def create_vuln(self):
v = super(XPathTemplate, self).create_vuln()
original_value = self.data[self.vulnerable_parameter][0]
freq = FuzzableRequest(self.url, method=self.method, dc=self.data)
mutant = Mutant(freq)
mutant.set_var(self.vulnerable_parameter)
mutant.set_dc(self.data)
mutant.set_original_value(original_value)
v.set_mutant(mutant)
return v
def create_vuln(self):
self.data[self.vulnerable_parameter][0] = self.payload
v = super(LocalFileReadTemplate, self).create_vuln()
freq = FuzzableRequest(self.url, method=self.method, dc=self.data)
mutant = Mutant(freq)
mutant.set_var(self.vulnerable_parameter)
mutant.set_dc(self.data)
mutant.set_mod_value(self.payload)
v.set_mutant(mutant)
v['file_pattern'] = self.file_pattern
return v
def create_vuln(self):
self.data[self.vulnerable_parameter][0] = self.payload
v = super(LocalFileReadTemplate, self).create_vuln()
freq = FuzzableRequest(self.url, method=self.method, dc=self.data)
mutant = Mutant(freq)
mutant.set_var(self.vulnerable_parameter)
mutant.set_dc(self.data)
mutant.set_mod_value(self.payload)
v.set_mutant(mutant)
v['file_pattern'] = self.file_pattern
return v
def create_vuln(self):
v = self.create_base_vuln()
url = self.url
if self.method.upper() == 'GET':
url.querystring = self.data
# User configured
v.set_method(self.method)
v.set_name(self.name)
v.set_var(self.vulnerable_parameter)
v.set_url(url)
v.set_dc(self.data)
freq = FuzzableRequest(url, method=self.method, dc=self.data)
mutant = Mutant(freq)
mutant.set_var(self.vulnerable_parameter)
mutant.set_dc(self.data)
v.set_mutant(mutant)
return v
def create_vuln(self):
v = self.create_base_vuln()
url = self.url
if self.method.upper() == 'GET':
url.querystring = self.data
# User configured
v.set_method(self.method)
v.set_name(self.name)
v.set_var(self.vulnerable_parameter)
v.set_url(url)
v.set_dc(self.data)
freq = FuzzableRequest(url, method=self.method, dc=self.data)
mutant = Mutant(freq)
mutant.set_var(self.vulnerable_parameter)
mutant.set_dc(self.data)
v.set_mutant(mutant)
return v
