def test_no_cookie(self):
freq = HTTPQSRequest(self.url)
generated_mutants = CookieMutant.create_mutants(
freq, self.payloads, [], False, self.fuzzer_config)
self.assertEqual(len(generated_mutants), 0, generated_mutants)
def test_not_qs_request(self):
fuzzer_config = {"fuzz_cookies": True}
freq = HTTPPostDataRequest(URL("http://www.w3af.com/foo/bar"))
generated_mutants = CookieMutant.create_mutants(freq, self.payloads, [], False, fuzzer_config)
self.assertEqual(len(generated_mutants), 0, generated_mutants)
def test_not_qs_request(self):
fuzzer_config = {'fuzz_cookies': True}
freq = HTTPPostDataRequest(URL('http://www.w3af.com/foo/bar'))
generated_mutants = CookieMutant.create_mutants(
freq, self.payloads, [], False, fuzzer_config)
self.assertEqual(len(generated_mutants), 0, generated_mutants)
def test_config_true(self):
fuzzer_config = {"fuzz_cookies": True}
cookie = Cookie("foo=bar; spam=eggs")
freq = HTTPQSRequest(self.url, cookie=cookie)
generated_mutants = CookieMutant.create_mutants(freq, self.payloads, [], False, fuzzer_config)
self.assertNotEqual(len(generated_mutants), 0, generated_mutants)
def test_config_true(self):
fuzzer_config = {'fuzz_cookies': True}
cookie = Cookie('foo=bar; spam=eggs')
freq = HTTPQSRequest(self.url, cookie=cookie)
generated_mutants = CookieMutant.create_mutants(
freq, self.payloads, [], False, fuzzer_config)
self.assertNotEqual(len(generated_mutants), 0, generated_mutants)
def test_basics(self):
cookie = Cookie('foo=bar; spam=eggs')
freq = HTTPQSRequest(self.url, cookie=cookie)
m = CookieMutant(freq)
m.set_var('foo', 0)
m.set_mod_value('abc')
self.assertEqual(m.get_url().url_string, 'http://moth/')
self.assertEqual(str(m.get_cookie()), 'foo=abc; spam=eggs;')
expected_mod_value = 'The cookie data that was sent is: "foo=abc;'\
' spam=eggs;".'
generated_mod_value = m.print_mod_value()
self.assertEqual(generated_mod_value, expected_mod_value)
expected_found_at = '"http://moth/", using HTTP method GET. The modified'\
' parameter was the session cookie with value: '\
'"foo=abc; spam=eggs;".'
generated_found_at = m.found_at()
self.assertEqual(generated_found_at, expected_found_at)
def test_valid_results(self):
cookie = Cookie("foo=bar; spam=eggs")
freq = HTTPQSRequest(self.url, cookie=cookie)
generated_mutants = CookieMutant.create_mutants(freq, self.payloads, [], False, self.fuzzer_config)
self.assertEqual(len(generated_mutants), 4, generated_mutants)
expected_cookies = ["foo=abc; spam=eggs;", "foo=def; spam=eggs;", "foo=bar; spam=abc;", "foo=bar; spam=def;"]
generated_cookies = [str(m.get_cookie()) for m in generated_mutants]
self.assertEqual(expected_cookies, generated_cookies)
generated_cookies = [str(m.get_dc()) for m in generated_mutants]
self.assertEqual(expected_cookies, generated_cookies)
def test_basics(self):
cookie = Cookie("foo=bar; spam=eggs")
freq = HTTPQSRequest(self.url, cookie=cookie)
m = CookieMutant(freq)
m.set_var("foo", 0)
m.set_mod_value("abc")
self.assertEqual(m.get_url().url_string, "http://moth/")
self.assertEqual(str(m.get_cookie()), "foo=abc; spam=eggs;")
expected_mod_value = 'The cookie data that was sent is: "foo=abc;' ' spam=eggs;".'
generated_mod_value = m.print_mod_value()
self.assertEqual(generated_mod_value, expected_mod_value)
expected_found_at = (
'"http://moth/", using HTTP method GET. The modified'
" parameter was the session cookie with value: "
'"foo=abc; spam=eggs;".'
)
generated_found_at = m.found_at()
self.assertEqual(generated_found_at, expected_found_at)
def test_valid_results(self):
cookie = Cookie('foo=bar; spam=eggs')
freq = HTTPQSRequest(self.url, cookie=cookie)
generated_mutants = CookieMutant.create_mutants(
freq, self.payloads, [], False, self.fuzzer_config)
self.assertEqual(len(generated_mutants), 4, generated_mutants)
expected_cookies = [
'foo=abc; spam=eggs;', 'foo=def; spam=eggs;', 'foo=bar; spam=abc;',
'foo=bar; spam=def;'
]
generated_cookies = [str(m.get_cookie()) for m in generated_mutants]
self.assertEqual(expected_cookies, generated_cookies)
generated_cookies = [str(m.get_dc()) for m in generated_mutants]
self.assertEqual(expected_cookies, generated_cookies)
def test_no_cookie(self):
freq = HTTPQSRequest(self.url)
generated_mutants = CookieMutant.create_mutants(freq, self.payloads, [], False, self.fuzzer_config)
self.assertEqual(len(generated_mutants), 0, generated_mutants)
