Beispiel #1
0
    def test_from_template(self):
        xt = XPathTemplate()

        options = xt.get_options()
        options['url'].set_value(
            'http://moth/w3af/audit/xpath/xpath-attr-single.php')
        options['data'].set_value('input=1')
        options['vulnerable_parameter'].set_value('input')
        xt.set_options(options)

        xt.store_in_kb()
        vuln = self.kb.get(*xt.get_kb_location())[0]
        vuln_to_exploit_id = vuln.get_id()

        self._exploit_xpath(vuln_to_exploit_id)
Beispiel #2
0
    def test_from_template(self):
        xt = XPathTemplate()

        options = xt.get_options()
        options['url'].set_value(self.target_url)
        options['data'].set_value('text=1')
        options['method'].set_value('POST')
        options['vulnerable_parameter'].set_value('text')
        xt.set_options(options)

        xt.store_in_kb()
        vuln = self.kb.get(*xt.get_kb_location())[0]
        vuln_to_exploit_id = vuln.get_id()

        self._exploit_xpath(vuln_to_exploit_id)
Beispiel #3
0
    def test_from_template(self):
        xt = XPathTemplate()
        
        options = xt.get_options()
        options['url'].set_value('http://moth/w3af/audit/xpath/xpath-attr-single.php')
        options['data'].set_value('input=1')
        options['vulnerable_parameter'].set_value('input')
        xt.set_options(options)

        xt.store_in_kb()
        vuln = self.kb.get(*xt.get_kb_location())[0]
        vuln_to_exploit_id = vuln.get_id()
        
        self._exploit_xpath(vuln_to_exploit_id)
Beispiel #4
0
    def test_from_template(self):
        xt = XPathTemplate()
        
        options = xt.get_options()
        options['url'].set_value(self.target_url)
        options['data'].set_value('text=1')
        options['method'].set_value('POST')
        options['vulnerable_parameter'].set_value('text')
        xt.set_options(options)

        xt.store_in_kb()
        vuln = self.kb.get(*xt.get_kb_location())[0]
        vuln_to_exploit_id = vuln.get_id()
        
        self._exploit_xpath(vuln_to_exploit_id)