Ejemplo n.º 1
0
 def processProxyMessage(self,messageReference, messageIsRequest, remoteHost,
                   remotePort, serviceIsHttps, httpMethod, url, resourceType, 
                   statusCode, responseContentType, message, interceptAction):
     curl = "%s://%s:%d%s" % ("https" if serviceIsHttps else "http", \
           remoteHost, remotePort, url)
     headers = self.mCallBacks.getHeaders(message)
     if messageIsRequest:
         # Need to build a urllib2 Request object
         wRequest=RequestMessage(message, headers)
         request=urllib2.Request(curl,wRequest.data,wRequest.headers)
         evasion = False
         for plugin in self.loadedPlugins:
             if plugin.getType() == "evasion":
                 evasion = True
                 request=self.processEvasionPlugin(plugin, request)
             if evasion: return self.createBurpRequest(request,httpMethod)    
     elif responseContentType and responseContentType.count("text"):
         # Few objets needed by w3af httpResponse object
         wMessage = Message(message, headers)
         response = httpResponse(int(statusCode), wMessage.message, \
             wMessage.headers, curl, curl, wMessage.msg, id=messageReference+1)
         for plugin in self.loadedPlugins:
             if plugin.getType() == "grep":
                 self.processGrepPlugin(plugin, response)
     return message
Ejemplo n.º 2
0
    def store_in_cache(request, response):
        hi = HistoryItem()
        
        # Set the request
        headers = dict(request.headers)
        headers.update(request.unredirected_hdrs)
    
        req = createFuzzableRequestRaw(method=request.get_method(),
                                      url=request.url_object,
                                      postData=str(request.get_data() or ''),
                                      headers=headers)
        hi.request = req

        # Set the response
        resp = response
        code, msg, hdrs, url, body, id = (resp.code, resp.msg, resp.info(),
                                          resp.geturl(), resp.read(), resp.id)
        # BUGBUG: This is where I create/log the responses that always have
        # 0.2 as the time!
        url_instance = url_object( url )
        resp = httpResponse.httpResponse(code, body, hdrs, url_instance,
                                         request.url_object, msg=msg, id=id,
                                         alias=gen_hash(request))
        hi.response = resp

        # Now save them
        try:
            hi.save()
        except KeyboardInterrupt, k:
            raise k
Ejemplo n.º 3
0
 def test_find(self):
     find_id = random.randint(1, 499)
     url = url_object('http://w3af.org/a/b/foobar.php?foo=123')
     tag_value = createRandAlNum(10)
     for i in xrange(0, 500):
         fr = FuzzReq(url, dc={'a': ['1']})
         code = 200
         if i == find_id:
             code = 302
         res = httpResponse(code, '<html>',{'Content-Type':'text/html'}, url, url)
         h1 = HistoryItem()
         h1.request = fr
         res.setId(i)
         h1.response = res
         if i == find_id:
             h1.toggleMark()
             h1.updateTag(tag_value)
         h1.save()
     h2 = HistoryItem()
     self.assertEqual(len(h2.find([('tag', "%"+tag_value+"%", 'like')])), 1)
     self.assertEqual(len(h2.find([('code', 302, '=')])), 1)
     self.assertEqual(len(h2.find([('mark', 1, '=')])), 1)
     self.assertEqual(len(h2.find([('has_qs', 1, '=')])), 500)
     self.assertEqual(len(h2.find([('has_qs', 1, '=')], resultLimit=10)), 10)
     results = h2.find([('has_qs', 1, '=')], resultLimit=1, orderData=[('id','desc')])
     self.assertEqual(results[0].id, 499)
     search_data = []
     search_data.append(('id', find_id + 1, "<"))
     search_data.append(('id', find_id - 1, ">"))
     self.assertEqual(len(h2.find(search_data)), 1)
Ejemplo n.º 4
0
 def processProxyMessage(self, messageReference, messageIsRequest,
                         remoteHost, remotePort, serviceIsHttps, httpMethod,
                         url, resourceType, statusCode, responseContentType,
                         message, interceptAction):
     curl = "%s://%s:%d%s" % ("https" if serviceIsHttps else "http", \
           remoteHost, remotePort, url)
     headers = self.mCallBacks.getHeaders(message)
     if messageIsRequest:
         # Need to build a urllib2 Request object
         wRequest = RequestMessage(message, headers)
         request = urllib2.Request(curl, wRequest.data, wRequest.headers)
         evasion = False
         for plugin in self.loadedPlugins:
             if plugin.getType() == "evasion":
                 evasion = True
                 request = self.processEvasionPlugin(plugin, request)
             if evasion: return self.createBurpRequest(request, httpMethod)
     elif responseContentType and responseContentType.count("text"):
         # Few objets needed by w3af httpResponse object
         wMessage = Message(message, headers)
         response = httpResponse(int(statusCode), wMessage.message, \
             wMessage.headers, curl, curl, wMessage.msg, id=messageReference+1)
         for plugin in self.loadedPlugins:
             if plugin.getType() == "grep":
                 self.processGrepPlugin(plugin, response)
     return message
Ejemplo n.º 5
0
    def _new_no_content_resp(self, uri, log_it=False):
        '''
        Return a new NO_CONTENT httpResponse object. Optionally call the
        subscribed log handlers
        
        @param uri: URI string or request object
        
        @param log_it: Boolean that indicated whether to log request
        and response.  
        '''
        # accept a URI or a Request object
        if isinstance(uri, url_object):
            req = HTTPRequest(uri)
        elif isinstance(uri, HTTPRequest):
            req = uri
        else:
            msg = 'The uri parameter of xUrllib._new_content_resp() has to be of'
            msg += ' HTTPRequest of url_object type.'
            raise Exception( msg )

        # Work,
        no_content_response = httpResponse(NO_CONTENT, '', {}, uri, uri, msg='No Content')
        if log_it:
            # This also assigns the id to both objects.
            logHandler.logHandler().http_response(req, no_content_response)
        
        if no_content_response.id is None:
            no_content_response.id = seq_gen.inc()
            
        return no_content_response
Ejemplo n.º 6
0
    def _send(self, req, cache=False, useMultipart=False, grep=True):
        '''
        Actually send the request object.
        
        @param req: The HTTPRequest object that represents the request.
        @return: An httpResponse object.
        '''
        # This is the place where I hook the pause and stop feature
        # And some other things like memory usage debugging.
        self._callBeforeSend()

        # Sanitize the URL
        self._checkURI(req)
        
        # Evasion
        original_url = req._Request__original
        original_url_inst = req.url_object
        req = self._evasion(req)
        
        start_time = time.time()
        res = None

        req.get_from_cache = cache
        
        try:
            res = self._opener.open(req)
        except urllib2.HTTPError, e:
            # We usually get here when response codes in [404, 403, 401,...]
            msg = '%s %s returned HTTP code "%s" - id: %s' % \
                            (req.get_method(), original_url, e.code, e.id)
            if hasattr(e, 'from_cache'):
                msg += ' - from cache.'
            om.out.debug(msg)
            
            # Return this info to the caller
            code = int(e.code)
            info = e.info()
            geturl_instance = url_object(e.geturl())
            read = self._readRespose(e)
            httpResObj = httpResponse(code, read, info, geturl_instance,
                                      original_url_inst, id=e.id,
                                      time=time.time()-start_time, msg=e.msg,
                                      charset=getattr(e.fp, 'encoding', None))
            
            # Clear the log of failed requests; this request is done!
            req_id = id(req)
            if req_id in self._errorCount:
                del self._errorCount[req_id]

            # Reset errors counter
            self._zeroGlobalErrorCount()
        
            if grep:
                self._grep(req, httpResObj)
            else:
                om.out.debug('No grep for: "%s", the plugin sent '
                             'grep=False.' % geturl_instance)

            return httpResObj
Ejemplo n.º 7
0
 def _sendEnd(self):
     """
     Sends an HTML indicating that w3af spiderMan plugin has finished its execution.
     """
     html = "<html>spiderMan plugin finished its execution.</html>"
     headers = {"Content-Length": str(len(html))}
     r = httpResponse.httpResponse(200, html, headers, TERMINATE_URL, TERMINATE_URL)
     self._sendToBrowser(r)
Ejemplo n.º 8
0
 def test_no_code_disclosure_blank(self):
     body = ''
     url = url_object('http://www.w3af.com/')
     headers = {'content-type': 'text/html'}
     response = httpResponse(200, body , headers, url, url)
     request = fuzzableRequest(url, method='GET')
     self.plugin.grep(request, response)
     self.assertTrue( len(kb.kb.getData('codeDisclosure', 'codeDisclosure')) == 0 )
Ejemplo n.º 9
0
 def test_ASP_code_disclosure(self):
     body = 'header <% Response.Write("Hello World!") %> footer'
     url = url_object('http://www.w3af.com/')
     headers = {'content-type': 'text/html'}
     response = httpResponse(200, body , headers, url, url)
     request = fuzzableRequest(url, method='GET')
     self.plugin.grep(request, response)
     self.assertTrue( len(kb.kb.getData('codeDisclosure', 'codeDisclosure')) == 1 )
Ejemplo n.º 10
0
 def test_none(self):
     body = '<an object="1"> <or applet=2> <apple>'
     url = url_object('http://www.w3af.com/')
     headers = {'content-type': 'text/html'}
     response = httpResponse(200, body , headers, url, url)
     request = fuzzableRequest(url, method='GET')
     self.plugin.grep(request, response)
     
     self.assertEquals( len(kb.kb.getData('objects', 'objects')), 0 )
Ejemplo n.º 11
0
 def test_none(self):
     body = 'header <form><noinput type="file"></form> footer'
     url = url_object('http://www.w3af.com/')
     headers = {'content-type': 'text/html'}
     response = httpResponse(200, body , headers, url, url)
     request = fuzzableRequest(url, method='GET')
     self.plugin.grep(request, response)
     
     self.assertEquals( len(kb.kb.getData('fileUpload', 'fileUpload')), 0 )
Ejemplo n.º 12
0
    def setUp(self):
        #
        #   Init
        #
        self.url_str = 'http://localhost:631/'
        self.url_inst = url_object( self.url_str )
        spam = httpResponse(200, '', {}, self.url_inst, self.url_inst)

        try:
            spam = httpResponse(200, '', {}, self.url_inst, self.url_inst)
            is_404(spam)
        except:
            pass

        self._w3af = core.controllers.w3afCore.w3afCore()
        self._plugins = []
        for pname in self._w3af.getPluginList('grep'):
            self._plugins.append( self._w3af.getPluginInstance(pname, 'grep') )
Ejemplo n.º 13
0
    def test_no_feeds(self):
        body = 'header <nofeed version="3" foo="4"> footer'
        url = url_object("http://www.w3af.com/")
        headers = {"content-type": "text/html"}
        response = httpResponse(200, body, headers, url, url)
        request = fuzzableRequest(url, method="GET")
        self.plugin.grep(request, response)

        self.assertEquals(len(kb.kb.getData("feeds", "feeds")), 0)
Ejemplo n.º 14
0
 def test_PHP_code_disclosure(self):
     body = 'header <? echo $a; ?> footer'
     url = url_object('http://www.w3af.com/')
     headers = {'content-type': 'text/html'}
     response = httpResponse(200, body , headers, url, url)
     request = fuzzableRequest()
     request.setURL( url )
     request.setMethod( 'GET' )
     self.plugin.grep(request, response)
     self.assertTrue( len(kb.kb.getData('codeDisclosure', 'codeDisclosure')) == 1 )
Ejemplo n.º 15
0
 def _sendEnd( self ):
     '''
     Sends an HTML indicating that w3af spiderMan plugin has finished its execution.
     '''
     html = '<html>spiderMan plugin finished its execution.</html>'
     headers = {'Content-Length': str(len(html))}
     
     r = httpResponse.httpResponse( 200, html, headers, 
         TERMINATE_URL, TERMINATE_URL,)
     self._sendToBrowser(r)
Ejemplo n.º 16
0
    def test_no_version(self):
        body = 'header <rss foo="3"> footer'
        url = url_object("http://www.w3af.com/")
        headers = {"content-type": "text/html"}
        response = httpResponse(200, body, headers, url, url)
        request = fuzzableRequest(url, method="GET")
        self.plugin.grep(request, response)

        self.assertEquals(len(kb.kb.getData("feeds", "feeds")), 1)
        i = kb.kb.getData("feeds", "feeds")[0]
        self.assertTrue("RSS" in i.getDesc())
        self.assertTrue("unknown" in i.getDesc())
Ejemplo n.º 17
0
 def test_save_load(self):
     i = random.randint(1, 499)
     url = url_object('http://w3af.com/a/b/c.php')
     fr = FuzzReq(url, dc={'a': ['1']})
     res = httpResponse(200, '<html>',{'Content-Type':'text/html'}, url, url)
     h1 = HistoryItem()
     h1.request = fr
     res.setId(i)
     h1.response = res
     h1.save()
     h2 = HistoryItem()
     h2.load(i)
     self.assertEqual(h1.request, h2.request)
     self.assertEqual(h1.response.body, h2.response.body)
Ejemplo n.º 18
0
 def test_mark(self):
     mark_id = random.randint(1, 499)
     url = url_object('http://w3af.org/a/b/c.php')
     for i in xrange(0, 500):
         fr = FuzzReq(url, dc={'a': ['1']})
         res = httpResponse(200, '<html>',{'Content-Type':'text/html'}, url, url)
         h1 = HistoryItem()
         h1.request = fr
         res.setId(i)
         h1.response = res
         if i == mark_id:
             h1.toggleMark()
         h1.save()
     h2 = HistoryItem()
     h2.load(mark_id)
     self.assertTrue(h2.mark)
Ejemplo n.º 19
0
 def test_delete(self):
     i = random.randint(1, 499)
     url = url_object('http://w3af.com/a/b/c.php')
     fr = FuzzReq(url, dc={'a': ['1']})
     res = httpResponse(200, '<html>',{'Content-Type':'text/html'}, url, url)
     h1 = HistoryItem()
     h1.request = fr
     res.setId(i)
     h1.response = res
     h1.save()
     h1.delete(i)
     try:
         h2 = h1.read(i)
     except:
         h2 = None
     self.assertEqual(h2, None)
Ejemplo n.º 20
0
 def test_applet(self):
     body = '''header
     <APPLET code="XYZApp.class" codebase="html/" align="baseline"
         width="200" height="200">
         <PARAM name="model" value="models/HyaluronicAcid.xyz">
         No Java 2 SDK, Standard Edition v 1.4.2 support for APPLET!!
     </APPLET>        
     footer'''
     url = url_object('http://www.w3af.com/')
     headers = {'content-type': 'text/html'}
     response = httpResponse(200, body , headers, url, url)
     request = fuzzableRequest(url, method='GET')
     self.plugin.grep(request, response)
     
     self.assertEquals( len(kb.kb.getData('objects', 'applet')), 1 )
     i = kb.kb.getData('objects', 'applet')[0]
     self.assertTrue( '"applet"' in i.getDesc() )
Ejemplo n.º 21
0
 def test_object(self):
     body = '''header
     <OBJECT 
       classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"
       width="200" height="200">
       <PARAM name="code" value="Applet1.class">
     </OBJECT>        
     footer'''
     url = url_object('http://www.w3af.com/')
     headers = {'content-type': 'text/html'}
     response = httpResponse(200, body , headers, url, url)
     request = fuzzableRequest(url, method='GET')
     self.plugin.grep(request, response)
     
     self.assertEquals( len(kb.kb.getData('objects', 'object')), 1 )
     i = kb.kb.getData('objects', 'object')[0]
     self.assertTrue( '"object"' in i.getDesc() )
Ejemplo n.º 22
0
        def profile_me():
            '''
            To be profiled
            '''
            for _ in xrange(1):
                for counter in xrange(1,5):
                    
                    file_name = 'test-' + str(counter) + '.html'
                    file_path = os.path.join('plugins','tests','grep',file_name)
                    
                    body = file( file_path ).read()
                    response = httpResponse(200, body, {'Content-Type': 'text/html'},
                                            url_object( self.url_str + str(counter) ),
                                            url_object( self.url_str + str(counter) ) )

                    request = fuzzableRequest(self.url_inst)
                    for pinst in self._plugins:
                        pinst.grep( request, response )
Ejemplo n.º 23
0
    def http_response(self, request, response):

        if len( self._pluginList ) and response._connection.sock is not None:
            # Create the httpResponse object
            code, msg, hdrs = response.code, response.msg, response.info()
            url_instance = url_object( response.geturl() )
            body = response.read()
            # Id is not here, the mangle is done BEFORE logging
            # id = response.id

            httpRes = httpResponse.httpResponse( code, body, hdrs, url_instance, request.url_object, msg=msg)
            
            for plugin in self._pluginList:
                plugin.mangleResponse( httpRes )
            
            response = self._httpResponse2httplib( response, httpRes )

        return response
Ejemplo n.º 24
0
    def test_tag(self):
        tag_id = random.randint(501, 999)
        tag_value = createRandAlNum(10)
        url = url_object('http://w3af.org/a/b/c.php')

        for i in xrange(501, 1000):
            fr = FuzzReq(url, dc={'a': ['1']})
            res = httpResponse(200, '<html>',{'Content-Type':'text/html'}, url, url)
            h1 = HistoryItem()
            h1.request = fr
            res.setId(i)
            h1.response = res
            if i == tag_id:
                h1.updateTag(tag_value)
            h1.save()

        h2 = HistoryItem()
        h2.load(tag_id)
        self.assertEqual(h2.tag, tag_value)
Ejemplo n.º 25
0
 def _new_no_content_resp(self, uri, log_it=False):
     '''
     Return a new NO_CONTENT httpResponse object. Optionally call the
     subscribed log handlers
     
     @param uri: URI string or request object
     @param log_it: Boolean that indicated whether to log request
         and response.        
     '''
     nc_resp = httpResponse(NO_CONTENT, '', {}, uri, uri, msg='No Content')
     if log_it:
         # accept a URI or a Request object
         if isinstance(uri, basestring):
             req = HTTPRequest(uri)
         else:
             req = uri
         # This also assign a the id to both objects.
         logHandler.logHandler().http_response(req, nc_resp)
     else:
         nc_resp.id = seq_gen.inc()
     return nc_resp
Ejemplo n.º 26
0
 def http_response(self, request, response):
     if len( self._pluginList ):
         # Create the httpResponse object
         code, msg, hdrs = response.code, response.msg, response.info()
         url = response.geturl()
         body = response.read()
         # Id is not here, the mangle is done BEFORE logging
         # id = response.id
         httpRes = httpResponse.httpResponse( code, body, hdrs, url, url, msg=msg)
         
         for plugin in self._pluginList:
             plugin.mangleResponse( httpRes )
         
         if response._connection.sock is None:
             # This fixes bug #1982106
             # https://sourceforge.net/tracker/index.php?func=detail&aid=1982106&group_id=170274&atid=853652
             # Returning None is like saying "I don't know what to do with this, let the next handler manage it".
             ### FIXME: Does this work?
             return None
         else:
             response = self._httpResponse2httplib( response, httpRes )
     return response
Ejemplo n.º 27
0
    def _log_request_response( self, request, response ):
        '''
        Send the request and the response to the output manager.
        '''
        method = request.get_method()
        url =  request.get_full_url()
        headers = request.headers
        postData = request.get_data()

        for i in request.unredirected_hdrs.keys():
            headers[ i ] = request.unredirected_hdrs[ i ]
        fr = createFuzzableRequestRaw(method, url, postData, headers)

        if isinstance(response, httpResponse.httpResponse):
            res = response
        else:
            code, msg, hdrs = response.code, response.msg, response.info()
            url = response.geturl()
            body = response.read()
            id = response.id
            # BUGBUG: This is where I create/log the responses that always have 0.2 as the time!
            res = httpResponse.httpResponse( code, body, hdrs, url, url, msg=msg, id=id)
        om.out.logHttp( fr, res )
Ejemplo n.º 28
0
    def _log_request_response(self, request, response):
        '''
        Send the request and the response to the output manager.
        '''        
        headers = dict(request.headers)
        headers.update(request.unredirected_hdrs)
    
        fr = createFuzzableRequestRaw(method=request.get_method(),
                                      url=request.url_object,
                                      postData=request.get_data(),
                                      headers=headers)

        if isinstance(response, httpResponse.httpResponse):
            res = response
        else:
            code, msg, hdrs = response.code, response.msg, response.info()
            url = response.geturl()
            body = response.read()
            id = response.id
            # BUGBUG: This is where I create/log the responses that always have 0.2 as the time!
            url_instance = url_object( url )
            res = httpResponse.httpResponse(code, body, hdrs, request.url_object, url_instance, msg=msg, id=id)
        
        om.out.logHttp(fr, res)
Ejemplo n.º 29
0
        screen_width = gtk.gdk.screen_width()
        screeen_height = gtk.gdk.screen_height()
    
        pos_x = treeview.get_bin_window().get_origin()[0] + event.x - popup_width/2
        if pos_x < 0:
            pos_x = 0
        elif pos_x + popup_width > screen_width:
            pos_x = screen_width - popup_width
            
        pos_y = cell_y_ + 3
        if pos_y + popup_height > screeen_height:
            pos_y = cell_y - 3 - popup_height
        
        return (pos_x , pos_y)
        
def main():
    gtk.main()

if __name__ == "__main__":
    # We create the data
    data = [
        httpResponse(200, 'my data1 looks like this and has no errors', {}, 'http://a/index.html', 'http://a/index.html', id=1),
        httpResponse(200, 'errors? i like errors like this one: SQL', {}, 'http://a/index.html', 'http://a/index.html', id=2),
        httpResponse(200, 'my data is really happy', {}, 'http://a/index.html', 'http://a/index.html', id=3),
        httpResponse(200, 'my data1 loves me', {}, 'http://a/index.html', 'http://a/index.html', id=4),
        httpResponse(200, 'my data likes me', {}, 'http://a/index.html', 'http://a/index.html', id=5)
        ]
            
    cl_win = clusterCellWindow( data=data )
    main()
Ejemplo n.º 30
0
def _build_http_response(url, body_content, headers={}):
    if "content-type" not in headers:
        headers["content-type"] = "text/html"
    return httpResponse(200, body_content, headers, url, url, charset="utf-8")
Ejemplo n.º 31
0
                 res.id)
            else:                
                msg = '%s %s with data: "%s" returned HTTP code "%s" - id: %s'\
                % (req.get_method(), original_url, urllib.unquote_plus(rdata),
                   res.code, res.id)

            if hasattr(res, 'from_cache'):
                msg += ' - from cache.'
            om.out.debug(msg)

            code = int(res.code)
            info = res.info()
            geturl = res.geturl()
            read = self._readRespose(res)
            httpResObj = httpResponse(code, read, info, geturl, original_url,
                                      id=res.id, time=time.time() - start_time,
                                      msg=res.msg)
            # Let the upper layers know that this response came from the local cache.
            if isinstance(res, CachedResponse):
                httpResObj.setFromCache(True)

            # Clear the log of failed requests; this request is done!
            req_id = id(req)
            if req_id in self._errorCount:
                del self._errorCount[req_id]
            self._zeroGlobalErrorCount()

            if grepResult:
                self._grepResult(req, httpResObj)
            else:
                om.out.debug('No grep for : ' + geturl + ' , the plugin sent grepResult=False.')