def test_get_clean_body_max_escape_count(self): # This payload has one of each special char that will be encoded payload = ' '.join(SPECIAL_CHARS) body = 'abc %s def' % urllib.quote_plus(payload) url = URL('http://w3af.com') headers = Headers([('Content-Type', 'text/html')]) response = HTTPResponse(200, body, headers, url, url) freq = FuzzableRequest(URL('http://w3af.com/?a=1')) created_mutants = FakeMutant.create_mutants(freq, [payload], [], False, {}) mutant = created_mutants[0] tests = [(False, 1), (False, 3), (True, 1000), (True, None)] for expected_result, max_escape_count in tests: clean_body = get_clean_body(mutant, response, max_escape_count=max_escape_count) self.assertIsInstance(clean_body, unicode) if expected_result: msg = 'Failed in round (%s - %s), clean body is: "%s"' args = (expected_result, max_escape_count, clean_body) self.assertEqual(clean_body, 'abc def', msg % args) else: msg = 'Failed in round (%s - %s), clean body is: "%s"' args = (expected_result, max_escape_count, clean_body) self.assertEqual(clean_body, body, msg % args)
def test_get_clean_body_encoded_find_special_char_fail(self): for char in SPECIAL_CHARS: payload = 'x%sy' % char body = 'abc %s def' % urllib.quote_plus(payload) url = URL('http://w3af.com') headers = Headers([('Content-Type', 'text/html')]) response = HTTPResponse(200, body, headers, url, url, charset='utf-8') freq = FuzzableRequest(URL('http://w3af.com/?a=1')) created_mutants = FakeMutant.create_mutants( freq, [payload], [], False, {}) mutant = created_mutants[0] clean_body = get_clean_body(mutant, response) msg = 'Failed for payload %r and body %r' args = (payload, body) self.assertEqual(clean_body, 'abc def', msg % args) self.assertIsInstance(clean_body, unicode)
def send_clean(self, mutant): """ Sends a mutant to the network (without using the cache) and then returns the HTTP response object and a sanitized response body (which doesn't contain any traces of the injected payload). The sanitized version is useful for having clean comparisons between two responses that were generated with different mutants. :param mutant: The mutant to send to the network. :return: (HTTP response, Sanitized HTTP response body) """ http_response = self.send_mutant(mutant, cache=False) clean_body = get_clean_body(mutant, http_response) return http_response, clean_body
def test_get_clean_body_double_encoded(self): payload = 'hello/world' body = 'abc %s def' % urllib.quote_plus(urllib.quote_plus(payload)) url = URL('http://w3af.com') headers = Headers([('Content-Type', 'text/html')]) response = HTTPResponse(200, body, headers, url, url) freq = FuzzableRequest(URL('http://w3af.com/?a=1')) created_mutants = FakeMutant.create_mutants(freq, [payload], [], False, {}) mutant = created_mutants[0] clean_body = get_clean_body(mutant, response) self.assertEqual(clean_body, 'abc def') self.assertIsInstance(clean_body, unicode)
def test_get_clean_body_simple(self): payload = 'payload' body = 'abc %s def' % payload url = URL('http://w3af.com') headers = Headers([('Content-Type', 'text/html')]) response = HTTPResponse(200, body, headers, url, url) freq = FuzzableRequest(URL('http://w3af.com/?a=1')) created_mutants = FakeMutant.create_mutants(freq, [payload], [], False, {}) mutant = created_mutants[0] clean_body = get_clean_body(mutant, response) self.assertEqual(clean_body, body.replace(payload, '')) self.assertIsInstance(clean_body, unicode)
def test_get_clean_body_encoded_upper_case(self): payload = 'hello/world' # uppercase here! body = 'abc %s def' % urllib.urlencode({'a': payload}) body = body.replace('%2f', '%2F') url = URL('http://w3af.com') headers = Headers([('Content-Type', 'text/html')]) response = HTTPResponse(200, body, headers, url, url) freq = FuzzableRequest(URL('http://w3af.com/?a=1')) created_mutants = FakeMutant.create_mutants(freq, [payload], [], False, {}) mutant = created_mutants[0] clean_body = get_clean_body(mutant, response) self.assertEqual(clean_body, 'abc a= def') self.assertIsInstance(clean_body, unicode)
def test_get_clean_body_encoded_find_special_char_fail(self): for char in SPECIAL_CHARS: payload = 'x%sy' % char body = 'abc %s def' % urllib.quote_plus(payload) url = URL('http://w3af.com') headers = Headers([('Content-Type', 'text/html')]) response = HTTPResponse(200, body, headers, url, url, charset='utf-8') freq = FuzzableRequest(URL('http://w3af.com/?a=1')) created_mutants = FakeMutant.create_mutants(freq, [payload], [], False, {}) mutant = created_mutants[0] clean_body = get_clean_body(mutant, response) msg = 'Failed for payload %r and body %r' args = (payload, body) self.assertEqual(clean_body, 'abc def', msg % args) self.assertIsInstance(clean_body, unicode)