def __init__(self, crawler, persister, attack_options, stop_event):
Attack.__init__(self, crawler, persister, attack_options, stop_event)
self.user_config_dir = self.persister.CONFIG_DIR
self.junk_string = "w" + "".join(
[random.choice("0123456789abcdefghjijklmnopqrstuvwxyz") for __ in range(0, 5000)]
)
self.parts = None
if not os.path.isdir(self.user_config_dir):
os.makedirs(self.user_config_dir)
self.status_codes = {}
self.random_string = random_string()
async def is_false_positive(self, request: Request):
# Check for false positives by asking an improbable file inside the same folder
# Use a dict to cache state for each directory
if request.dir_name not in self.false_positive_directories:
request = Request(urljoin(request.dir_name, random_string() + ".zip"))
try:
response = await self.crawler.async_send(request)
except RequestError:
self.network_errors += 1
# Do not put anything in false_positive_directories, another luck for next time
return False
self.false_positive_directories[request.dir_name] = (response and response.status == 200)
return self.false_positive_directories[request.dir_name]
def replace_with_unique_values(text: str, keyword: str) -> Tuple[str, List[str]]:
new_text = text
lower_text = text.lower()
start = 0
taints = []
while True:
try:
start = lower_text.index(keyword, start)
except ValueError:
break
end = start + len(keyword)
old_string = text[start:end]
replacement = get_similar_case_replacement(old_string, random_string("x", len(old_string)))
taints.append(replacement)
new_text = new_text.replace(old_string, replacement, 1)
start = end
return new_text, taints
