From jadawin@huppa.tuxaco.net  Wed Oct  3 15:08:37 2007
Return-Path: <jadawin@huppa.tuxaco.net>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id BF28A16A419
	for <FreeBSD-gnats-submit@freebsd.org>; Wed,  3 Oct 2007 15:08:37 +0000 (UTC)
	(envelope-from jadawin@huppa.tuxaco.net)
Received: from huppa.tuxaco.net (huppa.tuxaco.net [91.121.19.193])
	by mx1.freebsd.org (Postfix) with ESMTP id 9435A13C468
	for <FreeBSD-gnats-submit@freebsd.org>; Wed,  3 Oct 2007 15:08:37 +0000 (UTC)
	(envelope-from jadawin@huppa.tuxaco.net)
Received: from localhost (unknown [127.0.0.1])
	by huppa.tuxaco.net (Postfix) with ESMTP id 461BAE342
	for <FreeBSD-gnats-submit@freebsd.org>; Wed,  3 Oct 2007 17:09:25 +0200 (CEST)
Received: from huppa.tuxaco.net ([127.0.0.1])
	by localhost (huppa.tuxaco.net [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id sr9gp3aQhce1 for <FreeBSD-gnats-submit@freebsd.org>;
	Wed,  3 Oct 2007 17:09:20 +0200 (CEST)
Received: by huppa.tuxaco.net (Postfix, from userid 1001)
	id 23E1AE1AB; Wed,  3 Oct 2007 17:09:20 +0200 (CEST)
Message-Id: <20071003150920.23E1AE1AB@huppa.tuxaco.net>
Date: Wed,  3 Oct 2007 17:09:20 +0200 (CEST)
From: Philippe Audeoud <jadawin@tuxaco.net>
Reply-To: Philippe Audeoud <jadawin@tuxaco.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: New Port: security/wapiti - a tool to audit your web applications	
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         116873
>Category:       ports
>Synopsis:       New Port: security/wapiti - a tool to audit your web applications
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    rafan
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Oct 03 15:10:01 GMT 2007
>Closed-Date:    Thu Oct 04 13:23:05 GMT 2007
>Last-Modified:  Thu Oct  4 13:30:01 GMT 2007
>Originator:     Philippe Audeoud
>Release:        FreeBSD 6.2-RELEASE i386
>Organization:
>Environment:
System: FreeBSD huppa.tuxaco.net 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Tue Mar 20 16:05:42 CET 2007 root@:/usr/obj/usr/src/sys/GENERIC i386


	
>Description:
	Wapiti allows you to audit the security of your web applications. It's written in Python and acts like a fuzzer. It can inject data, too.
>How-To-Repeat:
	
>Fix:

	

--- shar-wapiti-1.sh begins here ---
# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	wapiti/
#	wapiti/Makefile
#	wapiti/distinfo
#	wapiti/pkg-descr
#
echo c - wapiti/
mkdir -p wapiti/ > /dev/null 2>&1
echo x - wapiti/Makefile
sed 's/^X//' >wapiti/Makefile << 'END-of-wapiti/Makefile'
X# New ports collection makefile for:	wapiti
X# Date created:                3 October 2007
X# Whom:                        Philippe Audeoud <jadawin@tuxaco.net>
X# $FreeBSD$
X
XPORTNAME=	wapiti
XPORTVERSION=	1.1.6
XCATEGORIES=	security
XMASTER_SITES=	${MASTER_SITE_SOURCEFORGE_EXTENDED}
XMASTER_SITE_SUBDIR=	wapiti
X
XMAINTAINER=	jadawin@tuxaco.net
XCOMMENT=	Wapiti is a vulnerability scanner for web applications
X
XRUN_DEPENDS=	${PYTHON_SITELIBDIR}/tidy:${PORTSDIR}/www/py-utidy
X
XUSE_PYTHON=	2.3+
XNO_BUILD=	yes
XPORTDOCS=	README
X
XPLIST_FILES=	bin/wapiti.py \
X		bin/lswww.py \
X		bin/getcookie.py \
X		bin/cookie.py \
X		bin/BeautifulSoup.py
X
Xdo-install:
X.for i in wapiti.py lswww.py getcookie.py cookie.py BeautifulSoup.py
X	${INSTALL_SCRIPT} ${WRKSRC}/${i} ${PREFIX}/bin/
X.endfor
X.if !defined(NOPORTDOCS)
X	${MKDIR} ${DOCSDIR}
X	${INSTALL_DATA} ${WRKSRC}/README ${DOCSDIR}
X.endif
X
X.include <bsd.port.mk>
END-of-wapiti/Makefile
echo x - wapiti/distinfo
sed 's/^X//' >wapiti/distinfo << 'END-of-wapiti/distinfo'
XMD5 (wapiti-1.1.6.tar.gz) = 8b6067b64c16b575da43aa2dbfaeea23
XSHA256 (wapiti-1.1.6.tar.gz) = cb9fb6b969d01e84e953235f7e7554fee62916aaf3215a1abd4455a0efecbaed
XSIZE (wapiti-1.1.6.tar.gz) = 51200
END-of-wapiti/distinfo
echo x - wapiti/pkg-descr
sed 's/^X//' >wapiti/pkg-descr << 'END-of-wapiti/pkg-descr'
XWapiti allows you to audit the security of your web applications.
XIt performs "black-box" scans, i.e. it does not study the source code of
Xthe application but will scans the webpages of the deployed webapp,
Xlooking for scripts and forms where it can inject data.
XOnce it gets this list, Wapiti acts like a fuzzer, injecting payloads to
Xsee if a script is vulnerable.
X
XWWW: http://wapiti.sourceforge.net/
END-of-wapiti/pkg-descr
exit
--- shar-wapiti-1.sh ends here ---


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->rafan 
Responsible-Changed-By: rafan 
Responsible-Changed-When: Thu Oct 4 03:21:14 UTC 2007 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=116873 
State-Changed-From-To: open->closed 
State-Changed-By: rafan 
State-Changed-When: Thu Oct 4 13:23:03 UTC 2007 
State-Changed-Why:  
New port added. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=116873 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/116873: commit references a PR
Date: Thu,  4 Oct 2007 13:21:47 +0000 (UTC)

 rafan       2007-10-04 13:21:39 UTC
 
   FreeBSD ports repository
 
   Modified files:
     security             Makefile 
   Added files:
     security/wapiti      Makefile distinfo pkg-descr 
   Log:
   Wapiti allows you to audit the security of your web applications.
   It performs "black-box" scans, i.e. it does not study the source code of
   the application but will scans the webpages of the deployed webapp,
   looking for scripts and forms where it can inject data.
   Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to
   see if a script is vulnerable.
   
   WWW: http://wapiti.sourceforge.net/
   
   PR:             ports/116873
   Submitted by:   Philippe Audeoud <jadawin at tuxaco.net>
   
   Revision  Changes    Path
   1.921     +1 -0      ports/security/Makefile
   1.1       +36 -0     ports/security/wapiti/Makefile (new)
   1.1       +3 -0      ports/security/wapiti/distinfo (new)
   1.1       +8 -0      ports/security/wapiti/pkg-descr (new)
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
