本文整理汇总了Python中w3af.core.data.db.history.HistoryItem.request方法的典型用法代码示例。如果您正苦于以下问题:Python HistoryItem.request方法的具体用法?Python HistoryItem.request怎么用?Python HistoryItem.request使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类w3af.core.data.db.history.HistoryItem的用法示例。
在下文中一共展示了HistoryItem.request方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: setUp
# 需要导入模块: from w3af.core.data.db.history import HistoryItem [as 别名]
# 或者: from w3af.core.data.db.history.HistoryItem import request [as 别名]
def setUp(self):
super(TestHTMLRendering, self).setUp()
self.plugin = self.w3afcore.plugins.get_plugin_inst('output',
'html_file')
HistoryItem().init()
url = URL('http://w3af.com/a/b/c.php')
request = HTTPRequest(url, data='a=1')
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', hdr, url, url)
h1 = HistoryItem()
h1.request = request
res.set_id(1)
h1.response = res
h1.save()
url = URL('http://w3af.com/foo.py')
request = HTTPRequest(url, data='text=xss')
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>empty</html>', hdr, url, url)
h1 = HistoryItem()
h1.request = request
res.set_id(4)
h1.response = res
h1.save()示例2: test_clear
# 需要导入模块: from w3af.core.data.db.history import HistoryItem [as 别名]
# 或者: from w3af.core.data.db.history.HistoryItem import request [as 别名]
def test_clear(self):
url = URL('http://w3af.com/a/b/c.php')
request = HTTPRequest(url, data='a=1')
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', hdr, url, url)
h1 = HistoryItem()
h1.request = request
res.set_id(1)
h1.response = res
h1.save()
table_name = h1.get_table_name()
db = get_default_temp_db_instance()
self.assertTrue(db.table_exists(table_name))
clear_result = h1.clear()
self.assertTrue(clear_result)
self.assertFalse(os.path.exists(h1._session_dir),
'%s exists.' % h1._session_dir)
# Changed the meaning of clear a little bit... now it simply removes
# all rows from the table, not the table itself
self.assertTrue(db.table_exists(table_name)) 示例3: test_find
# 需要导入模块: from w3af.core.data.db.history import HistoryItem [as 别名]
# 或者: from w3af.core.data.db.history.HistoryItem import request [as 别名]
def test_find(self):
find_id = random.randint(1, 499)
url = URL('http://w3af.org/a/b/foobar.php?foo=123')
tag_value = rand_alnum(10)
for i in xrange(0, 500):
request = HTTPRequest(url, data='a=1')
code = 200
if i == find_id:
code = 302
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(code, '<html>', hdr, url, url)
h1 = HistoryItem()
h1.request = request
res.set_id(i)
h1.response = res
if i == find_id:
h1.toggle_mark()
h1.update_tag(tag_value)
h1.save()
h2 = HistoryItem()
self.assertEqual(
len(h2.find([('tag', "%" + tag_value + "%", 'like')])), 1)
self.assertEqual(len(h2.find([('code', 302, '=')])), 1)
self.assertEqual(len(h2.find([('mark', 1, '=')])), 1)
self.assertEqual(len(h2.find([('has_qs', 1, '=')])), 500)
self.assertEqual(
len(h2.find([('has_qs', 1, '=')], result_limit=10)), 10)
results = h2.find(
[('has_qs', 1, '=')], result_limit=1, orderData=[('id', 'desc')])
self.assertEqual(results[0].id, 499)
search_data = []
search_data.append(('id', find_id + 1, "<"))
search_data.append(('id', find_id - 1, ">"))
self.assertEqual(len(h2.find(search_data)), 1)示例4: test_render_attr_with_special_chars
# 需要导入模块: from w3af.core.data.db.history import HistoryItem [as 别名]
# 或者: from w3af.core.data.db.history.HistoryItem import request [as 别名]
def test_render_attr_with_special_chars(self):
_id = 2
name = 'A long description with special characters: <&">'
vuln = MockVuln(_id=_id)
vuln.set_name(name)
url = URL('http://w3af.com/a/b/c.php')
hdr = Headers([('User-Agent', 'w3af')])
request = HTTPRequest(url, data='a=1')
request.set_headers(hdr)
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', hdr, url, url)
h1 = HistoryItem()
h1.request = request
res.set_id(_id)
h1.response = res
h1.save()
x = xml_file()
finding = Finding(x._get_jinja2_env(), vuln)
xml = finding.to_string()
self.assertNotIn(name, xml)
self.assertIn('A long description with special characters: <&">', xml)
self.assertValidXML(xml)示例5: test_render_with_unicode_control_chars
# 需要导入模块: from w3af.core.data.db.history import HistoryItem [as 别名]
# 或者: from w3af.core.data.db.history.HistoryItem import request [as 别名]
def test_render_with_unicode_control_chars(self):
_id = 2
desc = ('This is a long description that contains some special'
' unicode control characters such as \f and \x09')
vuln = MockVuln(_id=_id)
vuln.set_desc(desc)
url = URL('http://w3af.com/a/b/c.php')
hdr = Headers([('User-Agent', 'w3af')])
request = HTTPRequest(url, data='a=1')
request.set_headers(hdr)
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', hdr, url, url)
h1 = HistoryItem()
h1.request = request
res.set_id(_id)
h1.response = res
h1.save()
x = xml_file()
finding = Finding(x._get_jinja2_env(), vuln)
xml = finding.to_string()
self.assertNotIn('unicode control characters such as \f and \x09', xml)
self.assertIn('unicode control characters such as <character code="000c"/> and <character code="0009"/>', xml)
self.assertValidXML(xml)示例6: test_render_with_special_chars
# 需要导入模块: from w3af.core.data.db.history import HistoryItem [as 别名]
# 或者: from w3af.core.data.db.history.HistoryItem import request [as 别名]
def test_render_with_special_chars(self):
_id = 2
desc = ('This is a long description that contains some special'
' characters such as <, & and > which MUST be encoded'
' by jinja2.')
vuln = MockVuln(_id=_id)
vuln.set_desc(desc)
url = URL('http://w3af.com/a/b/c.php')
hdr = Headers([('User-Agent', 'w3af')])
request = HTTPRequest(url, data='a=1')
request.set_headers(hdr)
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', hdr, url, url)
h1 = HistoryItem()
h1.request = request
res.set_id(_id)
h1.response = res
h1.save()
x = xml_file()
finding = Finding(x._get_jinja2_env(), vuln)
xml = finding.to_string()
self.assertNotIn('such as <, & and > which MUST', xml)
self.assertIn('such as <, & and > which MUST', xml)
self.assertValidXML(xml)示例7: test_cache
# 需要导入模块: from w3af.core.data.db.history import HistoryItem [as 别名]
# 或者: from w3af.core.data.db.history.HistoryItem import request [as 别名]
def test_cache(self):
url = URL('http://w3af.com/a/b/c.php')
hdr = Headers([('User-Agent', 'w3af')])
request = HTTPRequest(url, data='a=1')
request.set_headers(hdr)
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', hdr, url, url)
_id = 2
h1 = HistoryItem()
h1.request = request
res.set_id(_id)
h1.response = res
h1.save()
x = xml_file()
http_transaction = HTTPTransaction(x._get_jinja2_env(), _id)
self.assertIsNone(http_transaction.get_node_from_cache())
# Writes to cache
xml = http_transaction.to_string()
expected = (u'<http-transaction id="2">\n\n'
u' <http-request>\n'
u' <status>POST http://w3af.com/a/b/c.php HTTP/1.1</status>\n'
u' <headers>\n'
u' <header field="User-agent" content="w3af" />\n'
u' </headers>\n'
u' <body content-encoding="base64">YT0x\n</body>\n'
u' </http-request>\n\n'
u' <http-response>\n'
u' <status>HTTP/1.1 200 OK</status>\n'
u' <headers>\n'
u' <header field="Content-Type" content="text/html" />\n'
u' </headers>\n'
u' <body content-encoding="base64">PGh0bWw+\n</body>\n'
u' </http-response>\n\n</http-transaction>')
self.assertEqual(expected, xml)
# Yup, we're cached
self.assertIsNotNone(http_transaction.get_node_from_cache())
# Make sure they are all the same
cached_xml = http_transaction.get_node_from_cache()
self.assertEqual(cached_xml, expected)
xml = http_transaction.to_string()
self.assertEqual(expected, xml)示例8: test_clear_clear
# 需要导入模块: from w3af.core.data.db.history import HistoryItem [as 别名]
# 或者: from w3af.core.data.db.history.HistoryItem import request [as 别名]
def test_clear_clear(self):
url = URL('http://w3af.com/a/b/c.php')
request = HTTPRequest(url, data='a=1')
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', hdr, url, url)
h1 = HistoryItem()
h1.request = request
res.set_id(1)
h1.response = res
h1.save()
h1.clear()
h1.clear()示例9: test_save_load
# 需要导入模块: from w3af.core.data.db.history import HistoryItem [as 别名]
# 或者: from w3af.core.data.db.history.HistoryItem import request [as 别名]
def test_save_load(self):
i = random.randint(1, 499)
url = URL('http://w3af.com/a/b/c.php')
request = HTTPRequest(url, data='a=1')
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', hdr, url, url)
h1 = HistoryItem()
h1.request = request
res.set_id(i)
h1.response = res
h1.save()
h2 = HistoryItem()
h2.load(i)
self.assertEqual(h1.request, h2.request)
self.assertEqual(h1.response.body, h2.response.body)示例10: test_render_simple
# 需要导入模块: from w3af.core.data.db.history import HistoryItem [as 别名]
# 或者: from w3af.core.data.db.history.HistoryItem import request [as 别名]
def test_render_simple(self):
_id = 2
vuln = MockVuln(_id=_id)
url = URL('http://w3af.com/a/b/c.php')
hdr = Headers([('User-Agent', 'w3af')])
request = HTTPRequest(url, data='a=1')
request.set_headers(hdr)
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', hdr, url, url)
h1 = HistoryItem()
h1.request = request
res.set_id(_id)
h1.response = res
h1.save()
x = xml_file()
finding = Finding(x._get_jinja2_env(), vuln)
xml = finding.to_string()
expected = (u'<vulnerability id="[2]" method="GET" name="TestCase" plugin="plugin_name" severity="High" url="None" var="None">\n'
u' <description>Foo bar spam eggsFoo bar spam eggsFoo bar spam eggsFoo bar spam eggsFoo bar spam eggsFoo bar spam eggsFoo bar spam eggsFoo bar spam eggsFoo bar spam eggsFoo bar spam eggs</description>\n\n\n'
u' <http-transactions>\n'
u' <http-transaction id="2">\n\n'
u' <http-request>\n'
u' <status>POST http://w3af.com/a/b/c.php HTTP/1.1</status>\n'
u' <headers>\n'
u' <header field="User-agent" content="w3af" />\n'
u' </headers>\n'
u' <body content-encoding="base64">YT0x\n</body>\n'
u' </http-request>\n\n'
u' <http-response>\n'
u' <status>HTTP/1.1 200 OK</status>\n'
u' <headers>\n'
u' <header field="Content-Type" content="text/html" />\n'
u' </headers>\n'
u' <body content-encoding="base64">PGh0bWw+\n</body>\n'
u' </http-response>\n\n'
u'</http-transaction>\n'
u' </http-transactions>\n'
u'</vulnerability>')
self.assertEqual(xml, expected)
self.assertValidXML(xml)示例11: test_no_duplicate_vuln_reports
# 需要导入模块: from w3af.core.data.db.history import HistoryItem [as 别名]
# 或者: from w3af.core.data.db.history.HistoryItem import request [as 别名]
def test_no_duplicate_vuln_reports(self):
# The xml_file plugin had a bug where vulnerabilities were written to
# disk multiple times, this test makes sure I fixed that vulnerability
# Write the HTTP request / response to the DB
url = URL('http://w3af.com/a/b/c.php')
hdr = Headers([('User-Agent', 'w3af')])
request = HTTPRequest(url, data='a=1')
request.set_headers(hdr)
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>syntax error near', hdr, url, url)
_id = 1
h1 = HistoryItem()
h1.request = request
res.set_id(_id)
h1.response = res
h1.save()
# Create one vulnerability in the KB pointing to the request-
# response we just created
desc = 'Just a test for the XML file output plugin.'
v = Vuln('SQL injection', desc, severity.HIGH, _id, 'sqli')
kb.kb.append('sqli', 'sqli', v)
self.assertEqual(len(kb.kb.get_all_vulns()), 1)
# Setup the plugin
plugin_instance = xml_file()
# Set the output file for the unittest
ol = OptionList()
d = 'Output file name where to write the XML data'
o = opt_factory('output_file', self.FILENAME, d, OUTPUT_FILE)
ol.add(o)
# Then we flush() twice to disk, this reproduced the issue
plugin_instance.set_options(ol)
plugin_instance.flush()
plugin_instance.flush()
plugin_instance.flush()
# Now we parse the vulnerabilities from disk and confirm only one
# is there
file_vulns = get_vulns_from_xml(self.FILENAME)
self.assertEqual(len(file_vulns), 1, file_vulns)示例12: test_save_load_unicode_decode_error
# 需要导入模块: from w3af.core.data.db.history import HistoryItem [as 别名]
# 或者: from w3af.core.data.db.history.HistoryItem import request [as 别名]
def test_save_load_unicode_decode_error(self):
url = URL('http://w3af.com/a/b/é.php?x=á')
request = HTTPRequest(url, data='a=1')
headers = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', headers, url, url)
res.set_id(1)
h1 = HistoryItem()
h1.request = request
h1.response = res
h1.save()
h2 = HistoryItem()
h2.load(1)
self.assertEqual(h1.request, h2.request)
self.assertEqual(h1.response.body, h2.response.body)
self.assertEqual(h1.request.url_object, h2.request.url_object)示例13: test_tag
# 需要导入模块: from w3af.core.data.db.history import HistoryItem [as 别名]
# 或者: from w3af.core.data.db.history.HistoryItem import request [as 别名]
def test_tag(self):
tag_id = random.randint(501, 999)
tag_value = rand_alnum(10)
url = URL('http://w3af.org/a/b/c.php')
for i in xrange(501, 1000):
request = HTTPRequest(url, data='a=1')
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', hdr, url, url)
h1 = HistoryItem()
h1.request = request
res.set_id(i)
h1.response = res
if i == tag_id:
h1.update_tag(tag_value)
h1.save()
h2 = HistoryItem()
h2.load(tag_id)
self.assertEqual(h2.tag, tag_value)示例14: store_in_cache
# 需要导入模块: from w3af.core.data.db.history import HistoryItem [as 别名]
# 或者: from w3af.core.data.db.history.HistoryItem import request [as 别名]
def store_in_cache(request, response):
# Create the http response object
resp = HTTPResponse.from_httplib_resp(response,
original_url=request.url_object)
resp.set_id(response.id)
resp.set_alias(gen_hash(request))
hi = HistoryItem()
hi.request = request
hi.response = resp
# Now save them
try:
hi.save()
except sqlite3.Error, e:
msg = 'A sqlite3 error was raised: "%s".' % e
if 'disk' in str(e).lower():
msg += ' Please check if your disk is full.'
raise ScanMustStopException(msg)示例15: test_delete
# 需要导入模块: from w3af.core.data.db.history import HistoryItem [as 别名]
# 或者: from w3af.core.data.db.history.HistoryItem import request [as 别名]
def test_delete(self):
i = random.randint(1, 499)
url = URL('http://w3af.com/a/b/c.php')
request = HTTPRequest(url, data='a=1')
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', hdr, url, url)
res.set_id(i)
h1 = HistoryItem()
h1.request = request
h1.response = res
h1.save()
fname = h1._get_fname_for_id(i)
self.assertTrue(os.path.exists(fname))
h1.delete(i)
self.assertRaises(DBException, h1.read, i)
self.assertFalse(os.path.exists(fname))