def _feed_json_data(self, match):
start, end = match.regs[0]
for payload in self.payloads:
_start, _end = self._get_testing_json_param_pos(
match, len(payload))
modified_value = match.string[start:end] + payload
modified_data = match.string[:
start] + modified_value + match.string[
end:]
test_info = modified_data[_start:_end].replace(
self.injection_mark, '')
modified_raw_request = '\r\n'.join([self.marked_request.query_string] + self.marked_request.headers_list) \
+ '\r\n\r\n' + modified_data
modified_raw_request = modified_raw_request.replace(
self.injection_mark, '')
kwargs = {
'testing_param':
test_info.split(':')[0],
'test_info':
modified_data[_start:_end].replace(self.injection_mark, ''),
'payload':
payload
}
self.modified_requests.append(
RequestObject(modified_raw_request, **kwargs))
def _feed_plain_data(self, match):
start, end = match.regs[2]
param_name = match.string[match.regs[1][0]:match.regs[1][1]]
for payload in self.payloads:
modified_value = (match.string[start:end] + payload).replace(
self.injection_mark, '')
modified_data = match.string[:
start] + modified_value + match.string[
end:]
modified_raw_request = self.marked_request.query_string + '\r\n' + '\r\n'.join(
self.marked_request.headers_list) \
+ '\r\n\r\n' + modified_data
modified_raw_request = modified_raw_request.replace(
self.injection_mark, '')
kwargs = {
'testing_param':
param_name,
'test_info':
param_name + '=' +
modified_value.replace(self.injection_mark, ''),
'payload':
payload
}
self.modified_requests.append(
RequestObject(modified_raw_request, **kwargs))
def get_initial_request(self):
""" Возвращает инициализирующий запрос
:return: Инициализирующий запрос RequestObject
"""
with codecs.open(self.properties['Main']['file'], 'r', encoding='utf8') as f:
initial_request = f.read()
return RequestObject(initial_request)
def get_standard_response(self):
""" Возвращает стандартный ответ на стандартный заспрос из initial_request
С помощью объекта Requester выполяет стандартный запрос и помещает ответ в объект ResponseObject. Помимо прочего
инициализирует переменнуж self.time_delta. Является необходимой частью работы анализера.
:return: Объект ResponseObject
"""
print('[!] Получение стандартного ответа')
# Предварительная отчистка запроса от маркеров
init_request = RequestObject(self.initial_request.raw_request.replace(self.properties['Program']['injection_mark'], ''))
requester = Requester(response_queue=self.response_queue, properties=self.properties)
standard_response = requester.get_standard_response(init_request)
self.time_delta = (standard_response.request_time, standard_response.request_time)
return standard_response
def __init__(self, marked_request, payloads, config):
""" Конструктор
:param marked_request: строка с промаркированным запросом
:param payloads: список пейлоадов
:param config: конфигурационный файл
"""
self.QUERY_STRING = 1
self.HEADERS = 2
self.DATA = 4
self.marked_request = RequestObject(marked_request)
self.payloads = payloads
self.config = config
self.injection_mark = self.config['Program']['injection_mark']
self.modified_requests = []
def _modify_headers(self):
marked_values_regexp = '{mark}.+?{mark}'.format(
mark=self.injection_mark)
for ind, header in enumerate(self.marked_request.headers_list):
marked_values = list(re.finditer(marked_values_regexp, header))
if marked_values:
for match in marked_values:
start, end = match.regs[0]
for payload in self.payloads:
modified_value = (match.string[start:end] +
payload).replace(
self.injection_mark, '')
testing_param = modified_value.split(
'=')[0] if '=' in modified_value else ''
modified_header = header[:
start] + modified_value + header[
end:]
modified_headers = self.marked_request.headers_list[:ind] + [modified_header] \
+ self.marked_request.headers_list[ind + 1:]
modified_raw_request = '\r\n'.join([self.marked_request.query_string] + modified_headers) \
+ '\r\n\r\n' + self.marked_request.data
modified_raw_request = modified_raw_request.replace(
self.injection_mark, '')
kwargs = {
'testing_param':
testing_param,
'test_info':
'{}: {}'.format(
header.split(': ')[0], modified_value),
'payload':
payload
}
self.modified_requests.append(
RequestObject(modified_raw_request, **kwargs))
def _feed_query_string(self, match):
# Если строка запроса формата /path/to/file?param1=value1
is_rest = False
if match.regs[2] != (-1, -1):
start, end = match.regs[2]
param_name = match.string[match.regs[1][0]:match.regs[1][1]]
# иначе REST
else:
is_rest = True
start, end = match.regs[4]
param_name = 'Query string'
for payload in self.payloads:
modified_value = (match.string[start:end] + payload).replace(
self.injection_mark, '')
modified_query_string = match.string[:
start] + modified_value + match.string[
end:]
modified_raw_request = '\r\n'.join([modified_query_string] + self.marked_request.headers_list) \
+ '\r\n\r\n' + self.marked_request.data
modified_raw_request = modified_raw_request.replace(
self.injection_mark, '')
kwargs = {
'testing_param':
param_name,
'test_info':
param_name + '=' +
modified_value if not is_rest else param_name + ': ' +
modified_value,
'payload':
payload
}
self.modified_requests.append(
RequestObject(modified_raw_request, **kwargs))