def create_mutants(freq, mutant_str_list, fuzzable_param_list, append, fuzzer_config): ''' This is a very important method which is called in order to create mutants. Usually called from fuzzer.py module. ''' if not 'fuzz_form_files' in fuzzer_config: return [] if not isinstance(freq, HTTPPostDataRequest): return [] file_vars = freq.get_file_vars() if not file_vars: return [] fake_file_objs = [] ext = fuzzer_config['fuzzed_files_extension'] for mutant_str in mutant_str_list: if isinstance(mutant_str, basestring): # I have to create the NamedStringIO with a "name". # This is needed for MultipartPostHandler fname = "%s.%s" % (rand_alpha(7), ext) str_file = NamedStringIO(mutant_str, name=fname) fake_file_objs.append(str_file) res = Mutant._create_mutants_worker(freq, FileContentMutant, fake_file_objs, file_vars, append, fuzzer_config) return res
def create_mutants(freq, mutant_str_list, fuzzable_param_list, append, fuzzer_config): ''' This is a very important method which is called in order to create mutants. Usually called from fuzzer.py module. ''' if not isinstance(freq, HTTPQSRequest): return [] return Mutant._create_mutants_worker(freq, QSMutant, mutant_str_list, fuzzable_param_list, append, fuzzer_config)
def create_mutants(freq, mutant_str_list, fuzzable_param_list, append, fuzzer_config, data_container=None): ''' This is a very important method which is called in order to create mutants. Usually called from fuzzer.py module. ''' if not isinstance(freq, HTTPQSRequest): return [] if not fuzzer_config['fuzz_cookies']: return [] orig_cookie = freq.get_cookie() return Mutant._create_mutants_worker( freq, CookieMutant, mutant_str_list, fuzzable_param_list, append, fuzzer_config, data_container=orig_cookie)
def create_mutants(freq, mutant_str_list, fuzzable_param_list, append, fuzzer_config, data_container=None): ''' This is a very important method which is called in order to create mutants. Usually called from fuzzer.py module. ''' if not fuzzer_config['fuzzable_headers']: return [] # Generate a list with the headers we'll fuzz fuzzable_param_list = fuzzable_param_list + fuzzer_config[ 'fuzzable_headers'] # Generate a dummy object that we'll use for fixing the "impedance mismtach" # between the Headers() object that doesn't have the same form as a # generic DataContainer. Headers look like: # {'a':'b'} # While data containers look like # {'a': ['b',]} # # Note that I'm undoing this in the set_dc method above. # (search for __HERE__) # orig_headers = freq.get_headers() headers_copy = orig_headers.copy() for header_name in fuzzer_config['fuzzable_headers']: headers_copy[header_name] = '' cloned_headers = headers_copy.clone_with_list_values() return Mutant._create_mutants_worker(freq, HeadersMutant, mutant_str_list, fuzzable_param_list, append, fuzzer_config, data_container=cloned_headers)
def create_mutants(freq, mutant_str_list, fuzzable_param_list, append, fuzzer_config, data_container=None): """ This is a very important method which is called in order to create mutants. Usually called from fuzzer.py module. """ if not fuzzer_config["fuzzable_headers"]: return [] # Generate a list with the headers we'll fuzz fuzzable_param_list = fuzzable_param_list + fuzzer_config["fuzzable_headers"] # Generate a dummy object that we'll use for fixing the "impedance mismtach" # between the Headers() object that doesn't have the same form as a # generic DataContainer. Headers look like: # {'a':'b'} # While data containers look like # {'a': ['b',]} # # Note that I'm undoing this in the set_dc method above. # (search for __HERE__) # orig_headers = freq.get_headers() headers_copy = orig_headers.copy() for header_name in fuzzer_config["fuzzable_headers"]: headers_copy[header_name] = "" cloned_headers = headers_copy.clone_with_list_values() return Mutant._create_mutants_worker( freq, HeadersMutant, mutant_str_list, fuzzable_param_list, append, fuzzer_config, data_container=cloned_headers, )