def create_fuzzable_requests(resp, request=None, add_self=True): ''' Generates the fuzzable requests based on an HTTP response instance. :param resp: An HTTPResponse instance. :param request: The HTTP request that generated the resp :param add_self: If I should add the current HTTP request (:param request) to the result on not. :return: A list of fuzzable requests. ''' res = [] # Headers for all fuzzable requests created here: # And add the fuzzable headers to the dict req_headers = dict((h, '') for h in cf.cf.get('fuzzable_headers')) req_headers.update(request and request.get_headers() or {}) req_headers = Headers(req_headers.items()) # Get the cookie! cookieObj = _create_cookie(resp) # Create the fuzzable request that represents the request object # passed as parameter if add_self: qsr = HTTPQSRequest( resp.get_uri(), headers=req_headers, cookie=cookieObj ) res.append(qsr) # If response was a 30X (i.e. a redirect) then include the # corresponding fuzzable request. resp_headers = resp.get_headers() for url_header_name in URL_HEADERS: url_header_value, _ = resp_headers.iget(url_header_name, '') if url_header_value: url = smart_unicode(url_header_value, encoding=resp.charset) try: absolute_location = resp.get_url().url_join(url) except ValueError: msg = 'The application sent a "%s" redirect that w3af' \ ' failed to correctly parse as an URL, the header' \ ' value was: "%s"' om.out.debug(msg % (url_header_name, url)) else: qsr = HTTPQSRequest( absolute_location, headers=req_headers, cookie=cookieObj ) res.append(qsr) # Try to find forms in the document try: dp = parser_cache.dpc.get_document_parser_for(resp) except w3afException: # Failed to find a suitable parser for the document form_list = [] else: form_list = dp.get_forms() same_domain = lambda f: f.get_action( ).get_domain() == resp.get_url().get_domain() form_list = [f for f in form_list if same_domain(f)] if not form_list: # Check if its a wsdl file #TODO: Rewrite web service support ''' wsdlp = WSDLParser() try: wsdlp.set_wsdl(resp.get_body()) except w3afException: pass else: for rem_meth in wsdlp.get_methods(): wspdr = WebServiceRequest( rem_meth.get_location(), rem_meth.get_action(), rem_meth.get_parameters(), rem_meth.get_namespace(), rem_meth.get_methodName(), req_headers ) res.append(wspdr) ''' else: # Create one HTTPPostDataRequest for each form variant mode = cf.cf.get('form_fuzzing_mode') for form in form_list: for variant in form.get_variants(mode): if form.get_method().upper() == 'POST': r = HTTPPostDataRequest( variant.get_action(), variant.get_method(), req_headers, cookieObj, variant) else: # The default is a GET request r = HTTPQSRequest( variant.get_action(), headers=req_headers, cookie=cookieObj ) r.set_dc(variant) res.append(r) return res