issues with DVWA
ismaelgo97 opened this issue · 2 comments
ismaelgo97 commented
Trying to use wapiti with DVWA, executing wapiti -u http://localhost/DVWA/ -s http://localhost/DVWA/vulnerabilities/xss_r/ -x http://localhost/DVWA/logout.php -c cookies.json -m xss -v2 --color --flush-session -x "http://localhost/DVWA/security.php*" causes the following error:
Traceback (most recent call last):
File "/usr/bin/wapiti", line 33, in <module>
sys.exit(load_entry_point('wapiti3==3.0.4', 'console_scripts', 'wapiti')())
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/wapitiCore/main/wapiti.py", line 1206, in wapiti_main
wap.browse()
File "/usr/lib/python3/dist-packages/wapitiCore/main/wapiti.py", line 328, in browse
for resource in explorer.explore(self._start_urls, self._excluded_urls):
File "/usr/lib/python3/dist-packages/wapitiCore/net/crawler.py", line 659, in explore
regexes.append(wildcard_translate(excluded_url))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/wapitiCore/net/crawler.py", line 95, in wildcard_translate
return re.compile(res + r'\Z(?ms)')
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/re/__init__.py", line 227, in compile
return _compile(pattern, flags)
^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/re/__init__.py", line 294, in _compile
p = _compiler.compile(pattern, flags)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/re/_compiler.py", line 743, in compile
p = _parser.parse(p, flags)
^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/re/_parser.py", line 982, in parse
p = _parse_sub(source, state, flags & SRE_FLAG_VERBOSE, 0)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/re/_parser.py", line 457, in _parse_sub
itemsappend(_parse(source, state, verbose, nested + 1,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/re/_parser.py", line 843, in _parse
raise source.error('global flags not at the start '
re.error: global flags not at the start of the expression at position 39```bretfourbe commented
Hi @ismaelgo97, you are using an old version (3.0.4) of wapiti. Can you try using the version from the repo ? https://github.com/wapiti-scanner/wapiti/blob/master/INSTALL.md#installing-wapiti-from-the-git-repository
ismaelgo97 commented
Thanks for the answer @bretfourbe, it was the issue for this one. I thought I had the latest version but it seems like I didn't.