Authentication plugin: username_field contains [] - No credentials sent

[Reality-Labs]

When using the detailed auth plugin I get this error:
Can't login into web application as uername/password

although I am 100% sure that it is right because I logged in using a browser and it logged in

and I think it is because of the "username_field" and "password_field" because mine is set to "data[User][username]" and "data[User][password]" and I think that those brackets are the problem

System Info.:
Python version: 2.7.3 (default, Mar 13 2014, 11:03:55) [GCC 4.7.2]
GTK version: 2.24.10
PyGTK version: 2.24.0
w3af version:
w3af - Web Application Attack and Audit Framework
Version: 1.6.0.5

[andresriancho]

TODO

• Create a test script for authentication plugins in django-moth that has a form with user parameter named foo[user]
• Analyze traffic with wireshark while submitting the form with Chrome and Firefox
• Add a unittest for the auth.detailed plugin to make sure it works against the test script coded in the first step
• Analyze traffic with wireshark while submitting the form with w3af
• Make w3af behave like Chrome/Firefox
• How does the previous step affect other parts of the framework?

[andresriancho]

Chrome:

Firefox:

Both agree in sending the square brackets URL encoded

[andresriancho]

w3af isn't encoding the first POST request, but it is doing it for the following:

[Reality-Labs]

Wow it took you 6 months……………sorry but that's awful (shit) support
On Apr 23, 2015 12:18 AM, "Andres Riancho" notifications@github.com wrote:

Closed #5593 #5593.

—
Reply to this email directly or view it on GitHub
#5593 (comment).

[andresriancho]

hahaha, you think this is microsoft or apple? "awful support" ? You get to complain when:

• You pay for something
• You contribute to a project and the project lead doesn't merge your changes

In any other case, you need to be thankful that a software is open source / free.

Welcome to the real world.