本文整理汇总了Python中w3af.core.data.fuzzer.mutants.querystring_mutant.QSMutant.create_mutants方法的典型用法代码示例。如果您正苦于以下问题:Python QSMutant.create_mutants方法的具体用法?Python QSMutant.create_mutants怎么用?Python QSMutant.create_mutants使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类w3af.core.data.fuzzer.mutants.querystring_mutant.QSMutant
的用法示例。
在下文中一共展示了QSMutant.create_mutants方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_kb_list_shells_rfi_port_scan_2181
# 需要导入模块: from w3af.core.data.fuzzer.mutants.querystring_mutant import QSMutant [as 别名]
# 或者: from w3af.core.data.fuzzer.mutants.querystring_mutant.QSMutant import create_mutants [as 别名]
def test_kb_list_shells_rfi_port_scan_2181(self):
"""
:see: https://github.com/andresriancho/w3af/issues/2181
"""
w3af_core = w3afCore()
vuln = MockVuln()
url = URL('http://moth/?a=1')
freq = FuzzableRequest(url)
exploit_mutant = QSMutant.create_mutants(freq, [''], [], False, {})[0]
shell = PortScanShell(vuln, w3af_core.uri_opener, w3af_core.worker_pool,
exploit_mutant)
kb.append('a', 'b', shell)
shells = kb.get_all_shells(w3af_core=w3af_core)
self.assertEqual(len(shells), 1)
unpickled_shell = shells[0]
self.assertEqual(shell, unpickled_shell)
self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
self.assertEqual(unpickled_shell._exploit_mutant, exploit_mutant)
w3af_core.quit()
示例2: test_mutant_creation_repeated_parameter_names
# 需要导入模块: from w3af.core.data.fuzzer.mutants.querystring_mutant import QSMutant [as 别名]
# 或者: from w3af.core.data.fuzzer.mutants.querystring_mutant.QSMutant import create_mutants [as 别名]
def test_mutant_creation_repeated_parameter_names(self):
self.url = URL('http://moth/?id=1&id=2')
freq = HTTPQSRequest(self.url)
created_mutants = QSMutant.create_mutants(freq, self.payloads, [],
False, self.fuzzer_config)
expected_dc_lst = [DataContainer([('id', ['abc', '2'])]),
DataContainer([('id', ['def', '2'])]),
DataContainer([('id', ['1', 'abc'])]),
DataContainer([('id', ['1', 'def'])])]
created_dc_lst = [i.get_dc() for i in created_mutants]
self.assertEqual(created_dc_lst, expected_dc_lst)
self.assertEqual(created_mutants[0].get_var(), 'id')
self.assertEqual(created_mutants[0].get_var_index(), 0)
self.assertEqual(created_mutants[0].get_original_value(), '1')
self.assertEqual(created_mutants[2].get_var(), 'id')
self.assertEqual(created_mutants[2].get_var_index(), 1)
self.assertEqual(created_mutants[2].get_original_value(), '2')
self.assertTrue(all(isinstance(m, QSMutant) for m in created_mutants))
示例3: test_mutant_creation_repeated_parameter_names
# 需要导入模块: from w3af.core.data.fuzzer.mutants.querystring_mutant import QSMutant [as 别名]
# 或者: from w3af.core.data.fuzzer.mutants.querystring_mutant.QSMutant import create_mutants [as 别名]
def test_mutant_creation_repeated_parameter_names(self):
self.url = URL('http://moth/?id=1&id=2')
freq = FuzzableRequest(self.url)
created_mutants = QSMutant.create_mutants(freq, self.payloads, [],
False, self.fuzzer_config)
expected_dcs = ['id=abc&id=2', 'id=1&id=abc',
'id=def&id=2', 'id=1&id=def']
created_dcs = [str(i.get_dc()) for i in created_mutants]
self.assertEquals(expected_dcs, created_dcs)
token_0 = created_mutants[0].get_token()
self.assertIsInstance(token_0, DataToken)
self.assertEqual(token_0.get_name(), 'id')
self.assertEqual(token_0.get_original_value(), '1')
self.assertEqual(token_0.get_value(), 'abc')
token_1 = created_mutants[1].get_token()
self.assertIsInstance(token_1, DataToken)
self.assertEqual(token_1.get_name(), 'id')
self.assertEqual(token_1.get_original_value(), '2')
self.assertEqual(token_1.get_value(), 'abc')
self.assertTrue(all(isinstance(m, QSMutant) for m in created_mutants))
示例4: test_mutant_creation
# 需要导入模块: from w3af.core.data.fuzzer.mutants.querystring_mutant import QSMutant [as 别名]
# 或者: from w3af.core.data.fuzzer.mutants.querystring_mutant.QSMutant import create_mutants [as 别名]
def test_mutant_creation(self):
self.url = URL("http://moth/?a=1&b=2")
freq = FuzzableRequest(self.url)
created_mutants = QSMutant.create_mutants(freq, self.payloads, [], False, self.fuzzer_config)
expected_dcs = ["a=abc&b=2", "a=1&b=abc", "a=def&b=2", "a=1&b=def"]
created_dcs = [str(i.get_dc()) for i in created_mutants]
self.assertEquals(expected_dcs, created_dcs)
token_0 = created_mutants[0].get_token()
self.assertIsInstance(token_0, DataToken)
self.assertEqual(token_0.get_name(), "a")
self.assertEqual(token_0.get_original_value(), "1")
self.assertEqual(token_0.get_value(), "abc")
token_2 = created_mutants[1].get_token()
self.assertIsInstance(token_0, DataToken)
self.assertEqual(token_2.get_name(), "b")
self.assertEqual(token_2.get_original_value(), "2")
self.assertEqual(token_2.get_value(), "abc")
self.assertTrue(all(isinstance(m, QSMutant) for m in created_mutants))
示例5: _generate_qs
# 需要导入模块: from w3af.core.data.fuzzer.mutants.querystring_mutant import QSMutant [as 别名]
# 或者: from w3af.core.data.fuzzer.mutants.querystring_mutant.QSMutant import create_mutants [as 别名]
def _generate_qs(self, fuzzable_request):
"""
Check the URL query string.
:return: A list of mutants.
"""
query_string = fuzzable_request.get_uri().querystring
for token in query_string.iter_tokens():
wordnet_results = self._search_wn(token.get_value())
mutants = QSMutant.create_mutants(fuzzable_request, wordnet_results,
[token.get_name()], False, {})
for mutant in mutants:
yield mutant
示例6: _generate_qs
# 需要导入模块: from w3af.core.data.fuzzer.mutants.querystring_mutant import QSMutant [as 别名]
# 或者: from w3af.core.data.fuzzer.mutants.querystring_mutant.QSMutant import create_mutants [as 别名]
def _generate_qs(self, fuzzable_request):
"""
Check the URL query string.
:return: A list of mutants.
"""
query_string = fuzzable_request.get_uri().querystring
for parameter_name in query_string:
# this for loop was added to address the repeated parameter name issue
for element_index in xrange(len(query_string[parameter_name])):
orig_content = query_string[parameter_name][element_index]
wordnet_result = self._search_wn(orig_content)
mutants = QSMutant.create_mutants(fuzzable_request, wordnet_result, [parameter_name], False, {})
for mutant in mutants:
yield mutant
示例7: test_from_mutant
# 需要导入模块: from w3af.core.data.fuzzer.mutants.querystring_mutant import QSMutant [as 别名]
# 或者: from w3af.core.data.fuzzer.mutants.querystring_mutant.QSMutant import create_mutants [as 别名]
def test_from_mutant(self):
url = URL("http://moth/?a=1&b=2")
payloads = ["abc", "def"]
freq = FuzzableRequest(url)
fuzzer_config = {}
created_mutants = QSMutant.create_mutants(freq, payloads, [], False, fuzzer_config)
mutant = created_mutants[0]
inst = Info.from_mutant("TestCase", "desc" * 30, 1, "plugin_name", mutant)
self.assertIsInstance(inst, Info)
self.assertEqual(inst.get_uri(), mutant.get_uri())
self.assertEqual(inst.get_url(), mutant.get_url())
self.assertEqual(inst.get_method(), mutant.get_method())
self.assertEqual(inst.get_dc(), mutant.get_dc())
self.assertIsInstance(inst.get_dc(), QueryString)
示例8: test_from_mutant
# 需要导入模块: from w3af.core.data.fuzzer.mutants.querystring_mutant import QSMutant [as 别名]
# 或者: from w3af.core.data.fuzzer.mutants.querystring_mutant.QSMutant import create_mutants [as 别名]
def test_from_mutant(self):
url = URL('http://moth/?a=1&b=2')
payloads = ['abc', 'def']
freq = FuzzableRequest(url)
fuzzer_config = {}
created_mutants = QSMutant.create_mutants(freq, payloads, [], False,
fuzzer_config)
mutant = created_mutants[0]
inst = Vuln.from_mutant('TestCase', 'desc' * 30, 'High', 1,
'plugin_name', mutant)
self.assertIsInstance(inst, Vuln)
self.assertEqual(inst.get_uri(), mutant.get_uri())
self.assertEqual(inst.get_url(), mutant.get_url())
self.assertEqual(inst.get_method(), mutant.get_method())
self.assertEqual(inst.get_dc(), mutant.get_dc())
self.assertEqual(inst.get_token_name(), mutant.get_token().get_name())