def __init__(self, ip, port, urlOpener=ExtendedUrllib(), proxy_cert='core/controllers/daemons/mitm.crt'): ''' :param ip: IP address to bind :param port: Port to bind :param urlOpener: The urlOpener that will be used to open the requests that arrive from the browser :param proxyHandler: A class that will know how to handle requests from the browser :param proxy_cert: Proxy certificate to use, this is needed for proxying SSL connections. ''' Proxy.__init__(self, ip, port, urlOpener, w3afLocalProxyHandler, proxy_cert) self.daemon = True self.name = 'LocalProxyThread' # Internal vars self._request_queue = Queue.Queue() self._edited_requests = {} self._edited_responses = {} # User configured parameters self._methods_to_trap = set() self._what_to_trap = re.compile('.*') self._what_not_to_trap = re.compile('.*\.(gif|jpg|png|css|js|ico|swf|axd|tif)$') self._trap = False self._fix_content_length = True
def setUp(self): uri = URL(self.SQLI_GET) target = Target(uri) self.uri_opener = ExtendedUrllib() self.sqlmap = SQLMapWrapper(target, self.uri_opener)
def test_raise_on_domain_not_in_archive(self): url = URL('http://www.w3af-scanner.org/') fr = FuzzableRequest(url, method='GET') ado = archive_dot_org() uri_opener = ExtendedUrllib() ado.set_url_opener(uri_opener) self.assertRaises(w3afRunOnce, ado.crawl_wrapper, fr)
def test_verify_vulnerability_ssl(self): uri = URL(self.SSL_SQLI_GET) target = Target(uri) self.uri_opener = ExtendedUrllib() self.sqlmap = SQLMapWrapper(target, self.uri_opener) vulnerable = self.sqlmap.is_vulnerable() self.assertTrue(vulnerable)
def test_send_mangled(self): xurllib = ExtendedUrllib() xurllib.set_evasion_plugins([ self_reference(), ]) url = URL('http://moth/') http_response = xurllib.GET(url) self.assertEqual(http_response.get_url().url_string, u'http://moth/./')
def test_xurllib(self): uri_opener = ExtendedUrllib() uri_opener.GET(self.URL_SENDS_COOKIE) resp = uri_opener.GET(self.URL_CHECK_COOKIE, cookies=True) self.assertTrue('Cookie was sent.' in resp) resp = uri_opener.GET(self.URL_CHECK_COOKIE, cookies=False) self.assertTrue('Cookie was NOT sent.' in resp) resp = uri_opener.GET(self.URL_CHECK_COOKIE, cookies=True) self.assertTrue('Cookie was sent.' in resp)
def setUp(self): self.uri_opener = ExtendedUrllib() # Start the proxy daemon self._proxy = Proxy('127.0.0.1', 0, ExtendedUrllib(), w3afProxyHandler) self._proxy.start() self._proxy.wait_for_start() port = self._proxy.get_port() # Configure the proxy settings = OpenerSettings() options = settings.get_options() proxy_address_opt = options['proxy_address'] proxy_port_opt = options['proxy_port'] proxy_address_opt.set_value('127.0.0.1') proxy_port_opt.set_value(port) settings.set_options(options) self.uri_opener.settings = settings
def test_pickleable_shells(self): pool = Pool(1) xurllib = ExtendedUrllib() original_shell = Shell(MockVuln(), xurllib, pool) kb.append('a', 'b', original_shell) unpickled_shell = kb.get('a', 'b')[0] self.assertEqual(original_shell, unpickled_shell) self.assertEqual(unpickled_shell.worker_pool, None) self.assertEqual(unpickled_shell._uri_opener, None) pool.terminate() pool.join()
def test_ntlm_auth_valid_creds(self): self.uri_opener = ExtendedUrllib() settings = OpenerSettings() options = settings.get_options() ntlm_domain = options['ntlm_auth_domain'] ntlm_user = options['ntlm_auth_user'] ntlm_pass = options['ntlm_auth_passwd'] ntlm_url = options['ntlm_auth_url'] ntlm_domain.set_value('moth') ntlm_user.set_value('admin') ntlm_pass.set_value('admin') ntlm_url.set_value('http://moth/w3af/core/ntlm_auth/ntlm_v1/') settings.set_options(options) self.uri_opener.settings = settings url = URL("http://moth/w3af/core/ntlm_auth/ntlm_v1/") http_response = self.uri_opener.GET(url, cache=False) self.assertIn('You are admin from MOTH/', http_response.body)
def test_demo_testfire_net(self): # We don't control the demo.testfire.net domain, so we'll check if its # up before doing anything else uri_opener = ExtendedUrllib() login_url = URL(self.demo_testfire + 'login.aspx') try: res = uri_opener.GET(login_url) except: raise SkipTest('demo.testfire.net is unreachable!') else: if not 'Online Banking Login' in res.body: raise SkipTest('demo.testfire.net has changed!') self._scan(self.demo_testfire_net['target'], self.demo_testfire_net['plugins']) urls = self.kb.get_all_known_urls() url_strings = set(str(u) for u in urls) self.assertTrue(self.demo_testfire + 'queryxpath.aspx' in url_strings) self.assertTrue(self.demo_testfire + 'queryxpath.aspx.cs' in url_strings)
class FakeCore(object): worker_pool = Pool(1) uri_opener = ExtendedUrllib()
def setUp(self): super(TestCSRF, self).setUp() self.csrf_plugin = csrf() self.uri_opener = ExtendedUrllib() self.csrf_plugin.set_url_opener(self.uri_opener)
if id(orig_fuzzable_req) in self._edited_responses: res = self._edited_responses[id(orig_fuzzable_req)] del self._edited_responses[id(orig_fuzzable_req)] # Now we return it... if isinstance(res, Exception): raise res else: return res # I looped and got nothing! raise w3afException( 'Timed out waiting for response from remote server.') if __name__ == '__main__': lp = LocalProxy('127.0.0.1', 8080, ExtendedUrllib()) lp.start() for i in xrange(10): time.sleep(1) tr = lp.get_trapped_request() if tr: print tr print lp.send_raw_request(tr, tr.dump_request_head(), tr.get_data()) else: print 'Waiting...' print 'Exit!' lp.stop() print 'bye bye...'
def test_ntlm_auth_not_configured(self): self.uri_opener = ExtendedUrllib() url = URL("http://moth/w3af/core/ntlm_auth/ntlm_v1/") http_response = self.uri_opener.GET(url, cache=False) self.assertIn('Must authenticate.', http_response.body)
def setUp(self): self.uri_opener = ExtendedUrllib()
def setUp(self): create_temp_dir() self.pks_se = pks(ExtendedUrllib())
def setUp(self): self.query, self.limit = random.choice([('big bang theory', 20), ('two and half man', 20), ('doctor house', 20)]) opener = ExtendedUrllib() self.gse = google(opener)