def create_vuln(self): v = super(XPathTemplate, self).create_vuln() original_value = self.data[self.vulnerable_parameter][0] freq = FuzzableRequest(self.url, method=self.method, dc=self.data) mutant = Mutant(freq) mutant.set_var(self.vulnerable_parameter) mutant.set_dc(self.data) mutant.set_original_value(original_value) v.set_mutant(mutant) return v
def create_vuln(self): self.data[self.vulnerable_parameter][0] = self.payload v = super(LocalFileReadTemplate, self).create_vuln() freq = FuzzableRequest(self.url, method=self.method, dc=self.data) mutant = Mutant(freq) mutant.set_var(self.vulnerable_parameter) mutant.set_dc(self.data) mutant.set_mod_value(self.payload) v.set_mutant(mutant) v['file_pattern'] = self.file_pattern return v
def create_vuln(self): v = self.create_base_vuln() url = self.url if self.method.upper() == 'GET': url.querystring = self.data # User configured v.set_method(self.method) v.set_name(self.name) v.set_var(self.vulnerable_parameter) v.set_url(url) v.set_dc(self.data) freq = FuzzableRequest(url, method=self.method, dc=self.data) mutant = Mutant(freq) mutant.set_var(self.vulnerable_parameter) mutant.set_dc(self.data) mutant.set_original_value(self.data[self.vulnerable_parameter][0]) v.set_mutant(mutant) return v