Created
April 21, 2010 23:09
-
-
Save wheresalice/374546 to your computer and use it in GitHub Desktop.
Fixes a bug in hexa-range and adds support for hexa-rand in wfuzz
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff -uNp --unidirectional-new-file /pentest/web/wfuzz/CHANGELOG wfuzz/CHANGELOG | |
--- /pentest/web/wfuzz/CHANGELOG 1970-01-01 01:00:00.000000000 +0100 | |
+++ wfuzz/CHANGELOG 2010-04-22 00:04:00.000000000 +0100 | |
@@ -0,0 +1,3 @@ | |
+== 22 April 2010 kaerast <kaerast@computergentle.com> == | |
+ * Added hexa-rand which fuzzes random hex values within a given range rather than consecutive values | |
+ * Fixed hexa-range to not send out an extraneous % sign | |
Binary files /pentest/web/wfuzz/dictio.pyc and wfuzz/dictio.pyc differ | |
Binary files /pentest/web/wfuzz/encoders.pyc and wfuzz/encoders.pyc differ | |
diff -uNp --unidirectional-new-file /pentest/web/wfuzz/payloads.py wfuzz/payloads.py | |
--- /pentest/web/wfuzz/payloads.py 2008-01-20 17:30:49.000000000 +0000 | |
+++ wfuzz/payloads.py 2010-04-22 00:01:53.000000000 +0100 | |
@@ -1,5 +1,6 @@ | |
import encoders | |
import copy | |
+import random | |
####### SUPERCLASS | |
@@ -134,13 +135,52 @@ class hexrange_iterator (payload_iterato | |
pl="%"+str(lgth)+"s" | |
num=hex(self.current).replace("0x","") | |
pl= pl % (num) | |
- payl="%"+pl.replace(" ","0") | |
+ payl=pl.replace(" ","0") | |
self.current+=1 | |
return payl | |
+ | |
+################### HEXRAND PAYLOAD | |
+ | |
+ | |
+class payload_hexrand (payload): | |
+ def __init__(self,range): ## range example --> "0-ffa" | |
+ payload.__init__(self) | |
+ try: | |
+ ran=range.split("-") | |
+ self.minimum=int(ran[0],16) | |
+ self.maximum=int(ran[1],16) | |
+ self.__count=self.maximum - self.minimum | |
+ except: | |
+ raise Exception, "Bad range format (eg. \"0-ffa\")" | |
+ | |
+ def __iter__ (self): | |
+ return hexrand_iterator(self.minimum,self.maximum) | |
+ | |
+ def count(self): | |
+ return self.__count | |
+ | |
+class hexrand_iterator (payload_iterator): | |
+ def __init__(self,min,max): | |
+ payload_iterator.__init__(self) | |
+ self.minimum=min | |
+ self.maximum=max | |
+ self.current=self.minimum | |
+ | |
+ def next (self): | |
+ self.current = random.SystemRandom().randint(self.minimum,self.maximum) | |
+ | |
+ lgth=len(hex(self.maximum).replace("0x","")) | |
+ pl="%"+str(lgth)+"s" | |
+ num=hex(self.current).replace("0x","") | |
+ pl= pl % (num) | |
+ payl=pl.replace(" ","0") | |
+ | |
+ return payl | |
+ | |
######################### PAYLOAD LIST | |
Binary files /pentest/web/wfuzz/payloads.pyc and wfuzz/payloads.pyc differ | |
Binary files /pentest/web/wfuzz/reqresp.pyc and wfuzz/reqresp.pyc differ | |
Binary files /pentest/web/wfuzz/TextParser.pyc and wfuzz/TextParser.pyc differ | |
diff -uNp --unidirectional-new-file /pentest/web/wfuzz/wfuzz.py wfuzz/wfuzz.py | |
--- /pentest/web/wfuzz/wfuzz.py 2008-01-20 17:39:28.000000000 +0000 | |
+++ wfuzz/wfuzz.py 2010-04-22 00:00:55.000000000 +0100 | |
@@ -512,7 +512,7 @@ Options: | |
-x addr : use Proxy (ip:port) | |
-d postdata : Use post data (ex: "id=FUZZ&catalogue=1") | |
-H headers : Use headers (ex:"Host:www.mysite.com,Cookie:id=1312321&user=FUZZ") | |
--z dicttype : Specify type of dictionary (file,range,hexa-range) | |
+-z dicttype : Specify type of dictionary (file,range,hexa-range,hexa-rand) | |
-r N1-N2 : Specify range limits | |
-f path : Specify file path (comma sepparated, if multiple FUZZ vars) | |
-t N : Specify the number of threads (20 default) | |
@@ -587,8 +587,10 @@ Example: - wfuzz.py -c -z file -f common | |
dic1=payload_range(optsd["-r"],len(optsd["-r"].split("-")[1])) | |
elif optsd ["-z"].lower()=="hexa-range": | |
dic1=payload_hexrange(optsd["-r"]) | |
+ elif optsd ["-z"].lower()=="hexa-rand": | |
+ dic1=payload_hexrand(optsd["-r"]) | |
else: | |
- print "Bad argument: -z dicttype : Specify type od dictionary (file,range,hexa-range)" | |
+ print "Bad argument: -z dicttype : Specify type of dictionary (file,range,hexa-range,hexa-rand)" | |
sys.exit (-1) | |
d1=dictionary() | |
Common subdirectories: /pentest/web/wfuzz/wordlists and wfuzz/wordlists |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment