def test_headers_method(self): hdr = Headers([("foo", "bar")]) fr = create_fuzzable_request_from_parts(self.url, method="PUT", add_headers=hdr) self.assertEqual(fr.get_url(), self.url) self.assertEqual(fr.get_headers(), hdr) self.assertEqual(fr.get_method(), "PUT")
def test_headers(self): hdr = Headers([('foo', 'bar')]) fr = create_fuzzable_request_from_parts(self.url, add_headers=hdr) self.assertEqual(fr.get_url(), self.url) self.assertEqual(fr.get_headers(), hdr) self.assertEqual(fr.get_method(), 'GET')
def test_json_post(self): post_data = '{"1":"2"}' hdr = Headers([("content-length", str(len(post_data)))]) fr = create_fuzzable_request_from_parts(self.url, add_headers=hdr, post_data=post_data, method="POST") self.assertEqual(fr.get_url(), self.url) self.assertEqual(fr.get_headers(), hdr) self.assertEqual(fr.get_method(), "POST") self.assertIsInstance(fr, JSONPostDataRequest)
def test_simple_post(self): post_data = "a=b&d=3" hdr = Headers([("content-length", str(len(post_data)))]) fr = create_fuzzable_request_from_parts(self.url, add_headers=hdr, post_data=post_data, method="POST") self.assertEqual(fr.get_url(), self.url) self.assertEqual(fr.get_headers(), hdr) self.assertEqual(fr.get_method(), "POST") self.assertFalse("content-type" in fr.get_headers()) self.assertIsInstance(fr, HTTPPostDataRequest)
def test_json_post(self): post_data = '{"1":"2"}' hdr = Headers([('content-length', str(len(post_data)))]) fr = create_fuzzable_request_from_parts(self.url, add_headers=hdr, post_data=post_data, method='POST') self.assertEqual(fr.get_url(), self.url) self.assertEqual(fr.get_headers(), hdr) self.assertEqual(fr.get_method(), 'POST') self.assertIsInstance(fr, JSONPostDataRequest)
def test_simple_post(self): post_data = 'a=b&d=3' hdr = Headers([('content-length', str(len(post_data)))]) fr = create_fuzzable_request_from_parts(self.url, add_headers=hdr, post_data=post_data, method='POST') self.assertEqual(fr.get_url(), self.url) self.assertEqual(fr.get_headers(), hdr) self.assertEqual(fr.get_method(), 'POST') self.assertFalse('content-type' in fr.get_headers()) self.assertIsInstance(fr, HTTPPostDataRequest)
def test_xmlrpc_post(self): post_data = """<methodCall> <methodName>system.listMethods</methodName> <params></params> </methodCall>""" headers = Headers([("content-length", str(len(post_data)))]) fr = create_fuzzable_request_from_parts(self.url, add_headers=headers, post_data=post_data, method="POST") self.assertEqual(fr.get_url(), self.url) self.assertEqual(fr.get_headers(), headers) self.assertEqual(fr.get_method(), "POST") self.assertIsInstance(fr, XMLRPCRequest)
def test_multipart_post(self): boundary, post_data = multipart_encode([("a", "bcd")], []) headers = Headers( [("content-length", str(len(post_data))), ("content-type", "multipart/form-data; boundary=%s" % boundary)] ) fr = create_fuzzable_request_from_parts(self.url, add_headers=headers, post_data=post_data, method="POST") self.assertEqual(fr.get_url(), self.url) self.assertEqual(fr.get_headers(), headers) self.assertTrue("multipart/form-data" in fr.get_headers()["content-type"]) self.assertEqual(fr.get_method(), "POST") self.assertEqual(fr.get_dc(), {"a": ["bcd"]}) self.assertIsInstance(fr, HTTPPostDataRequest)
def test_multipart_post(self): boundary, post_data = multipart_encode([('a', 'bcd'), ], []) headers = Headers([('content-length', str(len(post_data))), ('content-type', 'multipart/form-data; boundary=%s' % boundary)]) fr = create_fuzzable_request_from_parts(self.url, add_headers=headers, post_data=post_data, method='POST') self.assertEqual(fr.get_url(), self.url) self.assertEqual(fr.get_headers(), headers) self.assertTrue( 'multipart/form-data' in fr.get_headers()['content-type']) self.assertEqual(fr.get_method(), 'POST') self.assertEqual(fr.get_dc(), {'a': ['bcd', ]}) self.assertIsInstance(fr, HTTPPostDataRequest)
def _grep(self, request, response): url_instance = request.url_object domain = url_instance.get_domain() if self._grep_queue_put is not None and\ domain in cf.cf.get('target_domains'): # Create a fuzzable request based on the urllib2 request object headers_inst = Headers(request.headers.items()) fr = create_fuzzable_request_from_parts(url_instance, request.get_method(), request.get_data(), headers_inst) self._grep_queue_put((fr, response))
def test_xmlrpc_post(self): post_data = '''<methodCall> <methodName>system.listMethods</methodName> <params></params> </methodCall>''' headers = Headers([('content-length', str(len(post_data)))]) fr = create_fuzzable_request_from_parts(self.url, add_headers=headers, post_data=post_data, method='POST') self.assertEqual(fr.get_url(), self.url) self.assertEqual(fr.get_headers(), headers) self.assertEqual(fr.get_method(), 'POST') self.assertIsInstance(fr, XMLRPCRequest)
def _grep(self, request, response): url_instance = request.url_object domain = url_instance.get_domain() if self._grep_queue_put is not None and\ domain in cf.cf.get('target_domains'): # Create a fuzzable request based on the urllib2 request object headers_inst = Headers(request.headers.items()) fr = create_fuzzable_request_from_parts( url_instance, request.get_method(), request.get_data(), headers_inst ) self._grep_queue_put((fr, response))
def test_invalid_multipart_post(self): _, post_data = multipart_encode([("a", "bcd")], []) # It is invalid because there is a missing boundary parameter in the # content-type header headers = Headers([("content-length", str(len(post_data))), ("content-type", "multipart/form-data")]) fr = create_fuzzable_request_from_parts(self.url, add_headers=headers, post_data=post_data, method="POST") self.assertEqual(fr.get_url(), self.url) self.assertEqual(fr.get_headers(), headers) self.assertEqual(fr.get_method(), "POST") # And this is how it affects the result: self.assertEqual(fr.get_data(), "") self.assertEqual(fr.get_dc(), {}) self.assertIsInstance(fr, HTTPPostDataRequest)
def test_invalid_multipart_post(self): _, post_data = multipart_encode([('a', 'bcd'), ], []) # It is invalid because there is a missing boundary parameter in the # content-type header headers = Headers([('content-length', str(len(post_data))), ('content-type', 'multipart/form-data')]) fr = create_fuzzable_request_from_parts(self.url, add_headers=headers, post_data=post_data, method='POST') self.assertEqual(fr.get_url(), self.url) self.assertEqual(fr.get_headers(), headers) self.assertEqual(fr.get_method(), 'POST') # And this is how it affects the result: self.assertEqual(fr.get_data(), '') self.assertEqual(fr.get_dc(), {}) self.assertIsInstance(fr, HTTPPostDataRequest)
def mangle_request(self, request): ''' This method mangles the request. :param request: This is the request to mangle. :return: A mangled version of the request. ''' data = request.get_data() for regex, string in self._manglers['q']['b']: data = regex.sub(string, data) header_string = str(request.get_headers()) for regex, string in self._manglers['q']['h']: header_string = regex.sub(string, header_string) headers_inst = Headers.from_string(header_string) return create_fuzzable_request_from_parts( request.get_uri(), request.get_method(), data, headers_inst )
def test_simplest(self): fr = create_fuzzable_request_from_parts(self.url) self.assertEqual(fr.get_url(), self.url) self.assertEqual(fr.get_headers(), Headers()) self.assertEqual(fr.get_method(), 'GET')
>>> pdr._dc QueryString({u'id': [u'1']}) >>> pdr.get_data() 'id=1' ''' try: (method, uri, postdata) = csv_row except ValueError, value_error: msg = 'The file format is incorrect, an error was found while'\ ' parsing: "%s". Exception: "%s".' om.out.error(msg % (csv_row, value_error)) else: # Create the obj based on the information uri = URL(uri) if uri.is_valid_domain(): return create_fuzzable_request_from_parts(uri, method, postdata) def _objs_from_burp_log(self, burp_file): ''' Read a burp log (XML) and extract the information. ''' class XMLParser(object): ''' TODO: Support protocol (http|https) and port extraction. Now it only works with http and 80. ''' requests = [] parsing_request = False current_is_base64 = False def start(self, tag, attrib):
uri = ' '.join(first_line[1:-1]) check_version_syntax(version) # If we got here, we have a nice method, uri, version first line # Now we parse the headers (easy!) and finally we send the request headers_str = splitted_head[1:] headers_inst = Headers() for header in headers_str: one_splitted_header = header.split(':', 1) if len(one_splitted_header) == 1: msg = 'The HTTP request has an invalid header: "%s".' raise w3afException(msg % header) header_name = one_splitted_header[0].strip() header_value = one_splitted_header[1].strip() if header_name in headers_inst: headers_inst[header_name] += ', ' + header_value else: headers_inst[header_name] = header_value host, _ = headers_inst.iget('host', None) try: uri = URL(check_uri_syntax(uri, host)) except ValueError, ve: raise w3afException(str(ve)) return create_fuzzable_request_from_parts(uri, method, postdata, headers_inst)
>>> pdr._dc QueryString({u'id': [u'1']}) >>> pdr.get_data() 'id=1' ''' try: (method, uri, postdata) = csv_row except ValueError, value_error: msg = 'The file format is incorrect, an error was found while'\ ' parsing: "%s". Exception: "%s".' om.out.error(msg % (csv_row, value_error)) else: # Create the obj based on the information uri = URL(uri) if uri.is_valid_domain(): return create_fuzzable_request_from_parts( uri, method, postdata) def _objs_from_burp_log(self, burp_file): ''' Read a burp log (XML) and extract the information. ''' class XMLParser(object): ''' TODO: Support protocol (http|https) and port extraction. Now it only works with http and 80. ''' requests = [] parsing_request = False current_is_base64 = False def start(self, tag, attrib):