def createRequest(self, operation, request, outgoingData = None): reply = None try: requestUrl = request.url() scheme = str(requestUrl.scheme()) if scheme in ('data', 'about', 'javascript'): reply = QNetworkAccessManager.createRequest(self, operation, request, outgoingData) elif scheme in ('http', 'https'): url = requestUrl.toEncoded().data().decode('utf-8') url_response = None if url in self.request_lookaside: url_response = self.request_lookaside[url] else: responses = [] for row in self.Data.read_responses_by_url(self.cursor, url): responseItems = interface.data_row_to_response_items(row) response_length = str(responseItems[ResponsesTable.RES_LENGTH]) if response_length and int(response_length) > 0 and str(responseItems[ResponsesTable.STATUS]).startswith('2'): responses.append(responseItems) if len(responses) > 0: url_response = responses[-1] # TODO: implement max size limit self.request_lookaside[url] = url_response if not url_response: # try again, with base url if '?' in url: base_url = url[0:url.index('?')] else: base_url = url for row in self.Data.read_responses_starting_with_url(self.cursor, base_url): responseItems = interface.data_row_to_response_items(row) response_length = str(responseItems[ResponsesTable.RES_LENGTH]) if response_length and int(response_length) > 0 and str(responseItems[ResponsesTable.STATUS]).startswith('2'): responses.append(responseItems) if len(responses) > 0: url_response = responses[-1] self.request_lookaside[url] = url_response if url_response: reply = CustomNetworkReply(self, requestUrl, url_response[ResponsesTable.RES_HEADERS], url_response[ResponsesTable.RES_DATA]) except Exception as error: self.framework.report_implementation_error(error) if not reply: # must always return reply request.setUrl(QUrl('about:blank')) reply = QNetworkAccessManager.createRequest(self, operation, request, outgoingData) return reply
def tester_populate_click_jacking(self, response_id): row = self.Data.read_responses_by_id(self.cursor, response_id) if not row: return responseItems = interface.data_row_to_response_items(row) url = responseItems[ResponsesTable.URL] self.setup_clickjacking_url(url)
def fill_by_row(self, row): responseItems = interface.data_row_to_response_items(row) rr = RequestResponse(self.framework) rr.Id = responseItems[ResponsesTable.ID] rr.responseUrl = responseItems[ResponsesTable.URL] rr.requestHeaders = responseItems[ResponsesTable.REQ_HEADERS] rr.requestBody = responseItems[ResponsesTable.REQ_DATA] rr.responseHeaders = responseItems[ResponsesTable.RES_HEADERS] rr.responseBody = responseItems[ResponsesTable.RES_DATA] rr.responseContentType = responseItems[ResponsesTable.RES_CONTENT_TYPE] rr.requestHost = responseItems[ResponsesTable.REQ_HOST] rr.responseStatus = responseItems[ResponsesTable.STATUS] rr.responseHash = responseItems[ResponsesTable.RES_DATA_HASHVAL] rr.requestHash = responseItems[ResponsesTable.REQ_DATA_HASHVAL] rr.requestTime = responseItems[ResponsesTable.REQTIME] rr.requestDate = responseItems[ResponsesTable.REQDATE] rr.notes = responseItems[ResponsesTable.NOTES] rr.confirmed = responseItems[ResponsesTable.CONFIRMED] if not rr.responseContentType: # TODO: fix this to use better algorithm rr.responseContentType = 'text/html' rr.contentType, rr.charset = self.contentExtractor.parseContentType( rr.responseContentType) rr.baseType = self.contentExtractor.getBaseType(rr.contentType) return rr
def fill_by_row(self, row): responseItems = interface.data_row_to_response_items(row) rr = RequestResponse(self.framework) rr.Id = responseItems[ResponsesTable.ID] rr.responseUrl = responseItems[ResponsesTable.URL] rr.requestHeaders = responseItems[ResponsesTable.REQ_HEADERS] rr.requestBody = responseItems[ResponsesTable.REQ_DATA] rr.responseHeaders = responseItems[ResponsesTable.RES_HEADERS] rr.responseBody = responseItems[ResponsesTable.RES_DATA] rr.responseContentType = responseItems[ResponsesTable.RES_CONTENT_TYPE] rr.requestHost = responseItems[ResponsesTable.REQ_HOST] rr.responseStatus = responseItems[ResponsesTable.STATUS] rr.responseHash = responseItems[ResponsesTable.RES_DATA_HASHVAL] rr.requestHash = responseItems[ResponsesTable.REQ_DATA_HASHVAL] rr.requestTime = responseItems[ResponsesTable.REQTIME] rr.requestDate = responseItems[ResponsesTable.REQDATE] rr.notes = responseItems[ResponsesTable.NOTES] rr.confirmed = responseItems[ResponsesTable.CONFIRMED] if not rr.responseContentType: # TODO: fix this to use better algorithm rr.responseContentType = 'text/html' rr.contentType, rr.charset = self.contentExtractor.parseContentType(rr.responseContentType) rr.baseType = self.contentExtractor.getBaseType(rr.contentType) return rr
def get_next_fuzz_item(self): self.qlock.lock() locked = True fuzz_item = None try: data_item = self.queueDataModel.popleft_data() if not data_item: self.keep_fuzzing = False return fuzz_id = data_item[DomFuzzerQueueTable.ID] row = self.Data.read_responses_by_id( self.read_cursor, data_item[DomFuzzerQueueTable.RESPONSE_ID]) if not row: self.framework.log_warning('missing response id: %s' % (response_id)) return responseItems = interface.data_row_to_response_items(row) target_url = self.compute_url_from_payload(data_item) qurl = QUrl.fromEncoded(target_url) dataContent = responseItems[ResponsesTable.RES_DATA] # TODO: store reference fuzz_item = (fuzz_id, dataContent, qurl) self.qlock.unlock() locked = False finally: if locked: self.qlock.unlock() return fuzz_item
def bulk_requester_populate_responses(self, id_list): url_list = [] first = True for Id in id_list: row = self.Data.read_responses_by_id(self.cursor, Id) if not row: continue responseItems = interface.data_row_to_response_items(row) url = responseItems[ResponsesTable.URL] if url not in url_list: url_list.append(url) if first: method, url, template_text = self.generate_template_for_response_item( responseItems) self.set_combo_box_text(self.mainWindow.bulkRequestMethodEdit, method.upper()) self.mainWindow.bulkRequestTemplateEdit.setPlainText( template_text) first = False self.mainWindow.bulkRequestUrlListEdit.setPlainText( '\n'.join(url_list))
def requester_bulk_response_received(self, response_id, context): self.mainWindow.bulkRequestProgressBar.setValue( self.mainWindow.bulkRequestProgressBar.value() + 1) context = str(context) if self.pending_bulk_requests is not None: try: self.pending_bulk_requests.pop(context) except KeyError as e: pass if 0 != response_id: row = self.Data.read_responses_by_id(self.cursor, response_id) if row: response_item = interface.data_row_to_response_items(row) self.Data.insert_requester_history(self.cursor, response_id) self.requesterHistoryDataModel.append_data([response_item]) finished = False if self.pending_bulk_requests is None or len( self.pending_bulk_requests) == 0: self.mainWindow.bulkRequestProgressBar.setValue( self.mainWindow.bulkRequestProgressBar.maximum()) finished = True elif self.mainWindow.bulkRequestProgressBar.value( ) == self.mainWindow.bulkRequestProgressBar.maximum(): finished = True if finished: self.mainWindow.bulkRequestPushButton.setText('Send')
def get_next_fuzz_item(self): self.qlock.lock() locked = True fuzz_item = None try: data_item = self.queueDataModel.popleft_data() if not data_item: self.keep_fuzzing = False return fuzz_id = data_item[DomFuzzerQueueTable.ID] row = self.Data.read_responses_by_id(self.read_cursor, data_item[DomFuzzerQueueTable.RESPONSE_ID]) if not row: self.framework.log_warning('missing response id: %s' % (response_id)) return responseItems = interface.data_row_to_response_items(row) target_url = self.compute_url_from_payload(data_item) qurl = QUrl.fromEncoded(target_url) dataContent = responseItems[ResponsesTable.RES_DATA] # TODO: store reference fuzz_item = (fuzz_id, dataContent, qurl) self.qlock.unlock() locked = False finally: if locked: self.qlock.unlock() return fuzz_item
def performSearchHandler(self): text = self.searchCriteria.text options = self.searchCriteria.options locations = self.searchCriteria.locations self.reqheaders = locations['RequestHeaders'] self.reqbody = locations['RequestBody'] self.resheaders = locations['ResponseHeaders'] self.resbody = locations['ResponseBody'] self.requrl = locations['RequestUrl'] self.notes = locations['AnalystNotes'] caseSensitive = options['CaseSensitive'] invertSearch = options['InvertSearch'] re_search, re_search_bytes = None, None if options['Wildcard']: wildcardSearch = re.escape(text).replace('\*','.*').replace('\?','.?') wildcardSearch_bytes = re.escape(text.encode('utf-8')).replace(b'\*',b'.*').replace(b'\?',b'.?') if caseSensitive: re_search = re.compile(wildcardSearch) re_search_bytes = re.compile(wildcardSearch_bytes) else: re_search = re.compile(wildcardSearch, re.I) re_search_bytes = re.compile(wildcardSearch_bytes, re.I) elif options['RegularExpression']: if caseSensitive: re_search = re.compile(text) re_search_bytes = re.compile(text.encode('utf-8')) else: re_search = re.compile(text, re.I) re_search_bytes = re.compile(text.encode('utf-8'), re.I) if re_search: self.str_strategy = lambda v: re_search.search(v) self.bytes_strategy = lambda v: re_search_bytes.search(v) else: if caseSensitive: self.str_strategy = lambda v: -1 != v.find(text) self.bytes_strategy = lambda v: -1 != v.find(text.encode('utf-8')) else: ltext = text.lower() self.str_strategy = lambda v: -1 != v.lower().find(ltext) self.bytes_strategy = lambda v: -1 != v.lower().find(ltext.encode('utf-8')) for row in self.Data.execute_search(self.cursor, self.reqbody or self.resbody): if self.canceled: break responseItems = interface.data_row_to_response_items(row) if self.isMatch(responseItems): if not invertSearch: self.fill(responseItems) elif invertSearch: self.fill(responseItems) self.callbackObj.emit(SIGNAL('searchFinished()'))
def append_sequence_item(self, responseId, requestId=''): topItem = self.sequenceStepsTreeWidget.topLevelItem( self.sequenceStepsTreeWidget.topLevelItemCount() - 1) if topItem is None: current_max = 0 else: current_max = int(topItem.text(0)) stepnum = str(current_max + 1) row = self.Data.read_responses_by_id(self.cursor, responseId) if not row: return self.sequenceResponseIds.add(responseId) responseItems = interface.data_row_to_response_items(row) url = responseItems[ResponsesTable.URL] method = responseItems[ResponsesTable.REQ_METHOD] contentType = responseItems[ ResponsesTable.RES_CONTENT_TYPE].lower().strip() charset = ContentHelper.getCharSet(contentType) if contentType and ';' in contentType: contentType = contentType[0:contentType.index(';')] reqHeaders = responseItems[ResponsesTable.REQ_HEADERS] reqData = responseItems[ResponsesTable.REQ_DATA] requestHeaders, requestBody, rawRequest = ContentHelper.combineRaw( reqHeaders, reqData) resHeaders = responseItems[ResponsesTable.RES_HEADERS] resData = responseItems[ResponsesTable.RES_DATA] responseHeaders, responseBody, rawResponse = ContentHelper.combineRaw( resHeaders, resData, charset) sequence_item = { 'responseUrl': url, 'responseId': responseId, 'rawResponse': rawResponse, 'rawRequest': rawRequest, 'method': method, } self.sequence_items[stepnum] = sequence_item status = self.check_pattern_match(sequence_item) item = QTreeWidgetItem([stepnum, status, method, contentType, url]) self.sequenceStepsTreeWidget.addTopLevelItem(item) self.hide_media_type_item(item, contentType) self.formCapture.process_target_request(responseId, requestId, method, url, reqHeaders, reqData) return item
def requester_populate_response_id(self, Id): row = self.Data.read_responses_by_id(self.cursor, Id) if not row: return responseItems = interface.data_row_to_response_items(row) method, url, template_text = self.generate_template_for_response_item(responseItems) self.set_combo_box_text(self.mainWindow.requesterRequestMethod, method.upper()) self.mainWindow.requesterUrlEdit.setText(url) self.mainWindow.requesterTemplateEdit.setPlainText(template_text)
def fill_requesters(self): # requesters self.requesterHistoryDataModel.clearModel() history_items = [] for row in self.Data.get_all_requester_history(self.cursor): response_item = interface.data_row_to_response_items(row) history_items.append(response_item) self.requesterHistoryDataModel.append_data(history_items) self.fill_sequences() self.mainWindow.requesterUrlEdit.setText(self.framework.get_raft_config_value('requesterUrlEdit')) self.mainWindow.bulkRequestUrlListEdit.setPlainText(self.framework.get_raft_config_value('bulkRequestUrlListEdit'))
def webfuzzer_populate_response_id(self, Id): self.clear_data_dictionary() row = self.Data.read_responses_by_id(self.cursor, Id) if not row: return responseItems = interface.data_row_to_response_items(row) url = responseItems[ResponsesTable.URL] reqHeaders = responseItems[ResponsesTable.REQ_HEADERS].decode('utf-8', 'ignore') reqData = responseItems[ResponsesTable.REQ_DATA].decode('utf-8', 'ignore') method = responseItems[ResponsesTable.REQ_METHOD] splitted = urlparse.urlsplit(url) # Create a new parsed object removing the scheme and netloc base_url = urlparse.urlunsplit((splitted[0], splitted[1], splitted[2], '', '')) req_loc = ("", "", "", splitted.query, splitted.fragment) useragent = self.framework.useragent() has_cookie = False template = StringIO() template.write('${method} ${request_uri}%s HTTP/1.1\n' % urlparse.urlunsplit(req_loc)) first = True for line in reqHeaders.splitlines(): if not line: break if first and self.re_request.match(line): first = False continue if ':' in line: name, value = [v.strip() for v in line.split(':', 1)] lname = name.lower() if 'host' == lname: if splitted.hostname and value == splitted.hostname: template.write('Host: ${host}\n') continue elif 'user-agent' == lname: if useragent == value: template.write('User-Agent: ${user_agent}\n') continue template.write(line) template.write('\n') template.write('\n') template.write(reqData) self.set_combo_box_text(self.mainWindow.stdFuzzerReqMethod, method.upper()) self.mainWindow.wfStdUrlEdit.setText(base_url) self.mainWindow.wfStdEdit.setPlainText(template.getvalue())
def fill_fuzzer_history(self, index): Id = interface.index_to_id(self.fuzzerHistoryDataModel, index) if Id: row = self.Data.read_responses_by_id(self.cursor, Id) if not row: return responseItems = interface.data_row_to_response_items(row) url = responseItems[ResponsesTable.URL] reqHeaders = responseItems[ResponsesTable.REQ_HEADERS] reqData = responseItems[ResponsesTable.REQ_DATA] resHeaders = responseItems[ResponsesTable.RES_HEADERS] resData = responseItems[ResponsesTable.RES_DATA] contentType = responseItems[ResponsesTable.RES_CONTENT_TYPE] self.miniResponseRenderWidget.populate_response_content(url, reqHeaders, reqData, resHeaders, resData, contentType)
def requester_populate_response_id(self, Id): row = self.Data.read_responses_by_id(self.cursor, Id) if not row: return responseItems = interface.data_row_to_response_items(row) method, url, template_text = self.generate_template_for_response_item( responseItems) self.set_combo_box_text(self.mainWindow.requesterRequestMethod, method.upper()) self.mainWindow.requesterUrlEdit.setText(url) self.mainWindow.requesterTemplateEdit.setPlainText(template_text)
def append_sequence_item(self, responseId, requestId = ''): topItem = self.sequenceStepsTreeWidget.topLevelItem(self.sequenceStepsTreeWidget.topLevelItemCount()-1) if topItem is None: current_max = 0 else: current_max = int(topItem.text(0)) stepnum = str(current_max + 1) row = self.Data.read_responses_by_id(self.cursor, responseId) if not row: return self.sequenceResponseIds.add(responseId) responseItems = interface.data_row_to_response_items(row) url = responseItems[ResponsesTable.URL] method = responseItems[ResponsesTable.REQ_METHOD] contentType = responseItems[ResponsesTable.RES_CONTENT_TYPE].lower().strip() charset = ContentHelper.getCharSet(contentType) if contentType and ';' in contentType: contentType = contentType[0:contentType.index(';')] reqHeaders = responseItems[ResponsesTable.REQ_HEADERS] reqData = responseItems[ResponsesTable.REQ_DATA] requestHeaders, requestBody, rawRequest = ContentHelper.combineRaw(reqHeaders, reqData) resHeaders = responseItems[ResponsesTable.RES_HEADERS] resData = responseItems[ResponsesTable.RES_DATA] responseHeaders, responseBody, rawResponse = ContentHelper.combineRaw(resHeaders, resData, charset) sequence_item = { 'responseUrl' : url, 'responseId' : responseId, 'rawResponse' : rawResponse, 'rawRequest' : rawRequest, 'method' : method, } self.sequence_items[stepnum] = sequence_item status = self.check_pattern_match(sequence_item) item = QTreeWidgetItem([stepnum, status, method, contentType, url]) self.sequenceStepsTreeWidget.addTopLevelItem(item) self.hide_media_type_item(item, contentType) self.formCapture.process_target_request(responseId, requestId, method, url, reqHeaders, reqData) return item
def fill_requesters(self): # requesters self.requesterHistoryDataModel.clearModel() history_items = [] for row in self.Data.get_all_requester_history(self.cursor): response_item = interface.data_row_to_response_items(row) history_items.append(response_item) self.requesterHistoryDataModel.append_data(history_items) self.fill_sequences() self.mainWindow.requesterUrlEdit.setText( self.framework.get_raft_config_value('requesterUrlEdit')) self.mainWindow.bulkRequestUrlListEdit.setPlainText( self.framework.get_raft_config_value('bulkRequestUrlListEdit'))
def generate_fuzz_values(self, response_id): row = self.Data.read_responses_by_id(self.read_cursor, response_id) if not row: self.framework.log_warning('missing response id: %s' % (response_id)) return responseItems = interface.data_row_to_response_items(row) url = responseItems[ResponsesTable.URL] contentType = responseItems[ResponsesTable.RES_CONTENT_TYPE] responseBody = responseItems[ResponsesTable.RES_DATA] if url in self.processed_urls: self.framework.log_warning( 'skipping already scanned url [%s] for now' % (url)) return else: self.processed_urls[url] = True # TODO: need better content type if 'html' not in contentType: if b'<html' not in responseBody.lower(): # non-html not supported self.framework.log_warning( 'skipping not HTML request for [%s]: %s' % (response_id, url)) return fuzz_payloads = self.calculate_fuzz_payloads(url) self.qlock.lock() try: # if self.fuzz_queue.has_key(url): # # TODO: allow for better rescan in future # self.framework.log_warning('adding already scanned url [%s] for now' % (url)) for payload in fuzz_payloads: queue_item = [ None, response_id, payload[0], payload[1], payload[2], payload[3], 'P' ] rowid = self.Data.add_dom_fuzzer_queue_item( self.write_cursor, queue_item) queue_item[0] = rowid self.queueDataModel.append_data([queue_item]) finally: self.qlock.unlock()
def sequence_runner_response_received(self, response_id, context): context = str(context) if self.pending_sequence_requests is not None: try: self.pending_sequence_requests.pop(context) except KeyError as e: print((e)) pass if 0 != response_id: row = self.Data.read_responses_by_id(self.cursor, response_id) if row: response_item = interface.data_row_to_response_items(row) self.sequenceRunnerDataModel.append_data([response_item]) if self.pending_sequence_requests is None or len(self.pending_sequence_requests) == 0: self.mainWindow.sequenceRunnerRunButton.setText('Send')
def populate_by_dbrow(self, row): responseItems = interface.data_row_to_response_items(row) self.origin = responseItems[ResponsesTable.DATA_ORIGIN] self.host = responseItems[ResponsesTable.REQ_HOST] self.hostip = responseItems[ResponsesTable.HOST_IP] self.url = responseItems[ResponsesTable.URL] self.status = responseItems[ResponsesTable.STATUS] self.datetime = responseItems[ResponsesTable.REQDATE] self.method = responseItems[ResponsesTable.REQ_METHOD] self.content_type = responseItems[ResponsesTable.RES_CONTENT_TYPE] self.request_headers = responseItems[ResponsesTable.REQ_HEADERS] self.request_body = responseItems[ResponsesTable.REQ_DATA] self.response_headers = responseItems[ResponsesTable.RES_HEADERS] self.response_body = responseItems[ResponsesTable.RES_DATA] self.content_length = responseItems[ResponsesTable.RES_LENGTH] self.elapsed = responseItems[ResponsesTable.REQTIME] self.notes = responseItems[ResponsesTable.NOTES] self.confirmed = responseItems[ResponsesTable.CONFIRMED]
def sequence_runner_response_received(self, response_id, context): context = str(context) if self.pending_sequence_requests is not None: try: self.pending_sequence_requests.pop(context) except KeyError as e: print((e)) pass if 0 != response_id: row = self.Data.read_responses_by_id(self.cursor, response_id) if row: response_item = interface.data_row_to_response_items(row) self.sequenceRunnerDataModel.append_data([response_item]) if self.pending_sequence_requests is None or len( self.pending_sequence_requests) == 0: self.mainWindow.sequenceRunnerRunButton.setText('Send')
def requester_response_received(self, response_id, context): if 0 != response_id: row = self.Data.read_responses_by_id(self.cursor, response_id) if row: response_item = interface.data_row_to_response_items(row) self.Data.insert_requester_history(self.cursor, response_id) self.requesterHistoryDataModel.append_data([response_item]) url = response_item[ResponsesTable.URL] req_headers = response_item[ResponsesTable.REQ_HEADERS] req_body = response_item[ResponsesTable.REQ_DATA] res_headers = response_item[ResponsesTable.RES_HEADERS] res_body = response_item[ResponsesTable.RES_DATA] res_content_type = response_item[ResponsesTable.RES_CONTENT_TYPE] self.miniResponseRenderWidget.populate_response_content(url, req_headers, req_body, res_headers, res_body, res_content_type) self.mainWindow.requesterSendButton.setText('Send') self.pending_request = None
def generate_fuzz_values(self, response_id): row = self.Data.read_responses_by_id(self.read_cursor, response_id) if not row: self.framework.log_warning('missing response id: %s' % (response_id)) return responseItems = interface.data_row_to_response_items(row) url = responseItems[ResponsesTable.URL] contentType = responseItems[ResponsesTable.RES_CONTENT_TYPE] responseBody = responseItems[ResponsesTable.RES_DATA] if url in self.processed_urls: self.framework.log_warning('skipping already scanned url [%s] for now' % (url)) return else: self.processed_urls[url] = True # TODO: need better content type if 'html' not in contentType: if b'<html' not in responseBody.lower(): # non-html not supported self.framework.log_warning('skipping not HTML request for [%s]: %s' % (response_id, url)) return fuzz_payloads = self.calculate_fuzz_payloads(url) self.qlock.lock() try: # if self.fuzz_queue.has_key(url): # # TODO: allow for better rescan in future # self.framework.log_warning('adding already scanned url [%s] for now' % (url)) for payload in fuzz_payloads: queue_item = [None, response_id, payload[0], payload[1], payload[2], payload[3], 'P'] rowid = self.Data.add_dom_fuzzer_queue_item( self.write_cursor, queue_item ) queue_item[0] = rowid self.queueDataModel.append_data([queue_item]) finally: self.qlock.unlock()
def bulk_requester_populate_responses(self, id_list): url_list = [] first = True for Id in id_list: row = self.Data.read_responses_by_id(self.cursor, Id) if not row: continue responseItems = interface.data_row_to_response_items(row) url = responseItems[ResponsesTable.URL] if url not in url_list: url_list.append(url) if first: method, url, template_text = self.generate_template_for_response_item(responseItems) self.set_combo_box_text(self.mainWindow.bulkRequestMethodEdit, method.upper()) self.mainWindow.bulkRequestTemplateEdit.setPlainText(template_text) first = False self.mainWindow.bulkRequestUrlListEdit.setPlainText('\n'.join(url_list))
def requester_response_received(self, response_id, context): if 0 != response_id: row = self.Data.read_responses_by_id(self.cursor, response_id) if row: response_item = interface.data_row_to_response_items(row) self.Data.insert_requester_history(self.cursor, response_id) self.requesterHistoryDataModel.append_data([response_item]) url = response_item[ResponsesTable.URL] req_headers = response_item[ResponsesTable.REQ_HEADERS] req_body = response_item[ResponsesTable.REQ_DATA] res_headers = response_item[ResponsesTable.RES_HEADERS] res_body = response_item[ResponsesTable.RES_DATA] res_content_type = response_item[ ResponsesTable.RES_CONTENT_TYPE] self.miniResponseRenderWidget.populate_response_content( url, req_headers, req_body, res_headers, res_body, res_content_type) self.mainWindow.requesterSendButton.setText('Send') self.pending_request = None
def tester_populate_csrf(self, response_id): row = self.Data.read_responses_by_id(self.cursor, response_id) if not row: return responseItems = interface.data_row_to_response_items(row) url = responseItems[ResponsesTable.URL] # Are reqHeaders necessary? reqHeaders = str(responseItems[ResponsesTable.REQ_HEADERS], 'utf-8', 'ignore') reqData = str(responseItems[ResponsesTable.REQ_DATA], 'utf-8', 'ignore') # TODO: consider replacement data = reqHeaders + "\n" + reqData # Check to ensure that either a GET or a POST is being used and pass that along to the function # check = re.compile("^(GET|POST)", re.I) # result = check.match(reqHeaders) # if not result: # return() GET = re.compile("^GET", re.I) POST = re.compile("^POST", re.I) if GET.match(reqHeaders): htmlresult = CSRFTester.generate_csrf_html(url, reqData, "get") elif POST.match(reqHeaders): htmlresult = CSRFTester.generate_csrf_html(url, reqData, "post") else: return () # htmlresult = CSRFTester.generate_csrf_html(url, reqData) self.mainWindow.testerCSRFURLEdit.setText(url) self.mainWindow.csrfGenEdit.setText(htmlresult) self.mainWindow.csrfReqEdit.setPlainText(data)
def requester_bulk_response_received(self, response_id, context): self.mainWindow.bulkRequestProgressBar.setValue(self.mainWindow.bulkRequestProgressBar.value()+1) context = str(context) if self.pending_bulk_requests is not None: try: self.pending_bulk_requests.pop(context) except KeyError as e: pass if 0 != response_id: row = self.Data.read_responses_by_id(self.cursor, response_id) if row: response_item = interface.data_row_to_response_items(row) self.Data.insert_requester_history(self.cursor, response_id) self.requesterHistoryDataModel.append_data([response_item]) finished = False if self.pending_bulk_requests is None or len(self.pending_bulk_requests) == 0: self.mainWindow.bulkRequestProgressBar.setValue(self.mainWindow.bulkRequestProgressBar.maximum()) finished = True elif self.mainWindow.bulkRequestProgressBar.value() == self.mainWindow.bulkRequestProgressBar.maximum(): finished = True if finished: self.mainWindow.bulkRequestPushButton.setText('Send')
def tester_populate_csrf(self, response_id): row = self.Data.read_responses_by_id(self.cursor, response_id) if not row: return responseItems = interface.data_row_to_response_items(row) url = responseItems[ResponsesTable.URL] # Are reqHeaders necessary? reqHeaders = str(responseItems[ResponsesTable.REQ_HEADERS], "utf-8", "ignore") reqData = str(responseItems[ResponsesTable.REQ_DATA], "utf-8", "ignore") # TODO: consider replacement data = reqHeaders + "\n" + reqData # Check to ensure that either a GET or a POST is being used and pass that along to the function # check = re.compile("^(GET|POST)", re.I) # result = check.match(reqHeaders) # if not result: # return() GET = re.compile("^GET", re.I) POST = re.compile("^POST", re.I) if GET.match(reqHeaders): htmlresult = CSRFTester.generate_csrf_html(url, reqData, "get") elif POST.match(reqHeaders): htmlresult = CSRFTester.generate_csrf_html(url, reqData, "post") else: return () # htmlresult = CSRFTester.generate_csrf_html(url, reqData) self.mainWindow.testerCSRFURLEdit.setText(url) self.mainWindow.csrfGenEdit.setText(htmlresult) self.mainWindow.csrfReqEdit.setPlainText(data)
def createRequest(self, operation, request, outgoingData=None): reply = None try: requestUrl = request.url() scheme = str(requestUrl.scheme()) if scheme in ('data', 'about', 'javascript'): reply = QNetworkAccessManager.createRequest( self, operation, request, outgoingData) elif scheme in ('http', 'https'): url = requestUrl.toEncoded().data().decode('utf-8') url_response = None if url in self.request_lookaside: url_response = self.request_lookaside[url] else: responses = [] for row in self.Data.read_responses_by_url( self.cursor, url): responseItems = interface.data_row_to_response_items( row) response_length = str( responseItems[ResponsesTable.RES_LENGTH]) if response_length and int( response_length) > 0 and str(responseItems[ ResponsesTable.STATUS]).startswith('2'): responses.append(responseItems) if len(responses) > 0: url_response = responses[-1] # TODO: implement max size limit self.request_lookaside[url] = url_response if not url_response: # try again, with base url if '?' in url: base_url = url[0:url.index('?')] else: base_url = url for row in self.Data.read_responses_starting_with_url( self.cursor, base_url): responseItems = interface.data_row_to_response_items( row) response_length = str( responseItems[ResponsesTable.RES_LENGTH]) if response_length and int( response_length) > 0 and str( responseItems[ResponsesTable. STATUS]).startswith('2'): responses.append(responseItems) if len(responses) > 0: url_response = responses[-1] self.request_lookaside[url] = url_response if url_response: reply = CustomNetworkReply( self, requestUrl, url_response[ResponsesTable.RES_HEADERS], url_response[ResponsesTable.RES_DATA]) except Exception as error: self.framework.report_implementation_error(error) if not reply: # must always return reply request.setUrl(QUrl('about:blank')) reply = QNetworkAccessManager.createRequest( self, operation, request, outgoingData) return reply
def performSearchHandler(self): text = self.searchCriteria.text options = self.searchCriteria.options locations = self.searchCriteria.locations self.reqheaders = locations['RequestHeaders'] self.reqbody = locations['RequestBody'] self.resheaders = locations['ResponseHeaders'] self.resbody = locations['ResponseBody'] self.requrl = locations['RequestUrl'] self.notes = locations['AnalystNotes'] caseSensitive = options['CaseSensitive'] invertSearch = options['InvertSearch'] re_search, re_search_bytes = None, None if options['Wildcard']: wildcardSearch = re.escape(text).replace('\*', '.*').replace('\?', '.?') wildcardSearch_bytes = re.escape(text.encode('utf-8')).replace( b'\*', b'.*').replace(b'\?', b'.?') if caseSensitive: re_search = re.compile(wildcardSearch) re_search_bytes = re.compile(wildcardSearch_bytes) else: re_search = re.compile(wildcardSearch, re.I) re_search_bytes = re.compile(wildcardSearch_bytes, re.I) elif options['RegularExpression']: if caseSensitive: re_search = re.compile(text) re_search_bytes = re.compile(text.encode('utf-8')) else: re_search = re.compile(text, re.I) re_search_bytes = re.compile(text.encode('utf-8'), re.I) if re_search: self.str_strategy = lambda v: re_search.search(v) self.bytes_strategy = lambda v: re_search_bytes.search(v) else: if caseSensitive: self.str_strategy = lambda v: -1 != v.find(text) self.bytes_strategy = lambda v: -1 != v.find( text.encode('utf-8')) else: ltext = text.lower() self.str_strategy = lambda v: -1 != v.lower().find(ltext) self.bytes_strategy = lambda v: -1 != v.lower().find( ltext.encode('utf-8')) for row in self.Data.execute_search(self.cursor, self.reqbody or self.resbody): if self.canceled: break responseItems = interface.data_row_to_response_items(row) if self.isMatch(responseItems): if not invertSearch: self.fill(responseItems) elif invertSearch: self.fill(responseItems) self.callbackObj.emit(SIGNAL('searchFinished()'))