コード例 #1
0
ファイル: cors_origin.py プロジェクト: webvul/webfuzzer 
    def analyze_cors_security(self, url):
        """
        Send forged HTTP requests in order to test target application behavior.
        """
        origin_list = [
            self.origin_header_value,
        ]

        # TODO: Does it make any sense to add these Origins? If so, how will it
        #       affect our tests? And which vulnerabilities are we going to
        #       detect with them?
        # origin_list.append("http://www.google.com/")
        # origin_list.append("null")
        # origin_list.append("*")
        # origin_list.append("")
        # origin_list.append( url.url_string )

        # Perform check(s)
        for origin in origin_list:
            # Build request
            forged_req = build_cors_request(url, origin)

            # Send forged request and retrieve response information
            response = self._uri_opener.send_mutant(forged_req)
            allow_origin = retrieve_cors_header(response, ACAO)
            allow_credentials = retrieve_cors_header(response, ACAC)
            allow_methods = retrieve_cors_header(response, ACAM)

            self._analyze_server_response(forged_req, url, origin, response,
                                          allow_origin, allow_credentials,
                                          allow_methods)
コード例 #2
0
ファイル: cors_origin.py プロジェクト: RON313/w3af 
    def analyze_cors_security(self, url):
        """
        Send forged HTTP requests in order to test target application behavior.
        """
        origin_list = [self.origin_header_value, ]

        # TODO: Does it make any sense to add these Origins? If so, how will it
        #       affect our tests? And which vulnerabilities are we going to
        #       detect with them?
        #origin_list.append("http://www.google.com/")
        #origin_list.append("null")
        #origin_list.append("*")
        #origin_list.append("")
        #origin_list.append( url.url_string )

        # Perform check(s)
        for origin in origin_list:

            # Build request
            forged_req = build_cors_request(url, origin)

            # Send forged request and retrieve response information
            response = self._uri_opener.send_mutant(forged_req)
            allow_origin = retrieve_cors_header(response, ACAO)
            allow_credentials = retrieve_cors_header(response, ACAC)
            allow_methods = retrieve_cors_header(response, ACAM)

            self._analyze_server_response(forged_req, url, origin, response,
                                          allow_origin, allow_credentials,
                                          allow_methods)
コード例 #3
0
ファイル: test_cors_utils.py プロジェクト: z0r1nga/w3af 
    def test_build_cors_request_false(self):
        url = URL('http://moth/')

        fr = build_cors_request(url, None)

        self.assertEquals(fr.get_url(), url)
        self.assertEquals(fr.get_method(), 'GET')
        self.assertEquals(fr.get_headers(), Headers())
コード例 #4
0
ファイル: test_cors_utils.py プロジェクト: andresriancho/w3af 
    def test_build_cors_request_false(self):
        url = URL('http://moth/')

        fr = build_cors_request(url, None)

        self.assertEquals(fr.get_url(), url)
        self.assertEquals(fr.get_method(), 'GET')
        self.assertEquals(fr.get_headers(), Headers())
コード例 #5
0
ファイル: test_cors_utils.py プロジェクト: intfrr/Tortazo 
    def test_build_cors_request_true(self):
        url = URL('http://moth/')

        fr = build_cors_request(url, 'http://foo.com/')

        self.assertEquals(fr.get_url(), url)
        self.assertEquals(fr.get_method(), 'GET')
        self.assertEquals(fr.get_headers(), {'Origin': 'http://foo.com/'})
コード例 #6
0
ファイル: test_cors_utils.py プロジェクト: 3rdDegree/w3af 
    def test_build_cors_request_true(self):
        url = URL('http://moth/')

        fr = build_cors_request(url, 'http://foo.com/')

        self.assertEquals(fr.get_url(), url)
        self.assertEquals(fr.get_method(), 'GET')
        self.assertEquals(fr.get_headers(), {'Origin': 'http://foo.com/'})