class import_results(CrawlPlugin):
"""
Import HTTP requests found by output.export_requests and Burp
:author: Andres Riancho ([email protected])
"""
def __init__(self):
super(import_results, self).__init__()
# User configured parameters
self._input_base64 = ''
self._input_burp = ''
@runonce(exc_class=RunOnce)
def crawl(self, fuzzable_request):
"""
Read the input file, and create the fuzzable_request_list based on that
information.
:param fuzzable_request: A fuzzable_request instance that contains
(among other things) the URL to test.
In this case it is simply ignored and data
is read from the input files.
"""
self._load_data_from_base64()
self._load_data_from_burp()
def _load_data_from_base64(self):
"""
Load data from the base64 file
"""
if not self._input_base64:
return
if not os.path.isfile(self._input_base64):
return
try:
file_handler = file(self._input_base64, 'rb')
except BaseFrameworkException, e:
msg = 'An error was found while trying to read "%s": "%s".'
om.out.error(msg % (self._input_base64, e))
return
for line in file_handler:
line = line.strip()
# Support empty lines
if not line:
continue
# Support comments
if line.startswith('#'):
continue
try:
fuzzable_request = FuzzableRequest.from_base64(line)
except ValueError:
om.out.debug('Invalid import_results input: "%r"' % line)
else:
self.output_queue.put(fuzzable_request)
def _load_data_from_base64(self):
"""
Load data from the base64 file
"""
if not self._input_base64:
return
if not os.path.isfile(self._input_base64):
return
try:
file_handler = file(self._input_base64, 'rb')
except BaseFrameworkException as e:
msg = 'An error was found while trying to read "%s": "%s".'
om.out.error(msg % (self._input_base64, e))
return
for line in file_handler:
line = line.strip()
# Support empty lines
if not line:
continue
# Support comments
if line.startswith('#'):
continue
try:
fuzzable_request = FuzzableRequest.from_base64(line)
except ValueError:
om.out.debug('Invalid import_results input: "%r"' % line)
else:
self.output_queue.put(fuzzable_request)
def test_export_import_with_post_data(self):
dc = KeyValueContainer(init_val=[('a', ['1'])])
fr = FuzzableRequest(URL('http://www.w3af.com/'), post_data=dc)
imported_fr = FuzzableRequest.from_base64(fr.to_base64())
self.assertEqual(imported_fr, fr)
def test_export_import_without_post_data(self):
fr = FuzzableRequest(URL('http://www.w3af.com/'))
imported_fr = FuzzableRequest.from_base64(fr.to_base64())
self.assertEqual(imported_fr, fr)
def _get_fuzzable_requests_from_file(self):
# Get the contents of the output file
for line in file('output-fr.b64'):
yield FuzzableRequest.from_base64(line)
def _get_fuzzable_requests_from_file(self):
# Get the contents of the output file
for line in file('output-fr.b64'):
yield FuzzableRequest.from_base64(line)
def test_export_import_with_post_data(self):
dc = KeyValueContainer(init_val=[('a', ['1'])])
fr = FuzzableRequest(URL('http://www.w3af.com/'), post_data=dc)
imported_fr = FuzzableRequest.from_base64(fr.to_base64())
self.assertEqual(imported_fr, fr)
def test_export_import_without_post_data(self):
fr = FuzzableRequest(URL('http://www.w3af.com/'))
imported_fr = FuzzableRequest.from_base64(fr.to_base64())
self.assertEqual(imported_fr, fr)
