def handle_sequenceRunnerRunButton_clicked(self): """ Run a sequence """ if 'Cancel' == self.mainWindow.sequenceRunnerRunButton.text( ) and self.pending_sequence_requests is not None: self.cancel_sequence_requests = True for context, pending_request in self.pending_sequence_requests.items( ): pending_request.cancel() self.pending_sequence_requests = None self.mainWindow.sequenceRunnerButton.setText('Send') self.mainWindow.sequenceRunnerButton.setValue(0) return self.sequenceRunnerDataModel.clearModel() sequenceId = str( self.mainWindow.sequenceRunnerSequenceComboBox.itemData( self.mainWindow.sequenceRunnerSequenceComboBox.currentIndex())) use_global_cookie_jar = self.mainWindow.sequenceRunnerUseGlobalCookieJar.isChecked( ) if use_global_cookie_jar: self.sequenceRunnerCookieJar = self.framework.get_global_cookie_jar( ) else: self.sequenceRunnerCookieJar = InMemoryCookieJar( self.framework, self) self.sequence_requestRunner = RequestRunner(self.framework, self) self.sequence_requestRunner.setup( self.sequence_runner_response_received, self.sequenceRunnerCookieJar, sequenceId) self.pending_sequence_requests = self.sequence_requestRunner.run_sequence( ) self.mainWindow.sequenceRunnerRunButton.setText('Cancel')
def do_startSpidering(self): print('do_startSpidering') # TODO: decide about global cookies ? self.requestRunner = RequestRunner(self.framework, self) self.requestRunner.setup(self.network_response_received, self.cookieJar, self.sequence_id) self.keep_spidering = True self.renderer_available = False self.handle_spider_available()
def requester_send_button_clicked(self): """ Make a request from the Request tab """ if 'Cancel' == self.mainWindow.requesterSendButton.text( ) and self.pending_request is not None: self.pending_request.cancel() self.pending_request = None self.mainWindow.requesterSendButton.setText('Send') return qurl = QUrl.fromUserInput(self.mainWindow.requesterUrlEdit.text()) url = qurl.toEncoded().data().decode('utf-8') self.mainWindow.requesterUrlEdit.setText(url) self.framework.set_raft_config_value('requesterUrlEdit', url) templateText = str(self.mainWindow.requesterTemplateEdit.toPlainText()) method = str(self.mainWindow.requesterRequestMethod.currentText()) use_global_cookie_jar = self.mainWindow.requesterUseGlobalCookieJar.isChecked( ) replacements = self.build_replacements(method, url) (method, url, headers, body) = self.process_template(url, templateText, replacements) sequenceId = None if self.mainWindow.requesterSequenceCheckBox.isChecked(): sequenceId = str( self.mainWindow.requesterSequenceComboBox.itemData( self.mainWindow.requesterSequenceComboBox.currentIndex())) self.requestRunner = RequestRunner(self.framework, self) if use_global_cookie_jar: self.requesterCookieJar = self.framework.get_global_cookie_jar() else: self.requesterCookieJar = InMemoryCookieJar(self.framework, self) self.requestRunner.setup(self.requester_response_received, self.requesterCookieJar, sequenceId) self.pending_request = self.requestRunner.queue_request( method, url, headers, body) self.mainWindow.requesterSendButton.setText('Cancel') self.miniResponseRenderWidget.clear_response_render()
def requester_bulk_request_button_clicked(self): if 'Cancel' == self.mainWindow.bulkRequestPushButton.text( ) and self.pending_bulk_requests is not None: self.cancel_bulk_requests = True for context, pending_request in self.pending_bulk_requests.items(): pending_request.cancel() self.pending_bulk_requests = None self.mainWindow.bulkRequestPushButton.setText('Send') self.mainWindow.bulkRequestProgressBar.setValue(0) return if self.pending_bulk_requests is None: self.pending_bulk_requests = {} method = str(self.mainWindow.bulkRequestMethodEdit.currentText()) templateText = str( self.mainWindow.bulkRequestTemplateEdit.toPlainText()) template_url = str(self.mainWindow.bulkRequestUrlEdit.text()) url_list = str(self.mainWindow.bulkRequestUrlListEdit.toPlainText()) self.framework.set_raft_config_value('bulkRequestUrlListEdit', url_list) request_urls = url_list.splitlines() self.mainWindow.bulkRequestProgressBar.setValue(0) self.mainWindow.bulkRequestProgressBar.setMaximum(len(request_urls)) sequenceId = None if self.mainWindow.bulkRequestSequenceCheckBox.isChecked(): sequenceId = str( self.mainWindow.bulkRequestSequenceComboBox.itemData( self.mainWindow.bulkRequestSequenceComboBox.currentIndex()) ) first = True self.cancel_bulk_requests = False for request_url in request_urls: if self.cancel_bulk_requests: break request_url = request_url.strip() if request_url: context = uuid.uuid4().hex # TODO: move this hack if '$' in template_url: replacements = self.build_replacements(method, request_url) url = self.re_replacement.sub( lambda m: replacements.get(m.group(1)), template_url) else: url = request_url if not self.scopeController.isUrlInScope(url, url): self.framework.log_warning( 'skipping out of scope URL: %s' % (url)) self.mainWindow.bulkRequestProgressBar.setValue( self.mainWindow.bulkRequestProgressBar.value() + 1) continue use_global_cookie_jar = self.mainWindow.bulkRequestUseGlobalCookieJar.isChecked( ) replacements = self.build_replacements(method, url) (method, url, headers, body) = self.process_template(url, templateText, replacements) if first: self.mainWindow.bulkRequestPushButton.setText('Cancel') if use_global_cookie_jar: self.bulkRequesterCookieJar = self.framework.get_global_cookie_jar( ) else: self.bulkRequesterCookieJar = InMemoryCookieJar( self.framework, self) self.bulk_requestRunner = RequestRunner( self.framework, self) self.bulk_requestRunner.setup( self.requester_bulk_response_received, self.bulkRequesterCookieJar, sequenceId) first = False self.pending_bulk_requests[ context] = self.bulk_requestRunner.queue_request( method, url, headers, body, context)
def start_fuzzing_clicked(self): """ Start the fuzzing attack """ if 'Cancel' == self.mainWindow.wfStdStartButton.text() and self.pending_fuzz_requests is not None: self.cancel_fuzz_requests = True for context, pending_request in self.pending_fuzz_requests.items(): pending_request.cancel() self.pending_fuzz_requests = None self.mainWindow.wfStdStartButton.setText('Start Attack') self.mainWindow.fuzzerStandardProgressBar.setValue(0) return self.pending_fuzz_requests = {} url = str(self.mainWindow.wfStdUrlEdit.text()) templateText = str(self.mainWindow.wfStdEdit.toPlainText()) method = str(self.mainWindow.stdFuzzerReqMethod.currentText()) self.save_standard_configuration() replacements = self.build_replacements(method, url) sequenceId = None if self.mainWindow.wfStdPreChk.isChecked(): sequenceId = self.mainWindow.wfStdPreBox.itemData(self.mainWindow.wfStdPreBox.currentIndex()) postSequenceId = None if self.mainWindow.wfStdPostChk.isChecked(): postSequenceId = self.mainWindow.wfStdPostBox.itemData(self.mainWindow.wfStdPostBox.currentIndex()) # Fuzzing stuff payload_mapping = self.create_payload_map() # print(payload_mapping) self.create_functions() template_definition = TemplateDefinition(templateText) template_items = template_definition.template_items ### print(template_items) parameter_names = template_definition.parameter_names self.global_ns = self.local_ns = {} scriptLoader = ScriptLoader() errors = [] fuzz_payloads = {} for name, payload_info in payload_mapping.items(): if name in parameter_names: payload_type, payload_value, payload_file = payload_info if 'fuzz' == payload_type: filename = payload_value values = self.Attacks.read_data(filename) fuzz_payloads[name] = values elif 'dynamic' == payload_type: target = payload_file # TODO: should this come from saved file or current Scintilla values (?) script_env = scriptLoader.load_from_file(os.path.join(self.functions_dir, target), self.global_ns, self.local_ns) expression = payload_value if not expression.endswith('()'): expression += '()' eval_result = eval(expression, self.global_ns, self.local_ns) fuzz_payloads[name] = [str(v) for v in eval_result] elif 'static' == payload_type: pass elif 'none' == payload_type: # unconfigured payload errors.append(name) test_slots = [] counters = [] tests_count = [] total_tests = 1 for name, payload_info in payload_mapping.items(): if name in parameter_names: payload_type, payload_value, payload_file = payload_info if 'static' == payload_type: # static payload value payloads = [payload_value] elif 'fuzz' == payload_type: payloads = fuzz_payloads[name] elif 'dynamic' == payload_type: payloads = fuzz_payloads[name] total_tests *= len(payloads) test_slots.append((name, payloads)) counters.append(0) tests_count.append(len(payloads)) position_end = len(counters) - 1 position = position_end self.miniResponseRenderWidget.clear_response_render() self.mainWindow.fuzzerStandardProgressBar.setValue(0) self.mainWindow.fuzzerStandardProgressBar.setMaximum(total_tests) finished = False first = True while not finished: data = {} for j in range(0, len(test_slots)): name, payloads = test_slots[j] data[name] = payloads[counters[j]] template_io = StringIO() self.apply_template_parameters(template_io, data, template_items) templateText = template_io.getvalue() context = uuid.uuid4().hex # print('%s%s%s' % ('-'*32, request, '-'*32)) use_global_cookie_jar = self.mainWindow.webFuzzerUseGlobalCookieJar.isChecked() (method, url, headers, body) = self.process_template(url, templateText, replacements) if first: self.mainWindow.wfStdStartButton.setText('Cancel') if use_global_cookie_jar: self.fuzzRequesterCookieJar = self.framework.get_global_cookie_jar() else: self.fuzzRequesterCookieJar = InMemoryCookieJar(self.framework, self) self.requestRunner = RequestRunner(self.framework, self) self.requestRunner.setup(self.fuzzer_response_received, self.fuzzRequesterCookieJar, sequenceId, postSequenceId) first = False self.pending_fuzz_requests[context] = self.requestRunner.queue_request(method, url, headers, body, context) # increment to next test counters[position] = (counters[position] + 1) % (tests_count[position]) while position >= 0 and counters[position] == 0: position -= 1 counters[position] = (counters[position] + 1) % (tests_count[position]) if position == -1: finished = True else: position = position_end