tolerableDifference = 0 print('%s Emulating a mobile browser' % run) print('%s Making a request with mobile browser' % run) headers[ 'User-Agent'] = 'Mozilla/4.0 (compatible; MSIE 5.5; Windows CE; PPC; 240x320)' response = requester(origUrl, {}, headers, True, 0).text parsed = zetanize(origUrl, response) if isProtected(parsed): print('%s CSRF protection is enabled for mobile browsers as well.' % bad) else: print('%s CSRF protection isn\'t enabled for mobile browsers.' % good) print('%s Making a request without CSRF token parameter.' % run) data = tweaker(origData, 'remove') response = requester(origUrl, data, headers, origGET, 0) if response.status_code == originalCode: if str(originalCode)[0] in ['4', '5']: print('%s It didn\'t work' % bad) else: difference = abs(originalLength - len(response.text)) if difference <= tolerableDifference: print('%s It worked!' % good) else: print('%s It didn\'t work' % bad) print('%s Making a request without CSRF token parameter value.' % run) data = tweaker(origData, 'clear') response = requester(origUrl, data, headers, origGET, 0)
else: print ('%s Response isn\'t dynamic.' % info) tolerableDifference = 0 print ('%s Emulating a mobile browser' % run) print ('%s Making a request with mobile browser' % run) headers['User-Agent'] = 'Mozilla/4.0 (compatible; MSIE 5.5; Windows CE; PPC; 240x320)' response = requester(origUrl, {}, headers, True, 0).text parsed = zetanize(origUrl, response) if isProtected(parsed): print ('%s CSRF protection is enabled for mobile browsers as well.' % bad) else: print ('%s CSRF protection isn\'t enabled for mobile browsers.' % good) print ('%s Making a request without CSRF token parameter.' % run) data = tweaker(origData, 'remove') response = requester(origUrl, data, headers, origGET, 0) if response.status_code == originalCode: if str(originalCode)[0] in ['4', '5']: print ('%s It didn\'t work' % bad) else: difference = abs(originalLength - len(response.text)) if difference <= tolerableDifference: print ('%s It worked!' % good) else: print ('%s It didn\'t work' % bad) print ('%s Making a request without CSRF token parameter value.' % run) data = tweaker(origData, 'clear') response = requester(origUrl, data, headers, origGET, 0) if response.status_code == originalCode: if str(originalCode)[0] in ['4', '5']: