def test_no_cookie(self): freq = HTTPQSRequest(self.url) generated_mutants = CookieMutant.create_mutants( freq, self.payloads, [], False, self.fuzzer_config) self.assertEqual(len(generated_mutants), 0, generated_mutants)
def test_not_qs_request(self): fuzzer_config = {"fuzz_cookies": True} freq = HTTPPostDataRequest(URL("http://www.w3af.com/foo/bar")) generated_mutants = CookieMutant.create_mutants(freq, self.payloads, [], False, fuzzer_config) self.assertEqual(len(generated_mutants), 0, generated_mutants)
def test_not_qs_request(self): fuzzer_config = {'fuzz_cookies': True} freq = HTTPPostDataRequest(URL('http://www.w3af.com/foo/bar')) generated_mutants = CookieMutant.create_mutants( freq, self.payloads, [], False, fuzzer_config) self.assertEqual(len(generated_mutants), 0, generated_mutants)
def test_config_true(self): fuzzer_config = {"fuzz_cookies": True} cookie = Cookie("foo=bar; spam=eggs") freq = HTTPQSRequest(self.url, cookie=cookie) generated_mutants = CookieMutant.create_mutants(freq, self.payloads, [], False, fuzzer_config) self.assertNotEqual(len(generated_mutants), 0, generated_mutants)
def test_config_true(self): fuzzer_config = {'fuzz_cookies': True} cookie = Cookie('foo=bar; spam=eggs') freq = HTTPQSRequest(self.url, cookie=cookie) generated_mutants = CookieMutant.create_mutants( freq, self.payloads, [], False, fuzzer_config) self.assertNotEqual(len(generated_mutants), 0, generated_mutants)
def test_basics(self): cookie = Cookie('foo=bar; spam=eggs') freq = HTTPQSRequest(self.url, cookie=cookie) m = CookieMutant(freq) m.set_var('foo', 0) m.set_mod_value('abc') self.assertEqual(m.get_url().url_string, 'http://moth/') self.assertEqual(str(m.get_cookie()), 'foo=abc; spam=eggs;') expected_mod_value = 'The cookie data that was sent is: "foo=abc;'\ ' spam=eggs;".' generated_mod_value = m.print_mod_value() self.assertEqual(generated_mod_value, expected_mod_value) expected_found_at = '"http://moth/", using HTTP method GET. The modified'\ ' parameter was the session cookie with value: '\ '"foo=abc; spam=eggs;".' generated_found_at = m.found_at() self.assertEqual(generated_found_at, expected_found_at)
def test_valid_results(self): cookie = Cookie("foo=bar; spam=eggs") freq = HTTPQSRequest(self.url, cookie=cookie) generated_mutants = CookieMutant.create_mutants(freq, self.payloads, [], False, self.fuzzer_config) self.assertEqual(len(generated_mutants), 4, generated_mutants) expected_cookies = ["foo=abc; spam=eggs;", "foo=def; spam=eggs;", "foo=bar; spam=abc;", "foo=bar; spam=def;"] generated_cookies = [str(m.get_cookie()) for m in generated_mutants] self.assertEqual(expected_cookies, generated_cookies) generated_cookies = [str(m.get_dc()) for m in generated_mutants] self.assertEqual(expected_cookies, generated_cookies)
def test_basics(self): cookie = Cookie("foo=bar; spam=eggs") freq = HTTPQSRequest(self.url, cookie=cookie) m = CookieMutant(freq) m.set_var("foo", 0) m.set_mod_value("abc") self.assertEqual(m.get_url().url_string, "http://moth/") self.assertEqual(str(m.get_cookie()), "foo=abc; spam=eggs;") expected_mod_value = 'The cookie data that was sent is: "foo=abc;' ' spam=eggs;".' generated_mod_value = m.print_mod_value() self.assertEqual(generated_mod_value, expected_mod_value) expected_found_at = ( '"http://moth/", using HTTP method GET. The modified' " parameter was the session cookie with value: " '"foo=abc; spam=eggs;".' ) generated_found_at = m.found_at() self.assertEqual(generated_found_at, expected_found_at)
def test_valid_results(self): cookie = Cookie('foo=bar; spam=eggs') freq = HTTPQSRequest(self.url, cookie=cookie) generated_mutants = CookieMutant.create_mutants( freq, self.payloads, [], False, self.fuzzer_config) self.assertEqual(len(generated_mutants), 4, generated_mutants) expected_cookies = [ 'foo=abc; spam=eggs;', 'foo=def; spam=eggs;', 'foo=bar; spam=abc;', 'foo=bar; spam=def;' ] generated_cookies = [str(m.get_cookie()) for m in generated_mutants] self.assertEqual(expected_cookies, generated_cookies) generated_cookies = [str(m.get_dc()) for m in generated_mutants] self.assertEqual(expected_cookies, generated_cookies)
def test_no_cookie(self): freq = HTTPQSRequest(self.url) generated_mutants = CookieMutant.create_mutants(freq, self.payloads, [], False, self.fuzzer_config) self.assertEqual(len(generated_mutants), 0, generated_mutants)