def fuzz(self):
# target = "http://192.168.234.161/login.php"
parameter_list = http_params.HttpParams()
parameter_list.load_from_string_list(self.parameter_list)
payload_list = payloads.Payloads()
payload_list.load_from_string_list(self.payload_list)
fuzzer = Fuzzer(self.target, parameter_list.parameters,
payload_list.payload_list)
fuzzer.fuzz()
return fuzzer.output
def main():
config_file_path = sys.argv[1]
endpoints_description = sys.argv[2]
junit_output = sys.argv[3]
custom_payloads_path = sys.argv[4] if len(sys.argv) == 5 else None
with open(config_file_path, 'r') as config_file_pointer:
ConfigurationManager(config_file_pointer)
target = ConfigurationManager.config["target"]
# Load and generate default payloads
load_default_payloads(target["hostname"])
# If user specified file with custom payloads, we add them to our mutations
payloads_loader = PayloadsLoader(target["hostname"])
payloads_loader.load_payloads(custom_payloads_path,
FuzzPayloads.CUSTOM_PAYLOADS_KEY)
with open(junit_output, 'w', encoding='utf8') as junit_output_file_pointer:
with open(FUZZING_LOG_FILE, "w",
encoding='utf8') as full_log_file_pointer:
text_logger = TextLogger(full_log_file_pointer)
junit_logger = JUnitLogger(junit_output_file_pointer,
test_suite_name_delimiter=":",
hostname=target["hostname"])
protocol = 'ssl' if target["ssl"] is True else 'tcp'
with open(endpoints_description,
'r') as endpoints_description_file_pointer:
endpoints = json.loads(
endpoints_description_file_pointer.read())
fuzzer = Fuzzer(endpoints, text_logger, junit_logger, protocol)
fuzzer.fuzz()
return fuzzer.was_there_any_failure()