Python random_token示例

示例#1

文件： test_breach.py 项目： garet12/webvulnscan

def _breach_vulnerable():
    token = tutil.random_token(16)
    return {
        '/': _gzip_test_controller(u'''
<html>
<body>
<form action="./post" method="post">
  <input name="text" type="text" />
  <input name="token" type="hidden" value="%s" />
</form>
</body>
</html>
''' % token),
        '/post': tutil.TokenController(token)
    }

示例#2

文件： test_breach.py 项目： cyberintruder/webvulnscan

    def test_breach_vulnerable_with_deflate():
        token = tutil.random_token(16)
        html = (
            u"""
<html>
<body>
<form action="./post" method="post">
  <input name="text" type="text" />
  <input name="token" type="hidden" value="%s" />
</form>
</body>
</html>
"""
            % token
        )
        return {"/": _deflate_test_controller(html), "/post": tutil.TokenController(token)}

示例#3

文件： test_breach.py 项目： garet12/webvulnscan

    def test_breach_vulnerable_urltoken():
        token = tutil.random_token(16)
        html = u'''
<html>
<body>
<form action="./post?token=%s" method="post">
  <input name="text" type="text" />
</form>
</body>
</html>
''' % token
        client = tutil.TestClient({
            '/': _gzip_test_controller(html),
            '/post': tutil.TokenController(token, method='get')
        })
        client.log.assert_count(1)

示例#4

文件： test_breach.py 项目： Heinibal/webvulnscan

    def test_breach_vulnerable_urltoken(self):
        token = tutil.random_token(16)
        html = u'''
<html>
<body>
<form action="/post?token=%s" method="post">
  <input name="text" type="text" />
</form>
</body>
</html>
''' % token
        client = tutil.TestClient({
            '/': _gzip_test_controller(html),
            '/post': tutil.TokenController(token, method='get')
        })
        client.run_attack(webvulnscan.attacks.breach)
        client.log.assert_count(1)

示例#5

文件： test_breach.py 项目： cyberintruder/webvulnscan

    def test_breach_vulnerable_urltoken():
        token = tutil.random_token(16)
        html = (
            u"""
<html>
<body>
<form action="./post?token=%s" method="post">
  <input name="text" type="text" />
</form>
</body>
</html>
"""
            % token
        )
        client = tutil.TestClient(
            {"/": _gzip_test_controller(html), "/post": tutil.TokenController(token, method="get")}
        )
        client.log.assert_count(1)

示例#6

文件： test_breach.py 项目： Heinibal/webvulnscan

    def test_breach_vulnerable_with_deflate(self):
        token = tutil.random_token(16)
        html = u'''
<html>
<body>
<form action="/post" method="post">
  <input name="text" type="text" />
  <input name="token" type="hidden" value="%s" />
</form>
</body>
</html>
''' % token
        client = tutil.TestClient({
            '/': _deflate_test_controller(html),
            '/post': tutil.TokenController(token),
        })
        client.run_attack(webvulnscan.attacks.breach)
        client.log.assert_count(1)

示例#7

def test_csrf_vulnerable_form():
    token = tutil.random_token(8)
    return {
        '/': FORM_HTML % token,
        '/s': csrf_page(lambda req: True)
    }

示例#8

def test_csrf_protected_form():
    token = tutil.random_token(8)
    return {
        '/': FORM_HTML % token,
        '/s': csrf_page(lambda req: get_param(req.url, 'text'))
    }

示例#9

文件： test_csrf.py 项目： JessicaBachmann/webvulnscan

 def test_csrf_vulnerable_post_form(self):
     token = tutil.random_token(8)
     client = tutil.TestClient({"/": FORM_HTML % token, "/s": csrf_page(lambda req: True)})
     client.run_attack(webvulnscan.attacks.csrf)
     client.log.assert_count(1)

示例#10

文件： test_csrf.py 项目： JessicaBachmann/webvulnscan

 def test_csrf_protected_form(self):
     token = tutil.random_token(8)
     client = tutil.TestClient({"/": FORM_HTML % token, "/s": csrf_page(lambda req: get_param(req.url, "text"))})
     client.run_attack(webvulnscan.attacks.csrf)
     client.log.assert_count(0)