Пример #1
0
 def test_constructed_url_no_search(self):
     '''
     verify the default value of a url without serach (query) field
     '''
     expected = 'http://www.google.com:123/index.html'
     container = kurl.HttpUrl(
         'http',
         hostport=kurl.HostPort('www.google.com', port=123, name='our host'),
         path=kurl.Path('index.html', name='the page'),
         name='uut'
     )
     actual = container.render().bytes
     self.assertEqual(actual, expected)
Пример #2
0
 def test_constructed_url_no_login(self):
     '''
     verify the default value of a url without login
     '''
     expected = 'http://www.google.com:123/index.html?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8'
     container = kurl.HttpUrl(
         'http',
         hostport=kurl.HostPort('www.google.com', port=123, name='our host'),
         path=kurl.Path('index.html', name='the page'),
         search=kurl.Search('sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8'),
         name='uut'
     )
     actual = container.render().bytes
     self.assertEqual(actual, expected)
Пример #3
0
                                     name=name)

    def _get_class_lib(self):
        lib = []
        methods = ["GET", "POST", "PUT", "DELETE", "OPTIONS", "INVALID", ""]
        for method in methods:
            lib.append((method, "method - " + method))
        return lib


http_get_vPost = Template(
    name='HTTP_POST',
    fields=[
        Method('POST', name='method', fuzzable=True),  # 7 + iteration
        Delimiter(' ', name='space1', fuzzable=False),
        url.Path('somewhere/else', name='path', fuzzable=False),
        Delimiter(' ', name='space2'),
        String('HTTP', name='protocol name'),
        Delimiter('/', name='fws1'),
        Dword(1, name='major version', encoder=ENC_INT_DEC),
        Delimiter('.', name='dot1'),
        Dword(1, name='minor version', encoder=ENC_INT_DEC),
        Static('\r\n'),
        Static('Host: 127.0.0.1:5000'),
        Static('\r\n'),
        Static('Content-Type: text/plain'),
        Static('\r\n'),
        Static('Content-Length: '),
        Size(name='size in bytes',
             sized_field='chunk',
             length=32,
Пример #4
0
                                     name=name)

    def _get_class_lib(self):
        lib = []
        methods = ["GET", "POST", "PUT", "DELETE", "OPTIONS", "INVALID", ""]
        for method in methods:
            lib.append((method, "method - " + method))
        return lib


http_post_json = Template(
    name='HTTP_Post_json',
    fields=[
        Method('POST', name='method', fuzzable=False),
        Delimiter(' ', name='space1', fuzzable=False),
        url.Path('api/pet', name='path', fuzzable=False),
        Delimiter(' ', name='space2', fuzzable=False),
        Static('HTTP', name='protocol name'),
        Delimiter('/', name='fws1', fuzzable=False),
        Dword(1, name='major version', encoder=ENC_INT_DEC, fuzzable=False),
        Delimiter('.', name='dot1', fuzzable=False),
        Dword(1, name='minor version', encoder=ENC_INT_DEC, fuzzable=False),
        Static('\r\n'),
        Static('Host: 127.0.0.1:5000'),
        Static('\r\n'),
        Static('Content-Type: application/json'),
        Static('\r\n'),
        Static('Accept: */*'),
        Static('\r\n'),
        Static('Content-Length: '),
        Size(name='size in bytes',
Пример #5
0
                                     name=name)

    def _get_class_lib(self):
        lib = []
        methods = ["GET", "POST", "PUT", "DELETE", "OPTIONS", "INVALID", ""]
        for method in methods:
            lib.append((method, "method - " + method))
        return lib


http_get_v3 = Template(
    name='HTTP_GET_V3',
    fields=[
        Method('GET', name='method', fuzzable=True),  # 7 + iteration
        Delimiter(' ', name='space1', fuzzable=False),
        url.Path('somewhere/else', name='path'),
        Delimiter(' ', name='space2'),
        String('HTTP', name='protocol name'),
        Delimiter('/', name='fws1'),
        Dword(1, name='major version', encoder=ENC_INT_DEC),
        Delimiter('.', name='dot1'),
        Dword(1, name='minor version', encoder=ENC_INT_DEC),
        Static('\r\n'),
        Static('Host: 127.0.0.1:5000'),
        Static('\r\n'),
        Static('Connection: close'),
        Static('\r\n\r\n', name='eom')
    ])

model.connect(http_get_v3)
fuzzer = ServerFuzzer()
Пример #6
0
    lib = None

    def __init__(self, value, max_size=None, encoder=ENC_STR_DEFAULT, fuzzable=True, name=None):
        super(Method, self).__init__(value=value, max_size=max_size, encoder=encoder, fuzzable=fuzzable, name=name)

    def _get_class_lib(self):
        lib = []
        methods = ["GET", "POST", "PUT", "DELETE", "OPTIONS", "INVALID", ""]
        for method in methods:
            lib.append((method, "method - " + method))
        return lib

http_get_vX = Template(name='HTTP_GET_VX', fields = [
    Method('GET', name='method', fuzzable=False),
    Delimiter(' ', name='space1', fuzzable=False),
    url.Path('api/pet/7', name='path'),# moze sqlinjection?
    Delimiter(' ', name='space2',fuzzable=False),
    String('HTTP', name='protocol name',fuzzable=False),
    Delimiter('/', name='fws1',fuzzable=False),
    Dword(1, name='major version', encoder=ENC_INT_DEC,fuzzable=False),
    Delimiter('.', name='dot1',fuzzable=False),
    Dword(1, name='minor version', encoder=ENC_INT_DEC,fuzzable=False),
    Static('\r\n'),
    Static('Host: 127.0.0.1:5000'),
    Static('\r\n'),
    Static('Connection: close'),
    Static('\r\n\r\n', name='eom')
])

model.connect(http_get_vX)
fuzzer = ServerFuzzer()