def test_headers_method(self):
hdr = Headers([("foo", "bar")])
fr = create_fuzzable_request_from_parts(self.url, method="PUT", add_headers=hdr)
self.assertEqual(fr.get_url(), self.url)
self.assertEqual(fr.get_headers(), hdr)
self.assertEqual(fr.get_method(), "PUT")
def test_headers(self):
hdr = Headers([('foo', 'bar')])
fr = create_fuzzable_request_from_parts(self.url, add_headers=hdr)
self.assertEqual(fr.get_url(), self.url)
self.assertEqual(fr.get_headers(), hdr)
self.assertEqual(fr.get_method(), 'GET')
def test_json_post(self):
post_data = '{"1":"2"}'
hdr = Headers([("content-length", str(len(post_data)))])
fr = create_fuzzable_request_from_parts(self.url, add_headers=hdr, post_data=post_data, method="POST")
self.assertEqual(fr.get_url(), self.url)
self.assertEqual(fr.get_headers(), hdr)
self.assertEqual(fr.get_method(), "POST")
self.assertIsInstance(fr, JSONPostDataRequest)
def test_simple_post(self):
post_data = "a=b&d=3"
hdr = Headers([("content-length", str(len(post_data)))])
fr = create_fuzzable_request_from_parts(self.url, add_headers=hdr, post_data=post_data, method="POST")
self.assertEqual(fr.get_url(), self.url)
self.assertEqual(fr.get_headers(), hdr)
self.assertEqual(fr.get_method(), "POST")
self.assertFalse("content-type" in fr.get_headers())
self.assertIsInstance(fr, HTTPPostDataRequest)
def test_json_post(self):
post_data = '{"1":"2"}'
hdr = Headers([('content-length', str(len(post_data)))])
fr = create_fuzzable_request_from_parts(self.url, add_headers=hdr,
post_data=post_data,
method='POST')
self.assertEqual(fr.get_url(), self.url)
self.assertEqual(fr.get_headers(), hdr)
self.assertEqual(fr.get_method(), 'POST')
self.assertIsInstance(fr, JSONPostDataRequest)
def test_simple_post(self):
post_data = 'a=b&d=3'
hdr = Headers([('content-length', str(len(post_data)))])
fr = create_fuzzable_request_from_parts(self.url, add_headers=hdr,
post_data=post_data,
method='POST')
self.assertEqual(fr.get_url(), self.url)
self.assertEqual(fr.get_headers(), hdr)
self.assertEqual(fr.get_method(), 'POST')
self.assertFalse('content-type' in fr.get_headers())
self.assertIsInstance(fr, HTTPPostDataRequest)
def test_xmlrpc_post(self):
post_data = """<methodCall>
<methodName>system.listMethods</methodName>
<params></params>
</methodCall>"""
headers = Headers([("content-length", str(len(post_data)))])
fr = create_fuzzable_request_from_parts(self.url, add_headers=headers, post_data=post_data, method="POST")
self.assertEqual(fr.get_url(), self.url)
self.assertEqual(fr.get_headers(), headers)
self.assertEqual(fr.get_method(), "POST")
self.assertIsInstance(fr, XMLRPCRequest)
def test_multipart_post(self):
boundary, post_data = multipart_encode([("a", "bcd")], [])
headers = Headers(
[("content-length", str(len(post_data))), ("content-type", "multipart/form-data; boundary=%s" % boundary)]
)
fr = create_fuzzable_request_from_parts(self.url, add_headers=headers, post_data=post_data, method="POST")
self.assertEqual(fr.get_url(), self.url)
self.assertEqual(fr.get_headers(), headers)
self.assertTrue("multipart/form-data" in fr.get_headers()["content-type"])
self.assertEqual(fr.get_method(), "POST")
self.assertEqual(fr.get_dc(), {"a": ["bcd"]})
self.assertIsInstance(fr, HTTPPostDataRequest)
def test_multipart_post(self):
boundary, post_data = multipart_encode([('a', 'bcd'), ], [])
headers = Headers([('content-length', str(len(post_data))),
('content-type', 'multipart/form-data; boundary=%s' % boundary)])
fr = create_fuzzable_request_from_parts(self.url, add_headers=headers,
post_data=post_data, method='POST')
self.assertEqual(fr.get_url(), self.url)
self.assertEqual(fr.get_headers(), headers)
self.assertTrue(
'multipart/form-data' in fr.get_headers()['content-type'])
self.assertEqual(fr.get_method(), 'POST')
self.assertEqual(fr.get_dc(), {'a': ['bcd', ]})
self.assertIsInstance(fr, HTTPPostDataRequest)
def _grep(self, request, response):
url_instance = request.url_object
domain = url_instance.get_domain()
if self._grep_queue_put is not None and\
domain in cf.cf.get('target_domains'):
# Create a fuzzable request based on the urllib2 request object
headers_inst = Headers(request.headers.items())
fr = create_fuzzable_request_from_parts(url_instance,
request.get_method(),
request.get_data(),
headers_inst)
self._grep_queue_put((fr, response))
def test_xmlrpc_post(self):
post_data = '''<methodCall>
<methodName>system.listMethods</methodName>
<params></params>
</methodCall>'''
headers = Headers([('content-length', str(len(post_data)))])
fr = create_fuzzable_request_from_parts(self.url, add_headers=headers,
post_data=post_data,
method='POST')
self.assertEqual(fr.get_url(), self.url)
self.assertEqual(fr.get_headers(), headers)
self.assertEqual(fr.get_method(), 'POST')
self.assertIsInstance(fr, XMLRPCRequest)
def _grep(self, request, response):
url_instance = request.url_object
domain = url_instance.get_domain()
if self._grep_queue_put is not None and\
domain in cf.cf.get('target_domains'):
# Create a fuzzable request based on the urllib2 request object
headers_inst = Headers(request.headers.items())
fr = create_fuzzable_request_from_parts(
url_instance,
request.get_method(),
request.get_data(),
headers_inst
)
self._grep_queue_put((fr, response))
def test_invalid_multipart_post(self):
_, post_data = multipart_encode([("a", "bcd")], [])
# It is invalid because there is a missing boundary parameter in the
# content-type header
headers = Headers([("content-length", str(len(post_data))), ("content-type", "multipart/form-data")])
fr = create_fuzzable_request_from_parts(self.url, add_headers=headers, post_data=post_data, method="POST")
self.assertEqual(fr.get_url(), self.url)
self.assertEqual(fr.get_headers(), headers)
self.assertEqual(fr.get_method(), "POST")
# And this is how it affects the result:
self.assertEqual(fr.get_data(), "")
self.assertEqual(fr.get_dc(), {})
self.assertIsInstance(fr, HTTPPostDataRequest)
def test_invalid_multipart_post(self):
_, post_data = multipart_encode([('a', 'bcd'), ], [])
# It is invalid because there is a missing boundary parameter in the
# content-type header
headers = Headers([('content-length', str(len(post_data))),
('content-type', 'multipart/form-data')])
fr = create_fuzzable_request_from_parts(self.url, add_headers=headers,
post_data=post_data,
method='POST')
self.assertEqual(fr.get_url(), self.url)
self.assertEqual(fr.get_headers(), headers)
self.assertEqual(fr.get_method(), 'POST')
# And this is how it affects the result:
self.assertEqual(fr.get_data(), '')
self.assertEqual(fr.get_dc(), {})
self.assertIsInstance(fr, HTTPPostDataRequest)
def mangle_request(self, request):
'''
This method mangles the request.
:param request: This is the request to mangle.
:return: A mangled version of the request.
'''
data = request.get_data()
for regex, string in self._manglers['q']['b']:
data = regex.sub(string, data)
header_string = str(request.get_headers())
for regex, string in self._manglers['q']['h']:
header_string = regex.sub(string, header_string)
headers_inst = Headers.from_string(header_string)
return create_fuzzable_request_from_parts(
request.get_uri(),
request.get_method(),
data, headers_inst
)
def test_simplest(self):
fr = create_fuzzable_request_from_parts(self.url)
self.assertEqual(fr.get_url(), self.url)
self.assertEqual(fr.get_headers(), Headers())
self.assertEqual(fr.get_method(), 'GET')
>>> pdr._dc
QueryString({u'id': [u'1']})
>>> pdr.get_data()
'id=1'
'''
try:
(method, uri, postdata) = csv_row
except ValueError, value_error:
msg = 'The file format is incorrect, an error was found while'\
' parsing: "%s". Exception: "%s".'
om.out.error(msg % (csv_row, value_error))
else:
# Create the obj based on the information
uri = URL(uri)
if uri.is_valid_domain():
return create_fuzzable_request_from_parts(uri, method,
postdata)
def _objs_from_burp_log(self, burp_file):
'''
Read a burp log (XML) and extract the information.
'''
class XMLParser(object):
'''
TODO: Support protocol (http|https) and port extraction. Now it only
works with http and 80.
'''
requests = []
parsing_request = False
current_is_base64 = False
def start(self, tag, attrib):
uri = ' '.join(first_line[1:-1])
check_version_syntax(version)
# If we got here, we have a nice method, uri, version first line
# Now we parse the headers (easy!) and finally we send the request
headers_str = splitted_head[1:]
headers_inst = Headers()
for header in headers_str:
one_splitted_header = header.split(':', 1)
if len(one_splitted_header) == 1:
msg = 'The HTTP request has an invalid header: "%s".'
raise w3afException(msg % header)
header_name = one_splitted_header[0].strip()
header_value = one_splitted_header[1].strip()
if header_name in headers_inst:
headers_inst[header_name] += ', ' + header_value
else:
headers_inst[header_name] = header_value
host, _ = headers_inst.iget('host', None)
try:
uri = URL(check_uri_syntax(uri, host))
except ValueError, ve:
raise w3afException(str(ve))
return create_fuzzable_request_from_parts(uri, method, postdata,
headers_inst)
>>> pdr._dc
QueryString({u'id': [u'1']})
>>> pdr.get_data()
'id=1'
'''
try:
(method, uri, postdata) = csv_row
except ValueError, value_error:
msg = 'The file format is incorrect, an error was found while'\
' parsing: "%s". Exception: "%s".'
om.out.error(msg % (csv_row, value_error))
else:
# Create the obj based on the information
uri = URL(uri)
if uri.is_valid_domain():
return create_fuzzable_request_from_parts(
uri, method, postdata)
def _objs_from_burp_log(self, burp_file):
'''
Read a burp log (XML) and extract the information.
'''
class XMLParser(object):
'''
TODO: Support protocol (http|https) and port extraction. Now it only
works with http and 80.
'''
requests = []
parsing_request = False
current_is_base64 = False
def start(self, tag, attrib):
