def __init__(self, params):
self.params = params
# default params
if "default" in self.params:
self.params[self.default_parameter] = self.params["default"]
if not self.default_parameter:
raise FuzzExceptBadOptions(
"Too many plugin parameters specified")
# Check for allowed parameters
if [
k for k in list(self.params.keys())
if k not in [x[0] for x in self.parameters]
and k not in ["encoder", "default"]
]:
raise FuzzExceptBadOptions(
"Plugin %s, unknown parameter specified!" % (self.name))
# check mandatory params, assign default values
for name, default_value, required, description in self.parameters:
if required and name not in self.params:
raise FuzzExceptBadOptions("Plugin %s, missing parameter %s!" %
(self.name, name))
if name not in self.params:
self.params[name] = default_value
def _check_options(self, optsd):
# Check for repeated flags
opt_list = [
i for i in optsd if i not in [
"--recipe", "-z", "--zP", "--zD", "--slice", "payload", "-w",
"-b", "-H", "-p"
] and len(optsd[i]) > 1
]
if opt_list:
raise FuzzExceptBadOptions(
"Bad usage: Only one %s option could be specified at the same time."
% " ".join(opt_list))
# -A and script not allowed at the same time
if "--script" in list(optsd.keys()) and [
key for key in optsd.keys() if key in ['-A', '--AA', '--AAA']
]:
raise FuzzExceptBadOptions(
"Bad usage: --scripts and -A, --AA, --AAA are incompatible options."
)
if "-s" in list(optsd.keys()) and "-t" in list(optsd.keys()):
print(
"WARNING: When using delayed requests concurrent requests are limited to 1, therefore the -s switch will be ignored."
)
def _parse_seed(self, url, optsd, options):
if url:
options["url"] = url
if "-X" in optsd:
options["method"] = optsd["-X"][0]
if "--basic" in optsd:
options["auth"] = {"method": "basic", "credentials": optsd["--basic"][0]}
if "--digest" in optsd:
options["auth"] = {"method": "digest", "credentials": optsd["--digest"][0]}
if "--ntlm" in optsd:
options["auth"] = {"method": "ntlm", "credentials": optsd["--ntlm"][0]}
if "--follow" in optsd or "-L" in optsd:
options["follow"] = True
if "--field" in optsd:
for field in optsd["--field"]:
options["fields"].append(field)
options["show_field"] = True
elif "--efield" in optsd:
for field in optsd["--efield"]:
options["fields"].append(field)
options["show_field"] = False
else:
options["show_field"] = None
if "--ip" in optsd:
splitted = optsd["--ip"][0].partition(":")
if not splitted[0]:
raise FuzzExceptBadOptions("An IP must be specified")
options["connect_to_ip"] = {
"ip": splitted[0],
"port": splitted[2] if splitted[2] else "80",
}
if "-d" in optsd:
options["postdata"] = optsd["-d"][0]
for bb in optsd["-b"]:
options["cookie"].append(bb)
for x in optsd["-H"]:
splitted = x.partition(":")
if splitted[1] != ":":
raise FuzzExceptBadOptions(
'Wrong header specified, it should be in the format "name: value".'
)
options["headers"].append((splitted[0], splitted[2].strip()))
if "-V" in optsd:
options["allvars"] = str(optsd["-V"][0])
def _parse_scripts(self, optsd, options):
"""
options = dict(
script = "",
script_args = {},
)
"""
if "-A" in optsd:
options["script"] = "default"
if "--AA" in optsd:
options["script"] = "default,verbose"
if "--AAA" in optsd:
options["script"] = "default,verbose,discovery"
if "--script" in optsd:
options["script"] = ("default" if optsd["--script"][0] == "" else
optsd["--script"][0])
if "--script-args" in optsd:
try:
options["script_args"] = dict([
x.split("=", 1)
for x in optsd["--script-args"][0].split(",")
])
except ValueError:
raise FuzzExceptBadOptions(
"Script arguments: Incorrect arguments format supplied.")
def _check_options(self, optsd):
# Check for repeated flags
l = [
i for i in optsd if i not in
["-z", "--zP", "--slice", "payload", "-w", "-b", "-H", "-p"]
and len(optsd[i]) > 1
]
if l:
raise FuzzExceptBadOptions(
"Bad usage: Only one %s option could be specified at the same time."
% " ".join(l))
#-A and script not allowed at the same time
if "--script" in optsd.keys() and "-A" in optsd.keys():
raise FuzzExceptBadOptions(
"Bad usage: --scripts and -A are incompatible options, -A already defines --script=default."
)
if "-s" in optsd.keys() and "-t" in optsd.keys():
print "WARNING: When using delayed requests concurrent requests are limited to 1, therefore the -s switch will be ignored."
def _check_options(self, optsd):
# Check for repeated flags
opt_list = [i for i in optsd if i not in REPEATABLE_OPTS and len(optsd[i]) > 1]
if opt_list:
raise FuzzExceptBadOptions(
"Bad usage: Only one %s option could be specified at the same time."
% " ".join(opt_list)
)
# -A and script not allowed at the same time
if "--script" in list(optsd.keys()) and [
key for key in optsd.keys() if key in ["-A", "--AA", "--AAA"]
]:
raise FuzzExceptBadOptions(
"Bad usage: --scripts and -A, --AA, --AAA are incompatible options."
)
if "-s" in list(optsd.keys()) and "-t" in list(optsd.keys()):
warnings.warn(
"When using delayed requests concurrent requests are limited to 1, therefore the -t switch will be ignored."
)
def _parse_payload(self, optsd, options):
'''
options = dict(
payloads = [],
iterator = None,
)
'''
payloads_list = []
for payload in optsd["payload"]:
if "-z" not in payload and "-w" not in payload:
raise FuzzExceptBadOptions(
"--zP and --slice must be preceded by a -z or -w switch.")
zpayl = payload[
"-z"] if "-z" in payload else "file,%s" % payload["-w"]
extraparams = payload["--zP"] if "--zP" in payload else None
sliceit = payload["--slice"] if "--slice" in payload else None
vals = zpayl.split(",")
default_param = None
params = {}
if len(vals) >= 2:
name, default_param = vals[:2]
else:
name = vals[0]
if extraparams:
params = dict(
[x.split("=", 1) for x in extraparams.split(",")])
if default_param:
params['default'] = default_param
encoders = vals[2] if len(vals) == 3 else None
if encoders:
params['encoder'] = encoders.split("-")
elif "encoder" in params:
params['encoder'] = params['encoder'].split("-")
else:
params['encoder'] = None
payloads_list.append((name, params, sliceit))
if "-m" in optsd:
options["iterator"] = optsd['-m'][0]
if payloads_list:
options["payloads"] = payloads_list
def __init__(self, params):
BasePayload.__init__(self, params)
try:
ran = self.params["range"].split("-")
self.minimum = int(ran[0], 16)
self.maximum = int(ran[1], 16)
self.__count = self.maximum - self.minimum + 1
self.current = self.minimum
self.lgth = max(len(ran[0]), len(ran[1]),
len(hex(self.maximum).replace("0x", "")))
except ValueError:
raise FuzzExceptBadOptions("Bad range format (eg. \"0-ffa\")")
def __init__(self):
self.results_queue = None
self.base_fuzz_res = None
# check mandatory params, assign default values
for name, default_value, required, description in self.parameters:
param_name = "%s.%s" % (self.name, name)
if required and param_name not in list(self.kbase.keys()):
raise FuzzExceptBadOptions("Plugins, missing parameter %s!" %
(param_name, ))
if param_name not in list(self.kbase.keys()):
self.kbase[param_name] = default_value
def _parse_help_opt(self, optsd):
if "--version" in optsd:
print(version)
sys.exit(0)
if "-h" in optsd:
self.show_usage()
sys.exit(0)
if "--help" in optsd:
self.show_verbose_usage()
sys.exit(0)
# Extensions help
if "--script-help" in optsd:
script_string = optsd["--script-help"][0]
if script_string == "":
script_string = "$all$"
self.show_plugin_ext_help("scripts", category=script_string)
if "-e" in optsd:
if "payloads" in optsd["-e"]:
self.show_plugins_help("payloads")
elif "encoders" in optsd["-e"]:
self.show_plugins_help("encoders", 2)
elif "iterators" in optsd["-e"]:
self.show_plugins_help("iterators")
elif "printers" in optsd["-e"]:
self.show_plugins_help("printers")
elif "scripts" in optsd["-e"]:
self.show_plugins_help("scripts", 2)
else:
raise FuzzExceptBadOptions(
"Unknown category. Valid values are: payloads, encoders, iterators, printers or scripts."
)
if "-f" in optsd:
if "help" in optsd["-f"]:
self.show_plugins_help("printers")
if "-o" in optsd:
if "help" in optsd["-o"]:
self.show_plugins_help("printers")
if "-m" in optsd:
if "help" in optsd["-m"]:
self.show_plugins_help("iterators")
if "-z" in optsd:
if "help" in optsd["-z"]:
filt = optsd["--slice"][0] if "--slice" in optsd else "$all$"
self.show_plugin_ext_help("payloads", category=filt)
def _parse_seed(self, url, optsd, options):
'''
options = dict(
url = url,
method = None,
auth = (None, None),
follow = False,
head = False,
postdata = None,
headers = [(header, value)],
cookie = [],
allvars = None,
)
'''
if url:
options['url'] = url
if "-X" in optsd:
options['method'] = optsd["-X"][0]
if "--basic" in optsd:
options['auth'] = ("basic", optsd["--basic"][0])
if "--digest" in optsd:
options['auth'] = ("digest", optsd["--digest"][0])
if "--ntlm" in optsd:
options['auth'] = ("ntlm", optsd["--ntlm"][0])
if "--follow" in optsd or "-L" in optsd:
options['follow'] = True
if "-d" in optsd:
options['postdata'] = optsd["-d"][0]
for bb in optsd["-b"]:
options['cookie'].append(bb)
for x in optsd["-H"]:
splitted = x.partition(":")
if splitted[1] != ":":
raise FuzzExceptBadOptions(
"Wrong header specified, it should be in the format \"name: value\"."
)
options['headers'].append((splitted[0], splitted[2].strip()))
if "-V" in optsd:
options['allvars'] = str(optsd["-V"][0])
def _parse_conn_options(self, optsd, conn_options):
'''
conn_options = dict(
proxies = None,
conn_delay = 90,
req_delay = None,
rlevel = 0,
scanmode = False,
delay = None,
concurrent = 10,
)
'''
if "-p" in optsd:
proxy = []
for p in optsd["-p"]:
vals = p.split(":")
if len(vals) == 2:
proxy.append((vals[0], vals[1], "HTML"))
elif len(vals) == 3:
proxy.append((vals[0], vals[1], vals[2]))
else:
raise FuzzExceptBadOptions(
"Bad proxy parameter specified.")
conn_options['proxies'] = proxy
if "--conn-delay" in optsd:
conn_options['conn_delay'] = int(optsd["--conn-delay"][0])
if "--req-delay" in optsd:
conn_options["req_delay"] = int(optsd["--req-delay"][0])
if "-R" in optsd:
conn_options["rlevel"] = int(optsd["-R"][0])
if "-Z" in optsd:
conn_options["scanmode"] = True
if "-s" in optsd:
conn_options["delay"] = float(optsd["-s"][0])
if "-t" in optsd:
conn_options["concurrent"] = int(optsd["-t"][0])
def _parse_scripts(self, optsd, options):
'''
options = dict(
script = "",
script_args = {},
)
'''
if "-A" in optsd:
options["script"] = "default"
if "--script" in optsd:
options["script"] = "default" if optsd["--script"][0] == "" else optsd["--script"][0]
if "--script-args" in optsd:
try:
options['script_args'] = dict([x.split("=", 1) for x in optsd["--script-args"][0].split(",")])
except ValueError:
raise FuzzExceptBadOptions("Script arguments: Incorrect arguments format supplied.")
def __init__(self, params):
BasePayload.__init__(self, params)
self.__max = -1
self.attr = self.params["attr"]
self._it = self.burp_to_xml(self.params["fn"])
if any(i not in ["proxy", "target"]
for i in self.params["source"].split(",")):
raise FuzzExceptBadOptions("Unknown burp source parameter")
self.request_tags = []
self.response_tags = []
if "proxy" in self.params["source"]:
self.request_tags.append("</originalRequest>")
self.response_tags.append("</originalResponse>")
if "target" in self.params["source"]:
self.request_tags.append("</request>")
self.response_tags.append("</response>")
def __init__(self, params):
BasePayload.__init__(self, params)
self.charset = []
try:
ran = self.params["ch"].split("-")
self.charset = ran[0]
self.width = int(ran[1])
except ValueError:
raise FuzzExceptBadOptions("Bad range format (eg. \"0-ffa\")")
pset = []
for x in self.charset:
pset.append(x)
words = self.xcombinations(pset, self.width)
self.lista = []
for x in words:
self.lista.append(''.join(x))
self.__count = len(self.lista)
def _parse_conn_options(self, optsd, conn_options):
if "-p" in optsd:
proxy = []
for p in optsd["-p"]:
vals = p.split(":")
if len(vals) == 2:
proxy.append((vals[0], vals[1], "HTTP"))
elif len(vals) == 3:
proxy.append((vals[0], vals[1], vals[2]))
else:
raise FuzzExceptBadOptions(
"Bad proxy parameter specified.")
conn_options["proxies"] = proxy
if "--conn-delay" in optsd:
conn_options["conn_delay"] = int(optsd["--conn-delay"][0])
if "--req-delay" in optsd:
conn_options["req_delay"] = int(optsd["--req-delay"][0])
if "-R" in optsd:
conn_options["rlevel"] = int(optsd["-R"][0])
if "-D" in optsd:
conn_options["dlevel"] = int(optsd["-D"][0])
if "-Z" in optsd:
conn_options["scanmode"] = True
if "-s" in optsd:
conn_options["delay"] = float(optsd["-s"][0])
if "-t" in optsd:
conn_options["concurrent"] = int(optsd["-t"][0])
def parse_cl(self):
# Usage and command line help
try:
opts, args = getopt.getopt(
self.argv[1:], "hLAZX:vcb:e:R:d:z:r:f:t:w:V:H:m:f:o:s:p:w:u:",
[
'slice=', 'zP=', 'oF=', 'recipe=', 'dump-recipe=',
'req-delay=', 'conn-delay=', 'sc=', 'sh=', 'sl=', 'sw=',
'ss=', 'hc=', 'hh=', 'hl=', 'hw=', 'hs=', 'ntlm=',
'basic=', 'digest=', 'database=', 'follow', 'script-help=',
'script=', 'script-args=', 'prefilter=', 'filter=',
'interact', 'help', 'version', 'dry-run', 'prev'
])
optsd = defaultdict(list)
payload_cache = {}
for i, j in opts:
if i in ["-z", "--zP", "--slice", "-w"]:
if i in ["-z", "-w"]:
if payload_cache:
optsd["payload"].append(payload_cache)
payload_cache = {}
payload_cache[i] = j
optsd[i].append(j)
if not args and not optsd:
self.show_brief_usage()
sys.exit(1)
if payload_cache:
optsd["payload"].append(payload_cache)
payload_cache = {}
self._parse_help_opt(optsd)
url = None
if len(args) == 1:
url = args[0]
elif len(args) > 1:
raise FuzzExceptBadOptions("Too many arguments.")
options = FuzzSession()
if "-u" in optsd:
if url == "FUZZ":
options["seed_payload"] = True
url = optsd["-u"][0]
elif url is None:
url = optsd["-u"][0]
else:
raise FuzzExceptBadOptions(
"Specify the URL either with -u or last argument.")
# check command line options correctness
self._check_options(optsd)
# parse options from recipe first
if "--recipe" in optsd:
options.import_from_file(optsd["--recipe"][0])
# command line has priority over recipe
self._parse_options(optsd, options)
self._parse_conn_options(optsd, options)
self._parse_filters(optsd, options)
self._parse_seed(url, optsd, options)
self._parse_payload(optsd, options)
self._parse_scripts(optsd, options)
if "--dump-recipe" in optsd:
error = options.validate()
if error:
raise FuzzExceptBadOptions(error)
options.export_to_file(optsd["--dump-recipe"][0])
print(help_banner)
print("Recipe written to %s." % (optsd["--dump-recipe"][0], ))
sys.exit(0)
return options
except FuzzException as e:
self.show_brief_usage()
raise e
except ValueError:
self.show_brief_usage()
raise FuzzExceptBadOptions("Incorrect options, please check help.")
except getopt.GetoptError as qw:
self.show_brief_usage()
raise FuzzExceptBadOptions("%s." % str(qw))
class CLParser:
def __init__(self, argv):
self.argv = argv
def show_brief_usage(self):
print help_banner
print brief_usage
def show_verbose_usage(self):
print help_banner
print verbose_usage
def show_usage(self):
print help_banner
print usage
def show_plugins_help(self, registrant, cols=3, category="$all$"):
print "\nAvailable %s:\n" % registrant
table_print(
map(lambda x: x[cols:],
Facade().proxy(registrant).get_plugins_ext(category)))
sys.exit(0)
def show_plugin_ext_help(self, registrant, category="$all$"):
for p in Facade().proxy(registrant).get_plugins(category):
print "Name: %s %s" % (p.name, p.version)
print "Categories: %s" % ','.join(p.category)
print "Summary: %s" % p.summary
print "Author: %s" % ','.join(p.author)
print "Description:"
for l in p.description:
print " %s" % l
print "Parameters:"
for l in p.parameters:
print " %s %s%s: %s" % ("+" if l[2] else "-", l[0],
" (= %s)" %
str(l[1]) if l[1] else "", l[3])
print "\n"
sys.exit(0)
def parse_cl(self):
# Usage and command line help
try:
opts, args = getopt.getopt(
self.argv[1:], "hLAZX:vcb:e:R:d:z:r:f:t:w:V:H:m:f:o:s:p:w:u:",
[
'slice=', 'zP=', 'oF=', 'recipe=', 'dump-recipe=',
'req-delay=', 'conn-delay=', 'sc=', 'sh=', 'sl=', 'sw=',
'ss=', 'hc=', 'hh=', 'hl=', 'hw=', 'hs=', 'ntlm=',
'basic=', 'digest=', 'follow', 'script-help=', 'script=',
'script-args=', 'prefilter=', 'filter=', 'interact',
'help', 'version', 'dry-run', 'prev'
])
optsd = defaultdict(list)
payload_cache = {}
for i, j in opts:
if i in ["-z", "--zP", "--slice", "-w"]:
if i in ["-z", "-w"]:
if payload_cache:
optsd["payload"].append(payload_cache)
payload_cache = {}
payload_cache[i] = j
optsd[i].append(j)
if not args and not optsd:
self.show_brief_usage()
sys.exit(1)
if payload_cache:
optsd["payload"].append(payload_cache)
payload_cache = {}
self._parse_help_opt(optsd)
url = None
if len(args) == 1:
url = args[0]
elif len(args) > 1:
raise FuzzExceptBadOptions("Too many arguments.")
options = FuzzSession()
if "-u" in optsd:
if url == "FUZZ":
options["seed_payload"] = True
url = optsd["-u"][0]
elif url is None:
url = optsd["-u"][0]
else:
raise FuzzExceptBadOptions(
"Specify the URL either with -u or last argument.")
# check command line options correctness
self._check_options(optsd)
# parse options from recipe first
if "--recipe" in optsd:
options.import_from_file(optsd["--recipe"][0])
# command line has priority over recipe
self._parse_options(optsd, options)
self._parse_conn_options(optsd, options)
self._parse_filters(optsd, options)
self._parse_seed(url, optsd, options)
self._parse_payload(optsd, options)
self._parse_scripts(optsd, options)
if "--dump-recipe" in optsd:
error = options.validate()
if error:
raise FuzzExceptBadOptions(error)
options.export_to_file(optsd["--dump-recipe"][0])
print help_banner
print "Recipe written to %s." % (optsd["--dump-recipe"][0], )
sys.exit(0)
return options
except FuzzException, e:
self.show_brief_usage()
#self.show_usage()
raise e
except ValueError:
self.show_brief_usage()
raise FuzzExceptBadOptions("Incorrect options, please check help.")
print help_banner
print "Recipe written to %s." % (optsd["--dump-recipe"][0], )
sys.exit(0)
return options
except FuzzException, e:
self.show_brief_usage()
#self.show_usage()
raise e
except ValueError:
self.show_brief_usage()
raise FuzzExceptBadOptions("Incorrect options, please check help.")
except getopt.GetoptError, qw:
self.show_brief_usage()
#self.show_usage()
raise FuzzExceptBadOptions("%s." % str(qw))
def _parse_help_opt(self, optsd):
if "--version" in optsd:
print version
sys.exit(0)
if "-h" in optsd:
self.show_usage()
sys.exit(0)
if "--help" in optsd:
self.show_verbose_usage()
sys.exit(0)
# Extensions help
def parse_cl(self):
# Usage and command line help
try:
opts, args = getopt.getopt(self.argv[1:], self.short_opts,
self.long_opts)
optsd = defaultdict(list)
payload_cache = {}
for i, j in opts:
if i in ["-z", "--zP", "--slice", "-w", "--zD", "--zE"]:
if i in ["-z", "-w"]:
if payload_cache:
optsd["payload"].append(payload_cache)
payload_cache = {}
payload_cache[i] = j
optsd[i].append(j)
if not args and not optsd:
self.show_brief_usage()
sys.exit(1)
if payload_cache:
optsd["payload"].append(payload_cache)
payload_cache = {}
self._parse_help_opt(optsd)
url = None
if len(args) == 1:
url = args[0]
elif len(args) > 1:
raise FuzzExceptBadOptions("Too many arguments.")
options = FuzzSession()
cli_url = None
if "-u" in optsd:
if (url is not None
and url != "FUZZ") or url == optsd["-u"][0]:
raise FuzzExceptBadOptions(
"Specify the URL either with -u or last argument. If you want to use a full payload, it can only be specified with FUZZ."
)
cli_url = optsd["-u"][0]
if cli_url:
url = cli_url
# check command line options correctness
self._check_options(optsd)
# parse options from recipe first
if "--recipe" in optsd:
for recipe in optsd["--recipe"]:
options.import_from_file(recipe)
# command line has priority over recipe
self._parse_options(optsd, options)
self._parse_conn_options(optsd, options)
self._parse_filters(optsd, options)
self._parse_seed(url, optsd, options)
self._parse_payload(optsd, options)
self._parse_scripts(optsd, options)
if "--dump-recipe" in optsd:
print(exec_banner)
for error_msg in options.validate():
warnings.warn("Recipe parsing error: {}".format(error_msg))
print("")
options.export_to_file(optsd["--dump-recipe"][0])
print("Recipe written to %s." % (optsd["--dump-recipe"][0], ))
sys.exit(0)
return options
except FuzzException as e:
self.show_brief_usage()
raise e
except ValueError:
self.show_brief_usage()
raise FuzzExceptBadOptions("Incorrect options, please check help.")
except getopt.GetoptError as qw:
self.show_brief_usage()
raise FuzzExceptBadOptions("%s." % str(qw))
def _parse_help_opt(self, optsd):
if "--version" in optsd:
print(version)
sys.exit(0)
if "-h" in optsd:
self.show_usage()
sys.exit(0)
if "--help" in optsd:
self.show_verbose_usage()
sys.exit(0)
if "--filter-help" in optsd:
FILTER_HELP_REGEX_EXP = (
"Filter Language\n---------------\n\n(.*?)Filtering results")
FILTER_HELP_REGEX = re.compile(FILTER_HELP_REGEX_EXP,
re.MULTILINE | re.DOTALL)
print(FILTER_HELP_REGEX.search(get_filter_help_file()).group(1))
sys.exit(0)
# Extensions help
if "--script-help" in optsd:
script_string = optsd["--script-help"][0]
if script_string == "":
script_string = "$all$"
self.show_plugin_ext_help("scripts", category=script_string)
if "--ee" in optsd:
if "payloads" in optsd["--ee"]:
self.show_plugins_names("payloads")
elif "encoders" in optsd["--ee"]:
self.show_plugins_names("encoders")
elif "iterators" in optsd["--ee"]:
self.show_plugins_names("iterators")
elif "printers" in optsd["--ee"]:
self.show_plugins_names("printers")
elif "scripts" in optsd["--ee"]:
self.show_plugins_names("scripts")
elif "fields" in optsd["--ee"]:
print("\n".join(allowed_fields))
elif "files" in optsd["--ee"]:
print("\n".join(Facade().sett.get("general",
"lookup_dirs").split(",")))
elif "registrants" in optsd["--ee"]:
print("\n".join(Facade().get_registrants()))
elif "options" in optsd["--ee"]:
print("\n".join([
"-{}".format(opt)
for opt in self.short_opts.replace(":", "")
]))
print("\n".join([
"--{}".format(opt.replace("=", ""))
for opt in self.long_opts
]))
else:
raise FuzzExceptBadOptions(
"Unknown category. Valid values are: payloads, encoders, iterators, printers or scripts."
)
sys.exit(0)
if "-e" in optsd:
if "payloads" in optsd["-e"]:
self.show_plugins_help("payloads")
elif "encoders" in optsd["-e"]:
self.show_plugins_help("encoders", 2)
elif "iterators" in optsd["-e"]:
self.show_plugins_help("iterators")
elif "printers" in optsd["-e"]:
self.show_plugins_help("printers")
elif "scripts" in optsd["-e"]:
self.show_plugins_help("scripts", 2)
else:
raise FuzzExceptBadOptions(
"Unknown category. Valid values are: payloads, encoders, iterators, printers or scripts."
)
if "-f" in optsd:
if "help" in optsd["-f"]:
self.show_plugins_help("printers")
if "-o" in optsd:
if "help" in optsd["-o"]:
self.show_plugins_help("printers")
if "-m" in optsd:
if "help" in optsd["-m"]:
self.show_plugins_help("iterators")
if "-z" in optsd:
if "help" in optsd["-z"]:
filt = optsd["--slice"][0] if "--slice" in optsd else "$all$"
self.show_plugin_ext_help("payloads", category=filt)
def _parse_payload(self, optsd, options):
"""
options = dict(
payloads = [],
iterator = None,
)
"""
payloads_list = []
for payload in optsd["payload"]:
if "-z" not in payload and "-w" not in payload:
raise FuzzExceptBadOptions(
"--zP and --slice must be preceded by a -z or -w switch.")
zpayl = payload[
"-z"] if "-z" in payload else "file,%s" % payload["-w"]
extraparams = payload["--zP"] if "--zP" in payload else None
sliceit = payload["--slice"] if "--slice" in payload else None
vals = zpayl.split(",")
default_param = None
params = {}
if len(vals) >= 2:
name, default_param = vals[:2]
else:
name = vals[0]
default_param_cli = payload["--zD"] if "--zD" in payload else None
if default_param_cli and default_param:
raise FuzzExceptBadOptions(
"--zD and -z parameters are exclusive.")
elif default_param_cli:
default_param = default_param_cli
if extraparams:
params = dict(
[x.split("=", 1) for x in extraparams.split(",")])
if default_param:
params["default"] = default_param
encoders = vals[2] if len(vals) == 3 else None
encoders_cli = payload["--zE"] if "--zE" in payload else None
if encoders_cli and encoders:
raise FuzzExceptBadOptions(
"--zE and -z encoders are exclusive.")
elif encoders_cli:
encoders = encoders_cli
if encoders:
params["encoder"] = encoders.split("-")
elif "encoder" in params:
params["encoder"] = params["encoder"].split("-")
else:
params["encoder"] = None
payloads_list.append((name, params, sliceit))
if "-m" in optsd:
options["iterator"] = optsd["-m"][0]
if payloads_list:
options["payloads"] = payloads_list