def create_simple_filecontent_mutant(self, container_klass):
form_params = FormParameters()
form_params.set_method('POST')
form_params.set_action(self.url)
form_params.add_input([("name", "username"), ("value", "")])
form_params.add_input([("name", "address"), ("value", "")])
form_params.add_file_input([("name", "file"), ("type", "file")])
form = container_klass(form_params)
freq = FuzzableRequest.from_form(form)
m = FileContentMutant(freq)
m.get_dc().set_token(('file', 0))
m.set_token_value('abc')
return m
def test_config_false(self):
fuzzer_config = {'fuzz_form_files': False}
freq = FuzzableRequest(URL('http://www.w3af.com/foo/bar'))
generated_mutants = FileContentMutant.create_mutants(
freq, self.payloads, [], False, fuzzer_config)
self.assertEqual(len(generated_mutants), 0, generated_mutants)
def test_config_false(self):
fuzzer_config = {'fuzz_form_files': False}
freq = HTTPPostDataRequest(URL('http://www.w3af.com/foo/bar'))
generated_mutants = FileContentMutant.create_mutants(
freq, self.payloads, [],
False, fuzzer_config)
self.assertEqual(len(generated_mutants), 0, generated_mutants)
def test_config_true(self):
fuzzer_config = {'fuzz_form_files': True,
'fuzzed_files_extension': 'gif'}
form = Form()
form.add_input([("name", "username"), ("value", "")])
form.add_input([("name", "address"), ("value", "")])
form.add_file_input([("name", "file"), ("type", "file")])
freq = HTTPPostDataRequest(self.url, dc=form)
generated_mutants = FileContentMutant.create_mutants(
freq, self.payloads, [],
False, fuzzer_config)
self.assertNotEqual(len(generated_mutants), 0, generated_mutants)
def test_config_true(self):
fuzzer_config = {
'fuzz_form_files': True,
'fuzzed_files_extension': 'gif'
}
form = Form()
form.add_input([("name", "username"), ("value", "")])
form.add_input([("name", "address"), ("value", "")])
form.add_file_input([("name", "file"), ("type", "file")])
freq = HTTPPostDataRequest(self.url, dc=form)
generated_mutants = FileContentMutant.create_mutants(
freq, self.payloads, [], False, fuzzer_config)
self.assertNotEqual(len(generated_mutants), 0, generated_mutants)
def test_basics(self):
form = Form()
form.add_input([("name", "username"), ("value", "")])
form.add_input([("name", "address"), ("value", "")])
form.add_file_input([("name", "file"), ("type", "file")])
freq = HTTPPostDataRequest(self.url, dc=form)
m = FileContentMutant(freq)
m.set_var('file', 0)
m.set_mod_value('abc')
self.assertEqual(m.get_url().url_string, 'http://moth/')
expected_mod_value = 'The data that was sent is: "username=&file=abc&address=".'
generated_mod_value = m.print_mod_value()
self.assertEqual(generated_mod_value, expected_mod_value)
expected_found_at = u'"http://moth/", using HTTP method POST. The'\
' sent post-data was: "username=&file=abc&address="'\
' which modifies the uploaded file content.'
generated_found_at = m.found_at()
self.assertEqual(generated_found_at, expected_found_at)
def create_simple_filecontent_mutant(self, container_klass):
form_params = FormParameters()
form_params.set_method('POST')
form_params.set_action(self.url)
form_params.add_input([("name", "username"), ("value", "")])
form_params.add_input([("name", "address"), ("value", "")])
form_params.add_file_input([("name", "file"), ("type", "file")])
form = container_klass(form_params)
freq = FuzzableRequest.from_form(form)
m = FileContentMutant(freq)
m.get_dc().set_token(('file', 0))
m.set_token_value('abc')
return m
def test_basics(self):
form = Form()
form.add_input([("name", "username"), ("value", "")])
form.add_input([("name", "address"), ("value", "")])
form.add_file_input([("name", "file"), ("type", "file")])
freq = HTTPPostDataRequest(self.url, dc=form)
m = FileContentMutant(freq)
m.set_var('file', 0)
m.set_mod_value('abc')
self.assertEqual(m.get_url().url_string, 'http://moth/')
expected_mod_value = 'The data that was sent is: "username=&file=abc&address=".'
generated_mod_value = m.print_mod_value()
self.assertEqual(generated_mod_value, expected_mod_value)
expected_found_at = u'"http://moth/", using HTTP method POST. The'\
' sent post-data was: "username=&file=abc&address="'\
' which modifies the uploaded file content.'
generated_found_at = m.found_at()
self.assertEqual(generated_found_at, expected_found_at)
def test_valid_results(self):
form = Form()
form.add_input([("name", "username"), ("value", "")])
form.add_file_input([("name", "file"), ("type", "file")])
freq = HTTPPostDataRequest(self.url, dc=form)
generated_mutants = FileContentMutant.create_mutants(
freq, self.payloads, [],
False, self.fuzzer_config)
self.assertEqual(len(generated_mutants), 2, generated_mutants)
expected_data = [Form([('username', ['John8212']), ('file', ['abc'])]),
Form([('username', ['John8212']), ('file', ['def'])]), ]
generated_data = [m.get_data() for m in generated_mutants]
self.assertEqual(expected_data, generated_data)
str_file = generated_data[0]['file'][0]
self.assertEqual(str_file.name[-4:], '.gif')
self.assertIn('abc', str_file)
def test_valid_results(self):
form = Form()
form.add_input([("name", "username"), ("value", "")])
form.add_file_input([("name", "file"), ("type", "file")])
freq = HTTPPostDataRequest(self.url, dc=form)
generated_mutants = FileContentMutant.create_mutants(
freq, self.payloads, [], False, self.fuzzer_config)
self.assertEqual(len(generated_mutants), 2, generated_mutants)
expected_data = [
Form([('username', ['John8212']), ('file', ['abc'])]),
Form([('username', ['John8212']), ('file', ['def'])]),
]
generated_data = [m.get_data() for m in generated_mutants]
self.assertEqual(expected_data, generated_data)
str_file = generated_data[0]['file'][0]
self.assertEqual(str_file.name[-4:], '.gif')
self.assertIn('abc', str_file)
def test_generate_all(self):
fuzzer_config = {'fuzz_form_files': True,
'fuzzed_files_extension': 'gif'}
form_params = FormParameters()
form_params.set_method('POST')
form_params.set_action(self.url)
form_params.add_input([("name", "username"), ("value", "")])
form_params.add_input([("name", "address"), ("value", "")])
form_params.add_file_input([("name", "image"), ("type", "file")])
form = MultipartContainer(form_params)
freq = FuzzableRequest.from_form(form)
ph = 'w3af.core.data.constants.file_templates.file_templates.rand_alpha'
with patch(ph) as mock_rand_alpha:
mock_rand_alpha.return_value = 'upload'
generated_mutants = FileContentMutant.create_mutants(freq,
self.payloads,
[], False,
fuzzer_config)
self.assertEqual(len(generated_mutants), 2, generated_mutants)
_, file_payload_abc, _ = get_template_with_payload('gif', 'abc')
_, file_payload_def, _ = get_template_with_payload('gif', 'def')
file_abc = NamedStringIO(file_payload_abc, 'upload.gif')
file_def = NamedStringIO(file_payload_def, 'upload.gif')
form_1 = MultipartContainer(copy.deepcopy(form_params))
form_2 = MultipartContainer(copy.deepcopy(form_params))
form_1['image'] = [file_abc]
form_1['username'] = ['John8212']
form_1['address'] = ['Bonsai Street 123']
form_2['image'] = [file_def]
form_2['username'] = ['John8212']
form_2['address'] = ['Bonsai Street 123']
expected_forms = [form_1, form_2]
boundary = get_boundary()
noop = '1' * len(boundary)
expected_data = [encode_as_multipart(f, boundary) for f in expected_forms]
expected_data = set([s.replace(boundary, noop) for s in expected_data])
generated_forms = [m.get_dc() for m in generated_mutants]
generated_data = [str(f).replace(f.boundary, noop) for f in generated_forms]
self.assertEqual(expected_data, set(generated_data))
str_file = generated_forms[0]['image'][0].get_value()
self.assertIsInstance(str_file, NamedStringIO)
self.assertEqual(str_file.name[-4:], '.gif')
self.assertEqual(file_payload_abc, str_file)
str_file = generated_forms[1]['image'][0].get_value()
self.assertIsInstance(str_file, NamedStringIO)
self.assertEqual(str_file.name[-4:], '.gif')
self.assertEqual(file_payload_def, str_file)
self.assertIn('name="image"; filename="upload.gif"', generated_data[0])
def test_generate_all(self):
fuzzer_config = {
'fuzz_form_files': True,
'fuzzed_files_extension': 'gif'
}
form_params = FormParameters()
form_params.set_method('POST')
form_params.set_action(self.url)
form_params.add_field_by_attr_items([("name", "username"),
("value", "")])
form_params.add_field_by_attr_items([("name", "address"),
("value", "")])
form_params.add_field_by_attr_items([("name", "image"),
("type", "file")])
form = MultipartContainer(form_params)
freq = FuzzableRequest.from_form(form)
ph = 'w3af.core.data.constants.file_templates.file_templates.rand_alpha'
with patch(ph) as mock_rand_alpha:
mock_rand_alpha.return_value = 'upload'
generated_mutants = FileContentMutant.create_mutants(
freq, self.payloads, [], False, fuzzer_config)
self.assertEqual(len(generated_mutants), 2, generated_mutants)
_, file_payload_abc, _ = get_template_with_payload('gif', 'abc')
_, file_payload_def, _ = get_template_with_payload('gif', 'def')
file_abc = NamedStringIO(file_payload_abc, 'upload.gif')
file_def = NamedStringIO(file_payload_def, 'upload.gif')
form_1 = MultipartContainer(copy.deepcopy(form_params))
form_2 = MultipartContainer(copy.deepcopy(form_params))
form_1['image'] = [file_abc]
form_1['username'] = ['John8212']
form_1['address'] = ['Bonsai Street 123']
form_2['image'] = [file_def]
form_2['username'] = ['John8212']
form_2['address'] = ['Bonsai Street 123']
expected_forms = [form_1, form_2]
boundary = get_boundary()
noop = '1' * len(boundary)
expected_data = [
encode_as_multipart(f, boundary) for f in expected_forms
]
expected_data = set([s.replace(boundary, noop) for s in expected_data])
generated_forms = [m.get_dc() for m in generated_mutants]
generated_data = [
str(f).replace(f.boundary, noop) for f in generated_forms
]
self.assertEqual(expected_data, set(generated_data))
str_file = generated_forms[0]['image'][0].get_value()
self.assertIsInstance(str_file, NamedStringIO)
self.assertEqual(str_file.name[-4:], '.gif')
self.assertEqual(file_payload_abc, str_file)
str_file = generated_forms[1]['image'][0].get_value()
self.assertIsInstance(str_file, NamedStringIO)
self.assertEqual(str_file.name[-4:], '.gif')
self.assertEqual(file_payload_def, str_file)
self.assertIn('name="image"; filename="upload.gif"', generated_data[0])
