root/w3af/w3af/core/data/dc/generic/kv_container.py", line 128, in _to_str_with_separators
    value = smart_unicode(value, encoding=UTF8, errors=errors)
  File "/root/w3af/w3af/core/data/misc/encoding.py", line 89, in smart_unicode
    guessed_encoding = chardet.detect(s)['encoding']
  File "/usr/local/lib/python2.7/dist-packages/chardet/__init__.py", line 24, in detect
    u.feed(aBuf)
  File "/usr/local/lib/python2.7/dist-packages/chardet/universaldetector.py", line 119, in feed
    if prober.feed(aBuf) == constants.eFoundIt:
  File "/usr/local/lib/python2.7/dist-packages/chardet/charsetgroupprober.py", line 59, in feed
    st = prober.feed(aBuf)
  File "/usr/local/lib/python2.7/dist-packages/chardet/utf8prober.py", line 52, in feed
    codingState = self._mCodingSM.next_state(c)
  File "/usr/local/lib/python2.7/dist-packages/chardet/codingstatemachine.py", line 44, in next_state
    byteCls = self._mModel['classTable'][ord(c)]

Enabled Plugins

{'attack': {},
 'audit': {u'blind_sqli': <OptionList: eq_limit>,
           u'buffer_overflow': <OptionList: >,
           u'cors_origin': <OptionList: origin_header_value>,
           u'csrf': <OptionList: >,
           u'dav': <OptionList: >,
           u'eval': <OptionList: use_time_delay|use_echo>,
           u'file_upload': <OptionList: extensions>,
           u'format_string': <OptionList: >,
           u'frontpage': <OptionList: >,
           u'generic': <OptionList: diff_ratio|extensive>,
           u'global_redirect': <OptionList: >,
           u'htaccess_methods': <OptionList: >,
           u'ldapi': <OptionList: >,
           u'lfi': <OptionList: >,
           u'mx_injection': <OptionList: >,
           u'os_commanding': <OptionList: >,
           u'phishing_vector': <OptionList: >,
           u'preg_replace': <OptionList: >,
           u'redos': <OptionList: >,
           u'response_splitting': <OptionList: >,
           u'rfi': <OptionList: listen_address|listen_port|use_w3af_site>,
           u'sqli': <OptionList: >,
           u'ssi': <OptionList: >,
           u'ssl_certificate': <OptionList: minExpireDays|caFileName>,
           u'un_ssl': <OptionList: >,
           u'xpath': <OptionList: >,
           u'xss': <OptionList: persistent_xss>,
           u'xst': <OptionList: >},
 'auth': {},
 'bruteforce': {u'basic_auth': <OptionList: usersFile|passwdFile|useSvnUsers|stopOnFirst|passEqUser|useLeetPasswd|useEmails|useProfiling|profilingNumber|comboFile|comboSeparator>,
                u'form_auth': <OptionList: usersFile|passwdFile|useSvnUsers|stopOnFirst|passEqUser|useLeetPasswd|useEmails|useProfiling|profilingNumber|comboFile|comboSeparator>},
 'crawl': {u'web_spider': <OptionList: only_forward|follow_regex|ignore_regex>},
 'evasion': {},
 'grep': {u'analyze_cookies': <OptionList: >,
          u'blank_body': <OptionList: >,
          u'cache_control': <OptionList: >,
          u'click_jacking': <OptionList: >,
          u'code_disclosure': <OptionList: >,
          u'credit_cards': <OptionList: >,
          u'cross_domain_js': <OptionList: secure_js_file>,
          u'directory_indexing': <OptionList: >,
          u'dom_xss': <OptionList: >,
          u'dot_net_event_validation': <OptionList: >,
          u'error_500': <OptionList: >,
          u'error_pages': <OptionList: >,
          u'feeds': <OptionList: >,
          u'file_upload': <OptionList: >,
          u'form_autocomplete': <OptionList: >,
          u'get_emails': <OptionList: only_target_domain>,
          u'hash_analysis': <OptionList: >,
          u'html_comments': <OptionList: >,
          u'http_auth_detect': <OptionList: >,
          u'http_in_body': <OptionList: >,
          u'lang': <OptionList: >,
          u'meta_tags': <OptionList: >,
          u'motw': <OptionList: >,
          u'objects': <OptionList: >,
          u'oracle': <OptionList: >,
          u'password_profiling': <OptionList: >,
          u'path_disclosure': <OptionList: >,
          u'private_ip': <OptionList: >,
          u'ssn': <OptionList: >,
          u'strange_headers': <OptionList: >,
          u'strange_http_codes': <OptionList: >,
          u'strange_parameters': <OptionList: >,
          u'strange_reason': <OptionList: >,
          u'svn_users': <OptionList: >,
          u'symfony': <OptionList: override>,
          u'url_session': <OptionList: >,
          u'user_defined_regex': <OptionList: single_regex|regex_file_path>,
          u'wsdl_greper': <OptionList: >,
          u'xss_protection_header': <OptionList: >},
 'infrastructure': {u'afd': <OptionList: >,
                    u'allowed_methods': <OptionList: execOneTime|reportDavOnly>,
                    u'detect_reverse_proxy': <OptionList: >,
                    u'detect_transparent_proxy': <OptionList: >,
                    u'dns_wildcard': <OptionList: >,
                    u'domain_dot': <OptionList: >,
                    u'favicon_identification': <OptionList: >,
                    u'find_jboss': <OptionList: >,
                    u'find_vhosts': <OptionList: >,
                    u'fingerprint_WAF': <OptionList: >,
                    u'fingerprint_os': <OptionList: >,
                    u'frontpage_version': <OptionList: >,
                    u'halberd': <OptionList: >,
                    u'hmap': <OptionList: gen_fingerprint>,
                    u'http_vs_https_dist': <OptionList: httpPort|httpsPort>,
                    u'php_eggs': <OptionList: >,
                    u'server_header': <OptionList: >,
                    u'server_status': <OptionList: >},
 'mangle': {},
 'output': {u'console': <OptionList: verbose|use_colors>,
            u'text_file': <OptionList: verbose|output_file|http_output_file>}}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@andresriancho @1d3df9903ad