Skip to content

Instantly share code, notes, and snippets.

@Lavakumar
Last active March 7, 2016 10:54
Show Gist options
  • Save Lavakumar/5aad9e14f27d2eeec6e1 to your computer and use it in GitHub Desktop.
Save Lavakumar/5aad9e14f27d2eeec6e1 to your computer and use it in GitHub Desktop.
Python Script for Enumerating Commands used in WebSocket Demo App
#import the required binaries and namespaces
import clr
clr.AddReference("WebsocketClient.exe")
from WebsocketClient import *
#the templates for WebSocket messages used in WebSocket Demo App
create_session_msg = '{"cmd":"startSession"}'
get_prod_msg = '{"cmd":"getProduct", "sessionId":"", "id":0}'
get_error_msg = '{"cmd":"getError", "sessionId":""}'
check_cmd_msg = '{"cmd":"someCommand", "sessionId":""}'
#Verbs and Nouns used to enumerate command names
verbs = ["get", "create", "start", "delete", "enter", "rename", "change"]
nouns = ["User", "Users", "Privileges", "Error", "Errors", "Exception", "Config"]
#Send a message with a command name and get the code of the server's response
def chk_cmd(cmd):
try:
jm = Tools.ParseAsJson(check_cmd_msg)
jm["sessionId"] = session_id
jm["cmd"] = cmd
ws.Send(jm.ToString())
m = ws.Read()
jm = Tools.ParseAsJson(m)
return jm["code"].ToString().strip('"')
except:
return ""
#Create a new Session and return the new Session ID
def create_session():
ws.Send(create_session_msg)
m = ws.Read()
jm = Tools.ParseAsJson(m)
return jm["sessionId"].ToString().strip('"')
ws = SyncWebsockClient()
ws.Connect("ws://localhost:9091/app", "", "")
session_id = create_session()
for verb in verbs:
for noun in nouns:
cmd = verb + noun
result = chk_cmd(cmd)
if result != "invalidCommand":
print "\r\n-----------\r\n" + cmd + "--->" + result + "\r\n-----------\r\n"
else:
print cmd + " does not exist"
ws.Close()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment