def test_from_template(self):
fut = FileUploadTemplate()
options = fut.get_options()
options['url'].set_value('http://moth/w3af/audit/file_upload/uploader.php')
options['data'].set_value('uploadedfile=&MAX_FILE_SIZE=10000000')
options['file_vars'].set_value('uploadedfile')
options['file_dest'].set_value('http://moth/w3af/audit/file_upload/uploads/')
options['vulnerable_parameter'].set_value('uploadedfile')
fut.set_options(options)
fut.store_in_kb()
vuln = self.kb.get(*fut.get_kb_location())[0]
vuln_to_exploit_id = vuln.get_id()
self._exploit_vuln(vuln_to_exploit_id, 'file_upload')
def test_from_template_534(self):
fut = FileUploadTemplate()
base_url = get_php_moth_http('/audit/file_upload/strange_extension_534/')
options = fut.get_options()
options['url'].set_value(base_url + 'uploader.534')
options['data'].set_value('uploadedfile=&MAX_FILE_SIZE=10000000')
options['file_vars'].set_value('uploadedfile')
options['file_dest'].set_value(get_php_moth_http('/audit/file_upload/trivial/uploads/'))
options['vulnerable_parameter'].set_value('uploadedfile')
fut.set_options(options)
fut.store_in_kb()
vuln = self.kb.get(*fut.get_kb_location())[0]
vuln_to_exploit_id = vuln.get_id()
self._exploit_vuln(vuln_to_exploit_id, 'file_upload')
def test_from_template_534(self):
fut = FileUploadTemplate()
base_url = get_php_moth_http('/audit/file_upload/strange_extension_534/')
options = fut.get_options()
options['url'].set_value(base_url + 'uploader.534')
options['data'].set_value('uploadedfile=&MAX_FILE_SIZE=10000000')
options['file_vars'].set_value('uploadedfile')
options['file_dest'].set_value(get_php_moth_http('/audit/file_upload/trivial/uploads/'))
options['vulnerable_parameter'].set_value('uploadedfile')
fut.set_options(options)
fut.store_in_kb()
vuln = self.kb.get(*fut.get_kb_location())[0]
vuln_to_exploit_id = vuln.get_id()
self._exploit_vuln(vuln_to_exploit_id, 'file_upload')
