def create_vuln(self):
v = super(FileUploadTemplate, self).create_vuln()
form_params = FormParameters()
for file_var in self.file_vars:
form_params.add_file_input([("name", file_var), ("type", "file")])
for token in self.data.iter_tokens():
if token.get_name() in self.file_vars:
continue
form_params.add_input([("name", token.get_name()),
("type", "text"),
("value", token.get_value())])
mpc = MultipartContainer(form_params)
freq = FuzzableRequest(self.url, method=self.method, post_data=mpc)
mutant = PostDataMutant(freq)
mutant.set_dc(mpc)
mutant.set_token((self.vulnerable_parameter, 0))
# User configured settings
v['file_vars'] = self.file_vars
v['file_dest'] = self.file_dest
v.set_mutant(mutant)
return v
def create_vuln(self):
v = super(FileUploadTemplate, self).create_vuln()
form_params = FormParameters()
for file_var in self.file_vars:
form_params.add_file_input([("name", file_var), ("type", "file")])
for token in self.data.iter_tokens():
if token.get_name() in self.file_vars:
continue
form_params.add_input([("name", token.get_value()),
("type", "text")])
mpc = MultipartContainer(form_params)
freq = FuzzableRequest(self.url, method=self.method, post_data=mpc)
mutant = PostDataMutant(freq)
mutant.set_dc(mpc)
mutant.set_token((self.vulnerable_parameter, 0))
# User configured settings
v['file_vars'] = self.file_vars
v['file_dest'] = self.file_dest
v.set_mutant(mutant)
return v
