Skip to content

Instantly share code, notes, and snippets.

@wheresalice
Created April 21, 2010 23:09
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save wheresalice/374546 to your computer and use it in GitHub Desktop.
Save wheresalice/374546 to your computer and use it in GitHub Desktop.
Fixes a bug in hexa-range and adds support for hexa-rand in wfuzz
diff -uNp --unidirectional-new-file /pentest/web/wfuzz/CHANGELOG wfuzz/CHANGELOG
--- /pentest/web/wfuzz/CHANGELOG 1970-01-01 01:00:00.000000000 +0100
+++ wfuzz/CHANGELOG 2010-04-22 00:04:00.000000000 +0100
@@ -0,0 +1,3 @@
+== 22 April 2010 kaerast <kaerast@computergentle.com> ==
+ * Added hexa-rand which fuzzes random hex values within a given range rather than consecutive values
+ * Fixed hexa-range to not send out an extraneous % sign
Binary files /pentest/web/wfuzz/dictio.pyc and wfuzz/dictio.pyc differ
Binary files /pentest/web/wfuzz/encoders.pyc and wfuzz/encoders.pyc differ
diff -uNp --unidirectional-new-file /pentest/web/wfuzz/payloads.py wfuzz/payloads.py
--- /pentest/web/wfuzz/payloads.py 2008-01-20 17:30:49.000000000 +0000
+++ wfuzz/payloads.py 2010-04-22 00:01:53.000000000 +0100
@@ -1,5 +1,6 @@
import encoders
import copy
+import random
####### SUPERCLASS
@@ -134,13 +135,52 @@ class hexrange_iterator (payload_iterato
pl="%"+str(lgth)+"s"
num=hex(self.current).replace("0x","")
pl= pl % (num)
- payl="%"+pl.replace(" ","0")
+ payl=pl.replace(" ","0")
self.current+=1
return payl
+
+################### HEXRAND PAYLOAD
+
+
+class payload_hexrand (payload):
+ def __init__(self,range): ## range example --> "0-ffa"
+ payload.__init__(self)
+ try:
+ ran=range.split("-")
+ self.minimum=int(ran[0],16)
+ self.maximum=int(ran[1],16)
+ self.__count=self.maximum - self.minimum
+ except:
+ raise Exception, "Bad range format (eg. \"0-ffa\")"
+
+ def __iter__ (self):
+ return hexrand_iterator(self.minimum,self.maximum)
+
+ def count(self):
+ return self.__count
+
+class hexrand_iterator (payload_iterator):
+ def __init__(self,min,max):
+ payload_iterator.__init__(self)
+ self.minimum=min
+ self.maximum=max
+ self.current=self.minimum
+
+ def next (self):
+ self.current = random.SystemRandom().randint(self.minimum,self.maximum)
+
+ lgth=len(hex(self.maximum).replace("0x",""))
+ pl="%"+str(lgth)+"s"
+ num=hex(self.current).replace("0x","")
+ pl= pl % (num)
+ payl=pl.replace(" ","0")
+
+ return payl
+
######################### PAYLOAD LIST
Binary files /pentest/web/wfuzz/payloads.pyc and wfuzz/payloads.pyc differ
Binary files /pentest/web/wfuzz/reqresp.pyc and wfuzz/reqresp.pyc differ
Binary files /pentest/web/wfuzz/TextParser.pyc and wfuzz/TextParser.pyc differ
diff -uNp --unidirectional-new-file /pentest/web/wfuzz/wfuzz.py wfuzz/wfuzz.py
--- /pentest/web/wfuzz/wfuzz.py 2008-01-20 17:39:28.000000000 +0000
+++ wfuzz/wfuzz.py 2010-04-22 00:00:55.000000000 +0100
@@ -512,7 +512,7 @@ Options:
-x addr : use Proxy (ip:port)
-d postdata : Use post data (ex: "id=FUZZ&catalogue=1")
-H headers : Use headers (ex:"Host:www.mysite.com,Cookie:id=1312321&user=FUZZ")
--z dicttype : Specify type of dictionary (file,range,hexa-range)
+-z dicttype : Specify type of dictionary (file,range,hexa-range,hexa-rand)
-r N1-N2 : Specify range limits
-f path : Specify file path (comma sepparated, if multiple FUZZ vars)
-t N : Specify the number of threads (20 default)
@@ -587,8 +587,10 @@ Example: - wfuzz.py -c -z file -f common
dic1=payload_range(optsd["-r"],len(optsd["-r"].split("-")[1]))
elif optsd ["-z"].lower()=="hexa-range":
dic1=payload_hexrange(optsd["-r"])
+ elif optsd ["-z"].lower()=="hexa-rand":
+ dic1=payload_hexrand(optsd["-r"])
else:
- print "Bad argument: -z dicttype : Specify type od dictionary (file,range,hexa-range)"
+ print "Bad argument: -z dicttype : Specify type of dictionary (file,range,hexa-range,hexa-rand)"
sys.exit (-1)
d1=dictionary()
Common subdirectories: /pentest/web/wfuzz/wordlists and wfuzz/wordlists
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment