class HTTPCheck: def __init__(self, url_str): self.firstCode = _UNKNOWN self.originalPageTime = _UNKNOWN self.firstPage = _UNKNOWN self.secondPage = _UNKNOWN self.url_str = url_str self.dynamicMarkings = [] def checkConnection(self): try: urlSplit = urlparse(self.url_str) socket.getaddrinfo(urlSplit.hostname, None) except Exception, e: print e return False try: self.originalPageTime = time.time() h_response = queryPage(self.url_str, noteResponseTime=False) self.firstPage = h_response.getdata() kb.pageTemplate = h_response.getdata() self.firstCode = h_response.getstatus() return True except Exception, e: print e return False
def checkConnection(self): try: urlSplit = urlparse(self.url_str) socket.getaddrinfo(urlSplit.hostname, None) except: return False try: self.originalPageTime = time.time() h_response = queryPage(self.url_str, noteResponseTime=False) self.firstPage = h_response.getdata() self.firstCode = h_response.getstatus() return True except: return False
def checkStability(self): delay = 1 - (time.time() - (self.originalPageTime or 0)) delay = max(0, min(1, delay)) time.sleep(delay) try: secondResponse = queryPage(self.url_str) self.secondPage = secondResponse.getdata() pageCodeStable = (self.firstCode == secondResponse.getstatus()) if (pageCodeStable == False): return False pageStable = (self.firstPage == self.secondPage) if pageStable: if self.firstPage: return True else: return True else: self.checkDynamicContent() return True except: return False
def checkDynParam(place, parameter, value): """ This function checks if the URL parameter is dynamic. If it is dynamic, the content of the page differs, otherwise the dynamicity might depend on another parameter. place """ #if kb.redirectChoice: # return None paramString = place['paramstring'] #dynResult = None #randInt = randomInt() #infoMsg = "testing if %s parameter '%s' is dynamic" % #(str(type(paramType)), parameter) #logger.info(infoMsg) payload = "" randstr = "" length = len(value) try: #FixME:这个可以优化掉 response = proxyqueryPage(place['uri']) httpCode = response.getstatus() page = response.getdata() if all(c in "0123456789.+-" for c in value): randstr = str(randomInt(length=length)) else: randstr = randomStr(length=length) payload = agent.payload(place, parameter, value, randstr) url = place['uri'].replace(paramString, payload) reponse = proxyqueryPage(url) firstPage = reponse.getdata() firstCode = reponse.getstatus() #second Page if all(c in "0123456789.+-" for c in value): randstr = str(randomInt(length=length)) else: randstr = randomStr(length=length) payload = agent.payload(place, parameter, '', randstr) url = place['uri'].replace(paramString, payload) reponse = queryPage(url) secondPage = reponse.getdata() secondCode = reponse.getstatus() ratio1 = diffRatio(page, firstPage) ratio2 = diffRatio(page, secondPage) if ratio1 > UPPER_RATIO_BOUND_DYN and ratio2 > UPPER_RATIO_BOUND_DYN: if secondCode == firstCode and httpCode == firstCode: if diffRatio(firstPage, secondPage) > UPPER_RATIO_BOUND: return True else: return False else: return False else: return False except: print 'Excepiton occurred url:{0}'.format(place['uri'].replace( paramString, payload)) return False