Beispiel #1
0
 def __init__(self, url="", verify=False, timeout=0, loglevel="debug"):
     """
     Args:
         url (str, optional): main url
         verify (bool, optional): verify or not
         timeout (int, optional): requests timeout
     """
     super(Sess, self).__init__()
     self.s = requests.Session()
     if timeout != 0:
         self.timeout = timeout
     self.url = normalizeUrl(url)
     self.loglevel = loglevel
     self.logger = getLogger()
     self.lastr = None
     self.s.verify = verify
     self.setUA(self.ffua)
Beispiel #2
0
def fuzz(args):
    parser = argparse.ArgumentParser(description='Saker Fuzzer',
                                     usage='[options]',
                                     epilog='Fuzz for web request')
    parser.add_argument("-u", '--url', dest="url", help="define specific url")
    parser.add_argument("-m",
                        '--method',
                        dest="method",
                        help="request method, use get as default",
                        default="get")
    parser.add_argument("-p",
                        '--params',
                        dest="params",
                        help="request params, use empty string as default",
                        default="")
    parser.add_argument("-d",
                        '--data',
                        dest="data",
                        help="request data, use empty string as default",
                        default="")
    parser.add_argument('-H',
                        '--headers',
                        dest="headers",
                        help="request headers, use empty string as default",
                        default="")
    parser.add_argument("-c",
                        '--cookies',
                        dest="cookies",
                        help="request cookies, use empty string as default",
                        default="")
    parser.add_argument("-P",
                        '--part',
                        dest="part",
                        help="fuzz part, could be url / params / data / ...",
                        default="")
    parser.add_argument("-k",
                        '--key',
                        dest="key",
                        help="key to be fuzzed",
                        default="")
    parser.add_argument("-v",
                        '--vuln',
                        dest="vuln",
                        help="Vulnarability type to be fuzzed",
                        default="")
    parser.add_argument("-t",
                        '--timeinterval',
                        type=float,
                        dest="interval",
                        help="scan time interval, random sleep by default",
                        default=0)
    opts = parser.parse_args(args)

    if not opts.url:
        parser.print_help()
        return

    if opts.method.lower() not in ['get', 'post', 'put', 'patch', 'delete']:
        print('method error')
        return

    print(opts.headers)

    options = {
        'url': normalizeUrl(opts.url),
        'method': opts.method.lower(),
        'params': parseQuery(opts.params),
        'data': parseQuery(opts.data),
        'headers': parseQuery(opts.headers),
        'cookies': parseQuery(opts.cookies),
    }
    m = Mutator(options)
    m.fuzz(opts.part, opts.key, opts.vuln, opts.interval)
    print('Done')
Beispiel #3
0
 def test_urlFile(self):
     self.assertEqual(normalizeUrl('example.com'), 'http://example.com/')
     self.assertEqual(normalizeUrl('example.com:443'), 'https://example.com/')
     self.assertEqual(normalizeUrl('example.com:8080'), 'http://example.com:8080/')
     self.assertEqual(normalizeUrl('https://example.com:1443'), 'https://example.com:1443/')
Beispiel #4
0
def fuzz(args):
    parser = argparse.ArgumentParser(description="Saker Fuzzer",
                                     usage="[options]",
                                     epilog="Fuzz for web request")
    parser.add_argument("-u", "--url", dest="url", help="define specific url")
    parser.add_argument("-m",
                        "--method",
                        dest="method",
                        help="request method, use get as default",
                        default="get")
    parser.add_argument("-p",
                        "--params",
                        dest="params",
                        help="request params, use empty string as default",
                        default="")
    parser.add_argument("-d",
                        "--data",
                        dest="data",
                        help="request data, use empty string as default",
                        default="")
    parser.add_argument("-H",
                        "--headers",
                        dest="headers",
                        help="request headers, use empty string as default",
                        default="")
    parser.add_argument("-c",
                        "--cookies",
                        dest="cookies",
                        help="request cookies, use empty string as default",
                        default="")
    parser.add_argument("-P",
                        "--part",
                        dest="part",
                        help="fuzz part, could be url / params / data / ...",
                        default="")
    parser.add_argument("-k",
                        "--key",
                        dest="key",
                        help="key to be fuzzed",
                        default="")
    parser.add_argument("-v",
                        "--vuln",
                        dest="vuln",
                        help="Vulnarability type to be fuzzed",
                        default="")
    parser.add_argument("-t",
                        "--timeinterval",
                        type=float,
                        dest="interval",
                        help="scan time interval, random sleep by default",
                        default=0)
    opts = parser.parse_args(args)

    if not opts.url:
        parser.print_help()
        return

    if opts.method.lower() not in ["get", "post", "put", "patch", "delete"]:
        print("method error")
        return

    print(opts.headers)

    options = {
        "url": normalizeUrl(opts.url),
        "method": opts.method.lower(),
        "params": parseQuery(opts.params),
        "data": parseQuery(opts.data),
        "headers": parseQuery(opts.headers),
        "cookies": parseQuery(opts.cookies),
    }
    m = Mutator(options)
    m.fuzz(opts.part, opts.key, opts.vuln, opts.interval)
    print("Done")