def test_from_template(self): fut = FileUploadTemplate() options = fut.get_options() options['url'].set_value('http://moth/w3af/audit/file_upload/uploader.php') options['data'].set_value('uploadedfile=&MAX_FILE_SIZE=10000000') options['file_vars'].set_value('uploadedfile') options['file_dest'].set_value('http://moth/w3af/audit/file_upload/uploads/') options['vulnerable_parameter'].set_value('uploadedfile') fut.set_options(options) fut.store_in_kb() vuln = self.kb.get(*fut.get_kb_location())[0] vuln_to_exploit_id = vuln.get_id() self._exploit_vuln(vuln_to_exploit_id, 'file_upload')
def test_from_template_534(self): fut = FileUploadTemplate() base_url = get_php_moth_http('/audit/file_upload/strange_extension_534/') options = fut.get_options() options['url'].set_value(base_url + 'uploader.534') options['data'].set_value('uploadedfile=&MAX_FILE_SIZE=10000000') options['file_vars'].set_value('uploadedfile') options['file_dest'].set_value(get_php_moth_http('/audit/file_upload/trivial/uploads/')) options['vulnerable_parameter'].set_value('uploadedfile') fut.set_options(options) fut.store_in_kb() vuln = self.kb.get(*fut.get_kb_location())[0] vuln_to_exploit_id = vuln.get_id() self._exploit_vuln(vuln_to_exploit_id, 'file_upload')