Taras, On Sun, Mar 1, 2009 at 7:49 PM, Taras P. Ivashchenko <naplan...@gmail.com> wrote: > On Sun, 2009-03-01 at 19:35 -0200, Andres Riancho wrote: >> Taras, >> >> On Sun, Mar 1, 2009 at 7:30 PM, Taras P. Ivashchenko >> <naplan...@gmail.com> wrote: >> > Andres, hello! >> > >> > It looks that Combos processing task is complete. >> >> Excellent! >> >> > Changed files: >> > >> > core/controllers/miscSettings.py >> > core/data/dc/form.py >> > core/data/parsers/htmlParser.py >> > core/data/request/frFactory.py >> > >> > Now we can choose what values of selects and radio buttons will be >> > processed: >> > - only top (t) >> > - only bottom (b) >> > - top and bottom (tb) >> > - top, middle and bottom (tmb) - is default >> > - all values (all) >> > >> >> Could you please provide us with a set of HTML, PHP and w3af >> script files to test the new features? I would like to add the scripts >> to the "scripts" directory in w3af, and the HTML and PHP files inside >> the "extras/testEnv/webroot/" directory somewhere. >> >> After you provide us with that, I'll test the new feature and give >> you my feedback. >> >> Thanks for for contribution!!
I've tested the patch, and merged it with the trunk. As usual, the code looks awesome, is well documented, and works perfectly! Here are some detailed comments about the code: - Are check boxes checked/unchecked by the getVariants() method in the form class? I added some code to the __str__ of the fuzzableRequest class, and when running the code I see (pay attention to the some_check and some_check2 values): ... - http://localhost/w3af/core/htmlParser/abc.php | Method: GET | Parameters: (some_radio="radio_1", firstname="ivan", age="15-20", secondname="ivanov", some_check2="check_2", sex="female", some_check="check_1") - http://localhost/w3af/core/htmlParser/abc.php | Method: GET | Parameters: (some_radio="radio_1", firstname="ivan", age="15-20", secondname="ivanov", some_check2="check_2", sex="male", some_check="check_1") - http://localhost/w3af/core/htmlParser/abc.php | Method: GET | Parameters: (some_radio="radio_1", firstname="ivan", age="21-25", secondname="ivanov", some_check2="check_2", sex="female", some_check="check_1") - http://localhost/w3af/core/htmlParser/abc.php | Method: GET | Parameters: (some_radio="radio_1", firstname="ivan", age="21-25", secondname="ivanov", some_check2="check_2", sex="male", some_check="check_1") - http://localhost/w3af/core/htmlParser/abc.php | Method: GET | Parameters: (some_radio="radio_1", firstname="ivan", age="26-30", secondname="ivanov", some_check2="check_2", sex="female", some_check="check_1") - http://localhost/w3af/core/htmlParser/abc.php | Method: GET | Parameters: (some_radio="radio_1", firstname="ivan", age="26-30", secondname="ivanov", some_check2="check_2", sex="male", some_check="check_1") - http://localhost/w3af/core/htmlParser/abc.php | Method: GET | Parameters: (some_radio="radio_1", firstname="ivan", age="31-45", secondname="ivanov", some_check2="check_2", sex="female", some_check="check_1") - http://localhost/w3af/core/htmlParser/abc.php | Method: GET | Parameters: (some_radio="radio_1", firstname="ivan", age="31-45", secondname="ivanov", some_check2="check_2", sex="male", some_check="check_1") ... The values don't seem to be changing. This code won't enter the 1.0 release, its TOO FRESH and may contain some hidden bugs. I'm commiting it to the trunk, but the 1.0 release will be based on the branch named "1.0" (which I'm creating right now). The taras branch was removed, you can add any small changes (like the checkbox stuff) directly to the trunk. Thanks for your code, time, and hackiness ;) Cheers, >> Cheers, >> >> > >> > On Thu, 2009-02-05 at 11:22 -0200, Andres Riancho wrote: >> >> Taras, >> >> >> >> On Wed, Feb 4, 2009 at 7:56 PM, Taras P. Ivashchenko >> >> <naplan...@gmail.com> wrote: >> >> > Andres, >> >> > >> >> >> I've been thinking about the different ways to handle "long forms": >> >> >> >> >> >> - Random values: If we have a form with a lot of >> >> >> combo/radio/select and the permutations of all of them exceed the >> >> >> number of max permutations, one of the options would be to perform a >> >> >> random choice of the combo box values and fuzz the other parameter. >> >> >> The problem with that is that if the user scans the site again, after >> >> >> finding something in a first scan, the probabilities say that he may >> >> >> not find the vulnerability again! Example: >> >> > ... >> >> >> - Top and bottom values: If we have a form with a lot of >> >> >> combo/radio/select and the permutations of all of them exceed the >> >> >> number of max permutations, one of the options would be to select the >> >> >> top and bottom values of the combo box and fuzz the other parameter. I >> >> >> think that this is the best option and gives the highest code coverage >> >> >> with the less requests. Example: >> >> > ... >> >> >> What do you think about the top/bottom idea? >> >> > I like it! So it will be great if we will have 3 options for >> >> > parsing/generating mutants: >> >> > - all variants of form elements values >> >> > - random values >> >> > - top/bottom values >> >> >> >> I would remove the random values, because they'll be confusing for >> >> people when they re-run a scan. I would leave: >> >> >> >> - all variants of form element values >> >> - top/bottom values >> >> - top/middle/bottom values (maybe this could be the default?) >> >> >> >> > As I think after I will finish develop the first option other two will >> >> > be trivial. >> >> >> >> Yes, once you have one working... it's 10 more minutes of work+testing >> >> to make the other one work. >> > >> > -- >> > Тарас Иващенко (Taras Ivashchenko), OSCP >> > www.securityaudit.ru >> > ---- >> > "Software is like sex: it's better when it's free." - Linus Torvalds >> > >> >> >> > -- > Тарас Иващенко (Taras Ivashchenko), OSCP > www.securityaudit.ru > ---- > "Software is like sex: it's better when it's free." - Linus Torvalds > -- Andrés Riancho http://www.bonsai-sec.com/ http://w3af.sourceforge.net/ ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
