コード例 #1
0
ファイル: ssi.py プロジェクト: ZionOps/w3af 
def get_seeds():
    """
    :return: A couple of random numbers which will be used to make the payloads
             unique. Please note that I'm excluding the zeroes in order to avoid
             some bugs where leading zeroes are truncated.
    """
    return (rand_number(5, exclude_numbers=(0,)), rand_number(5, exclude_numbers=(0,)))
コード例 #2
0
ファイル: ssi.py プロジェクト: s0i37/__w3af 
def get_seeds():
    """
    :return: A couple of random numbers which will be used to make the payloads
             unique. Please note that I'm excluding the zeroes in order to avoid
             some bugs where leading zeroes are truncated.
    """
    return (rand_number(5, exclude_numbers=(0, )),
            rand_number(5, exclude_numbers=(0, )))
コード例 #3
0
ファイル: test_multi_in.py プロジェクト: chenbremer/w3af-1 
        def generator(count):
            for _ in xrange(count):
                a = rand_number(5)
                yield a

                a = int(a)
                b = int(rand_number(5))
                yield str(a * b)
コード例 #4
0
    def _get_statements(self, mutant, exclude_numbers=[]):
        """
        Returns a list of statement tuples.
        """
        res = {}
        rnd_num = int(rand_number(2, exclude_numbers))
        rnd_num_plus_one = rnd_num + 1

        num_dict = {'num': rnd_num}

        # Numeric/Datetime
        true_stm = '%(num)s OR %(num)s=%(num)s OR %(num)s=%(num)s ' % num_dict
        false_stm = '%i AND %i=%i ' % (rnd_num, rnd_num, rnd_num_plus_one)
        res['numeric'] = (true_stm, false_stm)

        # Single quotes
        true_stm = "%(num)s' OR '%(num)s'='%(num)s' OR '%(num)s'='%(num)s" % num_dict
        false_stm = "%i' AND '%i'='%i" % (rnd_num, rnd_num, rnd_num_plus_one)
        res['string_single'] = (true_stm, false_stm)

        # Double quotes
        true_stm = '%(num)s" OR "%(num)s"="%(num)s" OR "%(num)s"="%(num)s' % num_dict
        false_stm = '%i" AND "%i"="%i' % (rnd_num, rnd_num, rnd_num_plus_one)
        res['string_double'] = (true_stm, false_stm)

        return res
コード例 #5
0
    def _get_statements(self, mutant, exclude_numbers=[]):
        """
        Returns a list of statement tuples.
        """
        res = {}
        rnd_num = int(rand_number(2, exclude_numbers))
        rnd_num_plus_one = rnd_num + 1

        num_dict = {'num': rnd_num}

        # Numeric/Datetime
        true_stm = '%(num)s OR %(num)s=%(num)s OR %(num)s=%(num)s ' % num_dict
        false_stm = '%i AND %i=%i ' % (rnd_num, rnd_num, rnd_num_plus_one)
        res[self.NUMERIC] = (true_stm, false_stm)

        # Single quotes
        true_stm = "%(num)s' OR '%(num)s'='%(num)s' OR '%(num)s'='%(num)s" % num_dict
        false_stm = "%i' AND '%i'='%i" % (rnd_num, rnd_num, rnd_num_plus_one)
        res[self.STRING_SINGLE] = (true_stm, false_stm)

        # Double quotes
        true_stm = '%(num)s" OR "%(num)s"="%(num)s" OR "%(num)s"="%(num)s' % num_dict
        false_stm = '%i" AND "%i"="%i' % (rnd_num, rnd_num, rnd_num_plus_one)
        res[self.STRING_DOUBLE] = (true_stm, false_stm)

        return res
コード例 #6
0
    def _get_statements(self, mutant, exclude_numbers=None):
        """
        Returns a list of statement tuples.
        """
        res = {}
        exclude_numbers = exclude_numbers or []

        rnd_num = int(rand_number(2, exclude_numbers))
        rnd_num_plus_one = rnd_num + 1

        num_dict = {'num': rnd_num}

        # Numeric/Datetime
        true_stm = '%(num)s OR %(num)s=%(num)s OR %(num)s=%(num)s ' % num_dict
        false_stm = '%i AND %i=%i ' % (rnd_num, rnd_num, rnd_num_plus_one)
        res[self.NUMERIC] = (true_stm, false_stm)

        # Single quotes
        true_stm = "%(num)s' OR '%(num)s'='%(num)s' OR '%(num)s'='%(num)s" % num_dict
        false_stm = "%i' AND '%i'='%i" % (rnd_num, rnd_num, rnd_num_plus_one)
        res[self.STRING_SINGLE] = (true_stm, false_stm)

        # Double quotes
        true_stm = '%(num)s" OR "%(num)s"="%(num)s" OR "%(num)s"="%(num)s' % num_dict
        false_stm = '%i" AND "%i"="%i' % (rnd_num, rnd_num, rnd_num_plus_one)
        res[self.STRING_DOUBLE] = (true_stm, false_stm)

        return res
コード例 #7
0
ファイル: test_fuzzer_utils.py プロジェクト: webvul/webfuzzer 
    def test_rand_number(self):
        x = rand_number(length=1)
        self.assertIn(int(x), range(10))

        x = rand_number(length=2)
        self.assertIn(int(x), range(100))

        x = rand_number(length=3)
        self.assertIn(int(x), range(1000))

        x = rand_number(length=5)
        y = rand_number(length=5)
        z = rand_number(length=5)
        w = rand_number(length=5)
        self.assertTrue(x != y != z != w)
コード例 #8
0
    def _get_limit_response(self, mutant):
        """
        We request the limit (something that doesn't exist)
            - If http://localhost/a.php?b=1
                then I should request b=12938795 (random number)
            - If http://localhost/a.php?b=abc
                then I should request b=hnv98yks (random alnum)

        :return: The limit response object
        """
        mutant_copy = mutant.copy()

        is_digit = mutant.get_token_original_value().isdigit()
        value = rand_number(length=8) if is_digit else rand_alnum(length=8)
        mutant_copy.set_token_value(value)
        limit_response = self._uri_opener.send_mutant(mutant_copy)

        return limit_response
コード例 #9
0
ファイル: generic.py プロジェクト: foobarmonk/w3af 
    def _get_limit_response(self, mutant):
        """
        We request the limit (something that doesn't exist)
            - If http://localhost/a.php?b=1
                then I should request b=12938795 (random number)
            - If http://localhost/a.php?b=abc
                then I should request b=hnv98yks (random alnum)

        :return: The limit response object
        """
        mutant_copy = mutant.copy()

        is_digit = mutant.get_token_original_value().isdigit()
        value = rand_number(length=8) if is_digit else rand_alnum(length=8)
        mutant_copy.set_token_value(value)
        limit_response = self._uri_opener.send_mutant(mutant_copy)

        return limit_response
コード例 #10
0
ファイル: generic.py プロジェクト: 3rdDegree/w3af 
    def _get_limit_response(self, m):
        """
        We request the limit (something that doesn't exist)
            - If http://localhost/a.php?b=1 ; then I should request b=12938795
                                                                 (random number)
            - If http://localhost/a.php?b=abc ; then I should request b=hnv98yks
                                                                    (random alnum)

        :return: The limit response object
        """
        # Copy the dc, needed to make a good vuln report
        dc = copy.deepcopy(m.get_dc())

        if m.get_original_value().isdigit():
            m.set_mod_value(rand_number(length=8))
        else:
            m.set_mod_value(rand_alnum(length=8))
        limit_response = self._uri_opener.send_mutant(m)

        # restore the dc
        m.set_dc(dc)
        return limit_response
コード例 #11
0
ファイル: generic.py プロジェクト: vasubesimple/w3af 
    def _get_limit_response(self, m):
        """
        We request the limit (something that doesn't exist)
            - If http://localhost/a.php?b=1
                then I should request b=12938795 (random number)
            - If http://localhost/a.php?b=abc
                then I should request b=hnv98yks (random alnum)

        :return: The limit response object
        """
        # Copy the dc, needed to make a good vuln report
        dc = copy.deepcopy(m.get_dc())

        if m.get_token_original_value().isdigit():
            m.set_token_value(rand_number(length=8))
        else:
            m.set_token_value(rand_alnum(length=8))
        limit_response = self._uri_opener.send_mutant(m)

        # restore the dc
        m.set_dc(dc)
        return limit_response
コード例 #12
0
    def _get_statements(self, mutant, exclude_numbers=[]):
        """
        Returns a list of statement tuples.
        """
        res = {}
        rnd_num = int(rand_number(2, exclude_numbers))
        rnd_num_plus_one = rnd_num + 1

        # Numeric/Datetime
        true_stm = "%i OR %i=%i " % (rnd_num, rnd_num, rnd_num)
        false_stm = "%i AND %i=%i " % (rnd_num, rnd_num, rnd_num_plus_one)
        res["numeric"] = (true_stm, false_stm)

        # Single quotes
        true_stm = "%i' OR '%i'='%i" % (rnd_num, rnd_num, rnd_num)
        false_stm = "%i' AND '%i'='%i" % (rnd_num, rnd_num, rnd_num_plus_one)
        res["stringsingle"] = (true_stm, false_stm)

        # Double quotes
        true_stm = '%i" OR "%i"="%i' % (rnd_num, rnd_num, rnd_num)
        false_stm = '%i" AND "%i"="%i' % (rnd_num, rnd_num, rnd_num_plus_one)
        res["stringdouble"] = (true_stm, false_stm)

        return res
コード例 #13
0
ファイル: sqli.py プロジェクト: batmanWjw/w3af 
def replace_randomize(data, length=0, exclude_numbers=[]):
    rand_num = rand_number(length,exclude_numbers)
    return data.replace("RANDOMIZE", rand_num)
コード例 #14
0
ファイル: test_multi_in.py プロジェクト: chenbremer/w3af-1 
 def generator(count):
     for _ in xrange(count):
         a = rand_number(5)
         yield prefix + a
コード例 #15
0
def replace_randomize(data, length=0, exclude_numbers=[]):
    rand_num = rand_number(length, exclude_numbers)
    return data.replace("RANDOMIZE", rand_num)