c08c98415395b76371581432be55381f0f6e2b40,w3af/plugins/audit/format_string.py,format_string,_analyze_result,#format_string#Any#Any#,58
Before Change
if self._has_no_bug(mutant):
for error in self.ERROR_STRINGS:
if error in response.body and \
error not in mutant.get_original_response_body():
desc = "A possible (detection is really hard...) format" \
" string vulnerability was found at: %s"
desc = desc % mutant.found_at()
v = Vuln.from_mutant("Format string vulnerability" , desc,
severity.MEDIUM, response.id,
self.get_name(), mutant)
v.add_to_highlight(error)
self.kb_append_uniq(self, "format_string" , v)
break
def _get_string_list (self) :
:return: This method returns a list of format strings.
After Change
if self._has_bug(mutant):
return
for error in self.ERROR_STRINGS:
if error not in response.body:
continue
if error in mutant.get_original_response_body():
continue
desc = ("A possible (detection is really hard...) format"
" string vulnerability was found at: %s" )
desc %= mutant.found_at()
In pattern: SUPERPATTERN
Frequency: 3
Non-data size: 13
Instances Project Name: andresriancho/w3af
Commit Name: c08c98415395b76371581432be55381f0f6e2b40
Time: 2018-01-09
Author: andres.riancho@gmail.com
File Name: w3af/plugins/audit/format_string.py
Class Name: format_string
Method Name: _analyze_result
Project Name: andresriancho/w3af
Commit Name: 2add7b48cc1d9172133f26f801f3d65ff84b8345
Time: 2017-11-28
Author: andres.riancho@gmail.com
File Name: w3af/plugins/audit/mx_injection.py
Class Name: mx_injection
Method Name: _analyze_result
Project Name: andresriancho/w3af
Commit Name: 67f0fec6d97c83b8e26957281b976c2c54e43374
Time: 2017-11-29
Author: andres.riancho@gmail.com
File Name: w3af/plugins/audit/preg_replace.py
Class Name: preg_replace
Method Name: _analyze_result