def establishMethods(wrapper=None, dictionary=None, automate=None, simultaneous=None):
if wrapper != None:
methods = wrapper.getMethods()
total = len(methods)
counter = 0
while counter < total:
print "\nMethod[%s]: %s" % (counter, methods[counter])
print "Params:"
paramsHash = wrapper.getParamsOfMethod(methods[counter])
for param in paramsHash.keys():
print "\t" + param + "(" + paramsHash[param] + ")"
counter = counter + 1
methodsChosen = raw_input("\nSelect the methods you want to Fuzz(ex: 0,1,2,3 or A for All)\nMethods: ")
methodsChosen = methodsChosen.strip('\r')
if (methodsChosen == 'A'):
methodsArray = []
num = 0
for w in wrapper.getMethods():
methodsArray.append(num)
num += 1
else:
methodsArray = methodsChosen.split(',')
pcount = 0
for m in methodsArray:
for p in wrapper.getParamsOfMethod(methods[int(m)]):
pcount += 1
if pcount > 1 and simultaneous is None:
vars.simultaneous = raw_input("\nWould you like to attack all the chosen params simultaneously? ")
vars.simultaneous = vars.simultaneous.strip('\r')
elif simultaneous is None:
vars.simultaneous = "No"
# simultaneous mode chosen
if y.search(vars.simultaneous):
fuzzer.setSim(True)
if vars.attacks is None:
if dictionary is None:
dictionary = genUtils.defineDictionaryName(0)
if automate is None:
automate = genUtils.getAutoAttackResponse(0)
for methodInt in methodsArray:
print "\nMethod: " + methods[int(methodInt)]
method = Fuzzer.Method(methods[int(methodInt)])
paramsHash = wrapper.getParamsOfMethod(methods[int(methodInt)])
for param in paramsHash.keys():
print "\tParameter: " + param + " Type: " + paramsHash[param]
if vars.allparams is not None and y.search(vars.allparams):
fuzzChosen = 'yes'
else:
fuzzChosen = raw_input("\nWould you like to fuzz this param: ")
fuzzChosen = fuzzChosen.strip('\r')
fuzzThisParam = False
if vars.attacks is None:
fuzzer.setDictType("standard")
fuzzer.initObjects()
if y.search(automate):
fuzzType = Fuzzer.DictionaryFuzz(dictionary, "standard", True)
fuzzer.setAuto(True)
else:
fuzzType = Fuzzer.DictionaryFuzz(dictionary, "standard")
else:
fuzzType = Fuzzer.DictionaryFuzz(dictionaryType="payload")
fuzzer.setSaveFileName(vars.attacks)
fuzzType.setDictionaryFileName(vars.attacks)
fuzzer.setDictType("payload")
if (y.search(fuzzChosen)):
print "\tFuzzing this param"
fuzzThisParam = True
parameter = Fuzzer.Parameter(param, paramsHash[param], fuzzType, fuzzThisParam)
method.addParameter(parameter)
fuzzer.addMethodToFuzz(method)
else:
for methodInt in methodsArray:
print "\nMethod: " + methods[int(methodInt)]
method = Fuzzer.Method(methods[int(methodInt)])
paramsHash = wrapper.getParamsOfMethod(methods[int(methodInt)])
for param in paramsHash.keys():
if vars.attacks is None:
fuzzChosen = genUtils.defineFuzzType(param)
fuzzThisParam = False
fuzzType = None
else:
fuzzChosen = 1
if(fuzzChosen == 0):
print "\nNot fuzzing this param"
fuzzThisParam = False
elif (fuzzChosen == 1):
print "\tFuzzing using dictionary"
if vars.attacks is None:
if dictionary is None:
dictionary = genUtils.defineDictionaryName(0)
if automate is None:
automate = genUtils.getAutoAttackResponse(0)
if vars.attacks is None:
fuzzer.setDictType("standard")
fuzzer.initObjects()
if y.search(automate):
fuzzType = Fuzzer.DictionaryFuzz(dictionary, "standard", True)
fuzzer.setAuto(True)
else:
fuzzType = Fuzzer.DictionaryFuzz(dictionary, "standard")
else:
fuzzType = Fuzzer.DictionaryFuzz(dictionaryType="payload")
fuzzer.setDictType("payload")
fuzzer.setSaveFileName(vars.attacks)
fuzzType.setDictionaryFileName(vars.attacks)
fuzzThisParam = True
elif (fuzzChosen == 2):
print "\nFuzzing using patterns not implemented yet\n\n"
sys.exit(0)
else:
print "Input not valid\n\n"
sys.exit(0)
parameter = Fuzzer.Parameter(param, paramsHash[param], fuzzType, fuzzThisParam)
method.addParameter(parameter)
fuzzer.addMethodToFuzz(method)
wrapper.setParamType(method, p, pp)
pcount += 1
if pcount > 1 and vars.simultaneous is None:
vars.simultaneous = raw_input("\nWould you like to attack all the chosen params simultaneously? ")
vars.simultaneous = vars.simultaneous.strip('\r')
elif vars.simultaneous is None:
vars.simultaneous = 'No'
# simultaneous mode chosen
if y.search(vars.simultaneous):
fuzzer.setSim(True)
if vars.attacks is None:
if vars.dictionary is None:
vars.dictionary = genUtils.defineDictionaryName(0)
if vars.automate is None:
vars.automate = genUtils.getAutoAttackResponse(0)
for param in paramsArray:
print "\tParameter: " + param
if vars.allparams is not None and y.search(vars.allparams):
fuzzChosen = 'yes'
else:
fuzzChosen = raw_input("\nWould you like to fuzz this param: ")
fuzzChosen = fuzzChosen.strip('\r')
fuzzThisParam = False
if vars.attacks is None: