Python rand_number примеры использования

Пример #1

Файл: ssi.py Проект: ZionOps/w3af

def get_seeds():
    """
    :return: A couple of random numbers which will be used to make the payloads
             unique. Please note that I'm excluding the zeroes in order to avoid
             some bugs where leading zeroes are truncated.
    """
    return (rand_number(5, exclude_numbers=(0,)), rand_number(5, exclude_numbers=(0,)))

Пример #2

Файл: ssi.py Проект: s0i37/__w3af

def get_seeds():
    """
    :return: A couple of random numbers which will be used to make the payloads
             unique. Please note that I'm excluding the zeroes in order to avoid
             some bugs where leading zeroes are truncated.
    """
    return (rand_number(5, exclude_numbers=(0, )),
            rand_number(5, exclude_numbers=(0, )))

Пример #3

Файл: test_multi_in.py Проект: chenbremer/w3af-1

        def generator(count):
            for _ in xrange(count):
                a = rand_number(5)
                yield a

                a = int(a)
                b = int(rand_number(5))
                yield str(a * b)

Пример #4

    def _get_statements(self, mutant, exclude_numbers=[]):
        """
        Returns a list of statement tuples.
        """
        res = {}
        rnd_num = int(rand_number(2, exclude_numbers))
        rnd_num_plus_one = rnd_num + 1

        num_dict = {'num': rnd_num}

        # Numeric/Datetime
        true_stm = '%(num)s OR %(num)s=%(num)s OR %(num)s=%(num)s ' % num_dict
        false_stm = '%i AND %i=%i ' % (rnd_num, rnd_num, rnd_num_plus_one)
        res['numeric'] = (true_stm, false_stm)

        # Single quotes
        true_stm = "%(num)s' OR '%(num)s'='%(num)s' OR '%(num)s'='%(num)s" % num_dict
        false_stm = "%i' AND '%i'='%i" % (rnd_num, rnd_num, rnd_num_plus_one)
        res['string_single'] = (true_stm, false_stm)

        # Double quotes
        true_stm = '%(num)s" OR "%(num)s"="%(num)s" OR "%(num)s"="%(num)s' % num_dict
        false_stm = '%i" AND "%i"="%i' % (rnd_num, rnd_num, rnd_num_plus_one)
        res['string_double'] = (true_stm, false_stm)

        return res

Пример #5

Файл: blind_sqli_response_diff.py Проект: knucker/w3af

    def _get_statements(self, mutant, exclude_numbers=[]):
        """
        Returns a list of statement tuples.
        """
        res = {}
        rnd_num = int(rand_number(2, exclude_numbers))
        rnd_num_plus_one = rnd_num + 1

        num_dict = {'num': rnd_num}

        # Numeric/Datetime
        true_stm = '%(num)s OR %(num)s=%(num)s OR %(num)s=%(num)s ' % num_dict
        false_stm = '%i AND %i=%i ' % (rnd_num, rnd_num, rnd_num_plus_one)
        res[self.NUMERIC] = (true_stm, false_stm)

        # Single quotes
        true_stm = "%(num)s' OR '%(num)s'='%(num)s' OR '%(num)s'='%(num)s" % num_dict
        false_stm = "%i' AND '%i'='%i" % (rnd_num, rnd_num, rnd_num_plus_one)
        res[self.STRING_SINGLE] = (true_stm, false_stm)

        # Double quotes
        true_stm = '%(num)s" OR "%(num)s"="%(num)s" OR "%(num)s"="%(num)s' % num_dict
        false_stm = '%i" AND "%i"="%i' % (rnd_num, rnd_num, rnd_num_plus_one)
        res[self.STRING_DOUBLE] = (true_stm, false_stm)

        return res

Пример #6

Файл: blind_sqli_response_diff.py Проект: chenbremer/w3af-1

    def _get_statements(self, mutant, exclude_numbers=None):
        """
        Returns a list of statement tuples.
        """
        res = {}
        exclude_numbers = exclude_numbers or []

        rnd_num = int(rand_number(2, exclude_numbers))
        rnd_num_plus_one = rnd_num + 1

        num_dict = {'num': rnd_num}

        # Numeric/Datetime
        true_stm = '%(num)s OR %(num)s=%(num)s OR %(num)s=%(num)s ' % num_dict
        false_stm = '%i AND %i=%i ' % (rnd_num, rnd_num, rnd_num_plus_one)
        res[self.NUMERIC] = (true_stm, false_stm)

        # Single quotes
        true_stm = "%(num)s' OR '%(num)s'='%(num)s' OR '%(num)s'='%(num)s" % num_dict
        false_stm = "%i' AND '%i'='%i" % (rnd_num, rnd_num, rnd_num_plus_one)
        res[self.STRING_SINGLE] = (true_stm, false_stm)

        # Double quotes
        true_stm = '%(num)s" OR "%(num)s"="%(num)s" OR "%(num)s"="%(num)s' % num_dict
        false_stm = '%i" AND "%i"="%i' % (rnd_num, rnd_num, rnd_num_plus_one)
        res[self.STRING_DOUBLE] = (true_stm, false_stm)

        return res

Пример #7

Файл: test_fuzzer_utils.py Проект: webvul/webfuzzer

    def test_rand_number(self):
        x = rand_number(length=1)
        self.assertIn(int(x), range(10))

        x = rand_number(length=2)
        self.assertIn(int(x), range(100))

        x = rand_number(length=3)
        self.assertIn(int(x), range(1000))

        x = rand_number(length=5)
        y = rand_number(length=5)
        z = rand_number(length=5)
        w = rand_number(length=5)
        self.assertTrue(x != y != z != w)

Пример #8

    def _get_limit_response(self, mutant):
        """
        We request the limit (something that doesn't exist)
            - If http://localhost/a.php?b=1
                then I should request b=12938795 (random number)
            - If http://localhost/a.php?b=abc
                then I should request b=hnv98yks (random alnum)

        :return: The limit response object
        """
        mutant_copy = mutant.copy()

        is_digit = mutant.get_token_original_value().isdigit()
        value = rand_number(length=8) if is_digit else rand_alnum(length=8)
        mutant_copy.set_token_value(value)
        limit_response = self._uri_opener.send_mutant(mutant_copy)

        return limit_response

Пример #9

Файл: generic.py Проект: foobarmonk/w3af

    def _get_limit_response(self, mutant):
        """
        We request the limit (something that doesn't exist)
            - If http://localhost/a.php?b=1
                then I should request b=12938795 (random number)
            - If http://localhost/a.php?b=abc
                then I should request b=hnv98yks (random alnum)

        :return: The limit response object
        """
        mutant_copy = mutant.copy()

        is_digit = mutant.get_token_original_value().isdigit()
        value = rand_number(length=8) if is_digit else rand_alnum(length=8)
        mutant_copy.set_token_value(value)
        limit_response = self._uri_opener.send_mutant(mutant_copy)

        return limit_response

Пример #10

Файл: generic.py Проект: 3rdDegree/w3af

    def _get_limit_response(self, m):
        """
        We request the limit (something that doesn't exist)
            - If http://localhost/a.php?b=1 ; then I should request b=12938795
                                                                 (random number)
            - If http://localhost/a.php?b=abc ; then I should request b=hnv98yks
                                                                    (random alnum)

        :return: The limit response object
        """
        # Copy the dc, needed to make a good vuln report
        dc = copy.deepcopy(m.get_dc())

        if m.get_original_value().isdigit():
            m.set_mod_value(rand_number(length=8))
        else:
            m.set_mod_value(rand_alnum(length=8))
        limit_response = self._uri_opener.send_mutant(m)

        # restore the dc
        m.set_dc(dc)
        return limit_response

Пример #11

Файл: generic.py Проект: vasubesimple/w3af

    def _get_limit_response(self, m):
        """
        We request the limit (something that doesn't exist)
            - If http://localhost/a.php?b=1
                then I should request b=12938795 (random number)
            - If http://localhost/a.php?b=abc
                then I should request b=hnv98yks (random alnum)

        :return: The limit response object
        """
        # Copy the dc, needed to make a good vuln report
        dc = copy.deepcopy(m.get_dc())

        if m.get_token_original_value().isdigit():
            m.set_token_value(rand_number(length=8))
        else:
            m.set_token_value(rand_alnum(length=8))
        limit_response = self._uri_opener.send_mutant(m)

        # restore the dc
        m.set_dc(dc)
        return limit_response

Пример #12

Файл: blind_sqli_response_diff.py Проект: ZionOps/w3af

    def _get_statements(self, mutant, exclude_numbers=[]):
        """
        Returns a list of statement tuples.
        """
        res = {}
        rnd_num = int(rand_number(2, exclude_numbers))
        rnd_num_plus_one = rnd_num + 1

        # Numeric/Datetime
        true_stm = "%i OR %i=%i " % (rnd_num, rnd_num, rnd_num)
        false_stm = "%i AND %i=%i " % (rnd_num, rnd_num, rnd_num_plus_one)
        res["numeric"] = (true_stm, false_stm)

        # Single quotes
        true_stm = "%i' OR '%i'='%i" % (rnd_num, rnd_num, rnd_num)
        false_stm = "%i' AND '%i'='%i" % (rnd_num, rnd_num, rnd_num_plus_one)
        res["stringsingle"] = (true_stm, false_stm)

        # Double quotes
        true_stm = '%i" OR "%i"="%i' % (rnd_num, rnd_num, rnd_num)
        false_stm = '%i" AND "%i"="%i' % (rnd_num, rnd_num, rnd_num_plus_one)
        res["stringdouble"] = (true_stm, false_stm)

        return res

Пример #13

Файл: sqli.py Проект: batmanWjw/w3af

def replace_randomize(data, length=0, exclude_numbers=[]):
    rand_num = rand_number(length,exclude_numbers)
    return data.replace("RANDOMIZE", rand_num)

Пример #14

Файл: test_multi_in.py Проект: chenbremer/w3af-1

 def generator(count):
     for _ in xrange(count):
         a = rand_number(5)
         yield prefix + a

Пример #15

def replace_randomize(data, length=0, exclude_numbers=[]):
    rand_num = rand_number(length, exclude_numbers)
    return data.replace("RANDOMIZE", rand_num)