def test_constructed_url_no_search(self):
'''
verify the default value of a url without serach (query) field
'''
expected = 'http://www.google.com:123/index.html'
container = kurl.HttpUrl(
'http',
hostport=kurl.HostPort('www.google.com', port=123, name='our host'),
path=kurl.Path('index.html', name='the page'),
name='uut'
)
actual = container.render().bytes
self.assertEqual(actual, expected)
def test_constructed_url_no_login(self):
'''
verify the default value of a url without login
'''
expected = 'http://www.google.com:123/index.html?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8'
container = kurl.HttpUrl(
'http',
hostport=kurl.HostPort('www.google.com', port=123, name='our host'),
path=kurl.Path('index.html', name='the page'),
search=kurl.Search('sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8'),
name='uut'
)
actual = container.render().bytes
self.assertEqual(actual, expected)
name=name)
def _get_class_lib(self):
lib = []
methods = ["GET", "POST", "PUT", "DELETE", "OPTIONS", "INVALID", ""]
for method in methods:
lib.append((method, "method - " + method))
return lib
http_get_vPost = Template(
name='HTTP_POST',
fields=[
Method('POST', name='method', fuzzable=True), # 7 + iteration
Delimiter(' ', name='space1', fuzzable=False),
url.Path('somewhere/else', name='path', fuzzable=False),
Delimiter(' ', name='space2'),
String('HTTP', name='protocol name'),
Delimiter('/', name='fws1'),
Dword(1, name='major version', encoder=ENC_INT_DEC),
Delimiter('.', name='dot1'),
Dword(1, name='minor version', encoder=ENC_INT_DEC),
Static('\r\n'),
Static('Host: 127.0.0.1:5000'),
Static('\r\n'),
Static('Content-Type: text/plain'),
Static('\r\n'),
Static('Content-Length: '),
Size(name='size in bytes',
sized_field='chunk',
length=32,
name=name)
def _get_class_lib(self):
lib = []
methods = ["GET", "POST", "PUT", "DELETE", "OPTIONS", "INVALID", ""]
for method in methods:
lib.append((method, "method - " + method))
return lib
http_post_json = Template(
name='HTTP_Post_json',
fields=[
Method('POST', name='method', fuzzable=False),
Delimiter(' ', name='space1', fuzzable=False),
url.Path('api/pet', name='path', fuzzable=False),
Delimiter(' ', name='space2', fuzzable=False),
Static('HTTP', name='protocol name'),
Delimiter('/', name='fws1', fuzzable=False),
Dword(1, name='major version', encoder=ENC_INT_DEC, fuzzable=False),
Delimiter('.', name='dot1', fuzzable=False),
Dword(1, name='minor version', encoder=ENC_INT_DEC, fuzzable=False),
Static('\r\n'),
Static('Host: 127.0.0.1:5000'),
Static('\r\n'),
Static('Content-Type: application/json'),
Static('\r\n'),
Static('Accept: */*'),
Static('\r\n'),
Static('Content-Length: '),
Size(name='size in bytes',
name=name)
def _get_class_lib(self):
lib = []
methods = ["GET", "POST", "PUT", "DELETE", "OPTIONS", "INVALID", ""]
for method in methods:
lib.append((method, "method - " + method))
return lib
http_get_v3 = Template(
name='HTTP_GET_V3',
fields=[
Method('GET', name='method', fuzzable=True), # 7 + iteration
Delimiter(' ', name='space1', fuzzable=False),
url.Path('somewhere/else', name='path'),
Delimiter(' ', name='space2'),
String('HTTP', name='protocol name'),
Delimiter('/', name='fws1'),
Dword(1, name='major version', encoder=ENC_INT_DEC),
Delimiter('.', name='dot1'),
Dword(1, name='minor version', encoder=ENC_INT_DEC),
Static('\r\n'),
Static('Host: 127.0.0.1:5000'),
Static('\r\n'),
Static('Connection: close'),
Static('\r\n\r\n', name='eom')
])
model.connect(http_get_v3)
fuzzer = ServerFuzzer()
lib = None
def __init__(self, value, max_size=None, encoder=ENC_STR_DEFAULT, fuzzable=True, name=None):
super(Method, self).__init__(value=value, max_size=max_size, encoder=encoder, fuzzable=fuzzable, name=name)
def _get_class_lib(self):
lib = []
methods = ["GET", "POST", "PUT", "DELETE", "OPTIONS", "INVALID", ""]
for method in methods:
lib.append((method, "method - " + method))
return lib
http_get_vX = Template(name='HTTP_GET_VX', fields = [
Method('GET', name='method', fuzzable=False),
Delimiter(' ', name='space1', fuzzable=False),
url.Path('api/pet/7', name='path'),# moze sqlinjection?
Delimiter(' ', name='space2',fuzzable=False),
String('HTTP', name='protocol name',fuzzable=False),
Delimiter('/', name='fws1',fuzzable=False),
Dword(1, name='major version', encoder=ENC_INT_DEC,fuzzable=False),
Delimiter('.', name='dot1',fuzzable=False),
Dword(1, name='minor version', encoder=ENC_INT_DEC,fuzzable=False),
Static('\r\n'),
Static('Host: 127.0.0.1:5000'),
Static('\r\n'),
Static('Connection: close'),
Static('\r\n\r\n', name='eom')
])
model.connect(http_get_vX)
fuzzer = ServerFuzzer()