def __put_post_attack_to_tests(self, method, url, hostname, port, path,
test_char, parameters):
headers = Headers(self.config)
headers.set("Host", hostname)
headers.add_user_defined_headers()
if self.config.cookies != "":
headers.set("Cookie", self.config.cookies)
headers.set("Referer", "{}".format(url))
headers.set("User-Agent", headers.get_random_user_agent())
headers.set("Content-Type", "application/x-www-form-urlencoded")
payload = Payload()
payload.generate_get_string(parameters, test_char)
self.tests.append({
'url': url,
'port': port,
'method': method,
'host': hostname,
'path': "{}".format(path),
'base_path': "{}?".format(path),
'headers': headers.make(),
'body': payload.string,
'test_char': test_char,
'payload_information': payload.payload_information
})
def __add_test(self, url, hostname, port, path):
headers = Headers(self.config)
headers.set("Host", hostname)
headers.add_user_defined_headers()
if self.config.cookies != "":
headers.set("Cookie", self.config.cookies)
headers.set("Referer", "{}".format(url))
headers.set("User-Agent", headers.get_random_user_agent())
headers.set("Content-Type", "text/html")
self.tests.append({
'url': url,
'port': port,
'method': 'GET',
'host': hostname,
'path': path,
'headers': headers.make(),
'body': '',
})
def __create_http_header_testcases(self, url, hostname, port, path, query):
callback = Callback(url, self.config, "dns", "default")
callback.set_hostname(hostname)
callback.set_testname("hedd")
callback.make()
headers = Headers(self.config)
headers.set("Host", hostname)
headers.add_static_headers()
headers.set("Cookie", self.config.cookies)
headers.set("Referer", "{}{}?{}".format(url, path, query))
headers.set("User-Agent", headers.get_random_user_agent())
headers.set("Content-Type", "text/html")
headers.add_user_defined_headers(callback.result)
self.tests.append({
'url': url,
'port': port,
'method': self.config.http_method,
'host': hostname,
'path': "{}?{}".format(path, query),
'headers': headers.make(),
'body': '',
'test_name': "headers_dns_default"
})
callback = Callback(url, self.config, "http", "default")
callback.set_hostname(hostname)
callback.set_testname("hthd")
callback.make()
headers = Headers(self.config)
headers.set("Host", hostname)
headers.add_static_headers()
headers.set("Cookie", self.config.cookies)
headers.set("Referer", "{}{}?{}".format(url, path, query))
headers.set("User-Agent", headers.get_random_user_agent())
headers.set("Content-Type", "text/html")
headers.add_user_defined_headers(callback.result)
self.tests.append({
'url': url,
'port': port,
'method': self.config.http_method,
'host': hostname,
'path': "{}?{}".format(path, query),
'headers': headers.make(),
'body': '',
'test_name': "headers_http_default"
})
if self.config.attack_use_exec_payload:
callback = Callback(url, self.config, "dns", "exec")
callback.set_hostname(hostname)
callback.set_testname("hede")
callback.make()
headers = Headers(self.config)
headers.set("Host", hostname)
headers.add_static_headers()
headers.set("Cookie", self.config.cookies)
headers.set("Referer", "{}{}?{}".format(url, path, query))
headers.set("User-Agent", headers.get_random_user_agent())
headers.set("Content-Type", "text/html")
headers.add_user_defined_headers(callback.result)
self.tests.append({
'url': url,
'port': port,
'method': self.config.http_method,
'host': hostname,
'path': "{}?{}".format(path, query),
'headers': headers.make(),
'body': '',
'test_name': "headers_dns_exec"
})