Hi Daniel and developer list I fixed the export function. Simply replace the file at core.data.request.fuzzableRequest. Could someone try it (works for me) and commit it to the svn repository (don't have svn commit rights)? :)
I think it would be a better idea to serialize with python's pickle (but then
it's not
human readable anymore). CSV has problems if there is a comma in the DC/URL.
Maybe we want both features? I'll code the pickle export if you want.
We could additionally export headers/cookies! Or is there a reason why we
shouldn't?
Here is the code i changed in core.data.request.fuzzableRequest:
def export( self ):
'''
METHOD,URL,DC
Examples:
GET,http://localhost/index.php?abc=123&def=789,
POST,http://localhost/index.php,abc=123&def=789
@return: a csv str representation of the request
'''
#
# FIXME: What if a comma is inside the URL or DC?!
# TODO: Why don't we export headers and cookies?
#
strRes = ''
strRes += self._method + ','
strRes += self._url
if self._method == 'GET':
if self._dc:
strRes += '?'
strRes += str(self._dc)
strRes += ','
else:
strRes += ','
if self._dc:
strRes += str(self._dc)
return strRes
cheers
floyd
________________________________
Von: Floyd Fuh <[email protected]>
An: Daniel Gaddis <[email protected]>; Andres Riancho
<[email protected]>
CC: "[email protected]" <[email protected]>
Gesendet: Freitag, den 28. Mai 2010, 15:17:34 Uhr
Betreff: Re: [W3af-users] misc-settings exportFuzzableRequests importResults
plugin issue
Hey Daniel
That's a bug. It's because the export method of the fuzzable request does not
correctly handle
repeated parameter names.
In python a list is represented as [somevalue, anothervalue]. The brackets will
be encoded as %5B and %5D.
cheers
floyd
________________________________
Von: Daniel Gaddis <[email protected]>
An: Andres Riancho <[email protected]>
CC: "[email protected]" <[email protected]>
Gesendet: Mittwoch, den 26. Mai 2010, 17:11:21 Uhr
Betreff: [W3af-users] misc-settings exportFuzzableRequests importResults plugin
issue
Why
do requests get modified when written to the exportFuzzableRequests file?
For
example the following original request...
http://www.test.senate.state.tx.us/avarchive/ramav.php?ram=00003740
...gets
written to the exportFuzzableRequests file as:
http://www.test.senate.state.tx.us/avarchive/ramav.php?ram=%5B%2700003740%27%5D
While
that may not appear to be too big of a deal the real issue comes into play when
using that
exportFuzzableRequests
file as the discovery for a subsequent audit. The original throws a sql
injection
issue. The latter does not.
As
a work around I can do a search and replace for the %5B%27 and %27%5D strings
in the
exportFuzzableRequests
file to revert back to what the original was, but is there a w3af config.
setting
so that the requests written to the exportFuzzableRequests file remain exactly
like
the
original without the added encoded characters?
I
am running w3af-1.0-rc3 (version 1.1 revision 3460) on windows.
Thanks,
Daniel
fuzzableRequest.py
Description: Binary data
------------------------------------------------------------------------------
_______________________________________________ W3af-develop mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-develop
