def test_user_configured_find_in_file_upload_content(self):
"""
Do not send file content mutants unless the user configures it.
https://github.com/andresriancho/w3af/issues/3149
"""
# Set the value to False (True is the default)
cf.save('fuzz_form_files', False)
try:
self.scan_file_upload_fuzz_files()
finally:
# Restore the default
cf.save('fuzz_form_files', True)
xss_vulns = self.kb.get('xss', 'xss')
self.assertEqual(len(xss_vulns), 0, xss_vulns)
def test_user_configured_find_in_file_upload_content(self):
"""
Do not send file content mutants unless the user configures it.
https://github.com/andresriancho/w3af/issues/3149
"""
# Set the value to False (True is the default)
cf.save('fuzz_form_files', False)
try:
self.scan_file_upload_fuzz_files()
finally:
# Restore the default
cf.save('fuzz_form_files', True)
xss_vulns = self.kb.get('xss', 'xss')
self.assertEqual(len(xss_vulns), 0, xss_vulns)
def test_form_file_post_no_files(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', True) # This one changed
cf_singleton.save('fuzz_url_parts', False)
form_params = FormParameters()
form_params.add_field_by_attr_items([("name", "username"), ("value", "")])
form_params.add_field_by_attr_items([("name", "address"), ("value", "")])
form = URLEncodedForm(form_params)
freq = FuzzableRequest(URL('http://www.w3af.com/?id=3'), post_data=form,
method='PUT')
mutants = create_mutants(freq, self.payloads)
self.assertTrue(all(isinstance(m, QSMutant) for m in mutants[:2]))
self.assertTrue(all(isinstance(m, PostDataMutant) for m in mutants[4:]))
self.assertTrue(all(m.get_method() == 'PUT' for m in mutants))
expected_uris = {'http://www.w3af.com/?id=abc',
'http://www.w3af.com/?id=def',
'http://www.w3af.com/?id=3',
'http://www.w3af.com/?id=3',
'http://www.w3af.com/?id=3',
'http://www.w3af.com/?id=3'}
created_uris = set([i.get_uri().url_string for i in mutants])
self.assertEqual(expected_uris, created_uris)
expected_dcs = {'id=abc', 'id=def',
'username=abc&address=Bonsai%20Street%20123',
'username=def&address=Bonsai%20Street%20123',
'username=John8212&address=abc',
'username=John8212&address=def'}
created_dcs = set([str(i.get_dc()) for i in mutants])
self.assertEqual(created_dcs, expected_dcs)
def test_qs_and_cookie(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', True) # This one changed
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', False)
url = URL('http://moth/?id=1')
# And now there is a cookie
cookie = Cookie('foo=bar')
freq = HTTPQSRequest(url, cookie=cookie)
generated_mutants = create_mutants(freq, self.payloads)
expected_urls = [
u'http://moth/?id=abc', u'http://moth/?id=def',
u'http://moth/?id=1', u'http://moth/?id=1'
]
generated_urls = [m.get_uri().url_string for m in generated_mutants]
self.assertEqual(generated_urls, expected_urls)
expected_cookies = ['foo=bar;', 'foo=bar;', 'foo=abc;', 'foo=def;']
generated_cookies = [str(m.get_cookie()) for m in generated_mutants]
self.assertEqual(expected_cookies, generated_cookies)
self.assertTrue(
all(
isinstance(m, QSMutant) or isinstance(m, CookieMutant)
for m in generated_mutants))
def test_urlparts_filename_path_qs(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', True) # This one changed
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', True) # This one changed
url = URL('http://moth/foo/bar.htm?id=1')
freq = FuzzableRequest(url)
generated_mutants = create_mutants(freq, self.payloads)
generated_uris = [m.get_uri().url_string for m in generated_mutants]
expected_uris = [
'http://moth/foo/bar.htm?id=abc',
'http://moth/foo/bar.htm?id=def',
'http://moth/foo/abc.htm',
'http://moth/foo/def.htm',
'http://moth/foo/bar.abc',
'http://moth/foo/bar.def',
'http://moth/abc/bar.htm',
'http://moth/def/bar.htm',
'http://moth/foo/abc',
'http://moth/foo/def',
]
self.assertEqual(generated_uris, expected_uris)
def test_form_file_post_no_files(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', True) # This one changed
cf_singleton.save('fuzz_url_parts', False)
form_params = FormParameters()
form_params.add_field_by_attr_items([("name", "username"),
("value", "")])
form_params.add_field_by_attr_items([("name", "address"),
("value", "")])
form = URLEncodedForm(form_params)
freq = FuzzableRequest(URL('http://www.w3af.com/?id=3'),
post_data=form,
method='PUT')
mutants = create_mutants(freq, self.payloads)
self.assertTrue(all(isinstance(m, QSMutant) for m in mutants[:2]))
self.assertTrue(all(
isinstance(m, PostDataMutant) for m in mutants[4:]))
self.assertTrue(all(m.get_method() == 'PUT' for m in mutants))
expected_uris = {
'http://www.w3af.com/?id=abc', 'http://www.w3af.com/?id=def',
'http://www.w3af.com/?id=3', 'http://www.w3af.com/?id=3',
'http://www.w3af.com/?id=3', 'http://www.w3af.com/?id=3'
}
created_uris = set([i.get_uri().url_string for i in mutants])
self.assertEqual(expected_uris, created_uris)
expected_dcs = {
'id=abc', 'id=def', 'username=abc&address=Bonsai%20Street%20123',
'username=def&address=Bonsai%20Street%20123',
'username=John8212&address=abc', 'username=John8212&address=def'
}
created_dcs = set([str(i.get_dc()) for i in mutants])
self.assertEqual(created_dcs, expected_dcs)
def test_qs_and_cookie(self):
"""
Even when fuzz_cookies is True, we won't create HeaderMutants based
on a FuzzableRequest. This is one of the ugly things related with
https://github.com/andresriancho/w3af/issues/3149
Which we fixed!
"""
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', True) # This one changed
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', False)
url = URL('http://moth/?id=1')
# And now there is a cookie
cookie = Cookie('foo=bar')
freq = FuzzableRequest(url, cookie=cookie)
mutants = create_mutants(freq, self.payloads)
expected_urls = [
u'http://moth/?id=abc', u'http://moth/?id=def',
u'http://moth/?id=1', u'http://moth/?id=1'
]
generated_urls = [m.get_uri().url_string for m in mutants]
self.assertEqual(generated_urls, expected_urls)
self.assertAllInstance(mutants[:2], QSMutant)
self.assertAllInstance(mutants[2:], CookieMutant)
self.assertAllHaveTokens(mutants)
def test_simple(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', False)
url = URL('http://moth/?id=1')
freq = FuzzableRequest(url)
generated_mutants = create_mutants(freq, self.payloads)
expected_urls = ['http://moth/?id=abc',
'http://moth/?id=def']
generated_urls = [m.get_uri().url_string for m in generated_mutants]
self.assertEqual(generated_urls, expected_urls)
self.assertAllInstance(generated_mutants, QSMutant)
self.assertAllHaveTokens(generated_mutants)
def test_qs_and_no_cookie(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', True) # This one changed
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', False)
url = URL('http://moth/?id=1')
# But there is no cookie
freq = HTTPQSRequest(url)
generated_mutants = create_mutants(freq, self.payloads)
expected_urls = ['http://moth/?id=abc',
'http://moth/?id=def']
generated_urls = [m.get_uri().url_string for m in generated_mutants]
self.assertEqual(generated_urls, expected_urls)
def test_form_file_qs(self):
cf_singleton.save("fuzzable_headers", [])
cf_singleton.save("fuzz_cookies", False)
cf_singleton.save("fuzz_url_filenames", False)
cf_singleton.save("fuzzed_files_extension", "gif")
cf_singleton.save("fuzz_form_files", True) # This one changed
cf_singleton.save("fuzz_url_parts", False)
url = URL("http://moth/foo.htm")
freq = FuzzableRequest(url)
generated_mutants = create_mutants(freq, self.payloads)
self.assertEqual(generated_mutants, [])
def test_no_cookie_in_request(self):
cf_singleton.save("fuzzable_headers", [])
cf_singleton.save("fuzz_cookies", True) # This one changed
cf_singleton.save("fuzz_url_filenames", False)
cf_singleton.save("fuzzed_files_extension", "gif")
cf_singleton.save("fuzz_form_files", False)
cf_singleton.save("fuzz_url_parts", False)
url = URL("http://moth/?id=1")
# But there is no cookie
freq = FuzzableRequest(url)
generated_mutants = create_mutants(freq, self.payloads)
expected_urls = ["http://moth/?id=abc", "http://moth/?id=def"]
generated_urls = [m.get_uri().url_string for m in generated_mutants]
self.assertEqual(generated_urls, expected_urls)
self.assertAllInstance(generated_mutants, QSMutant)
self.assertAllHaveTokens(generated_mutants)
def test_fuzz_headers(self):
cf_singleton.save("fuzzable_headers", ["Referer"]) # This one changed
cf_singleton.save("fuzz_cookies", False)
cf_singleton.save("fuzz_url_filenames", False)
cf_singleton.save("fuzzed_files_extension", "gif")
cf_singleton.save("fuzz_form_files", False)
cf_singleton.save("fuzz_url_parts", False)
url = URL("http://moth/?id=1")
# With headers
headers = Headers([("Referer", "http://moths/"), ("Foo", "Bar")])
freq = FuzzableRequest(url, headers=headers)
generated_mutants = create_mutants(freq, self.payloads)
expected_urls = ["http://moth/?id=abc", "http://moth/?id=def", "http://moth/?id=1", "http://moth/?id=1"]
generated_urls = [m.get_uri().url_string for m in generated_mutants]
self.assertEqual(generated_urls, expected_urls)
expected_headers = [
headers,
headers,
Headers([("Referer", "abc"), ("Foo", "Bar")]),
Headers([("Referer", "def"), ("Foo", "Bar")]),
]
generated_headers = [m.get_headers() for m in generated_mutants]
self.assertEqual(expected_headers, generated_headers)
self.assertAllInstance(generated_mutants[:2], QSMutant)
self.assertAllInstance(generated_mutants[2:], HeadersMutant)
self.assertAllHaveTokens(generated_mutants)
def test_fuzz_headers_no_headers(self):
cf_singleton.save('fuzzable_headers', ['Referer']) # This one changed
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', False)
url = URL('http://moth/?id=1')
# No headers in the original request
#headers = Headers([('Referer', 'http://moth/foo/bar/')])
freq = HTTPQSRequest(url)
generated_mutants = create_mutants(freq, self.payloads)
expected_urls = [
'http://moth/?id=abc',
'http://moth/?id=def',
'http://moth/?id=1',
'http://moth/?id=1',
]
generated_urls = [m.get_uri().url_string for m in generated_mutants]
self.assertEqual(generated_urls, expected_urls)
expected_headers = [
Headers(),
Headers(),
Headers([('Referer', 'abc')]),
Headers([('Referer', 'def')]),
]
generated_headers = [m.get_headers() for m in generated_mutants]
self.assertEqual(expected_headers, generated_headers)
self.assertTrue(
all(
isinstance(m, QSMutant) or isinstance(m, HeadersMutant)
for m in generated_mutants))
def test_form_file_post_no_files(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', True) # This one changed
cf_singleton.save('fuzz_url_parts', False)
form = Form()
form.add_input([("name", "username"), ("value", "")])
form.add_input([("name", "address"), ("value", "")])
freq = HTTPPostDataRequest(URL('http://www.w3af.com/?id=3'),
dc=form,
method='PUT')
generated_mutants = create_mutants(freq, self.payloads)
self.assertTrue(
all('http://www.w3af.com/?id=3' == m.get_uri().url_string
for m in generated_mutants))
self.assertTrue(
all(isinstance(m, PostDataMutant) for m in generated_mutants),
generated_mutants)
self.assertTrue(all(m.get_method() == 'PUT'
for m in generated_mutants))
expected_dc_lst = [
Form([('username', ['abc']), ('address', ['Bonsai Street 123'])]),
Form([('username', ['def']), ('address', ['Bonsai Street 123'])]),
Form([('username', ['John8212']), ('address', ['abc'])]),
Form([('username', ['John8212']), ('address', ['def'])])
]
created_dc_lst = [i.get_dc() for i in generated_mutants]
self.assertEqual(created_dc_lst, expected_dc_lst)
def test_urlparts_no_path(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', True) # This one changed
url = URL('http://moth/')
freq = FuzzableRequest(url)
generated_mutants = create_mutants(freq, self.payloads)
self.assertEqual(generated_mutants, [])
def test_urlparts_filename_path_qs(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', True) # This one changed
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', True) # This one changed
url = URL('http://moth/foo/bar.htm?id=1')
freq = FuzzableRequest(url)
generated_mutants = create_mutants(freq, self.payloads)
generated_uris = [m.get_uri().url_string for m in generated_mutants]
expected_uris = [
'http://moth/foo/bar.htm?id=abc',
'http://moth/foo/bar.htm?id=def',
'http://moth/foo/abc.htm',
'http://moth/foo/def.htm',
'http://moth/foo/bar.abc',
'http://moth/foo/bar.def',
'http://moth/abc/bar.htm',
'http://moth/def/bar.htm',
'http://moth/foo/abc',
'http://moth/foo/def',
]
self.assertEqual(generated_uris, expected_uris)
def test_qs_and_cookie(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', True) # This one changed
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', False)
url = URL('http://moth/?id=1')
# And now there is a cookie
cookie = Cookie('foo=bar')
freq = HTTPQSRequest(url, cookie=cookie)
generated_mutants = create_mutants(freq, self.payloads)
expected_urls = [u'http://moth/?id=abc',
u'http://moth/?id=def',
u'http://moth/?id=1',
u'http://moth/?id=1']
generated_urls = [m.get_uri().url_string for m in generated_mutants]
self.assertEqual(generated_urls, expected_urls)
expected_cookies = ['foo=bar;',
'foo=bar;',
'foo=abc;',
'foo=def;']
generated_cookies = [str(m.get_cookie()) for m in generated_mutants]
self.assertEqual(expected_cookies, generated_cookies)
self.assertTrue(all(isinstance(m, QSMutant) or isinstance(m, CookieMutant)
for m in generated_mutants))
def test_form_file_post_no_files(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', True) # This one changed
cf_singleton.save('fuzz_url_parts', False)
form = Form()
form.add_input([("name", "username"), ("value", "")])
form.add_input([("name", "address"), ("value", "")])
freq = HTTPPostDataRequest(URL('http://www.w3af.com/?id=3'), dc=form,
method='PUT')
generated_mutants = create_mutants(freq, self.payloads)
self.assertTrue(all('http://www.w3af.com/?id=3' == m.get_uri().url_string
for m in generated_mutants))
self.assertTrue(all(isinstance(m, PostDataMutant)
for m in generated_mutants), generated_mutants)
self.assertTrue(
all(m.get_method() == 'PUT' for m in generated_mutants))
expected_dc_lst = [Form([('username', ['abc']),
('address', ['Bonsai Street 123'])]),
Form([('username', ['def']),
('address', ['Bonsai Street 123'])]),
Form([('username', ['John8212']),
('address', ['abc'])]),
Form([('username', ['John8212']),
('address', ['def'])])]
created_dc_lst = [i.get_dc() for i in generated_mutants]
self.assertEqual(created_dc_lst, expected_dc_lst)
def test_fuzz_headers_no_headers(self):
cf_singleton.save('fuzzable_headers', ['Referer']) # This one changed
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', False)
url = URL('http://moth/?id=1')
# No headers in the original request
#headers = Headers([('Referer', 'http://moth/foo/bar/')])
freq = HTTPQSRequest(url)
generated_mutants = create_mutants(freq, self.payloads)
expected_urls = ['http://moth/?id=abc',
'http://moth/?id=def',
'http://moth/?id=1',
'http://moth/?id=1', ]
generated_urls = [m.get_uri().url_string for m in generated_mutants]
self.assertEqual(generated_urls, expected_urls)
expected_headers = [Headers(),
Headers(),
Headers([('Referer', 'abc')]),
Headers([('Referer', 'def')]), ]
generated_headers = [m.get_headers() for m in generated_mutants]
self.assertEqual(expected_headers, generated_headers)
self.assertTrue(all(isinstance(m, QSMutant) or isinstance(m, HeadersMutant)
for m in generated_mutants))
def test_fuzz_headers(self):
cf_singleton.save('fuzzable_headers', ['Referer']) # This one changed
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', False)
url = URL('http://moth/?id=1')
# With headers
headers = Headers([('Referer', 'http://moths/'), ('Foo', 'Bar')])
freq = FuzzableRequest(url, headers=headers)
generated_mutants = create_mutants(freq, self.payloads)
expected_urls = [
'http://moth/?id=abc',
'http://moth/?id=def',
'http://moth/?id=1',
'http://moth/?id=1',
]
generated_urls = [m.get_uri().url_string for m in generated_mutants]
self.assertEqual(generated_urls, expected_urls)
expected_headers = [
headers,
headers,
Headers([('Referer', 'abc'), ('Foo', 'Bar')]),
Headers([('Referer', 'def'), ('Foo', 'Bar')]),
]
generated_headers = [m.get_headers() for m in generated_mutants]
self.assertEqual(expected_headers, generated_headers)
self.assertAllInstance(generated_mutants[:2], QSMutant)
self.assertAllInstance(generated_mutants[2:], HeadersMutant)
self.assertAllHaveTokens(generated_mutants)
def test_fuzz_headers(self):
cf_singleton.save('fuzzable_headers', ['Referer']) # This one changed
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', False)
url = URL('http://moth/?id=1')
# With headers
headers = Headers([('Referer', 'http://moths/'),
('Foo', 'Bar')])
freq = FuzzableRequest(url, headers=headers)
generated_mutants = create_mutants(freq, self.payloads)
expected_urls = ['http://moth/?id=abc',
'http://moth/?id=def',
'http://moth/?id=1',
'http://moth/?id=1', ]
generated_urls = [m.get_uri().url_string for m in generated_mutants]
self.assertEqual(generated_urls, expected_urls)
expected_headers = [
headers,
headers,
Headers([('Referer', 'abc'), ('Foo', 'Bar')]),
Headers([('Referer', 'def'), ('Foo', 'Bar')]),]
generated_headers = [m.get_headers() for m in generated_mutants]
self.assertEqual(expected_headers, generated_headers)
self.assertAllInstance(generated_mutants[:2], QSMutant)
self.assertAllInstance(generated_mutants[2:], HeadersMutant)
self.assertAllHaveTokens(generated_mutants)
def test_filename_fname_qs(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', True) # This one changed
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', False)
url = URL('http://moth/foo.htm?id=1')
freq = FuzzableRequest(url)
generated_mutants = create_mutants(freq, self.payloads)
expected_urls = [
u'http://moth/foo.htm?id=abc',
u'http://moth/foo.htm?id=def',
u'http://moth/abc.htm',
u'http://moth/def.htm',
u'http://moth/foo.abc',
u'http://moth/foo.def',
]
generated_urls = [m.get_uri().url_string for m in generated_mutants]
self.assertEqual(generated_urls, expected_urls)
self.assertAllInstance(generated_mutants[:2], QSMutant)
self.assertAllInstance(generated_mutants[2:], FileNameMutant)
self.assertAllHaveTokens(generated_mutants)
def test_qs_and_cookie(self):
"""
Even when fuzz_cookies is True, we won't create HeaderMutants based
on a FuzzableRequest. This is one of the ugly things related with
https://github.com/andresriancho/w3af/issues/3149
Which we fixed!
"""
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', True) # This one changed
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', False)
url = URL('http://moth/?id=1')
# And now there is a cookie
cookie = Cookie('foo=bar')
freq = FuzzableRequest(url, cookie=cookie)
mutants = create_mutants(freq, self.payloads)
expected_urls = [u'http://moth/?id=abc',
u'http://moth/?id=def',
u'http://moth/?id=1',
u'http://moth/?id=1']
generated_urls = [m.get_uri().url_string for m in mutants]
self.assertEqual(generated_urls, expected_urls)
self.assertAllInstance(mutants[:2], QSMutant)
self.assertAllInstance(mutants[2:], CookieMutant)
self.assertAllHaveTokens(mutants)
def test_urlparts_no_path(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', True) # This one changed
url = URL('http://moth/')
freq = FuzzableRequest(url)
generated_mutants = create_mutants(freq, self.payloads)
self.assertEqual(generated_mutants, [])
def test_filename_fname_qs(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', True) # This one changed
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', False)
url = URL('http://moth/foo.htm?id=1')
freq = FuzzableRequest(url)
generated_mutants = create_mutants(freq, self.payloads)
expected_urls = [u'http://moth/foo.htm?id=abc',
u'http://moth/foo.htm?id=def',
u'http://moth/abc.htm',
u'http://moth/def.htm',
u'http://moth/foo.abc',
u'http://moth/foo.def',
]
generated_urls = [m.get_uri().url_string for m in generated_mutants]
self.assertEqual(generated_urls, expected_urls)
self.assertAllInstance(generated_mutants[:2], QSMutant)
self.assertAllInstance(generated_mutants[2:], FileNameMutant)
self.assertAllHaveTokens(generated_mutants)
def test_simple(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', False)
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', False)
url = URL('http://moth/?id=1')
freq = FuzzableRequest(url)
generated_mutants = create_mutants(freq, self.payloads)
expected_urls = ['http://moth/?id=abc', 'http://moth/?id=def']
generated_urls = [m.get_uri().url_string for m in generated_mutants]
self.assertEqual(generated_urls, expected_urls)
self.assertAllInstance(generated_mutants, QSMutant)
self.assertAllHaveTokens(generated_mutants)
def test_qs_and_no_cookie(self):
cf_singleton.save('fuzzable_headers', [])
cf_singleton.save('fuzz_cookies', True) # This one changed
cf_singleton.save('fuzz_url_filenames', False)
cf_singleton.save('fuzzed_files_extension', 'gif')
cf_singleton.save('fuzz_form_files', False)
cf_singleton.save('fuzz_url_parts', False)
url = URL('http://moth/?id=1')
# But there is no cookie
freq = HTTPQSRequest(url)
generated_mutants = create_mutants(freq, self.payloads)
expected_urls = ['http://moth/?id=abc', 'http://moth/?id=def']
generated_urls = [m.get_uri().url_string for m in generated_mutants]
self.assertEqual(generated_urls, expected_urls)