def test_config_false(self):
fuzzer_config = {'fuzz_form_files': False}
freq = HTTPPostDataRequest(URL('http://www.w3af.com/foo/bar'))
generated_mutants = FileContentMutant.create_mutants(
freq, self.payloads, [], False, fuzzer_config)
self.assertEqual(len(generated_mutants), 0, generated_mutants)
def test_config_true(self):
fuzzer_config = {
'fuzz_form_files': True,
'fuzzed_files_extension': 'gif'
}
form = Form()
form.add_input([("name", "username"), ("value", "")])
form.add_input([("name", "address"), ("value", "")])
form.add_file_input([("name", "file"), ("type", "file")])
freq = HTTPPostDataRequest(self.url, dc=form)
generated_mutants = FileContentMutant.create_mutants(
freq, self.payloads, [], False, fuzzer_config)
self.assertNotEqual(len(generated_mutants), 0, generated_mutants)
def test_valid_results(self):
form = Form()
form.add_input([("name", "username"), ("value", "")])
form.add_file_input([("name", "file"), ("type", "file")])
freq = HTTPPostDataRequest(self.url, dc=form)
generated_mutants = FileContentMutant.create_mutants(
freq, self.payloads, [], False, self.fuzzer_config)
self.assertEqual(len(generated_mutants), 2, generated_mutants)
expected_data = [
Form([('username', ['John8212']), ('file', ['abc'])]),
Form([('username', ['John8212']), ('file', ['def'])]),
]
generated_data = [m.get_data() for m in generated_mutants]
self.assertEqual(expected_data, generated_data)
str_file = generated_data[0]['file'][0]
self.assertEqual(str_file.name[-4:], '.gif')
self.assertIn('abc', str_file)
