def test_no_cookie(self): freq = HTTPQSRequest(self.url) generated_mutants = CookieMutant.create_mutants( freq, self.payloads, [], False, self.fuzzer_config) self.assertEqual(len(generated_mutants), 0, generated_mutants)
def test_no_cookie(self): freq = FuzzableRequest(self.url) generated_mutants = CookieMutant.create_mutants(freq, self.payloads, [], False, self.fuzzer_config) self.assertEqual(len(generated_mutants), 0, generated_mutants)
def test_not_qs_request(self): fuzzer_config = {'fuzz_cookies': True} freq = HTTPPostDataRequest(URL('http://www.w3af.com/foo/bar')) generated_mutants = CookieMutant.create_mutants( freq, self.payloads, [], False, fuzzer_config) self.assertEqual(len(generated_mutants), 0, generated_mutants)
def test_not_qs_request(self): fuzzer_config = {'fuzz_cookies': True} freq = FuzzableRequest(URL('http://www.w3af.com/foo/bar')) generated_mutants = CookieMutant.create_mutants(freq, self.payloads, [], False, fuzzer_config) self.assertEqual(len(generated_mutants), 0, generated_mutants)
def test_config_false(self): fuzzer_config = {'fuzz_cookies': False} freq = FuzzableRequest(URL('http://www.w3af.com/foo/bar')) generated_mutants = CookieMutant.create_mutants( freq, self.payloads, [], False, fuzzer_config) self.assertEqual(len(generated_mutants), 0, generated_mutants)
def test_config_true(self): fuzzer_config = {'fuzz_cookies': True} cookie = Cookie('foo=bar; spam=eggs') freq = HTTPQSRequest(self.url, cookie=cookie) generated_mutants = CookieMutant.create_mutants( freq, self.payloads, [], False, fuzzer_config) self.assertNotEqual(len(generated_mutants), 0, generated_mutants)
def test_config_true(self): fuzzer_config = {'fuzz_cookies': True} cookie = Cookie('foo=bar; spam=eggs') freq = FuzzableRequest(self.url, cookie=cookie) generated_mutants = CookieMutant.create_mutants(freq, self.payloads, [], False, fuzzer_config) self.assertNotEqual(len(generated_mutants), 0, generated_mutants)
def test_should_inject_cookie_value(self): b64data = base64.b64encode( cPickle.dumps({ 'data': 'here', 'cookie': 'A' * 16 })) url = URL('http://moth/') cookie = Cookie('foo=%s' % b64data) freq = FuzzableRequest(url, cookie=cookie) mutant = CookieMutant.create_mutants(freq, self.payloads, [], False, self.fuzzer_config)[0] self.assertTrue(self.plugin._should_inject(mutant, 'python'))
def test_valid_results(self): cookie = Cookie('foo=bar; spam=eggs') freq = HTTPQSRequest(self.url, cookie=cookie) generated_mutants = CookieMutant.create_mutants( freq, self.payloads, [], False, self.fuzzer_config) self.assertEqual(len(generated_mutants), 4, generated_mutants) expected_cookies = [ 'foo=abc; spam=eggs;', 'foo=def; spam=eggs;', 'foo=bar; spam=abc;', 'foo=bar; spam=def;' ] generated_cookies = [str(m.get_cookie()) for m in generated_mutants] self.assertEqual(expected_cookies, generated_cookies) generated_cookies = [str(m.get_dc()) for m in generated_mutants] self.assertEqual(expected_cookies, generated_cookies)
def test_valid_results(self): cookie = Cookie('foo=bar; spam=eggs') freq = FuzzableRequest(self.url, cookie=cookie) generated_mutants = CookieMutant.create_mutants(freq, self.payloads, [], False, self.fuzzer_config) self.assertEqual(len(generated_mutants), 4, generated_mutants) expected_cookies = ['foo=bar; spam=abc', 'foo=def; spam=eggs', 'foo=abc; spam=eggs', 'foo=bar; spam=def'] generated_cookies = [str(m.get_cookie()) for m in generated_mutants] self.assertEqual(set(expected_cookies), set(generated_cookies)) generated_cookies = [str(m.get_dc()) for m in generated_mutants] self.assertEqual(set(expected_cookies), set(generated_cookies))