def fuzzer(url, params, headers, GET, delay, timeout, WAF, encoding):
fuzzer_report = list()
for fuzz in fuzzes:
report = dict()
if delay == 0:
delay = 0
t = delay + randint(delay, delay * 2) + counter(fuzz)
sleep(t)
try:
if encoding:
fuzz = encoding(unquote(fuzz))
report['encoding'] = str(encoding)
data = replaceValue(params, xsschecker, fuzz, copy.deepcopy)
response = requester(url, data, headers, GET, delay / 2, timeout)
except:
logger.error('WAF is dropping suspicious requests.')
if delay == 0:
logger.info('Delay has been increased to %s6%s seconds.' %
(green, end))
delay += 6
limit = (delay + 1) * 50
timer = -1
while timer < limit:
logger.info(
'\rFuzzing will continue after %s%i%s seconds.\t\t\r' %
(green, limit, end))
limit -= 1
sleep(1)
try:
requester(url, params, headers, GET, 0, 10)
logger.good(
'Pheww! Looks like sleeping for %s%i%s seconds worked!' %
(green, ((delay + 1) * 2), end))
except:
logger.error(
'\nLooks like WAF has blocked our IP Address. Sorry!')
break
if encoding:
fuzz = encoding(fuzz)
if fuzz.lower() in response.text.lower(
): # if fuzz string is reflected in the response
result = ('%s[passed] %s' % (green, end))
result_report = 'passed'
# if the server returned an error (Maybe WAF blocked it)
elif str(response.status_code)[:1] != '2':
result = ('%s[blocked] %s' % (red, end))
result_report = 'blocked'
else: # if the fuzz string was not reflected in the response completely
result = ('%s[filtered]%s' % (yellow, end))
result_report = 'filtered'
logger.info('%s %s' % (result, fuzz))
report['fuzz_string'] = fuzz
report['status'] = result_report
fuzzer_report.append(report)
return fuzzer_report
def fuzzer(url, params, headers, GET, delay, timeout, WAF, encoding):
#遍历fuzz,将fuzz赋值给相关参数
for fuzz in fuzzes:
if delay == 0:
delay = 0
t = delay + randint(delay, delay * 2) + counter(fuzz)
sleep(t)
try:
if encoding:
fuzz = encoding(unquote(fuzz))
data = replaceValue(params, xsschecker, fuzz, copy.deepcopy)
#带着fuzz参数去请求
response = requester(url, data, headers, GET, delay / 2, timeout)
except:
#若出现异常,说明waf丢弃了恶意请求
logger.error('WAF is dropping suspicious requests.')
#等待一段时间后,再请求一下,确认ip是否被屏蔽,被屏蔽了就停止fuzz
if delay == 0:
logger.info('Delay has been increased to %s6%s seconds.' %
(green, end))
delay += 6
limit = (delay + 1) * 50
timer = -1
while timer < limit:
logger.info(
'\rFuzzing will continue after %s%i%s seconds.\t\t\r' %
(green, limit, end))
limit -= 1
sleep(1)
try:
requester(url, params, headers, GET, 0, 10)
logger.good(
'Pheww! Looks like sleeping for %s%i%s seconds worked!' %
(green, ((delay + 1) * 2), end))
except:
logger.error(
'\nLooks like WAF has blocked our IP Address. Sorry!')
break
if encoding:
fuzz = encoding(fuzz)
if fuzz.lower() in response.text.lower(
): # if fuzz string is reflected in the response
result = ('%s[passed] %s' % (green, end))
# if the server returned an error (Maybe WAF blocked it)
elif str(response.status_code)[:1] != '2':
result = ('%s[blocked] %s' % (red, end))
else: # if the fuzz string was not reflected in the response completely
result = ('%s[filtered]%s' % (yellow, end))
logger.info('%s %s' % (result, fuzz))
def fuzzer(url, params, headers, GET, delay, timeout, WAF, encoding):
for fuzz in fuzzes:
if delay == 0:
delay = 0
t = delay + randint(delay, delay * 2) + counter(fuzz)
sleep(t)
try:
if encoding:
fuzz = encoding(unquote(fuzz))
data = replaceValue(params, xsschecker, fuzz, copy.deepcopy)
response = requester(url, data, headers, GET, delay / 2, timeout)
except:
logger.error("WAF is dropping suspicious requests.")
if delay == 0:
logger.info("Delay has been increased to %s6%s seconds." %
(green, end))
delay += 6
limit = (delay + 1) * 50
timer = -1
while timer < limit:
logger.info(
"\rFuzzing will continue after %s%i%s seconds.\t\t\r" %
(green, limit, end))
limit -= 1
sleep(1)
try:
requester(url, params, headers, GET, 0, 10)
logger.good(
"Pheww! Looks like sleeping for %s%i%s seconds worked!" %
(green, ((delay + 1) * 2), end))
except:
logger.error(
"\nLooks like WAF has blocked our IP Address. Sorry!")
break
if encoding:
fuzz = encoding(fuzz)
if (fuzz.lower() in response.text.lower()
): # if fuzz string is reflected in the response
result = "%s[passed] %s" % (green, end)
# if the server returned an error (Maybe WAF blocked it)
elif str(response.status_code)[:1] != "2":
result = "%s[blocked] %s" % (red, end)
else: # if the fuzz string was not reflected in the response completely
result = "%s[filtered]%s" % (yellow, end)
logger.info("%s %s" % (result, fuzz))
def fuzzer(url, params, headers, GET, delay, timeout, WAF, encoding):
for fuzz in fuzzes:
if delay == 0:
delay = 0
t = delay + randint(delay, delay * 2) + counter(fuzz)
sleep(t)
try:
if encoding:
fuzz = encoding(unquote(fuzz))
data = replaceValue(params, xsschecker, fuzz, copy.deepcopy)
response = requester(url, data, headers, GET, delay/2, timeout)
except:
print ('\n%s WAF is dropping suspicious requests.' % bad)
if delay == 0:
print ('%s Delay has been increased to %s6%s seconds.' %
(info, green, end))
delay += 6
limit = (delay + 1) * 50
timer = -1
while timer < limit:
print ('\r%s Fuzzing will continue after %s%i%s seconds.\t\t' % (info, green, limit, end), end='\r')
limit -= 1
sleep(1)
try:
requester(url, params, headers, GET, 0, 10)
print ('\n%s Pheww! Looks like sleeping for %s%i%s seconds worked!' % (
good, green, (delay + 1) * 2), end)
except:
print ('\n%s Looks like WAF has blocked our IP Address. Sorry!' % bad)
break
if encoding:
fuzz = encoding(fuzz)
if fuzz.lower() in response.text.lower(): # if fuzz string is reflected in the response
result = ('%s[passed] %s' % (green, end))
# if the server returned an error (Maybe WAF blocked it)
elif str(response.status_code)[:1] != '2':
result = ('%s[blocked] %s' % (red, end))
else: # if the fuzz string was not reflected in the response completely
result = ('%s[filtered]%s' % (yellow, end))
print ('%s %s' % (result, fuzz))