def _generate_base_uri_path(uri, uri_parameters, id_generator, fuzzable,
already_used_parameters):
while True:
try:
# Find first not yet found parameter, if there is one
index = uri.index("{")
prefix = uri[0:index]
s_http_string(prefix,
fuzzable=False,
encoding=EncodingTypes.ascii)
uri = uri[index + 1:]
index = uri.index("}")
parameter_name = uri[0:index]
RequestBuildHelper._append_parameter(parameter_name,
id_generator,
uri_parameters, fuzzable)
uri = uri[index + 1:]
already_used_parameters.append(parameter_name)
except ValueError:
if len(uri) > 0:
name = "URI attribute, default value: " + uri + ", id: " + next(
id_generator)
s_http_string(uri,
fuzzable=False,
encoding=EncodingTypes.ascii,
name=name)
break
def _append_parameter(parameter_name, id_generator, uri_parameters,
fuzzable):
fixed_attributes = ConfigurationManager.config[
"fixed_url_attributes"] if "fixed_url_attributes" in ConfigurationManager.config else None
parameter: Parameter = RequestBuildHelper._get_parameter(
parameter_name, fixed_attributes, uri_parameters)
name = "URI attribute, default value: " + parameter.value + ", id: " + next(
id_generator)
is_part_fuzzable = fuzzable and not parameter.is_from_config
if parameter.data_type and (parameter.data_type == 'integer'
or parameter.data_type == 'number'):
s_http_number(parameter.value,
fuzzable=is_part_fuzzable,
encoding=EncodingTypes.urlencoded,
name=name)
elif parameter.data_type and parameter.data_type == 'string':
s_http_boolean(parameter.value,
fuzzable=is_part_fuzzable,
encoding=EncodingTypes.urlencoded,
name=name)
else:
s_http_string(parameter.value,
fuzzable=is_part_fuzzable,
encoding=EncodingTypes.urlencoded,
name=name)
def _generate_content_body(is_body_json, json_decoder, body_string_example, fuzzable):
if s_block_start("body"):
if is_body_json:
json_decoder.generate_mutations(fuzzable=fuzzable)
elif body_string_example:
s_http_string(body_string_example, name="Whole HTTP body", fuzzable=fuzzable)
s_block_end()
def generate_mutations(self, fuzzable=True):
sequence_generator = _unique_json_primitive_id()
for part in self.parts:
name = "JSON Primitive, default value: " + part.value + ", id: " + next(sequence_generator)
if part.json_primitive_type == int or part.json_primitive_type == float:
s_http_number(part.value, fuzzable=fuzzable and part.fuzzable, encoding=part.encoding, name=name, add_quotation_marks=part.add_quotation_marks_into_payloads)
elif part.json_primitive_type == bool:
s_http_boolean(part.value, fuzzable=fuzzable and part.fuzzable, encoding=part.encoding, name=name, add_quotation_marks=part.add_quotation_marks_into_payloads)
else:
s_http_string(part.value, fuzzable=fuzzable and part.fuzzable, encoding=part.encoding, name=name)
def _generate_single_query_additional_parameter(id_generator,
uri_parameters, fuzzable,
parameter_name, required):
are_non_required_attributes_in_requests = ConfigurationManager.are_non_required_attributes_in_requests(
)
if required or are_non_required_attributes_in_requests:
prefix = "?" if "?" not in s_render().decode('ascii',
'ignore') else "&"
name = "URI attribute, default value: " + parameter_name + ", id: " + next(
id_generator)
s_http_string(prefix + parameter_name + "=",
fuzzable=False,
encoding=EncodingTypes.ascii,
name=name)
RequestBuildHelper._append_parameter(parameter_name, id_generator,
uri_parameters, fuzzable)
def generate_http_fuzzed_blocks() -> str:
request_name = "General HTTP fuzzing:"
s_initialize(name=request_name)
s_http_string("GET", name="HTTP method")
s_delim(" ", name="Delimiter between method and path")
s_http_string("/path", encoding=EncodingTypes.ascii, name="HTTP path")
s_delim(" ", name="Delimiter between path and version")
s_http_string("HTTP/1.1\r\n", name="HTTP version")
s_static("Host: " + ConfigurationManager.config["target"]["hostname"] + "\r\n")
s_static("Content-Length: 0" + "\r\n")
s_static("User-Agent: ")
s_http_string("WapiFuzz", name="User-agent")
s_delim("\r\n\r\n", name="HTTP headers and body delimiter")
return request_name