class import_results(CrawlPlugin): """ Import HTTP requests found by output.export_requests and Burp :author: Andres Riancho ([email protected]) """ def __init__(self): super(import_results, self).__init__() # User configured parameters self._input_base64 = '' self._input_burp = '' @runonce(exc_class=RunOnce) def crawl(self, fuzzable_request): """ Read the input file, and create the fuzzable_request_list based on that information. :param fuzzable_request: A fuzzable_request instance that contains (among other things) the URL to test. In this case it is simply ignored and data is read from the input files. """ self._load_data_from_base64() self._load_data_from_burp() def _load_data_from_base64(self): """ Load data from the base64 file """ if not self._input_base64: return if not os.path.isfile(self._input_base64): return try: file_handler = file(self._input_base64, 'rb') except BaseFrameworkException, e: msg = 'An error was found while trying to read "%s": "%s".' om.out.error(msg % (self._input_base64, e)) return for line in file_handler: line = line.strip() # Support empty lines if not line: continue # Support comments if line.startswith('#'): continue try: fuzzable_request = FuzzableRequest.from_base64(line) except ValueError: om.out.debug('Invalid import_results input: "%r"' % line) else: self.output_queue.put(fuzzable_request)
def _load_data_from_base64(self): """ Load data from the base64 file """ if not self._input_base64: return if not os.path.isfile(self._input_base64): return try: file_handler = file(self._input_base64, 'rb') except BaseFrameworkException as e: msg = 'An error was found while trying to read "%s": "%s".' om.out.error(msg % (self._input_base64, e)) return for line in file_handler: line = line.strip() # Support empty lines if not line: continue # Support comments if line.startswith('#'): continue try: fuzzable_request = FuzzableRequest.from_base64(line) except ValueError: om.out.debug('Invalid import_results input: "%r"' % line) else: self.output_queue.put(fuzzable_request)
def test_export_import_with_post_data(self): dc = KeyValueContainer(init_val=[('a', ['1'])]) fr = FuzzableRequest(URL('http://www.w3af.com/'), post_data=dc) imported_fr = FuzzableRequest.from_base64(fr.to_base64()) self.assertEqual(imported_fr, fr)
def test_export_import_without_post_data(self): fr = FuzzableRequest(URL('http://www.w3af.com/')) imported_fr = FuzzableRequest.from_base64(fr.to_base64()) self.assertEqual(imported_fr, fr)
def _get_fuzzable_requests_from_file(self): # Get the contents of the output file for line in file('output-fr.b64'): yield FuzzableRequest.from_base64(line)