Init WFuzz state

2026-03-12 21:35:22 +01:00 · 2019-10-09 13:24:01 +02:00
parent 7c3ed5ef0b
commit a5eb2a97e1
114 changed files with 6221 additions and 0 deletions
--- a/tests/sql_blind_injection/test.sh
+++ b/tests/sql_blind_injection/test.sh
@@ -0,0 +1,35 @@
+# Start server which does not send any response
+python3 "$(dirname "${BASH_SOURCE[0]}")/web_and_sql_server.py" &
+SERVER_PID=`echo $!`
+
+function trap_sigint()
+{
+    kill -9 $SERVER_PID
+    exit 2
+}
+
+trap "trap_sigint" 2
+
+cd ../
+
+# Run fuzzer
+./run.sh ./tests/localhost_config.json ./tests/documentation.yaml
+
+# Check logs, if there are tests with failure
+cat fuzzing.log | grep "Timeout or closed connection"
+IS_MATCH1=`echo $?`
+
+cat ./reporter/reports.junit.xml | grep "Timeout or closed connection"
+IS_MATCH2=`echo $?`
+
+cat ./reporter/reports.html | grep "Timeout or closed connection"
+IS_MATCH3=`echo $?`
+
+# Kill server
+kill -9 $SERVER_PID
+
+if [ $IS_MATCH1 -eq 0 -a $IS_MATCH2 -eq 0 -a $IS_MATCH3 -eq 0 ] ; then
+    exit 0
+fi
+
+exit 1
--- a/tests/sql_blind_injection/web_and_sql_server.py
+++ b/tests/sql_blind_injection/web_and_sql_server.py
@@ -0,0 +1,63 @@
+import os
+from http.server import BaseHTTPRequestHandler, HTTPServer
+import urllib.parse
+import time
+import sqlite3
+from sqlite3 import Error
+ 
+ 
+def create_in_memory_connection():
+    try:
+        conn = sqlite3.connect(':memory:')
+    except Error as e:
+        print(e)
+    return conn
+
+
+class RequestHandler(BaseHTTPRequestHandler):
+    def _set_headers(self):
+        self.send_response(200)
+        self.send_header('Content-type', 'plain/text')
+        self.end_headers()
+
+    def do_GET(self):
+        self._get_path_parameters()
+        self._set_headers()
+        self.wfile.write(b'OK')
+    
+    def _get_path_parameters(self):
+        path = urllib.parse.unquote(self.path)[len("/pets?attributeName="):]
+        if path.startswith("sleep("):
+            try:
+                self.cursor.execute("SELECT " + path)
+            except:
+                pass
+    
+    def _try_to_execute_command(self, path):
+        os.system(path)
+
+    def send_error(self, code, message=None, explain=None):
+        pass
+
+
+def run(server_class=HTTPServer, handler_class=RequestHandler, port=5000):
+    server_address = ('', port)
+    httpd = server_class(server_address, handler_class)
+    httpd.serve_forever()
+
+
+if __name__ == "__main__":
+    from sys import argv
+
+    conn = create_in_memory_connection()
+
+    # Define custom sleep function
+    # On different DB engines it can be predefined
+    conn.create_function("sleep", 1, time.sleep)
+
+    RequestHandler.cursor = conn.cursor()
+
+    if len(argv) == 2:
+        run(port=int(argv[1]))
+    else:
+        run()