def test_basic(self):
freq = FuzzableRequest(URL('http://www.w3af.com/'))
fake_ref = 'http://w3af.org/'
mutant = HeadersMutant(freq.copy())
mutant.set_var('Referer')
original_referer = freq.get_referer()
mutant.set_original_value(original_referer)
mutant.set_mod_value(fake_ref)
self.assertEqual(mutant.get_headers()['Referer'], fake_ref)
self.assertEqual(mutant.get_original_value(), original_referer)
def test_basic(self):
freq = FuzzableRequest(URL('http://www.w3af.com/'))
fake_ref = 'http://w3af.org/'
mutant = HeadersMutant(freq.copy())
mutant.set_var('Referer')
original_referer = freq.get_referer()
mutant.set_original_value(original_referer)
mutant.set_mod_value(fake_ref)
self.assertEqual(mutant.get_headers()['Referer'], fake_ref)
self.assertEqual(mutant.get_original_value(), original_referer)
def test_mutant_creation(self):
url = URL('http://moth/?a=1&b=2')
original_referer = 'http://moths/'
headers = Headers([('Referer', original_referer)])
freq = FuzzableRequest(url, headers=headers)
created_mutants = HeadersMutant.create_mutants(freq, self.payloads, [],
False,
self.fuzzer_config)
expected_strs = {'Referer: abc\r\n', 'Referer: def\r\n'}
expected_dcs = [
Headers([('Referer', 'abc')]),
Headers([('Referer', 'def')])
]
created_dcs = [i.get_dc() for i in created_mutants]
created_strs = set([str(i.get_dc()) for i in created_mutants])
self.assertEqual(created_dcs, expected_dcs)
self.assertEqual(created_strs, expected_strs)
token = created_mutants[0].get_token()
self.assertEqual(token.get_name(), 'Referer')
self.assertEqual(token.get_original_value(), original_referer)
self.assertEqual(token.get_value(), 'abc')
token = created_mutants[1].get_token()
self.assertEqual(token.get_name(), 'Referer')
self.assertEqual(token.get_original_value(), original_referer)
self.assertEqual(token.get_value(), 'def')
for m in created_mutants:
self.assertIsInstance(m, HeadersMutant)
def test_mutant_creation(self):
url = URL('http://moth/?a=1&b=2')
headers = Headers([('Referer', 'http://moth/')])
freq = HTTPQSRequest(url, headers=headers)
created_mutants = HeadersMutant.create_mutants(freq, self.payloads, [],
False,
self.fuzzer_config)
expected_dc_lst = [
Headers([('Referer', 'abc')]),
Headers([('Referer', 'def')])
]
created_dc_lst = [i.get_dc() for i in created_mutants]
self.assertEqual(created_dc_lst, expected_dc_lst)
self.assertEqual(created_mutants[0].get_var(), 'Referer')
self.assertEqual(created_mutants[0].get_var_index(), 0)
self.assertEqual(created_mutants[0].get_original_value(), '')
self.assertEqual(created_mutants[1].get_var(), 'Referer')
self.assertEqual(created_mutants[1].get_var_index(), 0)
self.assertEqual(created_mutants[1].get_original_value(), '')
self.assertTrue(
all(isinstance(m, HeadersMutant) for m in created_mutants))
def test_mutant_creation(self):
url = URL('http://moth/?a=1&b=2')
original_referer = 'http://moths/'
headers = Headers([('Referer', original_referer)])
freq = FuzzableRequest(url, headers=headers)
created_mutants = HeadersMutant.create_mutants(freq, self.payloads, [],
False,
self.fuzzer_config)
expected_strs = {'Referer: abc\r\n',
'Referer: def\r\n'}
expected_dcs = [Headers([('Referer', 'abc')]),
Headers([('Referer', 'def')])]
created_dcs = [i.get_dc() for i in created_mutants]
created_strs = set([str(i.get_dc()) for i in created_mutants])
self.assertEqual(created_dcs, expected_dcs)
self.assertEqual(created_strs, expected_strs)
token = created_mutants[0].get_token()
self.assertEqual(token.get_name(), 'Referer')
self.assertEqual(token.get_original_value(), original_referer)
self.assertEqual(token.get_value(), 'abc')
token = created_mutants[1].get_token()
self.assertEqual(token.get_name(), 'Referer')
self.assertEqual(token.get_original_value(), original_referer)
self.assertEqual(token.get_value(), 'def')
for m in created_mutants:
self.assertIsInstance(m, HeadersMutant)
def _is_origin_checked(self, freq, orig_response):
"""
:return: True if the remote web application verifies the Referer before
processing the HTTP request.
"""
fake_ref = 'http://www.w3af.org/'
mutant = HeadersMutant(copy.deepcopy(freq))
headers = mutant.get_dc()
headers['Referer'] = fake_ref
mutant.set_token(('Referer',))
mutant_response = self._uri_opener.send_mutant(mutant)
if not self._is_resp_equal(orig_response, mutant_response):
return True
return False
def create_mutant(self, freq, header_name):
headers = freq.get_headers()
headers[header_name] = ""
freq.set_headers(headers)
fuzzer_config = {"fuzzable_headers": [TEST_HEADER]}
mutant = HeadersMutant.create_mutants(freq, [""], [TEST_HEADER], False, fuzzer_config)[0]
return mutant
def create_mutant(self, freq, header_name):
headers = freq.get_headers()
headers[header_name] = ''
freq.set_headers(headers)
fuzzer_config = {'fuzzable_headers': [TEST_HEADER]}
mutant = HeadersMutant.create_mutants(freq, [''], [TEST_HEADER],
False, fuzzer_config)[0]
return mutant
def create_mutants(self, freq, headers_name):
for header_name in headers_name:
headers = freq.get_headers()
headers[header_name] = ''
freq.set_headers(headers)
fuzzer_config = {'fuzzable_headers': [header_name]}
mutant = HeadersMutant.create_mutants(freq, [''], [header_name],
False, fuzzer_config)[0]
yield mutant
def test_found_at(self):
headers = Headers([('Referer', 'http://moth/')])
freq = FuzzableRequest(URL('http://www.w3af.com/?id=3'),
headers=headers)
m = HeadersMutant(freq)
m.get_dc().set_token(('Referer', ))
m.set_token_value('foo')
expected = '"http://www.w3af.com/", using HTTP method GET. The'\
' modified header was: "Referer" and it\'s value was: "foo".'
self.assertEqual(m.found_at(), expected)
def _is_origin_checked(self, freq, orig_response):
"""
:return: True if the remote web application verifies the Referer before
processing the HTTP request.
"""
fake_ref = 'http://www.w3af.org/'
mutant = HeadersMutant(freq.copy())
mutant.set_var('Referer')
mutant.set_original_value(freq.get_referer())
mutant.set_mod_value(fake_ref)
mutant_response = self._uri_opener.send_mutant(mutant)
if not self._is_resp_equal(orig_response, mutant_response):
return True
return False
def test_basic(self):
referer_1 = 'http://w3af.org/'
referer_2 = 'http://spam.w3af.org/'
freq = FuzzableRequest(URL('http://www.w3af.com/'),
headers=Headers([('Referer', referer_1)]))
self.assertEqual(freq.get_referer(), referer_1)
m = HeadersMutant(freq)
m.get_dc().set_token(('Referer', ))
m.set_token_value(referer_2)
self.assertEqual(m.get_token_value(), referer_2)
def test_found_at(self):
headers = Headers([('Referer', 'http://moth/')])
freq = FuzzableRequest(URL('http://www.w3af.com/?id=3'),
headers=headers)
m = HeadersMutant(freq)
m.set_var('Referer')
m.set_mod_value('foo')
expected = '"http://www.w3af.com/", using HTTP method GET. The modified'\
' header was: "Referer" and it\'s value was: "foo".'
self.assertEqual(m.found_at(), expected)
def _is_origin_checked(self, freq, orig_response):
"""
:return: True if the remote web application verifies the Referer before
processing the HTTP request.
"""
fake_ref = 'http://www.w3af.org/'
mutant = HeadersMutant(freq.copy())
mutant.set_var('Referer')
mutant.set_original_value(freq.get_referer())
mutant.set_mod_value(fake_ref)
mutant_response = self._uri_opener.send_mutant(mutant)
if not self._is_resp_equal(orig_response, mutant_response):
return True
return False
def test_basic(self):
referer_1 = 'http://w3af.org/'
referer_2 = 'http://spam.w3af.org/'
freq = FuzzableRequest(URL('http://www.w3af.com/'),
headers=Headers([('Referer', referer_1)]))
self.assertEqual(freq.get_referer(), referer_1)
m = HeadersMutant(freq)
m.get_dc().set_token(('Referer',))
m.set_token_value(referer_2)
self.assertEqual(m.get_token_value(), referer_2)
def test_mutant_creation(self):
url = URL('http://moth/?a=1&b=2')
headers = Headers([('Referer', 'http://moth/')])
freq = HTTPQSRequest(url, headers=headers)
created_mutants = HeadersMutant.create_mutants(freq, self.payloads, [],
False, self.fuzzer_config)
expected_dc_lst = [Headers([('Referer', 'abc')]),
Headers([('Referer', 'def')])]
created_dc_lst = [i.get_dc() for i in created_mutants]
self.assertEqual(created_dc_lst, expected_dc_lst)
self.assertEqual(created_mutants[0].get_var(), 'Referer')
self.assertEqual(created_mutants[0].get_var_index(), 0)
self.assertEqual(created_mutants[0].get_original_value(), '')
self.assertEqual(created_mutants[1].get_var(), 'Referer')
self.assertEqual(created_mutants[1].get_var_index(), 0)
self.assertEqual(created_mutants[1].get_original_value(), '')
self.assertTrue(
all(isinstance(m, HeadersMutant) for m in created_mutants))
