Showing preview only (1,774K chars total). Download the full file or copy to clipboard to get everything.
Repository: xmendez/wfuzz
Branch: master
Commit: 2263cd0932fe
Files: 235
Total size: 1.7 MB
Directory structure:
gitextract_30du5tiz/
├── .flake8
├── .github/
│ ├── dependabot.yml
│ └── workflows/
│ └── docker-release.yml
├── .gitignore
├── .travis.yml
├── Dockerfile
├── ISSUE_TEMPLATE.md
├── LICENSE
├── MANIFEST.in
├── Makefile
├── README.md
├── docs/
│ ├── Makefile
│ ├── _templates/
│ │ └── sidebarlogo.html
│ ├── conf.py
│ ├── dev/
│ │ └── plugins.rst
│ ├── index.rst
│ ├── library/
│ │ └── guide.rst
│ ├── make.bat
│ └── user/
│ ├── advanced.rst
│ ├── basicusage.rst
│ ├── breaking.rst
│ ├── getting.rst
│ ├── installation.rst
│ └── wfpayload.rst
├── requirements.txt
├── setup.py
├── src/
│ ├── wfencode.py
│ ├── wfpayload.py
│ ├── wfuzz/
│ │ ├── __init__.py
│ │ ├── __main__.py
│ │ ├── api.py
│ │ ├── core.py
│ │ ├── dictionaries.py
│ │ ├── exception.py
│ │ ├── externals/
│ │ │ ├── __init__.py
│ │ │ ├── moduleman/
│ │ │ │ ├── __init__.py
│ │ │ │ ├── loader.py
│ │ │ │ ├── modulefilter.py
│ │ │ │ ├── plugin.py
│ │ │ │ └── registrant.py
│ │ │ ├── reqresp/
│ │ │ │ ├── Request.py
│ │ │ │ ├── Response.py
│ │ │ │ ├── TextParser.py
│ │ │ │ ├── Variables.py
│ │ │ │ ├── __init__.py
│ │ │ │ ├── cache.py
│ │ │ │ └── exceptions.py
│ │ │ └── settings/
│ │ │ ├── __init__.py
│ │ │ └── settings.py
│ │ ├── facade.py
│ │ ├── factories/
│ │ │ ├── __init__.py
│ │ │ ├── dictfactory.py
│ │ │ ├── fuzzfactory.py
│ │ │ ├── fuzzresfactory.py
│ │ │ ├── payman.py
│ │ │ ├── plugin_factory.py
│ │ │ └── reqresp_factory.py
│ │ ├── filters/
│ │ │ ├── __init__.py
│ │ │ ├── ppfilter.py
│ │ │ └── simplefilter.py
│ │ ├── fuzzobjects.py
│ │ ├── fuzzqueues.py
│ │ ├── fuzzrequest.py
│ │ ├── helpers/
│ │ │ ├── __init__.py
│ │ │ ├── file_func.py
│ │ │ ├── obj_dic.py
│ │ │ ├── obj_dyn.py
│ │ │ ├── obj_factory.py
│ │ │ ├── str_func.py
│ │ │ └── utils.py
│ │ ├── mixins.py
│ │ ├── myhttp.py
│ │ ├── myqueues.py
│ │ ├── options.py
│ │ ├── plugin_api/
│ │ │ ├── __init__.py
│ │ │ ├── base.py
│ │ │ ├── mixins.py
│ │ │ ├── payloadtools.py
│ │ │ └── urlutils.py
│ │ ├── plugins/
│ │ │ ├── __init__.py
│ │ │ ├── encoders/
│ │ │ │ ├── __init__.py
│ │ │ │ └── encoders.py
│ │ │ ├── iterators/
│ │ │ │ ├── __init__.py
│ │ │ │ └── iterations.py
│ │ │ ├── payloads/
│ │ │ │ ├── __init__.py
│ │ │ │ ├── autorize.py
│ │ │ │ ├── bing.py
│ │ │ │ ├── buffer_overflow.py
│ │ │ │ ├── burpitem.py
│ │ │ │ ├── burplog.py
│ │ │ │ ├── burpstate.py
│ │ │ │ ├── dirwalk.py
│ │ │ │ ├── file.py
│ │ │ │ ├── guitab.py
│ │ │ │ ├── hexrand.py
│ │ │ │ ├── hexrange.py
│ │ │ │ ├── ipnet.py
│ │ │ │ ├── iprange.py
│ │ │ │ ├── list.py
│ │ │ │ ├── names.py
│ │ │ │ ├── permutation.py
│ │ │ │ ├── range.py
│ │ │ │ ├── shodanp.py
│ │ │ │ ├── stdin.py
│ │ │ │ └── wfuzzp.py
│ │ │ ├── printers/
│ │ │ │ ├── __init__.py
│ │ │ │ └── printers.py
│ │ │ └── scripts/
│ │ │ ├── __init__.py
│ │ │ ├── backups.py
│ │ │ ├── cookies.py
│ │ │ ├── cvs_extractor.py
│ │ │ ├── errors.py
│ │ │ ├── grep.py
│ │ │ ├── headers.py
│ │ │ ├── links.py
│ │ │ ├── listing.py
│ │ │ ├── npm_deps.py
│ │ │ ├── robots.py
│ │ │ ├── screenshot.py
│ │ │ ├── sitemap.py
│ │ │ ├── svn_extractor.py
│ │ │ ├── title.py
│ │ │ └── wcdb.py
│ │ ├── ui/
│ │ │ ├── __init__.py
│ │ │ ├── console/
│ │ │ │ ├── __init__.py
│ │ │ │ ├── clparser.py
│ │ │ │ ├── common.py
│ │ │ │ ├── getch.py
│ │ │ │ ├── mvc.py
│ │ │ │ └── output.py
│ │ │ └── gui/
│ │ │ ├── __init__.py
│ │ │ ├── controller.py
│ │ │ ├── guicontrols.py
│ │ │ └── model.py
│ │ └── wfuzz.py
│ ├── wfuzz-cli.py
│ └── wxfuzz.py
├── tests/
│ ├── acceptance/
│ │ └── test_saved_filter.py
│ ├── api/
│ │ ├── test_encoders.py
│ │ ├── test_payload.py
│ │ └── test_session.py
│ ├── conftest.py
│ ├── factories/
│ │ └── test_seedbasebuilder.py
│ ├── filters/
│ │ ├── test_filter.py
│ │ ├── test_filter_codes.py
│ │ ├── test_filter_urlp.py
│ │ ├── test_prefilter_mangle.py
│ │ └── test_prefilter_mangle_codes.py
│ ├── helpers/
│ │ ├── test_dotdict.py
│ │ └── test_insensitive_dict.py
│ ├── plugins/
│ │ ├── test_burplog.py
│ │ ├── test_links.py
│ │ └── test_summary.py
│ ├── server_dir/
│ │ ├── Dockerfile
│ │ ├── dir/
│ │ │ ├── a
│ │ │ ├── b
│ │ │ ├── c
│ │ │ └── one
│ │ ├── docker-compose.yml
│ │ ├── iterators/
│ │ │ ├── aa
│ │ │ ├── ac
│ │ │ └── bb
│ │ ├── plugins/
│ │ │ └── robots.txt
│ │ ├── recursive_dir/
│ │ │ └── a/
│ │ │ └── b/
│ │ │ └── c/
│ │ │ └── placeholder.txt
│ │ ├── simple_server.py
│ │ └── static/
│ │ └── placeholder.txt
│ ├── test_acceptance.py
│ ├── test_api.py
│ ├── test_clparser.py
│ ├── test_filterintro.py
│ ├── test_moduleman.py
│ ├── test_relativeurl.py
│ ├── test_req_parse.py
│ └── test_reqresp.py
├── tox.ini
├── wfencode
├── wfencode.bat
├── wfpayload
├── wfpayload.bat
├── wfuzz
├── wfuzz.bat
├── wfuzz_bash_completion
├── wordlist/
│ ├── Injections/
│ │ ├── All_attack.txt
│ │ ├── SQL.txt
│ │ ├── Traversal.txt
│ │ ├── XML.txt
│ │ ├── XSS.txt
│ │ └── bad_chars.txt
│ ├── general/
│ │ ├── admin-panels.txt
│ │ ├── big.txt
│ │ ├── catala.txt
│ │ ├── common.txt
│ │ ├── euskera.txt
│ │ ├── extensions_common.txt
│ │ ├── http_methods.txt
│ │ ├── medium.txt
│ │ ├── megabeast.txt
│ │ ├── mutations_common.txt
│ │ ├── spanish.txt
│ │ └── test.txt
│ ├── others/
│ │ ├── common_pass.txt
│ │ └── names.txt
│ ├── stress/
│ │ ├── alphanum_case.txt
│ │ ├── alphanum_case_extra.txt
│ │ ├── char.txt
│ │ ├── doble_uri_hex.txt
│ │ ├── test_ext.txt
│ │ └── uri_hex.txt
│ ├── vulns/
│ │ ├── apache.txt
│ │ ├── cgis.txt
│ │ ├── coldfusion.txt
│ │ ├── dirTraversal-nix.txt
│ │ ├── dirTraversal-win.txt
│ │ ├── dirTraversal.txt
│ │ ├── domino.txt
│ │ ├── fatwire.txt
│ │ ├── fatwire_pagenames.txt
│ │ ├── frontpage.txt
│ │ ├── iis.txt
│ │ ├── iplanet.txt
│ │ ├── jrun.txt
│ │ ├── netware.txt
│ │ ├── oracle9i.txt
│ │ ├── sharepoint.txt
│ │ ├── sql_inj.txt
│ │ ├── sunas.txt
│ │ ├── tests.txt
│ │ ├── tomcat.txt
│ │ ├── vignette.txt
│ │ ├── weblogic.txt
│ │ └── websphere.txt
│ └── webservices/
│ ├── ws-dirs.txt
│ └── ws-files.txt
├── wxfuzz
└── wxfuzz.bat
================================================
FILE CONTENTS
================================================
================================================
FILE: .flake8
================================================
[flake8]
max-line-length = 80
select = C,E,F,W,B,B950
ignore = E203, E501, W503, E402, F401, W504
================================================
FILE: .github/dependabot.yml
================================================
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "daily"
- package-ecosystem: "docker"
directory: "/"
schedule:
interval: "daily"
- package-ecosystem: "pip"
directory: "/"
schedule:
interval: "daily"
================================================
FILE: .github/workflows/docker-release.yml
================================================
name: docker-release
on:
release:
types: [published]
jobs:
docker:
name: Build and push Docker image
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to ghcr.io
uses: docker/login-action@v1.4.1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.CR_PAT }}
- name: Build and push Docker images
uses: docker/build-push-action@v2
with:
context: .
file: Dockerfile
push: true
tags: |
ghcr.io/${{ github.repository_owner }}/wfuzz:${{ github.event.release.tag_name }}
ghcr.io/${{ github.repository_owner }}/wfuzz:latest
================================================
FILE: .gitignore
================================================
wfuzz.ini
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
# C extensions
*.so
# Distribution / packaging
.Python
env/
build/
develop-eggs/
dist/
downloads/
eggs/
lib/
lib64/
parts/
sdist/
var/
*.egg-info/
.installed.cfg
*.egg
# PyInstaller
# Usually these files are written by a python script from a template
# before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec
# Installer logs
pip-log.txt
pip-delete-this-directory.txt
# Unit test / coverage reports
htmlcov/
.tox/
.coverage
.cache
nosetests.xml
coverage.xml
# Translations
*.mo
*.pot
# Django stuff:
*.log
# Sphinx documentation
docs/_build/
# PyBuilder
target/
# vim
*.swp
*.swo
wfuzz.ini
# Jetbrains IDE
.idea
================================================
FILE: .travis.yml
================================================
sudo: required
language: python
services:
- docker
python:
- "3.4"
- "3.5"
- "3.6"
- "3.7"
- "3.8"
before_install:
- docker-compose -f tests/server_dir/docker-compose.yml up -d
install:
- make install-dev
- python setup.py install
script:
- flake8 src tests
- coverage run --append -m unittest discover -v -s tests/
- if [[ $TRAVIS_PYTHON_VERSION == '3.6' && $TRAVIS_BRANCH == 'master' ]]; then codecov; fi
- if [[ $TRAVIS_PYTHON_VERSION != '3.4' && $TRAVIS_PYTHON_VERSION != '3.5' ]]; then black --check src tests; fi
deploy:
provider: pypi
user: x4vi_mendez
password:
secure: qE2hD6gyopogdJh6Qs9B1s8LkTLiZ2b4jZzDojDOnhITve2hosOfoi2T/a9JrRxP9xeMJmt7t4B7F6h+qiSdi6fz2CLT8qAG5zJFfk/+ZqIQX3zvhthoG6QS8F4Qk7kNDMuaMOeMF3qtK5oSR/cqBY3Fs7SiF9wmH2OH7XBjFdOhRzs7Y8vVEXfxy6O4wHqXkwa6ZHXfuFPly/aZGj8CwlVF4qT6zQGpOrTAJneUonQGei2qIBGVSMSLGXHxndN3a1/RA0L+J3jZKb7zi6XyqAJvXTa3OqbxwSSEdLlUdzPrjLPuMuArgTgDErgSiDlwbceDwx7TlBJy2VEF2OwQ9KAIQFKkE6Rp/sp38l3Dnriv8gzi7N0sdaSAMDH5n8zvl6xJ5hqOnB+1jfpEiSQmvr7chi3OxpniG0eW9ThgZOSLjGp0TXGSh9P3jAiZPlt1HWmNoiwOuTwjue0Lx0MH2vYW1smHJSM+FMbdCL1GwFMsEmBX+2bFzaniuyUEmM5GBpj66Pa9yULho4FTC00Aumffl2A7gnSinYwLzjIB3zUMWFzZBaijLr8caeTYMnMdccNYxWcU4kE1h584FGtMDAO8IdEwW907ZTn0H/sTrb+lFs+x3H4oLc9i+/9j/K1G3jrKJfcTOuMm4D9df+lcfgRCQzB6RyiHJWlEdGEBrJM=
distributions: sdist bdist_wheel
on:
branch:
- master
- /^v.*$/
tags: true
python: 3.6
addons:
apt:
packages:
- libcurl4-openssl-dev
================================================
FILE: Dockerfile
================================================
FROM python:3.8-alpine3.12 as builder
RUN apk add --no-cache build-base curl-dev
COPY . wfuzz/
WORKDIR wfuzz/
RUN python setup.py install
FROM python:3.8-alpine3.12
RUN apk add --no-cache curl-dev
COPY --from=builder /usr/local /usr/local
CMD wfuzz
================================================
FILE: ISSUE_TEMPLATE.md
================================================
# Issue template
## Context
**Please check:**
- [ ] I've read the docs for [Wfuzz](http://wfuzz.readthedocs.io/)
**Please describe your local environment:**
Wfuzz version: Output of wfuzz --version
Python version: Output of python --version
OS: X
## Report
**What is the current behavior?**
X
**What is the expected or desired behavior?**
X
**Please provide steps to reproduce, including exact wfuzz command executed and output:**
X
**Other relevant information:**
X
================================================
FILE: LICENSE
================================================
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc., <http://fsf.org/>
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
{description}
Copyright (C) {year} {fullname}
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
{signature of Ty Coon}, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.
================================================
FILE: MANIFEST.in
================================================
include README.md
include LICENSE
include docs/*
================================================
FILE: Makefile
================================================
.PHONY: docs
tox:
pip install tox
tox --recreate
test:
pytest -v -s tests/
flake8:
black --check src tests
flake8 src tests
publish:
pip install 'twine>=1.5.0'
python setup.py sdist
twine upload dist/*
rm -fr build dist
publish-dev:
pip install 'twine>=1.5.0'
python setup.py sdist
twine upload --repository-url https://test.pypi.org/legacy/ dist/*
rm -fr build dist
docs:
pip install -e ".[docs]"
cd docs && make html
coverage:
coverage report --skip-covered --include "*python3.8/site-packages/wfuzz*" -m
install: install-dev
pip install -r requirements.txt
install-dev:
pip install -e ".[dev]"
freeze:
pip-compile --output-file requirements.txt setup.py
help:
@echo "make help Show this help message"
@echo "make test Run local tests with tox"
@echo "make flake8 Run the code linter(s) and print any warnings"
@echo "make publish Publish pip lib to pypi"
@echo "make publish-dev Publish pip lib to pypi test"
@echo "make docs Create html docs"
@echo "make install Install requirements"
@echo "make install-dev Install dev requirements"
================================================
FILE: README.md
================================================
<img src="https://github.com/xmendez/wfuzz/blob/master/docs/_static/logo/wfuzz_letters.svg" width="500">
[](https://travis-ci.org/xmendez/wfuzz)
<a href="https://pypi.python.org/pypi/wfuzz"><img src="https://img.shields.io/pypi/v/wfuzz.svg"></a>
<a href="https://pypi.python.org/pypi/wfuzz"><img src="https://img.shields.io/pypi/dm/wfuzz"></a>
<a href="https://pypi.python.org/pypi/wfuzz"><img src="https://img.shields.io/pypi/pyversions/wfuzz.svg"></a>
<a href="https://codecov.io/github/xmendez/wfuzz"><img src="https://codecov.io/github/xmendez/wfuzz/coverage.svg?branch=master"></a>
# Wfuzz - The Web Fuzzer
Wfuzz has been created to facilitate the task in web applications assessments and it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload.
A payload in Wfuzz is a source of data.
This simple concept allows any input to be injected in any field of an HTTP request, allowing to perform complex web security attacks in different web application components such as: parameters, authentication, forms, directories/files, headers, etc.
Wfuzz is more than a web content scanner:
* Wfuzz could help you to secure your web applications by finding and exploiting web application vulnerabilities. Wfuzz’s web application vulnerability scanner is supported by plugins.
* Wfuzz is a completely modular framework and makes it easy for even the newest of Python developers to contribute. Building plugins is simple and takes little more than a few minutes.
* Wfuzz exposes a simple language interface to the previous HTTP requests/responses performed using Wfuzz or other tools, such as Burp. This allows you to perform manual and semi-automatic tests with full context and understanding of your actions, without relying on a web application scanner underlying implementation.
It was created to facilitate the task in web applications assessments, it's a tool by pentesters for pentesters ;)
## Installation
To install WFuzz, simply use pip:
```
pip install wfuzz
```
To run Wfuzz from a docker image, run:
```
$ docker run -v $(pwd)/wordlist:/wordlist/ -it ghcr.io/xmendez/wfuzz wfuzz
```
## Documentation
Documentation is available at http://wfuzz.readthedocs.io
## Download
Check github releases. Latest is available at https://github.com/xmendez/wfuzz/releases/latest
================================================
FILE: docs/Makefile
================================================
# Minimal makefile for Sphinx documentation
#
# You can set these variables from the command line.
SPHINXOPTS =
SPHINXBUILD = sphinx-build
SPHINXPROJ = Wfuzz
SOURCEDIR = .
BUILDDIR = _build
# Put it first so that "make" without argument is like "make help".
help:
@$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
.PHONY: help Makefile
# Catch-all target: route all unknown targets to Sphinx using the new
# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS).
%: Makefile
@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
================================================
FILE: docs/_templates/sidebarlogo.html
================================================
<p class="logo">
<a href="{{ pathto(master_doc) }}">
<img class="logo" src="{{ pathto('_static/logo/wfuzz.svg', 1) }}"/>
</a>
</p>
<p>
<p>
WFuzz is a web application security fuzzer tool and library for Python.
</p>
<h3>GitHub repository</h3>
<p>
Be part of the Wfuzz's community via <a href="https://github.com/xmendez/wfuzz/">GitHub tickets and pull requests</a>.</p>
<iframe src="http://ghbtns.com/github-btn.html?user=xmendez&repo=wfuzz&type=watch&count=true&size=large"
allowtransparency="true" frameborder="0" scrolling="0" width="200px" height="35px"></iframe>
</p>
<h3>Stay informed</h3>
<p>
Don’t forget to follow my github, twitter for news, releases and feedback.
</p>
<p><iframe src="http://ghbtns.com/github-btn.html?user=xmendez&type=follow&count=false"
allowtransparency="true" frameborder="0" scrolling="0" width="200" height="20"></iframe></p>
<p>
<script async src="http://platform.twitter.com/widgets.js" charset="utf-8"></script>
<a href="https://twitter.com/x4vi_mendez" class="twitter-follow-button" data-show-count="false">Follow @x4vi_mendez</a>
</p>
================================================
FILE: docs/conf.py
================================================
# -*- coding: utf-8 -*-
#
# Wfuzz documentation build configuration file, created by
# sphinx-quickstart on Thu Mar 2 13:44:00 2017.
#
# This file is execfile()d with the current directory set to its
# containing dir.
#
# Note that not all possible configuration values are present in this
# autogenerated file.
#
# All configuration values have a default; values that are commented out
# serve to show the default.
# If extensions (or modules to document with autodoc) are in another directory,
# add these directories to sys.path here. If the directory is relative to the
# documentation root, use os.path.abspath to make it absolute, like shown here.
#
# import os
# import sys
# sys.path.insert(0, os.path.abspath('.'))
# -- General configuration ------------------------------------------------
# If your documentation needs a minimal Sphinx version, state it here.
#
# needs_sphinx = '1.0'
# Add any Sphinx extension module names here, as strings. They can be
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
# ones.
extensions = []
# Add any paths that contain templates here, relative to this directory.
templates_path = ['_templates']
# The suffix(es) of source filenames.
# You can specify multiple suffix as a list of string:
#
# source_suffix = ['.rst', '.md']
source_suffix = '.rst'
# The master toctree document.
master_doc = 'index'
# General information about the project.
project = 'Wfuzz'
copyright = '2011-2020, Xavi Mendez'
author = 'Xavi Mendez'
# The version info for the project you're documenting, acts as replacement for
# |version| and |release|, also used in various other places throughout the
# built documents.
#
# The short X.Y version.
version = '2.1.4'
# The full version, including alpha/beta/rc tags.
release = '2.1.4'
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
#
# This is also used if you do content translation via gettext catalogs.
# Usually you set "language" from the command line for these cases.
language = None
# List of patterns, relative to source directory, that match files and
# directories to ignore when looking for source files.
# This patterns also effect to html_static_path and html_extra_path
exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store']
# The name of the Pygments (syntax highlighting) style to use.
pygments_style = 'sphinx'
# If true, `todo` and `todoList` produce output, else they produce nothing.
todo_include_todos = False
# -- Options for HTML output ----------------------------------------------
# The theme to use for HTML and HTML Help pages. See the documentation for
# a list of builtin themes.
#
html_theme = 'alabaster'
# Theme options are theme-specific and customize the look and feel of a theme
# further. For a list of options available for each theme, see the
# documentation.
#
html_theme_options = {
'show_powered_by': False,
'github_user': 'xmendez',
'github_repo': 'wfuzz',
'github_banner': True,
'show_related': False,
'sidebar_collapse': True,
}
# Add any paths that contain custom static files (such as style sheets) here,
# relative to this directory. They are copied after the builtin static files,
# so a file named "default.css" will overwrite the builtin "default.css".
html_static_path = ['_static']
# -- Options for HTMLHelp output ------------------------------------------
# Output file base name for HTML help builder.
htmlhelp_basename = 'Wfuzzdoc'
# Custom sidebar templates, maps document names to template names.
html_sidebars = {
'**': [
'sidebarlogo.html',
'navigation.html',
'searchbox.html'
]
}
# -- Options for LaTeX output ---------------------------------------------
latex_elements = {
# The paper size ('letterpaper' or 'a4paper').
#
# 'papersize': 'letterpaper',
# The font size ('10pt', '11pt' or '12pt').
#
# 'pointsize': '10pt',
# Additional stuff for the LaTeX preamble.
#
# 'preamble': '',
# Latex figure (float) alignment
#
# 'figure_align': 'htbp',
}
# Grouping the document tree into LaTeX files. List of tuples
# (source start file, target name, title,
# author, documentclass [howto, manual, or own class]).
latex_documents = [
(master_doc, 'Wfuzz.tex', 'Wfuzz Documentation',
'Xavi Mendez', 'manual'),
]
# -- Options for manual page output ---------------------------------------
# One entry per manual page. List of tuples
# (source start file, name, description, authors, manual section).
man_pages = [
(master_doc, 'wfuzz', 'Wfuzz Documentation',
[author], 1)
]
# -- Options for Texinfo output -------------------------------------------
# Grouping the document tree into Texinfo files. List of tuples
# (source start file, target name, title, author,
# dir menu entry, description, category)
texinfo_documents = [
(master_doc, 'Wfuzz', 'Wfuzz Documentation',
author, 'Wfuzz', 'One line description of project.',
'Miscellaneous'),
]
================================================
FILE: docs/dev/plugins.rst
================================================
Plugin template
===============
Printer template
===============
Encoder template
===============
================================================
FILE: docs/index.rst
================================================
.. Wfuzz documentation master file, created by
sphinx-quickstart on Thu Mar 2 13:44:00 2017.
You can adapt this file completely to your liking, but it should at least
contain the root `toctree` directive.
Wfuzz: The Web fuzzer
==================================
.. image:: https://img.shields.io/pypi/v/wfuzz.svg
:target: https://pypi.org/project/wfuzz/
.. image:: https://img.shields.io/pypi/l/wfuzz.svg
:target: https://pypi.org/project/wfuzz/
.. image:: https://img.shields.io/pypi/pyversions/wfuzz.svg
:target: https://pypi.org/project/wfuzz/
.. image:: https://codecov.io/github/xmendez/wfuzz/coverage.svg?branch=master
:target: https://codecov.io/github/xmendez/wfuzz
Wfuzz provides a framework to automate web applications security assessments and could help you to secure your web applications by finding and exploiting web application vulnerabilities.
See Wfuzz in action
-------------------
* Wfuzz cli::
$ wfuzz -w wordlist/general/common.txt --hc 404 http://testphp.vulnweb.com/FUZZ
********************************************************
* Wfuzz 2.2 - The Web Bruteforcer *
********************************************************
Target: http://testphp.vulnweb.com/FUZZ
Total requests: 950
==================================================================
ID Response Lines Word Chars Request
==================================================================
00022: C=301 7 L 12 W 184 Ch "admin"
00130: C=403 10 L 29 W 263 Ch "cgi-bin"
00378: C=301 7 L 12 W 184 Ch "images"
00690: C=301 7 L 12 W 184 Ch "secured"
00938: C=301 7 L 12 W 184 Ch "CVS"
Total time: 5.519253
Processed Requests: 950
Filtered Requests: 945
Requests/sec.: 172.1247
* Wfuzz library::
>>> import wfuzz
>>> for r in wfuzz.get_payload(range(100)).fuzz(hl=[97], url="http://testphp.vulnweb.com/listproducts.php?cat=FUZZ"):
... print r
...
00125: C=200 102 L 434 W 7011 Ch "1"
00126: C=200 99 L 302 W 4442 Ch "2"
other tools included in the wfuzz framework.
* Wfuzz payload generator::
$ wfpayload -z range,0-10
0
1
2
3
4
5
6
7
8
9
10
* Wfuzz encoder/decoder::
$ wfencode -e md5 test
098f6bcd4621d373cade4e832627b4f6
* You can also run wfuzz from the official docker image::
$ docker run -v $(pwd)/wordlist:/wordlist/ -it ghcr.io/xmendez/wfuzz wfuzz
********************************************************
* Wfuzz 3.0.3 - The Web Fuzzer *
* *
* Version up to 1.4c coded by: *
* Christian Martorella (cmartorella@edge-security.com) *
* Carlos del ojo (deepbit@gmail.com) *
* *
* Version 1.4d to 3.0.3 coded by: *
* Xavier Mendez (xmendez@edge-security.com) *
********************************************************
Usage: wfuzz [options] -z payload,params <url>
FUZZ, ..., FUZnZ wherever you put these keywords wfuzz will replace them with the values of the specified payload.
FUZZ{baseline_value} FUZZ will be replaced by baseline_value. It will be the first request performed and could be used as a base for filtering.
Examples:
wfuzz -c -z file,users.txt -z file,pass.txt --sc 200 http://www.site.com/log.asp?user=FUZZ&pass=FUZ2Z
wfuzz -c -z range,1-10 --hc=BBB http://www.site.com/FUZZ{something not there}
wfuzz --script=robots -z list,robots.txt http://www.webscantest.com/FUZZ
Type wfuzz -h for further information or --help for advanced usage.
How it works
------------
Wfuzz it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload.
A payload in Wfuzz is a source of data.
This simple concept allows any input to be injected in any field of an HTTP request, allowing to perform complex web security attacks in different web application components such as: parameters, authentication, forms, directories/files, headers, etc.
Wfuzz is more than a web brute forcer:
- Wfuzz's web application vulnerability scanner is supported by plugins.
- Wfuzz is a completely modular framework and makes it easy for even the newest of Python developers to contribute. Building plugins is simple and takes little more than a few minutes.
- Wfuzz exposes a simple language interface to the previous HTTP requests/responses performed using Wfuzz or other tools, such as Burp. This allows you to perform manual and semi-automatic tests with full context and understanding of your actions, without relying on a web application scanner underlying implementation.
Installation Guide
==================
.. toctree::
:maxdepth: 4
user/installation
user/breaking
User Guide
==================
.. toctree::
:maxdepth: 4
user/getting
user/basicusage
user/advanced
user/wfpayload
Library Guide
==================
.. toctree::
:maxdepth: 4
library/guide
================================================
FILE: docs/library/guide.rst
================================================
Python library
===============
Wfuzz's Python library allows to automate tasks and integrate Wfuzz into new tools or scripts.
Library Options
---------------
All options that are available within the Wfuzz command line interface are available as library options:
======================== =====================================================================================
CLI Option Library Option
======================== =====================================================================================
<URL> url="url"
--recipe <filename> recipe=["filename"]
--oF <filename> save="filename"
-f filename,printer printer=("filename", "printer")
--dry-run transport="dryrun"
-p addr proxies=[("ip","port","type")]
-t N concurrent=N
-s N delay=0.0
-R depth rleve=depth
--follow follow=True
-Z scanmode=True
--req-delay N req_delay=0
--conn-delay N conn_delay=0.0
--no-cache no_cache=True
--script=<plugins> script="plugins"
--script-args n1=v1,... script_args={n1: v1}
-m iterator iterator="iterator"
-z payload payloads=[("name",{default="",encoder=["md5"]},slice=""),]
-V alltype allvars="alltype"
-X method method="method"
--hc/hl/hw/hh N[,N]+ hc/hl/hw/hh=[N,N]
--sc/sl/sw/sh N[,N]+ sc/sl/sw/sh=[N,N]
--ss/hs regex ss/hs="regex"
--filter <filter> filter="filter exp"
--prefilter <filter> prefilter=["prefilter exp"]
-b cookie cookie=["cookie1=value1",]
-d postdata postdata="postdata"
-H header headers=[("header1", "value1"),]
--basic/ntlm/digest auth auth=("basic", "user:pass")
======================== =====================================================================================
These options can be used in the main library interfaces: fuzz, payload or session indistinctly.
Fuzzing a URL
-------------
Fuzzing a URL with wfuzz library is very simple. Firstly, import the wfuzz module::
>>> import wfuzz
Now, let's try to fuzz a web page to look for hidden content, such as directories. For this example, let's use Acunetix's testphp (http://testphp.vulnweb.com/)::
>>> import wfuzz
>>> for r in wfuzz.fuzz(url="http://testphp.vulnweb.com/FUZZ", hc=[404], payloads=[("file",dict(fn="wordlist/general/common.txt"))]):
... print r
...
00060: C=301 7 L 12 W 184 Ch "admin"
00183: C=403 10 L 29 W 263 Ch "cgi-bin"
00429: C=301 7 L 12 W 184 Ch "images"
...
Now, we have a FuzzResult object called r. We can get all the information we need from this object.
FuzzSession object
------------------
A FuzzSession object has all the methods of the main wfuzz API.
The FuzzSession object allows you to persist certain parameters across fuzzing sessions::
>>> import wfuzz
>>> s = wfuzz.FuzzSession(url="http://testphp.vulnweb.com/FUZZ")
>>> for r in s.fuzz(hc=[404], payloads=[("file",dict(fn="wordlist/general/common.txt"))]):
... print r
...
00060: C=301 7 L 12 W 184 Ch "admin"
00183: C=403 10 L 29 W 263 Ch "cgi-bin"
...
FuzzSession can also be used as context manager::
>>> with wfuzz.FuzzSession(url="http://testphp.vulnweb.com/FUZZ", hc=[404], payloads=[("file",dict(fn="wordlist/general/common.txt"))]) as s:
... for r in s.fuzz():
... print r
...
00295: C=301 7 L 12 W 184 Ch "admin"
00418: C=403 10 L 29 W 263 Ch "cgi-bin"
Get payload
-----------
The get_payload function generates a Wfuzz payload from a Python iterable. It is a quick and flexible way of getting a payload programmatically without using Wfuzz payloads plugins.
Generating a new payload and start fuzzing is really simple::
>>> import wfuzz
>>> s = wfuzz.get_payload(range(5))
>>> for r in s.fuzz(url="http://testphp.vulnweb.com/FUZZ"):
... print r
...
00012: C=404 7 L 12 W 168 Ch "0"
00013: C=404 7 L 12 W 168 Ch "1"
00014: C=404 7 L 12 W 168 Ch "2"
00015: C=404 7 L 12 W 168 Ch "3"
00016: C=404 7 L 12 W 168 Ch "4"
The get_payloads method can be used when various payloads are needed::
>>> import wfuzz
>>> s = wfuzz.get_payloads([range(5), ["a","b"]])
>>> for r in s.fuzz(url="http://testphp.vulnweb.com/FUZZ/FUZ2Z"):
... print r
...
00028: C=404 7 L 12 W 168 Ch "4 - b"
00027: C=404 7 L 12 W 168 Ch "4 - a"
00024: C=404 7 L 12 W 168 Ch "2 - b"
00026: C=404 7 L 12 W 168 Ch "3 - b"
00025: C=404 7 L 12 W 168 Ch "3 - a"
00022: C=404 7 L 12 W 168 Ch "1 - b"
00021: C=404 7 L 12 W 168 Ch "1 - a"
00020: C=404 7 L 12 W 168 Ch "0 - b"
00023: C=404 7 L 12 W 168 Ch "2 - a"
00019: C=404 7 L 12 W 168 Ch "0 - a"
Get session
-----------
The get_session function generates a Wfuzz session object from the specified command line. It is a quick way of getting a payload programmatically from a string representing CLI options::
$ python
>>> import wfuzz
>>> s = wfuzz.get_session("-z range,0-10 http://testphp.vulnweb.com/FUZZ")
>>> for r in s.fuzz():
... print r
...
00002: C=404 7 L 12 W 168 Ch "1"
00011: C=404 7 L 12 W 168 Ch "10"
00008: C=404 7 L 12 W 168 Ch "7"
00001: C=404 7 L 12 W 168 Ch "0"
00003: C=404 7 L 12 W 168 Ch "2"
00004: C=404 7 L 12 W 168 Ch "3"
00005: C=404 7 L 12 W 168 Ch "4"
00006: C=404 7 L 12 W 168 Ch "5"
00007: C=404 7 L 12 W 168 Ch "6"
00009: C=404 7 L 12 W 168 Ch "8"
00010: C=404 7 L 12 W 168 Ch "9"
Interacting with the results
----------------------------
Once a Wfuzz result is available the grammar defined in the filter language can be used to work with the results' values. For example::
$ python
>>> import wfuzz
>>> with wfuzz.get_session("-z list --zD test -u http://testphp.vulnweb.com/userinfo.php -d uname=FUZZ&pass=FUZZ") as s:
... for r in s.fuzz():
... print(r.history.cookies.response)
... print(r.history.params.all)
... print(r.history.params.post)
... print(r.history.params.post.uname)
... print(r.history.params.post['pass'])
{'login': 'test%2Ftest'}
{'uname': 'test', 'pass': 'test'}
{'uname': 'test', 'pass': 'test'}
test
test
>>>
The result object has also a method to evaluate a language expression::
>> print(r.eval("r.cookies.response"))
login=test%2Ftest
================================================
FILE: docs/make.bat
================================================
@ECHO OFF
pushd %~dp0
REM Command file for Sphinx documentation
if "%SPHINXBUILD%" == "" (
set SPHINXBUILD=sphinx-build
)
set SOURCEDIR=.
set BUILDDIR=_build
set SPHINXPROJ=Wfuzz
if "%1" == "" goto help
%SPHINXBUILD% >NUL 2>NUL
if errorlevel 9009 (
echo.
echo.The 'sphinx-build' command was not found. Make sure you have Sphinx
echo.installed, then set the SPHINXBUILD environment variable to point
echo.to the full path of the 'sphinx-build' executable. Alternatively you
echo.may add the Sphinx directory to PATH.
echo.
echo.If you don't have Sphinx installed, grab it from
echo.http://sphinx-doc.org/
exit /b 1
)
%SPHINXBUILD% -M %1 %SOURCEDIR% %BUILDDIR% %SPHINXOPTS%
goto end
:help
%SPHINXBUILD% -M help %SOURCEDIR% %BUILDDIR% %SPHINXOPTS%
:end
popd
================================================
FILE: docs/user/advanced.rst
================================================
Advanced Usage
===============
Wfuzz global options
--------------------
Wfuzz global options can be tweaked by modifying the "wfuzz.ini" at the user's home directory::
~/.wfuzz$ cat wfuzz.ini
[connection]
concurrent = 10
conn_delay = 90
req_delay = 90
retries = 3
user-agent = Wfuzz/2.2
[general]
default_printer = raw
cancel_on_plugin_except = 1
concurrent_plugins = 3
encode_space = 1
lookup_dirs = .,/home/xxx/tools/fuzzdb
A useful option is "lookup_dirs". This option will indicate Wfuzz, which directories to look for files, avoiding to specify a full path in the command line. For example, when fuzzing using a dictionary.
Iterators: Combining payloads
-----------------------------
Payloads can be combined by using the -m parameter, in wfuzz this functionality is provided by what is called iterators, the following types are provided by default::
$ wfuzz -e iterators
Available iterators:
Name | Summary
----------------------------------------------------------------------------------------------
product | Returns an iterator cartesian product of input iterables.
zip | Returns an iterator that aggregates elements from each of the iterables.
chain | Returns an iterator returns elements from the first iterable until it is exhaust
| ed, then proceeds to the next iterable, until all of the iterables are exhausted
Below are shown some examples using two different payloads containing the elements a,b,c and 1,2,3 respectively and how they can be combined using the existing iterators.
* zip::
wfuzz -z list,a-b-c -z list,1-2-3 -m zip http://google.com/FUZZ/FUZ2Z
00001: C=404 9 L 32 W 276 Ch "a - 1"
00002: C=404 9 L 32 W 276 Ch "c - 3"
00003: C=404 9 L 32 W 276 Ch "b - 2"
* chain::
wfuzz -z list,a-b-c -z list,1-2-3 -m chain http://google.com/FUZZ
00001: C=404 9 L 32 W 280 Ch "b"
00002: C=404 9 L 32 W 280 Ch "a"
00003: C=404 9 L 32 W 280 Ch "c"
00004: C=404 9 L 32 W 280 Ch "1"
00006: C=404 9 L 32 W 280 Ch "3"
00005: C=404 9 L 32 W 280 Ch "2"
* product::
wfuzz -z list,a-b-c -z list,1-2-3 http://mysite.com/FUZZ/FUZ2Z
00001: C=404 9 L 32 W 276 Ch "a - 2"
00002: C=404 9 L 32 W 276 Ch "a - 1"
00005: C=404 9 L 32 W 276 Ch "b - 2"
00004: C=404 9 L 32 W 276 Ch "a - 3"
00008: C=404 9 L 32 W 276 Ch "c - 2"
00003: C=404 9 L 32 W 276 Ch "b - 1"
00007: C=404 9 L 32 W 276 Ch "c - 1"
00006: C=404 9 L 32 W 276 Ch "b - 3"
00009: C=404 9 L 32 W 276 Ch "c - 3"
Encoders
--------
In Wfuzz, a encoder is a transformation of a payload from one format to another. A list of the available encoders can be obtained using the following command::
$ wfuzz -e encoders
Specifying an encoder
^^^^^^^^^^^^^^^^^^^^^^
Encoders are specified as a payload parameter. There are two equivalent ways of specifying an encoder within a payload:
* The long way::
$ wfuzz -z file --zP fn=wordlist/general/common.txt,encoder=md5 http://testphp.vulnweb.com/FUZZ
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://testphp.vulnweb.com/FUZZ
Total requests: 950
==================================================================
ID Response Lines Word Chars Request
==================================================================
00002: C=404 7 L 12 W 168 Ch "b4b147bc522828731f1a016bfa72c073"
00003: C=404 7 L 12 W 168 Ch "96a3be3cf272e017046d1b2674a52bd3"
00004: C=404 7 L 12 W 168 Ch "a2ef406e2c2351e0b9e80029c909242d"
...
* The not so long way using the zE command line switch::
$ wfuzz -z file --zD wordlist/general/common.txt --zE md5 http://testphp.vulnweb.com/FUZZ
* The not so long way::
$ wfuzz -z file,wordlist/general/common.txt,md5 http://testphp.vulnweb.com/FUZZ
Specifying multiple encoders
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* Several encoders can be specified at once, using "-" as a separator::
$ wfuzz -z list,1-2-3,md5-sha1-none http://webscantest.com/FUZZ
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://webscantest.com/FUZZ
Total requests: 9
==================================================================
ID Response Lines Word Chars Request
==================================================================
00000: C=200 38 L 121 W 1486 Ch "da4b9237bacccdf19c0760cab7aec4a8359010b0"
00001: C=200 38 L 121 W 1486 Ch "c4ca4238a0b923820dcc509a6f75849b"
00002: C=200 38 L 121 W 1486 Ch "3"
00003: C=200 38 L 121 W 1486 Ch "77de68daecd823babbb58edb1c8e14d7106e83bb"
00004: C=200 38 L 121 W 1486 Ch "1"
00005: C=200 38 L 121 W 1486 Ch "356a192b7913b04c54574d18c28d46e6395428ab"
00006: C=200 38 L 121 W 1486 Ch "eccbc87e4b5ce2fe28308fd9f2a7baf3"
00007: C=200 38 L 121 W 1486 Ch "2"
00008: C=200 38 L 121 W 1486 Ch "c81e728d9d4c2f636f067f89cc14862c"
Total time: 0.428943
Processed Requests: 9
Filtered Requests: 0
Requests/sec.: 20.98180
* Encoders can also be chained using the "@" char::
$ wfuzz -z list,1-2-3,sha1-sha1@none http://webscantest.com/FUZZ
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://webscantest.com/FUZZ
Total requests: 6
==================================================================
ID Response Lines Word Chars Request
==================================================================
00000: C=200 38 L 121 W 1486 Ch "356a192b7913b04c54574d18c28d46e6395428ab"
00001: C=200 38 L 121 W 1486 Ch "356a192b7913b04c54574d18c28d46e6395428ab"
00002: C=200 38 L 121 W 1486 Ch "77de68daecd823babbb58edb1c8e14d7106e83bb"
00003: C=200 38 L 121 W 1486 Ch "da4b9237bacccdf19c0760cab7aec4a8359010b0"
00004: C=200 38 L 121 W 1486 Ch "da4b9237bacccdf19c0760cab7aec4a8359010b0"
00005: C=200 38 L 121 W 1486 Ch "77de68daecd823babbb58edb1c8e14d7106e83bb"
The above "sha1@none" parameter specification will encode the payload using the sha1 encoder and the result will be encoded again using the none encoder.
* Encoders are grouped by categories. This allows to select several encoders by category, for example::
$ wfuzz -z list,1-2-3,hashes http://webscantest.com/FUZZ
00000: C=200 38 L 121 W 1486 Ch "Mw=="
00001: C=200 38 L 121 W 1486 Ch "c81e728d9d4c2f636f067f89cc14862c"
00002: C=200 38 L 121 W 1486 Ch "77de68daecd823babbb58edb1c8e14d7106e83bb"
00003: C=200 38 L 121 W 1486 Ch "da4b9237bacccdf19c0760cab7aec4a8359010b0"
00004: C=200 38 L 121 W 1486 Ch "c4ca4238a0b923820dcc509a6f75849b"
00005: C=200 38 L 121 W 1486 Ch "356a192b7913b04c54574d18c28d46e6395428ab"
00006: C=200 38 L 121 W 1486 Ch "MQ=="
00007: C=200 38 L 121 W 1486 Ch "Mg=="
00008: C=200 38 L 121 W 1486 Ch "eccbc87e4b5ce2fe28308fd9f2a7baf3"
Scan/Parse Plugins
------------------
Wfuzz is more than a Web Content Scanner. Wfuzz could help you to secure your web applications by finding and exploiting web application vulnerabilities.
Wfuzz's web application vulnerability scanner is supported by plugins. A list of scanning plugins can be obtained using the following command::
$ wfuzz -e scripts
Scripts are grouped in categories. A script could belong to several categories at the same time.
There are two general categories:
* passive: Passive scripts analyse existing requests and responses without performing new requests.
* active: Active scripts perform new requests to the application to probe it for vulnerabilities.
Additional categories are:
* discovery: Discovery plugins help crawling a website by automatically enqueuing discovered content to wfuzz request's pool.
The default category groups the plugins that are run by default.
Scanning mode is indicated when using the --script parameter followed by the selected plugins. Plugins could be selected by category or name, wildcards can also be used.
The -A switch is an alias for --script=default.
Script's detailed information can be obtained using --scrip-help, for example::
$ wfuzz --script-help=default
An example, parsing a "robots.txt" file is shown below::
$ wfuzz --script=robots -z list,robots.txt http://www.webscantest.com/FUZZ
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://www.webscantest.com/FUZZ
Total requests: 1
==================================================================
ID Response Lines Word Chars Request
==================================================================
00001: C=200 6 L 10 W 101 Ch "robots.txt"
|_ Plugin robots enqueued 4 more requests (rlevel=1)
00002: C=200 40 L 117 W 1528 Ch "/osrun/"
00003: C=200 55 L 132 W 1849 Ch "/cal_endar/"
00004: C=200 40 L 123 W 1611 Ch "/crawlsnags/"
00005: C=200 85 L 197 W 3486 Ch "/static/"
Total time: 0
Processed Requests: 5 (1 + 4)
Filtered Requests: 0
Requests/sec.: 0
In order to not scan the same requests (with the same parameters) over an over again, there is a cache,the cache can be disabled with the --no-cache flag.
For example, if we target a web server with the same URL but different parameter values, we get::
$ wfuzz -z range --zD 0-3 -z list --zD "'" -u http://testphp.vulnweb.com/artists.php?artist=FUZZFUZ2Z -A
000000004: 0.195s 200 101 L 287 W 3986 Ch nginx/1.4.1 "3 - '"
|_ Error identified: Warning: mysql_fetch_array()
000000001: 0.198s 200 101 L 287 W 3986 Ch nginx/1.4.1 "0 - '"
000000002: 0.198s 200 101 L 287 W 3986 Ch nginx/1.4.1 "1 - '"
000000003: 0.198s 200 101 L 287 W 3986 Ch nginx/1.4.1 "2 - '"
But, if we do the same but disabling the cache::
$ wfuzz -z range --zD 0-3 -z list --zD "'" -u http://testphp.vulnweb.com/artists.php?artist=FUZZFUZ2Z -A --no-cache
000000004: 1.170s 200 101 L 287 W 3986 Ch nginx/1.4.1 "3 - '"
|_ Error identified: Warning: mysql_fetch_array()
000000002: 1.173s 200 101 L 287 W 3986 Ch nginx/1.4.1 "1 - '"
|_ Error identified: Warning: mysql_fetch_array()
000000001: 1.174s 200 101 L 287 W 3986 Ch nginx/1.4.1 "0 - '"
|_ Error identified: Warning: mysql_fetch_array()
000000003: 1.173s 200 101 L 287 W 3986 Ch nginx/1.4.1 "2 - '"
|_ Error identified: Warning: mysql_fetch_array()
Custom scripts
^^^^^^^^^^^^^^
If you would like to create customs scripts, place them in your home directory. In order to leverage this feature, a directory named "scripts" must be created underneath the ".wfuzz" directory.
Recipes
-------
You could save Wfuzz command line options to a file for later execution or for easy distribution.
To create a recipe, execute the following::
$ wfuzz --script=robots -z list,robots.txt --dump-recipe /tmp/recipe http://www.webscantest.com/FUZZ
Then, execute Wfuzz using the stored options by using the "--recipe" option::
$ wfuzz --recipe /tmp/recipe
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://www.webscantest.com/FUZZ
Total requests: 1
==================================================================
ID Response Lines Word Chars Request
==================================================================
00001: C=200 6 L 10 W 101 Ch "robots.txt"
|_ Plugin robots enqueued 4 more requests (rlevel=1)
00002: C=200 40 L 117 W 1528 Ch "/osrun/"
00003: C=200 55 L 132 W 1849 Ch "/cal_endar/"
00004: C=200 40 L 123 W 1611 Ch "/crawlsnags/"
00005: C=200 85 L 197 W 3486 Ch "/static/"
Total time: 1.341176
Processed Requests: 5 (1 + 4)
Filtered Requests: 0
Requests/sec.: 3.728071
You can combine a recipe with additional command line options, for example::
$ wfuzz --recipe /tmp/recipe -b cookie1=value
Several recipes can also be combined::
$ wfuzz --recipe /tmp/recipe --recipe /tmp/recipe2
In case of repeated options, command line options have precedence over options included in the recipe. Last recipe has precedence.
Connect to an specific host
---------------------------------------
The --ip option can be used to connect to a specific host and port instead of the URL's host and port::
$ wfuzz -z range,1-1 --ip 127.0.0.1 http://www.google.com/anything/FUZZ
This useful, for example, to test if a reverse proxy can be manipulated into misrouting requests to a destination of our choice.
Scan Mode: Ignore Errors and Exceptions
---------------------------------------
In the event of a network problem (e.g. DNS failure, refused connection, etc.), Wfuzz will raise an exception and stop execution as shown below::
$ wfuzz -z list,support-web-none http://FUZZ.google.com/
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://FUZZ.google.com/
Total requests: 3
==================================================================
ID Response Lines Word Chars Request
==================================================================
Fatal exception: Pycurl error 6: Could not resolve host: none.google.com
You can tell Wfuzz to continue execution, ignoring errors by supplying the -Z switch. The latter command in scan mode will get the following results::
$ wfuzz -z list,support-web-none -Z http://FUZZ.google.com/
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://FUZZ.google.com/
Total requests: 3
==================================================================
ID Response Lines Word Chars Request
==================================================================
00002: C=404 11 L 72 W 1561 Ch "web"
00003: C=XXX 0 L 0 W 0 Ch "none! Pycurl error 6: Could not resolve host: none.google.com"
00001: C=301 6 L 14 W 224 Ch "support"
Total time: 1.064229
Processed Requests: 3
Filtered Requests: 0
Requests/sec.: 2.818939
Errors are shown as a result with the XXX code, the payload used followed by an exclamation mark and the companion exception message. Error codes can be filtered using the "XXX" expression. For example::
$ wfuzz -z list,support-web-none -Z --hc XXX http://FUZZ.google.com/
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://FUZZ.google.com/
Total requests: 3
==================================================================
ID Response Lines Word Chars Request
==================================================================
00002: C=404 11 L 72 W 1561 Ch "web"
00001: C=301 6 L 14 W 224 Ch "support"
Total time: 0.288635
Processed Requests: 3
Filtered Requests: 1
Requests/sec.: 10.39374
When Wfuzz is used in scan mode, HTTP requests will take longer time due to network error timeouts. These can be tweaked using the --req-delay and --conn-delay command line parameters.
Timeouts
^^^^^^^^
You can tell Wfuzz to stop waiting for server to response a connection request after a given number of seconds --conn-delay and also the maximum number of seconds that the response is allowed to take using --req-delay parameter.
These timeouts are really handy when you are using Wfuzz to brute force resources behind a proxy, ports, hostnames, virtual hosts, etc.
Filter Language
---------------
Wfuzz's filter language grammar is build using `pyparsing <http://pyparsing.wikispaces.com/>`_, therefore it must be installed before using the command line parameters "--filter, --prefilter, --slice, --field and --efield".
The information about the filter language can be also obtained executing::
wfuzz --filter-help
A filter expression must be built using the following symbols and operators:
* Boolean Operators
"and", "or" and "not" operators could be used to build conditional expressions.
* Expression Operators
Expressions operators such as "= != < > >= <=" could be used to check values. Additionally, the following operators for matching text are available:
============ ====================================================================
Operator Description
============ ====================================================================
=~ True when the regular expression specified matches the value.
~ Equivalent to Python's "str2" in "str1" (case insensitive)
!~ Equivalent to Python's "str2" not in "str1" (case insensitive)
============ ====================================================================
Also, assignment operators:
============ ====================================================================
Operator Description
============ ====================================================================
:= Assigns a value
=+ Concatenates value at the left
=- Concatenates value at the right
============ ====================================================================
Where values could be:
* Basic primitives:
============ ====================
Long Name Description
============ ====================
'string' Quoted string
0..9+ Integer values
XXX HTTP request error code
BBB Baseline
============ ====================
* Values can also be modified using the following operators:
================================ ======================= =============================================
Name Short version Description
================================ ======================= =============================================
value|unquote() value|un() Unquotes the value
value|lower() value|l() lower-case of the value
value|upper() upper-case of the value
value|encode('encoder', 'value') value|e('enc', 'val') Returns encoder.encode(value)
value|decode('decoder', 'value') value|d('dec', 'val') Returns encoder.decode(value)
value|replace('what', 'with') value|r('what', 'with') Returns value replacing what for with
value|unique() value|u() Returns True if a value is unique.
value|startswith('value') value|sw('value') Returns true if the value string starts with param
value|gregex('expression') value|gre('exp') Returns first regex group that matches in value
value|diff(expression) Returns diff comparison between value and expression
================================ ======================= =============================================
* When a FuzzResult is available, you could perform runtime introspection of the objects using the following symbols
============ ============== =============================================
Name Short version Description
============ ============== =============================================
url Wfuzz's result HTTP request url
description Wfuzz's result description
nres Wfuzz's result identifier
code c Wfuzz's result HTTP response's code
chars h Wfuzz's result HTTP response chars
lines l Wfuzz's result HTTP response lines
words w Wfuzz's result HTTP response words
md5 Wfuzz's result HTTP response md5 hash
history r Wfuzz's result associated FuzzRequest object
plugins Wfuzz's plugins scan results
============ ============== =============================================
FuzzRequest object's attribute (you need to use the r. prefix) such as:
============================ =============================================
Name Description
============================ =============================================
url HTTP request's url
urlp HTTP request's parsed url (see section below).
method HTTP request's verb
scheme HTTP request's scheme
host HTTP request's host
content HTTP response's content
raw_content HTTP response's content including headers
cookies.all All HTTP request and response cookies
cookies.request HTTP requests cookieS
cookies.response HTTP response cookies
cookies.request.<<name>> Specified HTTP request cookie
cookies.response.<<name>> Specified HTTP response cookie
headers.all All HTTP request and response headers
headers.request HTTP request headers
headers.response HTTP response headers
headers.request.<<name>> Specified HTTP request header case insensitive
headers.response.<<name>> Specified HTTP response header insensitive
params.all All HTTP request GET and POST parameters
params.get All HTTP request GET parameters
params.post HTTP request POST parameters in returned as a dictionary
params.raw_post HTTP request POST parameters payload
params.get.<<name>> Spcified HTTP request GET parameter
params.post.<<name>> Spcified HTTP request POST parameter
pstrip Returns a signature of the HTTP request using the parameter's names without values (useful for unique operations)
is_path Returns true when the HTTP request path refers to a directory.
reqtime Returns the total time that HTTP request took to be retrieved
============================ =============================================
It is worth noting that Wfuzz will try to parse the POST parameters according to the specified content type header. Currently, application/x-www-form-urlencoded, multipart/form-dat and application/json are supported. This is prone to error depending on the data format, raw_post will not try to do any processing.
FuzzRequest URL field is broken in smaller (read only) parts using the urlparse Python's module in the urlp attribute.
Urlparse parses a URL into: scheme://netloc/path;parameters?query#fragment. For example, for the "http://www.google.com/dir/test.php?id=1" URL you can get the following values:
=================== =============================================
Name Value
=================== =============================================
urlp.scheme http
urlp.netloc www.google.com
urlp.path /dir/test.php
urlp.params
urlp.query id=1
urlp.fragment
urlp.ffname test.php
urlp.fext .php
urlp.fname test
urlp.hasquery Returns true when the URL contains a query string.
urlp.isbllist Returns true when the URL file extension is included in the configuration discovery's blacklist
=================== =============================================
Payload introspection can also be performed by using the keyword FUZZ:
============ ==============================================
Name Description
============ ==============================================
FUZnZ Allows to access the Nth payload string
FUZnZ[field] Allows to access the Nth payload attributes
============ ==============================================
Where field is one of the described above.
Filtering results
^^^^^^^^^^^^^^^^^
The --filter command line parameter in conjunction with the described filter language allows you to perform more complex result triage than the standard filter switches such as "--hc/hl/hw/hh", "--sc/sl/sw/sh" and "-ss/hs".
An example below::
$ wfuzz -z range,0-10 --filter "c=200 and l>97" http://testphp.vulnweb.com/listproducts.php?cat=FUZZ
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://testphp.vulnweb.com/listproducts.php?cat=FUZZ
Total requests: 11
==================================================================
ID Response Lines Word Chars Request
==================================================================
00003: C=200 99 L 302 W 4442 Ch "2"
00002: C=200 102 L 434 W 7011 Ch "1"
Total time: 1.452705
Processed Requests: 11
Filtered Requests: 9
Requests/sec.: 7.572076
Using result and payload introspection to look for specific content returned in the response::
$ wfuzz -z list,echoedback -d searchFor=FUZZ --filter "content~FUZZ" http://testphp.vulnweb.com/search.php?test=query
Which is equivalent to::
$ wfuzz -z list,echoedback -d searchFor=FUZZ --ss "echoedback" http://testphp.vulnweb.com/search.php?test=query
A more interesting variation of the above examples could be::
$ wfuzz -w fuzzdb/attack/xss/xss-rsnake.txt -d searchFor=FUZZ --filter "content~FUZZ" http://testphp.vulnweb.com/search.php?test=query
You can use the fields as boolean values as well. For example, this filter will show only the requests with parameters::
$ wfuzz -z range --zD 0-1 -u http://testphp.vulnweb.com/artists.php?artist=FUZZ --filter 'r.params.all'
Results with plugin issues can be filter as well::
$ wfuzz -z list --zD index -u http://testphp.vulnweb.com/FUZZ.php --script headers --filter "plugins~'nginx'"
Payload mangling
^^^^^^^^^^^^^^^^^^^^^^^^^^
Slicing a payload
"""""""
The --slice command line parameter in conjunction with the described language allows you to filter a payload.
The payload to filter, specified by the -z switch must precede --slice command line parameter.
The specified expression must return a boolean value, an example, using the unique operator is shown below::
$ wfuzz -z list --zD one-two-one-one --slice "FUZZ|u()" http://localhost:9000/FUZZ
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://localhost:9000/FUZZ
Total requests: <<unknown>>
==================================================================
ID Response Lines Word Chars Request
==================================================================
00001: C=404 9 L 32 W 277 Ch "one"
00002: C=404 9 L 32 W 277 Ch "two"
Total time: 0.031817
Processed Requests: 2
Filtered Requests: 0
Requests/sec.: 62.85908
It is worth noting that, the type of payload dictates the available language symbols. For example, a dictionary payload such as in the example
above does not have a full FuzzResult object context and therefore object fields cannot be used.
When slicing a FuzzResult payload, you are accessing the FuzzResult directly, therefore given a previous session such as::
$ wfuzz -z range --zD 0-0 -u http://www.google.com/FUZZ --oF /tmp/test1
...
000000001: 404 11 L 72 W 1558 Ch "0"
...
this can be used to filter the payload::
$ wfpayload -z wfuzzp --zD /tmp/test1 --slice "c=404"
...
000000001: 404 11 L 72 W 1558 Ch "0"
...
$ wfpayload -z wfuzzp --zD /tmp/test1 --slice "c!=404"
...
wfuzz.py:168: UserWarning:Fatal exception: Empty dictionary! Please check payload or filter.
...
In fact, in this situation, FUZZ refers to the previous result (if any)::
$ wfuzz -z wfuzzp --zD /tmp/test1 -u FUZZ --oF /tmp/test2
...
000000001: 404 11 L 72 W 1558 Ch "http://www.google.com/0"
...
$ wfpayload -z wfuzzp --zD /tmp/test2 --efield r.headers.response.date --efield FUZZ[r.headers.response.date]
...
000000001: 404 11 L 72 W 1558 Ch "http://www.google.com/0 | Mon, 02 Nov 2020 19:29:03 GMT | Mon, 02 Nov 2020 19:27:27 GMT"
...
Re-writing a payload
"""""""
The slice command parameter also allows to re-write a payload. Any value, other than a boolean, returned by the
specified expression will be interpreted not to filter the source payload but to change its value.
For example::
$ ./wfuzz -z list --zD one-two-three --slice "FUZZ|upper()" -u https://www.wfuzz.io/FUZZ
000000001: 404 11 L 72 W 1560 Ch "ONE"
000000003: 404 11 L 72 W 1562 Ch "THREE"
000000002: 404 11 L 72 W 1560 Ch "TWO"
Prefilter
"""""""""
The --prefilter command line parameter is similar to --slice but is not associated to any payload. It is a general filtering
performed just before any HTTP request is done.
In this context you are filtering a FuzzResult object, which is the result of combining all the input payloads, that is has not been updated with the result of performing its associated HTTP request yet and therefore lacking some information.
The --prefilter command cannot be used to re-write a payload. The assignment operators can be used to modify the FuzzResult object's fields but expressions other booleans will be ignored.
Reutilising previous results
--------------------------------------
Previously performed HTTP requests/responses contain a treasure trove of data. Wfuzz payloads and object introspection (explained in the filter grammar section) exposes a Python object interface to requests/responses recorded by Wfuzz or other tools.
This allows you to perform manual and semi-automatic tests with full context and understanding of your actions, without relying on a web application scanner underlying implementation.
Some ideas:
* Replaying individual requests as-is
* Comparing response bodies and headers of fuzzed requests against their original
* Looking for requests with the CSRF token exposed in the URL
* Looking for responses with JSON content with an incorrect content type
To reutilise previous results, a payload that generates a full FuzzResult object context should be used.
* wfuzzp payload:
Wfuzz results can be stored using the --oF option as illustrated below::
$ wfuzz --oF /tmp/session -z range,0-10 http://www.google.com/dir/test.php?id=FUZZ
* burpstate and burplog payloads:
Wfuzz can read burp's (TM) log or saved states. This allows to filter or reutilise burp proxy requests and responses.
Then, you can reutilise those results by using the denoted payloads. To repeat a request exactly how it was stored, you must use the FUZZ keyword on the command line::
$ wfuzz -z burpstate,a_burp_state.burp FUZZ
$ wfuzz -z burplog,a_burp_log.burp FUZZ
$ wfuzz -z wfuzzp,/tmp/session FUZZ
Previous requests can also be modified by using the usual command line switches. Some examples below:
* Adding a new header::
$ wfuzz -z burpstate,a_burp_state.burp -H "addme: header" FUZZ
* Using new cookies specified by another payload::
$ wfuzz -z burpstate,a_burp_state.burp -z list,1-2-3 -b "cookie=FUZ2Z" FUZZ
* The stored HTTP requests can be printed using the --prev flag for comparing old vs new results::
$ wfuzz -z burpstate,testphp.burp --slice "cookies.request and url|u()" --filter "c!=FUZZ[c]" -b "" --prev FUZZ
...
000076: C=302 0 L 3 W 14 Ch "http://testphp.vulnweb.com/userinfo.php"
|__ C=200 114 L 373 W 5347 Ch "http://testphp.vulnweb.com/userinfo.php"
* Same request against another URL::
$ wfuzz -z burpstate,a_burp_state.burp -H "addme: header" -u http://www.otherhost.com FUZZ
If you do not want to use the full saved request:
* Accessing specific HTTP object fields can be achieved by using the attr payload's parameter::
$ wfuzz -z wfuzzp,/tmp/session --zP attr=url FUZZ
* Or by specifying the FUZZ keyword and a field name in the form of FUZZ[field]::
$ wfuzz -z wfuzzp,/tmp/session FUZZ[url]
This could be used, for example, to perform new requests based on stored values::
$ wfuzz -z wfuzzp,/tmp/session -p localhost:8080 http://testphp.vulnweb.com/FUZZ[url.path]?FUZZ[url.query]
00001: C=200 25 L 155 W 1362 Ch "/dir/test.php - id=0"
...
00002: C=200 25 L 155 W 1362 Ch "/dir/test.php - id=1"
The above command will generate HTTP requests such as the following::
GET /dir/test.php?id=10 HTTP/1.1
Host: testphp.vulnweb.com
Accept: */*
Content-Type: application/x-www-form-urlencoded
User-Agent: Wfuzz/2.2
Connection: close
You can filter the payload using the filter grammar as described before.
Reutilising previous results
--------------------------------------
Plugins results contain a treasure trove of data. Wfuzz payloads and object introspection (explained in the filter grammar section) exposes a Python object interface to plugins results.
This allows you to perform semi-automatic tests based on plugins results or compile a set of results to be used in another tool.
Request mangling
^^^^^^^^^
The assignment operators can be used to modify previous requests, for example, let's add a quote to every string parameter prior of performing the HTTP request::
$ wfuzz -z range,1-5 --oF /tmp/session http://testphp.vulnweb.com/artists.php?artist=FUZZ
000003: C=200 118 L 455 W 5326 Ch "3"
...
000004: C=200 99 L 272 W 3868 Ch "4"
$ wfuzz -z wfuzzp,/tmp/session --prefilter "r.params.get=+'\''" -A FUZZ
00010: 0.161s C=200 101 L 287 W 3986 Ch nginx/1.4.1 "http://testphp.vulnweb.com/artists.php?artist=1'"
|_ Error identified: Warning: mysql_fetch_array()
...
The above command looks for simple SQL injection issues.
================================================
FILE: docs/user/basicusage.rst
================================================
Basic Usage
===============
Fuzzing Paths and Files
-----------------------
Wfuzz can be used to look for hidden content, such as files and directories, within a web server, allowing to find further attack vectors. It is worth noting that, the success of this task depends highly on the dictionaries used.
However, due to the limited number of platforms, default installations, known resources such as logfiles, administrative directories, a considerable number of resources are located in predictable locations. Therefore, brute forcing these contents becomes a more feasible task.
Wfuzz contains some dictionaries, other larger and up to date open source word lists are:
* `fuzzdb <https://code.google.com/p/fuzzdb/>`_
* `seclists <https://github.com/danielmiessler/SecLists>`_
Below is shown an example of wfuzz looking for common directories::
$ wfuzz -w wordlist/general/common.txt http://testphp.vulnweb.com/FUZZ
Below is shown an example of wfuzz looking for common files::
$ wfuzz -w wordlist/general/common.txt http://testphp.vulnweb.com/FUZZ.php
Fuzzing Parameters In URLs
--------------------------
You often want to fuzz some sort of data in the URL's query string, this can be achieved by specifying the FUZZ keyword in the URL after a question mark::
$ wfuzz -z range,0-10 --hl 97 http://testphp.vulnweb.com/listproducts.php?cat=FUZZ
Fuzzing POST Requests
---------------------
If you want to fuzz some form-encoded data like an HTML form will do, simply pass a -d command line argument::
$ wfuzz -z file,wordlist/others/common_pass.txt -d "uname=FUZZ&pass=FUZZ" --hc 302 http://testphp.vulnweb.com/userinfo.php
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://testphp.vulnweb.com/userinfo.php
Total requests: 52
==================================================================
ID Response Lines Word Chars Request
==================================================================
00044: C=200 114 L 356 W 5111 Ch "test"
Total time: 2.140146
Processed Requests: 52
Filtered Requests: 51
Requests/sec.: 24.29739
Fuzzing Cookies
---------------
To send your own cookies to the server, for example, to associate a request to HTTP sessions, you can use the -b parameter (repeat for various cookies)::
$ wfuzz -z file,wordlist/general/common.txt -b cookie=value1 -b cookie2=value2 http://testphp.vulnweb.com/FUZZ
The command above will generate HTTP requests such as the one below::
GET /attach HTTP/1.1
Host: testphp.vulnweb.com
Accept: */*
Content-Type: application/x-www-form-urlencoded
Cookie: cookie=value1; cookie2=value2
User-Agent: Wfuzz/2.2
Connection: close
Cookies can also be fuzzed::
$ wfuzz -z file,wordlist/general/common.txt -b cookie=FUZZ http://testphp.vulnweb.com/
Fuzzing Custom headers
----------------------
If you'd like to add HTTP headers to a request, simply use the -H parameter (repeat for various headers)::
$ wfuzz -z file,wordlist/general/common.txt -H "myheader: headervalue" -H "myheader2: headervalue2" http://testphp.vulnweb.com/FUZZ
The command above will generate HTTP requests such as the one below::
GET /agent HTTP/1.1
Host: testphp.vulnweb.com
Accept: */*
Myheader2: headervalue2
Myheader: headervalue
Content-Type: application/x-www-form-urlencoded
User-Agent: Wfuzz/2.2
Connection: close
You can modify existing headers, for example, for specifying a custom user agent, execute the following::
$ wfuzz -z file,wordlist/general/common.txt -H "myheader: headervalue" -H "User-Agent: Googlebot-News" http://testphp.vulnweb.com/FUZZ
The command above will generate HTTP requests such as the one below::
GET /asp HTTP/1.1
Host: testphp.vulnweb.com
Accept: */*
Myheader: headervalue
Content-Type: application/x-www-form-urlencoded
User-Agent: Googlebot-News
Connection: close
Headers can also be fuzzed::
$ wfuzz -z file,wordlist/general/common.txt -H "User-Agent: FUZZ" http://testphp.vulnweb.com/
Fuzzing HTTP Verbs
------------------
HTTP verbs fuzzing can be specified using the -X switch::
$ wfuzz -z list,GET-HEAD-POST-TRACE-OPTIONS -X FUZZ http://testphp.vulnweb.com/
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://testphp.vulnweb.com/
Total requests: 5
==================================================================
ID Response Lines Word Chars Request
==================================================================
00002: C=200 0 L 0 W 0 Ch "HEAD"
00004: C=405 7 L 12 W 172 Ch "TRACE"
00005: C=405 7 L 12 W 172 Ch "OPTIONS"
00001: C=200 104 L 296 W 4096 Ch "GET"
00003: C=200 104 L 296 W 4096 Ch "POST"
Total time: 1.030354
Processed Requests: 5
Filtered Requests: 0
Requests/sec.: 4.852696
If you want to perform the requests using a specific verb you can also use "-X HEAD".
Proxies
-------
If you need to use a proxy, simply use the -p parameter::
$ wfuzz -z file,wordlist/general/common.txt -p localhost:8080 http://testphp.vulnweb.com/FUZZ
In addition to basic HTTP proxies, Wfuzz also supports proxies using the SOCKS4 and SOCKS5 protocol::
$ wfuzz -z file,wordlist/general/common.txt -p localhost:2222:SOCKS5 http://testphp.vulnweb.com/FUZZ
Multiple proxies can be used simultaneously by supplying various -p parameters::
$ wfuzz -z file,wordlist/general/common.txt -p localhost:8080 -p localhost:9090 http://testphp.vulnweb.com/FUZZ
Each request will be performed using a different proxy each time.
Authentication
--------------
Wfuzz can set an authentication headers by using the --basic/ntlm/digest command line switches.
For example, a protected resource using Basic authentication can be fuzzed using the following command::
$ wfuzz -z list,nonvalid-httpwatch --basic FUZZ:FUZZ https://www.httpwatch.com/httpgallery/authentication/authenticatedimage/default.aspx
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: https://www.httpwatch.com/httpgallery/authentication/authenticatedimage/default.aspx
Total requests: 2
==================================================================
ID Response Lines Word Chars Request
==================================================================
00001: C=401 0 L 11 W 58 Ch "nonvalid"
00002: C=200 20 L 91 W 5294 Ch "httpwatch"
Total time: 0.820029
Processed Requests: 2
Filtered Requests: 0
Requests/sec.: 2.438938
If you want to fuzz a resource from a protected website you can also use "--basic user:pass".
Recursion
---------
The -R switch can be used to specify a payload recursion's depth. For example, if you want to search for existing directories and then fuzz within these directories again using the same payload you can use the following command::
$ wfuzz -z list,"admin-CVS-cgi\-bin" -R1 http://testphp.vulnweb.com/FUZZ
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://testphp.vulnweb.com/FUZZ
Total requests: 3
==================================================================
ID Response Lines Word Chars Request
==================================================================
00003: C=403 10 L 29 W 263 Ch "cgi-bin"
00002: C=301 7 L 12 W 184 Ch "CVS"
|_ Enqueued response for recursion (level=1)
00001: C=301 7 L 12 W 184 Ch "admin"
|_ Enqueued response for recursion (level=1)
00008: C=404 7 L 12 W 168 Ch "admin - CVS"
00007: C=404 7 L 12 W 168 Ch "admin - admin"
00005: C=404 7 L 12 W 168 Ch "CVS - CVS"
00006: C=404 7 L 12 W 168 Ch "CVS - cgi-bin"
00009: C=404 7 L 12 W 168 Ch "admin - cgi-bin"
00004: C=404 7 L 12 W 168 Ch "CVS - admin"
Perfomance
----------
Several options lets you fine tune the HTTP request engine, depending on the performance impact on the application, and on your own processing power and bandwidth.
You can increase or decrease the number of simultaneous requests to make your attack proceed faster or slower by using the -t switch.
You can tell Wfuzz to stop a given number of seconds before performing another request using the -s parameter.
Writing to a file
-----------------
Wfuzz supports writing the results to a file in a different format. This is performed by plugins called "printers". The available printers can be listed executing::
$ wfuzz -e printers
For example, to write results to an output file in JSON format use the following command::
$ wfuzz -f /tmp/outfile,json -w wordlist/general/common.txt http://testphp.vulnweb.com/FUZZ
Different output
-----------------
Wfuzz supports showing the results in various formats. This is performed by plugins called "printers". The available printers can be listed executing::
$ wfuzz -e printers
For example, to show results in JSON format use the following command::
$ wfuzz -o json -w wordlist/general/common.txt http://testphp.vulnweb.com/FUZZ
When using the default or raw output you can also select additional FuzzResult's fields to show, using --efield, together with the payload description::
$ wfuzz -z range --zD 0-1 -u http://testphp.vulnweb.com/artists.php?artist=FUZZ --efield r
...
000000001: 200 99 L 272 W 3868 Ch 0 | GET /artists.php?artist=0 HTTP/1.1
Content-Type: application/x-www-form-urlencoded
User-Agent: Wfuzz/2.4
Host: testphp.vulnweb.com
...
The above command is useful, for example, to debug what exact HTTP request Wfuzz sent to the remote Web server.
To completely replace the default payload output you can use --field instead::
$ wfuzz -z range --zD 0-1 -u http://testphp.vulnweb.com/artists.php?artist=FUZZ --field url
...
000000001: 200 104 L 364 W 4735 Ch "http://testphp.vulnweb.com/artists.php?artist=0"
...
--efield and --field can be repeated to show several fields::
$ wfuzz -z range --zD 0-1 -u http://testphp.vulnweb.com/artists.php?artist=FUZZ --efield url --efield h
...
000000001: 200 104 L 364 W 4735 Ch "0 | http://testphp.vulnweb.com/artists.php?artist=0 | 4735"
...
The field printer can be used with a --efield or --field expression to list only the specified filter expressions without a header or footer::
$ wfuzz -z list --zD https://www.airbnb.com/ --script=links --script-args=links.regex=.*js$,links.enqueue=False -u FUZZ -o field --field plugins.links.link | head -n3
https://a0.muscache.com/airbnb/static/packages/4e8d-d5c346ee.js
https://a0.muscache.com/airbnb/static/packages/7afc-ac814a17.js
https://a0.muscache.com/airbnb/static/packages/7642-dcf4f8dc.js
The above command is useful, for example, to pipe wfuzz into other tools or perform console scripts.
--efield and --field are in fact filter expressions. Check the filter language section in the advance usage document for the available fields and operators.
================================================
FILE: docs/user/breaking.rst
================================================
Breaking changes
=============
Following https://semver.org/ versioning since Wfuzz 3.0.0.
* Wfuzz 3.0.0:
* In wfuzz library prefilter is a list of filters not a string.
* When using --recipe, stored options that are a list are appended. Previously, the last one took precedence.
================================================
FILE: docs/user/getting.rst
================================================
Getting Started
===============
A typical Wfuzz command line execution, specifying a dictionary payload and a URL, looks like this::
$ wfuzz -w wordlist/general/common.txt http://testphp.vulnweb.com/FUZZ
The obtained output is shown below::
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://testphp.vulnweb.com/FUZZ
Total requests: 950
==================================================================
ID Response Lines Word Chars Request
==================================================================
00006: C=301 7 L 12 W 184 Ch "admin"
00135: C=403 10 L 29 W 263 Ch "cgi-bin"
00379: C=301 7 L 12 W 184 Ch "images"
00686: C=301 7 L 12 W 184 Ch "secured"
...
00935: C=301 7 L 12 W 184 Ch "CVS"
Total time: 4.214460
Processed Requests: 950
Filtered Requests: 0
Requests/sec.: 225.4143
Wfuzz output allows to analyse the web server responses and filter the desired results based on the HTTP response message obtained, for example, response codes, response length, etc.
Each line provides the following information:
- ID: The request number in the order that it was performed.
- Response: Shows the HTTP response code.
- Lines: Shows the number of lines in the HTTP response.
- Word: Shows the number of words in the HTTP response.
- Chars: Shows the number of characters in the HTTP response.
- Payload: Shows the payload used.
Getting help
------------
Use the --h and --help switch to get basic and advanced help usage respectively.
Wfuzz is a completely modular framework, you can check the available modules by using the -e <<category>> switch::
$ wfuzz -e iterators
Available iterators:
Name | Summary
----------------------------------------------------------------------------------------------
product | Returns an iterator cartesian product of input iterables.
zip | Returns an iterator that aggregates elements from each of the iterables.
chain | Returns an iterator returns elements from the first iterable until it is exhaust
| ed, then proceeds to the next iterable, until all of the iterables are exhausted
| .
Valid categories are: payloads, encoders, iterators, printers or scripts.
Payloads
--------
Wfuzz is based on a simple concept: it replaces any reference to the keyword FUZZ by the value of a given payload. A payload in Wfuzz is a source of input data.
The available payloads can be listed by executing::
$ wfuzz -e payloads
Detailed information about payloads could be obtained by executing::
$ wfuzz -z help
The latter can be filtered using the --slice parameter::
$ wfuzz -z help --slice "dirwalk"
Name: dirwalk 0.1
Categories: default
Summary: Returns filename's recursively from a local directory.
Description:
Returns all the file paths found in the specified directory.
Handy if you want to check a directory structure against a webserver,
for example, because you have previously downloaded a specific version
of what is supposed to be on-line.
Parameters:
+ dir: Directory path to walk and generate payload from.
Specifying a payload:
^^^^^^^^^^^^^^^^^^^^^
Each FUZZ keyword must have its corresponding payload. There are several equivalent ways of specifying a payload:
* The long way explicitly defining the payload's parameter name through the command line::
$ wfuzz -z file --zP fn=wordlist/general/common.txt http://testphp.vulnweb.com/FUZZ
* The not so long way explicitly defining the payload's default parameter through the --zD command line option::
$ wfuzz -z file --zD wordlist/general/common.txt http://testphp.vulnweb.com/FUZZ
* The not so long way defining only the value of the payload's default parameter::
$ wfuzz -z file,wordlist/general/common.txt http://testphp.vulnweb.com/FUZZ
* The short way when using the file payload alias::
$ wfuzz -w wordlist/general/common.txt http://testphp.vulnweb.com/FUZZ
The stdin payload could be used when using a external wordlist generator::
$ crunch 2 2 ab | wfuzz -z stdin http://testphp.vulnweb.com/FUZZ
Crunch will now generate the following amount of data: 12 bytes
0 MB
0 GB
0 TB
0 PB
Crunch will now generate the following number of lines: 4
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://testphp.vulnweb.com/FUZZ
Total requests: <<unknown>>
==================================================================
ID Response Lines Word Chars Request
==================================================================
00002: C=404 7 L 12 W 168 Ch "ab"
00001: C=404 7 L 12 W 168 Ch "aa"
00003: C=404 7 L 12 W 168 Ch "ba"
00004: C=404 7 L 12 W 168 Ch "bb"
Total time: 3.643738
Processed Requests: 4
Filtered Requests: 0
Requests/sec.: 1.097773
Multiple payloads
^^^^^^^^^^^^^^^^^
Several payloads can be used by specifying several -z or -w parameters and the corresponding FUZZ, ... , FUZnZ keyword where n is the payload number. The following example, brute forces files, extension files and directories at the same time::
$ wfuzz -w wordlist/general/common.txt -w wordlist/general/common.txt -w wordlist/general/extensions_common.txt --hc 404 http://testphp.vulnweb.com/FUZZ/FUZ2ZFUZ3Z
Filters
-------
Filtering results in Wfuzz is paramount:
* Big dictionaries could generate a great amount of output and can easily drown out legitimate valid results.
* Triaging HTTP responses is key to perform some attacks, for example, in order to check for the presence of a SQL injection vulnerability we need to distinguish a legitimate response from the one that generates an error or different data.
Wfuzz allows to filter based on the HTTP responses code and the length of the received information (in the form of words, characters or lines). Regular expressions can also be used. Two approaches can be taken: showing or hiding results matching a given filter.
Hiding responses
^^^^^^^^^^^^^^^^
The following command line parameters can be used to hide certain HTTP responses "--hc, --hl, --hw, --hh". For example, the following command filters the web resources unknown by the web server (http://en.wikipedia.org/wiki/HTTP_404)::
wfuzz -w wordlist/general/common.txt --hc 404 http://testphp.vulnweb.com/FUZZ
Multiple values can be specified, for example, the following wfuzz execution adds the forbidden resources to the filter::
wfuzz -w wordlist/general/common.txt --hc 404,403 http://testphp.vulnweb.com/FUZZ
Lines, words or chars are handy when we are looking for resources with the same HTTP status code. For example, it is a common behaviour (sometimes due to misconfiguration) that web servers return a custom error page with a 200 response code, this is known as soft 404.
Below is shown an example::
$ wfuzz -w wordlist/general/common.txt --hc 404 http://datalayer.io/FUZZ
********************************************************
* Wfuzz 2.2 - The Web Fuzzer *
********************************************************
Target: http://datalayer.io/FUZZ
Total requests: 950
==================================================================
ID Response Lines Word Chars Request
==================================================================
00000: C=200 279 L 635 W 8972 Ch "W3SVC3"
00001: C=200 279 L 635 W 8972 Ch "Log"
00002: C=200 279 L 635 W 8972 Ch "10"
00003: C=200 279 L 635 W 8972 Ch "02"
00004: C=200 279 L 635 W 8972 Ch "2005"
...
00024: C=200 301 L 776 W 9042 Ch "about"
...
Looking carefully at the above results, is easy to ascertain that all the "not found" resources have a common patter of 279 lines, 635 words and 8972 chars.
Thus, we can improve our "--hc 404" filter by using this information (various filters can be combined)::
$ wfuzz -w wordlist/general/common.txt --hc 404 --hh 8972 http://datalayer.io/FUZZ
00022: C=200 301 L 776 W 9042 Ch "about"
00084: C=302 0 L 0 W 0 Ch "blog"
00192: C=302 0 L 0 W 0 Ch "css"
...
00696: C=200 456 L 1295 W 15119 Ch "service"
00751: C=200 238 L 512 W 6191 Ch "store"
00788: C=302 0 L 0 W 0 Ch "text"
00913: C=302 0 L 0 W 0 Ch "template"
Showing responses
^^^^^^^^^^^^^^^^^
Showing results works the same way but using the command line parameters preceded by an "s": "--sc, --sl, --sw, --sh".
Using the baseline
^^^^^^^^^^^^^^^^^^
Filters can be built against a reference HTTP response, called the "baseline". For example, the previous command for filtering "not found" resources using the --hh switch could have be done with the following command::
$ wfuzz -w wordlist/general/common.txt --hh BBB http://datalayer.io/FUZZ{notthere}
...
00000: C=200 279 L 635 W 8972 Ch "notthere"
00001: C=200 301 L 776 W 9042 Ch "about"
00004: C=200 456 L 1295 W 15119 Ch "service"
...
Here the {} defines the value of the FUZZ word for this first HTTP request, and then the response can be used specifying "BBB" as a filter value.
Regex filters
^^^^^^^^^^^^^
The command line parameters "--ss" and "--hs" allow to filter the responses using a regular expression against the returned content. For example, the following allows to find web servers vulnerable to "shellshock" (see http://edge-security.blogspot.co.uk/2014/10/scan-for-shellshock-with-wfuzz.html for more information)::
$ wfuzz -H "User-Agent: () { :;}; echo; echo vulnerable" --ss vulnerable -w cgis.txt http://localhost:8000/FUZZ
A valid python regex should be used within these switches or an error will be prompted::
$ wfuzz -w wordlist/general/common.txt --hs "error)" http://testphp.vulnweb.com/FUZZ
Fatal exception: Invalid regex expression: unbalanced parenthesis
================================================
FILE: docs/user/installation.rst
================================================
Installation
==================================
Pip install Wfuzz
--------------------
To install WFuzz using `pip <https://pip.pypa.io>`_ ::
$ pip install wfuzz
Use the wfuzz docker image
------------------
You can pull wfuzz docker image from github registry by executing::
$ docker pull ghcr.io/xmendez/wfuzz
Get the Source Code
-------------------
Wfuzz is actively developed on
`GitHub <https://github.com/xmendez/wfuzz>`_.
You can either clone the public repository::
$ git clone git://github.com/xmendez/wfuzz.git
Or download last `release <https://github.com/xmendez/wfuzz/releases/latest>`_.
Once you have a copy of the source, you can embed it in your own Python
package, or install it into your site-packages easily::
$ python setup.py install
Dependencies
-----------
Wfuzz uses:
* `pycurl <http://pycurl.sourceforge.net/>`_ library to perform HTTP requests.
* `pyparsing <https://github.com/pyparsing/pyparsing>`_ library to create filter's grammars.
* `JSON.miniy (C) Gerald Storer <https://github.com/getify/JSON.minify/blob/master/minify_json.py>`_ to read json recipes.
* `chardet <https://chardet.github.io/>`_ to detect dictionaries encoding.
* `coloroma <https://github.com/tartley/colorama/>`_ to support ANSI escape characters in Windows.
Installation issues
===================
Pycurl on MacOS
--------------------------
Wfuzz uses pycurl as HTTP library. You might get errors like the listed below when running Wfuzz::
pycurl: libcurl link-time ssl backend (openssl) is different from compile-time ssl backend (none/other)
Or::
pycurl: libcurl link-time ssl backend (none/other) is different from compile-time ssl backend (openssl)
This is due to the fact that, MacOS might need some tweaks before pycurl is installed correctly:
#. First you need to install OpenSSL via Homebrew::
$ brew install openssl
#. Curl is normally already installed in MacOs, but to be sure it uses OpenSSL, we need to install it using brew::
$ brew install curl-openssl
#. Curl is installed keg-only by brew. This means that is installed but not linked. Therefore, we need to instruct pip to use the recently installed curl before installing pycurl. We can do this permanently by changing our bash_profile::
$ echo 'export PATH="/usr/local/opt/curl-openssl/bin:$PATH"' >> ~/.bash_profile
#. Or temporary in the current shell::
$ export PATH="/usr/local/opt/curl-openssl/bin:$PATH"
#. Then, we need to install pycurl as follows::
$ PYCURL_SSL_LIBRARY=openssl LDFLAGS="-L/usr/local/opt/openssl/lib" CPPFLAGS="-I/usr/local/opt/openssl/include" pip install --no-cache-dir pycurl
#. Finally, if we re-install or execute wfuzz again it should work correctly.
If you get errors such as::
Fatal exception: dlopen(xxx/lib/python3.7/site-packages/pycurl.cpython-37m-darwin.so, 2): Library not loaded: /usr/local/opt/openssl/lib/libssl.1.0.0.dylib
Referenced from: /usr/local/opt/curl-openssl/lib/libcurl.4.dylib
Reason: image not found. Wfuzz needs pycurl to run. Pycurl could be installed using the following command:
Run brew update && brew upgrade
If you get an error such as::
ImportError: pycurl: libcurl link-time ssl backends (secure-transport, openssl) do not include compile-time ssl backend (none/other)
That might indicate that pycurl was reinstalled and not linked to the SSL correctly. Uninstall pycurl as follows::
$ pip uninstall pycurl
and re-install pycurl starting from step 4 above.
Pycurl on Windows
-----------------
Install pycurl matching your python version from https://pypi.org/project/pycurl/#files
PyCurl SSL bug
--------------
If you experience errors when using Wfuzz against SSL sites, it could be because an old know issue:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=515200
Briefly, pycurl is built against libcurl3-gnutls, which does not work with a number of web sites. Pycurl fails with the following error message::
pycurl.error: (35, 'gnutls_handshake() failed: A TLS packet with unexpected length was received.')
Verifying the problem
^^^^^^^^^^^^^^^^^^^^^
* Pycurl linked against gnutls::
$ python
>>> import pycurl
>>> pycurl.version
libcurl/7.21.3 GnuTLS/2.8.6 zlib/1.2.3.4 libidn/1.18'
* Pycurl linked against openssl::
$ python
>>> import pycurl
>>> pycurl.version
'libcurl/7.21.3 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.18'
Installing pycurl openssl flavour
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In newer Ubuntu versions, you can install libcurl openssl flavour::
$ sudo apt install libcurl4-openssl-dev
$ sudo pip3 install --upgrade wfuzz
Installing pycurl against openssl
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Alternatively, it can be done manually:
1. sudo apt-get install build-essential fakeroot dpkg-dev
2. mkdir ~/python-pycurl-openssl
3. cd ~/python-pycurl-openssl
4. sudo apt-get source python-pycurl
5. sudo apt-get build-dep python-pycurl -y
6. sudo apt-get install libcurl4-openssl-dev -y
*** CAUTION: BE CAREFUL WITH THIS OR DELETE THE DIRECTORY MANUALLY TO BE SAFE ***
7. sudo rm -r ./*/ ; dpkg-source -x pycurl_7*.dsc # *** CAUTION: BE CAREFUL WITH THIS OR DELETE THE DIRECTORY MANUALLY TO BE SAFE ***
8. cd pycurl*/
9. edit debian/control file and replace all instances of “libcurl4-gnutls-dev” with “libcurl4-openssl-dev”:
sed -i 's/libcurl4-gnutls-dev/libcurl4-openssl-dev/g' debian/control
sed -i 's/rm -f/rm -rf/g' debian/rules # fix debian/rules 'rm -r' typo preventing existing directory delete
10. sudo PYCURL_SSL_LIBRARY=openssl; dpkg-buildpackage -rfakeroot -b -uc -us
11. sudo dpkg -i ../python-pycurl_7*.deb
If there is still the error::
ImportError?: No module named bottle
Check this http://stackoverflow.com/questions/9122200/importerror-no-module-named-bottle
================================================
FILE: docs/user/wfpayload.rst
================================================
wfpayload
=========
wfpayload uses the same motor as wfuzz but instead of performing HTTP requests, uses wfuzz's payload plugins to generate new content or analyse saved sessions.
Generating new dictionaries
-------------------
You can use wfpayload to create new dictionaries::
$ wfpayload -z range --zD 0-10
0
1
2
3
4
5
6
7
8
9
10
The same wfuzz's syntax can be used, for example::
$ wfpayload -z range --zD 0-10 --filter "FUZZ<3"
0
1
2
Analysing saved sessions
------------------
Previously performed HTTP requests/responses contain a treasure trove of data. You can use wfpayload to filter and analyse previously saved sessions. Wfpayload can also read sessions from external tools, such as burp.
This allows you to look for new vulnerabilities or understand the underlying target without performing new HTTP requests.
For example, the following will return a unique list of HTTP requests including the authtoken parameter as a GET parameter::
$ wfpayload -z burplog,a_burp_log.log --slice "params.get~'authtoken'"
Authtoken is the parameter used by BEA WebLogic Commerce Servers (TM) as a CSRF token, and therefore the above will find all the requests exposing the CSRF token in the URL.
You can also look for specific parameters or headers, for example, the following will look for HTTP responses accepting any CORS origin::
$ wfpayload -z burplog --zD burp_log_05032020.log --prefilter "r.headers.response.Access-Control-Allow-Origin='*'"
It is worth noting that, if the header is not present in the response it will be return an empty value, not raising any error.
You can also select the fields to show with --efield and --field, for example::
$ wfpayload -z wfuzzp --zD /tmp/session --field r.params.get
artist=5
...
Or::
$ wfpayload -z wfuzzp --zD /tmp/session --efield r.params.get
000000006: 200 99 L 272 W 3868 Ch "5 | artist=5"
...
Running plugins against saved sessions
-------------------
Plugins can be run against a saved session. For example::
$ ./wfpayload -z burplog --zD ./burp_log_05032020.log --script=headers --filter "plugins~'akamai'"
...
000000124: 302 0 L 0 W 0 Ch "https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pjq71x1r7"
|_ New Server header - AkamaiGHost
000000913: 200 10 L 6571 W 289832 Ch "https://assets.adobedtm.com/2eed2bf00c8bca0c98d97ffee50a306922bc8c98/satelliteLib-27b81756e778cc85cc1a2f067764cd3abf072aa9.js"
|_ New Server header - AkamaiNetStorage
...
Re-writing saved sessions
-------------------
The content of a saved session can be re-written. For example, let's say there is a session with a bunch of 404/400 results that you want to remove::
$ wfpayload -z burplog --zD ./burp_log_05032020.log --hc 404 --oF /tmp/no404
and then::
$ wfpayload -z wfuzzp --zD /tmp/no404
================================================
FILE: requirements.txt
================================================
#
# This file is autogenerated by pip-compile
# To update, run:
#
# pip-compile --output-file=requirements.txt setup.py
#
attrs==20.1.0 # via pytest
chardet==3.0.4 # via wfuzz (setup.py)
iniconfig==1.0.1 # via pytest
more-itertools==8.5.0 # via pytest
packaging==20.4 # via pytest
pluggy==0.13.1 # via pytest
py==1.9.0 # via pytest
pycurl==7.43.0.6 # via wfuzz (setup.py)
pyparsing==2.4.7 # via packaging
pytest==6.0.1 # via wfuzz (setup.py)
six==1.15.0 # via packaging, wfuzz (setup.py)
toml==0.10.1 # via pytest
================================================
FILE: setup.py
================================================
import os
import sys
import re
from setuptools import setup, find_packages
with open("README.md", "rb") as f:
long_descr = f.read().decode("utf-8")
version = re.search(
r'^__version__\s*=\s*"(.*)"',
open('src/wfuzz/__init__.py').read(),
re.M
).group(1)
docs_requires = [
"Sphinx",
]
dev_requires = [
'mock',
'coverage',
'codecov',
'netaddr', # tests/api/test_payload.py uses ipranges payload
'pip-tools',
'flake8==3.8.3',
'black==19.10b0;python_version>"3.5"',
'pytest',
]
install_requires = [
'pycurl',
'pyparsing<2.4.2;python_version<="3.4"',
'pyparsing>=2.4.2;python_version>="3.5"',
'six',
'configparser;python_version<"3.5"',
'chardet',
]
if sys.platform.startswith("win"):
install_requires += ["colorama>=0.4.0"]
try:
os.symlink('../../docs/user/advanced.rst', 'src/wfuzz/advanced.rst')
setup(
name="wfuzz",
packages=find_packages(where='src'),
package_dir={'wfuzz': 'src/wfuzz'},
include_package_data=True,
package_data={'wfuzz': ['*.rst']},
entry_points={
'console_scripts': [
'wfuzz = wfuzz.wfuzz:main',
'wfpayload = wfuzz.wfuzz:main_filter',
'wfencode = wfuzz.wfuzz:main_encoder',
],
'gui_scripts': [
'wxfuzz = wfuzz.wfuzz:main_gui',
]
},
version=version,
description="Wfuzz - The web fuzzer",
long_description=long_descr,
long_description_content_type='text/markdown',
author="Xavi Mendez (@x4vi_mendez)",
author_email="xmendez@edge-security.com",
url="http://wfuzz.org",
license="GPLv2",
install_requires=install_requires,
extras_require={
'dev': dev_requires,
'docs': docs_requires,
},
python_requires=">=2.6",
classifiers=(
'Development Status :: 4 - Beta',
'Natural Language :: English',
'License :: OSI Approved :: GNU General Public License v2 (GPLv2)',
'Programming Language :: Python',
'Programming Language :: Python :: 3',
'Programming Language :: Python :: 3.4',
'Programming Language :: Python :: 3.5',
'Programming Language :: Python :: 3.6',
'Programming Language :: Python :: 3.7',
'Programming Language :: Python :: 3.8',
),
)
finally:
os.unlink('src/wfuzz/advanced.rst')
================================================
FILE: src/wfencode.py
================================================
#!/usr/bin/env python
from wfuzz.wfuzz import main_encoder
if __name__ == "__main__":
main_encoder()
================================================
FILE: src/wfpayload.py
================================================
#!/usr/bin/env python
from wfuzz.wfuzz import main_filter
if __name__ == "__main__":
main_filter()
================================================
FILE: src/wfuzz/__init__.py
================================================
__title__ = "wfuzz"
__version__ = "3.1.0"
__build__ = 0x023000
__author__ = "Xavier Mendez"
__license__ = "GPL 2.0"
__copyright__ = "Copyright 2011-2020 Xavier Mendez"
import logging
import sys
import warnings
# define a logging Handler
console = logging.StreamHandler()
console.setLevel(logging.WARNING)
formatter = logging.Formatter("%(name)-12s: %(levelname)-8s %(message)s")
console.setFormatter(formatter)
logging.getLogger("").addHandler(console)
# define warnings format
def warning_on_one_line(message, category, filename, lineno, file=None, line=None):
return " %s:%s: %s:%s\n" % (filename, lineno, category.__name__, message)
warnings.formatwarning = warning_on_one_line
try:
import pycurl
if "openssl".lower() not in pycurl.version.lower():
warnings.warn(
"Pycurl is not compiled against Openssl. Wfuzz might not work correctly when fuzzing SSL sites. Check Wfuzz's documentation for more information."
)
if not hasattr(pycurl, "CONNECT_TO"):
warnings.warn(
"Pycurl and/or libcurl version is old. CONNECT_TO option is missing. Wfuzz --ip option will not be available."
)
if not hasattr(pycurl, "PATH_AS_IS"):
warnings.warn(
"Pycurl and/or libcurl version is old. PATH_AS_IS option is missing. Wfuzz might not correctly fuzz URLS with '..'."
)
except ImportError:
warnings.warn(
"fuzz needs pycurl to run. Pycurl could be installed using the following command: $ pip install pycurl"
)
sys.exit(1)
from .options import FuzzSession
from .api import fuzz, get_payload, get_payloads, encode, decode, payload, get_session
================================================
FILE: src/wfuzz/__main__.py
================================================
from .wfuzz import main
main()
================================================
FILE: src/wfuzz/api.py
================================================
from .options import FuzzSession
from .facade import Facade
from .ui.console.clparser import CLParser
"""
Wfuzz API
"""
def fuzz(**kwargs):
return FuzzSession(**kwargs).fuzz()
def get_payloads(iterator):
fs = FuzzSession()
return fs.get_payloads(iterator)
def get_payload(iterator):
fs = FuzzSession()
return fs.get_payload(iterator)
def encode(name, value):
return Facade().encoders.get_plugin(name)().encode(value)
def decode(name, value):
return Facade().encoders.get_plugin(name)().decode(value)
def payload(**kwargs):
return FuzzSession(**kwargs).payload()
def get_session(cline):
cl = ["wfuzz"] + cline.split(" ")
return FuzzSession(**CLParser(cl).parse_cl())
================================================
FILE: src/wfuzz/core.py
================================================
from .fuzzobjects import FuzzType
from .myqueues import MyPriorityQueue, QueueManager
from .fuzzqueues import (
SeedQ,
SaveQ,
PrinterQ,
RoutingQ,
FilterQ,
SliceQ,
JobQ,
RecursiveQ,
DryRunQ,
HttpQueue,
HttpReceiver,
AllVarQ,
CLIPrinterQ,
ConsolePrinterQ,
PassPayloadQ,
)
# python 2 and 3: iterator
from builtins import object
class Fuzzer(object):
def __init__(self, options):
# Create queues
# genReq ---> seed_queue -> [slice_queue] -> http_queue/dryrun -> [round_robin -> plugins_queue] * N
# -> [recursive_queue -> routing_queue] -> [filter_queue] -> [save_queue] -> [printer_queue] ---> results
self.options = options
self.qmanager = QueueManager(options)
self.results_queue = MyPriorityQueue()
if options["allvars"]:
self.qmanager.add("seed_queue", AllVarQ(options))
else:
self.qmanager.add("seed_queue", SeedQ(options))
for prefilter_idx, prefilter in enumerate(options.get("compiled_prefilter")):
if prefilter.is_active():
self.qmanager.add(
"slice_queue_{}".format(prefilter_idx), SliceQ(options, prefilter)
)
if options.get("transport") == "dryrun":
self.qmanager.add("transport_queue", DryRunQ(options))
elif options.get("transport") == "payload":
self.qmanager.add("transport_queue", PassPayloadQ(options))
else:
# http_queue breaks process rules due to being asynchronous. Someone has to collects its sends, for proper fuzzqueue's count and sync purposes
self.qmanager.add("transport_queue", HttpQueue(options))
self.qmanager.add("http_receiver", HttpReceiver(options))
if options.get("script"):
self.qmanager.add("plugins_queue", JobQ(options))
if options.get("rlevel") > 0:
self.qmanager.add("recursive_queue", RecursiveQ(options))
if (options.get("script") or options.get("rlevel") > 0) and options.get(
"transport"
) == "http":
rq = RoutingQ(
options,
{
FuzzType.SEED: self.qmanager["seed_queue"],
FuzzType.BACKFEED: self.qmanager["transport_queue"],
},
)
self.qmanager.add("routing_queue", rq)
if options.get("compiled_filter").is_active():
self.qmanager.add(
"filter_queue", FilterQ(options, options["compiled_filter"])
)
if options.get("compiled_simple_filter").is_active():
self.qmanager.add(
"simple_filter_queue",
FilterQ(options, options["compiled_simple_filter"]),
)
if options.get("save"):
self.qmanager.add("save_queue", SaveQ(options))
if options.get("compiled_printer"):
self.qmanager.add("printer_queue", PrinterQ(options))
if options.get("exec_mode") == "cli":
if options["console_printer"]:
self.qmanager.add("printer_cli", ConsolePrinterQ(options))
else:
self.qmanager.add("printer_cli", CLIPrinterQ(options))
self.qmanager.bind(self.results_queue)
# initial seed request
self.qmanager.start()
def __iter__(self):
return self
def __next__(self):
# http://bugs.python.org/issue1360
res = self.results_queue.get()
self.results_queue.task_done()
# done! (None sent has gone through all queues).
if not res:
raise StopIteration
elif res.item_type == FuzzType.ERROR:
raise res.exception
return res
def stats(self):
return dict(
list(self.qmanager.get_stats().items())
+ list(self.qmanager["transport_queue"].http_pool.job_stats().items())
+ list(self.options.stats.get_stats().items())
)
def cancel_job(self):
self.qmanager.cancel()
def pause_job(self):
self.qmanager["transport_queue"].pause.clear()
def resume_job(self):
self.qmanager["transport_queue"].pause.set()
================================================
FILE: src/wfuzz/dictionaries.py
================================================
from .exception import FuzzExceptNoPluginError, FuzzExceptBadOptions
from .facade import Facade
from .filters.ppfilter import FuzzResFilterSlice, FuzzResFilter
from .fuzzobjects import FuzzWord, FuzzWordType
class BaseIterator:
def count(self):
raise NotImplementedError
def width(self):
raise NotImplementedError
def payloads(self):
raise NotImplementedError
def cleanup(self):
for payload in self.payloads():
payload.close()
class BaseDictionary:
def count(self):
raise NotImplementedError
def next_word(self):
raise NotImplementedError
def __next__(self):
return self.next_word()
def __iter__(self):
return self
def close(self):
pass
class EncodeIt(BaseDictionary):
def __init__(self, parent, encoders_list):
self.parent = parent
self.encoders = encoders_list
self.__generator = self._gen()
def count(self):
return self.parent.count() * len(self.encoders)
def concatenate(self, encoder_name, payload_word):
string = payload_word.content
for plugin_name in reversed(encoder_name.split("@")):
string = Facade().encoders.get_plugin(plugin_name)().encode(string)
return FuzzWord(string, FuzzWordType.WORD)
def encode(self, encoder_name, payload_word):
plugin_list = Facade().encoders.get_plugins(encoder_name)
if not plugin_list:
raise FuzzExceptNoPluginError(
encoder_name
+ " encoder does not exists (-e encodings for a list of available encoders)"
)
for plugin_class in plugin_list:
yield FuzzWord(
plugin_class().encode(payload_word.content), FuzzWordType.WORD
)
def next_word(self):
return next(self.__generator)
def _gen(self):
while 1:
try:
payload_word = next(self.parent)
except StopIteration:
return
for encoder_name in self.encoders:
if encoder_name.find("@") > 0:
yield self.concatenate(encoder_name, payload_word)
else:
for string in self.encode(encoder_name, payload_word):
yield string
def __next__(self):
return next(self.__generator)
class TupleIt(BaseDictionary, BaseIterator):
def __init__(self, parent):
self.parent = parent
def count(self):
return self.parent.count()
def width(self):
return 1
def payloads(self):
return [self.parent]
def next_word(self):
return (next(self.parent),)
class WrapperIt(BaseDictionary):
def __init__(self, iterator):
self._it = iter(iterator)
def count(self):
return -1
def get_type(self):
return FuzzWordType.WORD
def next_word(self):
return FuzzWord(str(next(self._it)), FuzzWordType.WORD)
class SliceIt(BaseDictionary):
def __init__(self, payload, slicestr):
self.ffilter = FuzzResFilter(filter_string=slicestr)
self.ffilter_slice = FuzzResFilterSlice(filter_string=slicestr)
self.payload = payload
def count(self):
return -1
def get_type(self):
return self.payload.get_type()
def _get_filtered_value(self, item):
if item.type == FuzzWordType.FUZZRES:
filter_ret = self.ffilter.is_visible(item.content)
else:
filter_ret = self.ffilter_slice.is_visible(item.content)
return filter_ret
def next_word(self):
# can be refactored using the walrus operator in python 3.8
item = next(self.payload)
filter_ret = self._get_filtered_value(item)
if not isinstance(filter_ret, bool) and item.type == FuzzWordType.FUZZRES:
raise FuzzExceptBadOptions(
"The payload type cannot be modified from FuzzResult to word."
)
while isinstance(filter_ret, bool) and not filter_ret:
item = next(self.payload)
filter_ret = self._get_filtered_value(item)
if not isinstance(filter_ret, bool):
return FuzzWord(filter_ret, item.type)
return item
class AllVarDictio(BaseDictionary, BaseIterator):
def __init__(self, iterator, allvar_len):
self._it = iter(iterator)
self._count = allvar_len
def count(self):
return self._count
def width(self):
return 0
def payloads(self):
return []
def next_word(self):
var_name, fuzz_word = next(self._it)
return (FuzzWord(var_name, FuzzWordType.WORD), fuzz_word)
================================================
FILE: src/wfuzz/exception.py
================================================
class FuzzException(Exception):
pass
class FuzzExceptBadOptions(FuzzException):
pass
class FuzzExceptNoPluginError(FuzzException):
pass
class FuzzExceptPluginLoadError(FuzzException):
pass
class FuzzExceptIncorrectFilter(FuzzException):
pass
class FuzzExceptBadAPI(FuzzException):
pass
class FuzzExceptInternalError(FuzzException):
pass
class FuzzExceptBadFile(FuzzException):
pass
class FuzzExceptBadInstall(FuzzException):
pass
class FuzzExceptBadRecipe(FuzzException):
pass
class FuzzExceptMissingAPIKey(FuzzException):
pass
class FuzzExceptPluginBadParams(FuzzException):
pass
class FuzzExceptResourceParseError(FuzzException):
pass
class FuzzExceptPluginError(FuzzException):
pass
class FuzzExceptNetError(FuzzException):
pass
================================================
FILE: src/wfuzz/externals/__init__.py
================================================
================================================
FILE: src/wfuzz/externals/moduleman/__init__.py
================================================
================================================
FILE: src/wfuzz/externals/moduleman/loader.py
================================================
import inspect
import logging
import imp
import os.path
class IModuleLoader:
def __init__(self, **params):
self.set_params(**params)
def set_params(self, **params):
raise NotImplementedError
def load(self, registrant):
raise NotImplementedError
class FileLoader(IModuleLoader):
def __init__(self, **params):
IModuleLoader.__init__(self, **params)
self.__logger = logging.getLogger("libraries.FileLoader")
def set_params(self, **params):
if "base_path" not in params:
return
elif "filename" not in params:
return
self.filename = params["filename"]
self.base_path = params["base_path"]
if self.base_path.endswith("/"):
self.base_path = self.base_path[:-1]
def load(self, registrant):
self.module_registrant = registrant
self._load_py_from_file(os.path.join(self.base_path, self.filename))
def _build_id(self, filename, objname):
filepath, filename = os.path.split(filename)
relative_path = os.path.relpath(filepath, self.base_path)
identifier = relative_path + "/" + objname
if identifier.startswith("./"):
identifier = identifier[2:]
return identifier
def _load_py_from_file(self, filename):
"""
Opens "filename", inspects it and calls the registrant
"""
self.__logger.debug("__load_py_from_file. START, file=%s" % (filename,))
dirname, filename = os.path.split(filename)
fn = os.path.splitext(filename)[0]
exten_file = None
module = None
try:
exten_file, filename, description = imp.find_module(fn, [dirname])
module = imp.load_module(fn, exten_file, filename, description)
except ImportError as msg:
self.__logger.critical(
"__load_py_from_file. Filename: %s Exception, msg=%s" % (filename, msg)
)
# raise msg
pass
except SyntaxError as msg:
# incorrect python syntax in file
self.__logger.critical(
"__load_py_from_file. Filename: %s Exception, msg=%s" % (filename, msg)
)
# raise msg
pass
finally:
if exten_file:
exten_file.close()
if module is None:
return
for objname in dir(module):
obj = getattr(module, objname)
self.__logger.debug("__load_py_from_file. inspecting=%s" % (objname,))
if inspect.isclass(obj):
if "__PLUGIN_MODULEMAN_MARK" in dir(obj):
if self.module_registrant:
self.module_registrant.register(
self._build_id(filename, objname), obj
)
self.__logger.debug("__load_py_from_file. END, loaded file=%s" % (filename,))
class DirLoader(FileLoader):
def __init__(self, **params):
FileLoader.__init__(self, **params)
self.__logger = logging.getLogger("libraries.DirLoader")
def set_params(self, **params):
if "base_dir" not in params:
return
elif "base_path" not in params:
return
self.base_dir = params["base_dir"]
self.base_path = params["base_path"]
if self.base_path.endswith("/"):
self.base_path = self.base_path[:-1]
def load(self, registrant):
self.module_registrant = registrant
self.structure = self.__load_all(self.base_dir)
def _build_id(self, filename, objname):
filepath, filename = os.path.split(filename)
relative_path = os.path.relpath(
filepath, os.path.join(self.base_path, self.base_dir)
)
identifier = relative_path + "/" + objname
if identifier.startswith("./"):
identifier = identifier[2:]
return identifier
def __load_all(self, dir_name):
"""
loads all plugins and creates a loaded list of scripts from directory plugins like:
[ ( category,[script1, script2,...] ), (category2,[script1, (subcategory,[script1,script2]),...]) ]
"""
walked = []
current = os.path.join(self.base_path, dir_name)
if os.path.isdir(current):
dir_list = self.__walk_dir_tree(current)
walked.append((current, dir_list))
if self.module_registrant:
self.module_registrant.end_loading()
return walked
def __walk_dir_tree(self, dirname):
dir_list = []
self.__logger.debug("__walk_dir_tree. START dir=%s", dirname)
for f in os.listdir(dirname):
current = os.path.join(dirname, f)
if os.path.isfile(current) and f.endswith("py"):
if self.module_registrant:
self._load_py_from_file(current)
dir_list.append(current)
elif os.path.isdir(current):
ret = self.__walk_dir_tree(current)
if ret:
dir_list.append((f, ret))
return dir_list
================================================
FILE: src/wfuzz/externals/moduleman/modulefilter.py
================================================
# mimicking nmap script filter
# nmap --script "http-*"
# Loads all scripts whose name starts with http-, such as http-auth and http-open-proxy. The argument to --script had to be in quotes to protect the wildcard from the shell.
# not valid for categories!
#
# More complicated script selection can be done using the and, or, and not operators to build Boolean expressions. The operators have the same precedence[12] as in Lua: not is the
# highest, followed by and and then or. You can alter precedence by using parentheses. Because expressions contain space characters it is necessary to quote them.
#
# nmap --script "not intrusive"
# Loads every script except for those in the intrusive category.
#
# nmap --script "default or safe"
# This is functionally equivalent to nmap --script "default,safe". It loads all scripts that are in the default category or the safe category or both.
#
# nmap --script "default and safe"
# Loads those scripts that are in both the default and safe categories.
#
# nmap --script "(default or safe or intrusive) and not http-*"
# Loads scripts in the default, safe, or intrusive categories, except for those whose names start with http-.
PYPARSING = True
try:
from pyparsing import (
Word,
Group,
oneOf,
Optional,
Suppress,
ZeroOrMore,
Literal,
alphas,
alphanums,
)
except ImportError:
PYPARSING = False
class IFilter:
def is_visible(self, plugin, filter_string):
raise NotImplementedError
class Filter(IFilter):
def __init__(self):
if PYPARSING:
category = Word(alphas + "_-*", alphanums + "_-*")
operator = oneOf("and or ,")
neg_operator = "not"
elementRef = category
definition = elementRef + ZeroOrMore(operator + elementRef)
nestedformula = Group(
Suppress(Optional(Literal("(")))
+ definition
+ Suppress(Optional(Literal(")")))
)
neg_nestedformula = Optional(neg_operator) + nestedformula
self.finalformula = neg_nestedformula + ZeroOrMore(
operator + neg_nestedformula
)
elementRef.setParseAction(self.__compute_element)
neg_nestedformula.setParseAction(self.__compute_neg_formula)
nestedformula.setParseAction(self.__compute_formula)
self.finalformula.setParseAction(self.__myreduce)
def __compute_neg_formula(self, tokens):
if len(tokens) > 1 and tokens[0] == "not":
return not tokens[1]
else:
return tokens[0]
def __compute_element(self, tokens):
item = tokens[0]
wildc_index = item.find("*")
if wildc_index > 0:
return self.plugin.name.startswith(item[:wildc_index])
else:
if isinstance(self.plugin.category, list):
return item in self.plugin.category or self.plugin.name == item
else:
return self.plugin.category == item or self.plugin.name == item
def __myreduce(self, elements):
first = elements[0]
for i in range(1, len(elements), 2):
if elements[i] == "and":
first = first and elements[i + 1]
elif elements[i] == "or" or elements[i] == ",":
first = first or elements[i + 1]
return first
def __compute_formula(self, tokens):
return self.__myreduce(tokens[0])
def simple_filter(self, plugin, filter_string):
ret = []
for item in filter_string.split(","):
wildc_index = item.find("*")
if wildc_index > 0:
ret.append(
(
item in plugin.category
or plugin.name.startswith(item[:wildc_index])
)
)
else:
ret.append((item in plugin.category or plugin.name == item))
return any(ret)
def simple_filter_banned_keywords(self, filter_string):
if filter_string.find("(") >= 0:
return True
elif filter_string.find(")") >= 0:
return True
elif any(x in ["or", "not", "and"] for x in filter_string.split(" ")):
return True
else:
return False
def is_visible(self, plugin, filter_string):
self.plugin = plugin
if PYPARSING:
return self.finalformula.parseString(filter_string)[0]
else:
if self.simple_filter_banned_keywords(filter_string):
raise Exception("Pyparsing missing, complex filters not allowed.")
else:
return self.simple_filter(plugin, filter_string)
================================================
FILE: src/wfuzz/externals/moduleman/plugin.py
================================================
try:
from collections.abc import Callable
except ImportError:
from collections import Callable
def moduleman_plugin(*args):
method_args = []
def inner_decorator(cls):
for method in method_args:
if not (method in dir(cls)):
raise Exception("Required method %s not implemented" % method)
cls.__PLUGIN_MODULEMAN_MARK = "Plugin mark"
return cls
if not isinstance(args[0], Callable):
method_args += args
return inner_decorator
return inner_decorator(args[0])
================================================
FILE: src/wfuzz/externals/moduleman/registrant.py
================================================
from .modulefilter import Filter
from collections import defaultdict
try:
from collections.abc import MutableMapping
except ImportError:
from collections import MutableMapping
from threading import Lock
class IRegistrant:
def __init__(self, loader, plg_filter):
self.plg_filter = plg_filter
self.loader = loader
self.start_loading()
self.load()
self.end_loading()
def register(self, identifier, module):
raise NotImplementedError
def start_loading(self):
raise NotImplementedError
def load(self):
raise NotImplementedError
def end_loading(self):
raise NotImplementedError
def modify_instance(self, module):
raise NotImplementedError
class KnowledgeBase(MutableMapping):
def __init__(self, *args, **kwargs):
self.__data = defaultdict(list)
self.mutex = Lock()
def __getitem__(self, key):
with self.mutex:
return self.__data[key]
def __setitem__(self, key, value):
with self.mutex:
self.__data[key].append(value)
def __delitem__(self, key):
with self.mutex:
del self.__data[key]
def __len__(self):
with self.mutex:
return len(self.__data)
def __str__(self):
with self.mutex:
return str(self.__data)
def __iter__(self):
return iter(self.__data)
class BRegistrant(IRegistrant):
def __init__(self, loader, plg_filter=Filter()):
self.__plugins = {}
self.__active_plugins = {}
self.kbase = KnowledgeBase()
IRegistrant.__init__(self, loader, plg_filter)
def register(self, identifier, module):
self.__plugins[identifier] = self.modify_instance(module)
self.__active_plugins[identifier] = True
def load(self):
self.loader.load(self)
def start_loading(self):
pass
def end_loading(self):
pass
def modify_instance(self, module):
module.kbase = self.kbase
return module
# ------------------------------------------------
# plugin management functions
# ------------------------------------------------
def plugin_state(self, identifier, state):
self.__active_plugins[identifier] = state
def __get_plugins(self, category, sorting):
def plugin_filter(x):
plgid, plg = x
if category == "$all$":
return True
elif not self.__active_plugins[plgid]:
return False
else:
return self.plg_filter.is_visible(plg, category)
def key_funtion(x):
return x[1].priority
plugin_list = list(filter(plugin_filter, list(self.__plugins.items())))
if sorting:
plugin_list.sort(key=key_funtion)
return plugin_list
def get_plugin(self, identifier):
# strict and fuzzy search
if identifier in self.__plugins:
return self.__plugins[identifier]
else:
plugin_list = [
plg
for plg_id, plg in self.__get_plugins("$all$", True)
if identifier in plg_id
]
if not plugin_list:
raise KeyError("No plugins found!")
elif len(plugin_list) == 1:
return plugin_list[0]
else:
raise KeyError(
"Multiple plugins found: %s"
% ",".join([plg.name for plg in plugin_list])
)
raise KeyError("No plugins found!")
def get_plugins(self, category="$all$", sorting="true"):
return [plg for plg_id, plg in self.__get_plugins(category, sorting)]
def get_plugins_ext(self, category="$all$", sorting="true"):
plugin_list = [["Id", "Priority", "Category", "Name", "Summary"]]
for plg_id, plg in self.__get_plugins(category, sorting):
plugin_list.append(
[
plg_id,
str(plg.priority),
", ".join(plg.category),
str(plg.name),
str(plg.summary),
]
)
return plugin_list
def get_plugins_names(self, category="$all$", sorting="true"):
return [plg.name for plg_id, plg in self.__get_plugins(category, sorting)]
def get_plugins_ids(self, category="$all$", sorting="true"):
return [plg_id for plg_id, plg in self.__get_plugins(category, sorting)]
class MulRegistrant(BRegistrant):
def load(self):
for loader in self.loader:
loader.load(self)
================================================
FILE: src/wfuzz/externals/reqresp/Request.py
================================================
# Covered by GPL V2.0
# Coded by Carlos del Ojo Elias (deepbit@gmail.com)
# Lately maintained by Xavi Mendez (xmendez@edge-security.com)
# Python 2 and 3
import sys
if sys.version_info >= (3, 0):
from urllib.parse import urlparse
from urllib.parse import urlunparse
else:
from urlparse import urlparse
from urlparse import urlunparse
import re
import pycurl
from .Variables import VariablesSet
from .exceptions import ReqRespException
from .Response import Response
from wfuzz.helpers.str_func import python2_3_convert_to_unicode
from wfuzz.helpers.obj_dic import CaseInsensitiveDict
from .TextParser import TextParser
PYCURL_PATH_AS_IS = True
if not hasattr(pycurl, "PATH_AS_IS"):
PYCURL_PATH_AS_IS = False
class Request:
def __init__(self):
self.__host = None # www.google.com:80
self.__path = None # /index.php
self.__params = None # Mierdaza de index.php;lskjflkasjflkasjfdlkasdf?
self.schema = "http" # http
# #### Variables calculadas por getters NO SE PUEDEN MODIFICAR
# self.urlWithoutPath # http://www.google.es
# self.pathWithVariables # /index.php?a=b&c=d
# self.urlWithoutVariables=None # http://www.google.es/index.php
# self.completeUrl="" # http://www.google.es/index.php?a=b
# self.finalUrl="" # Url despues de hacer el FollowLocation
# self.redirectUrl="" # Url redirected
# self.postdata="" # Datos por POST, toto el string
# ###############
self.ContentType = (
"application/x-www-form-urlencoded" # None es normal encoding
)
self.multiPOSThead = {}
self.__variablesGET = VariablesSet()
self._variablesPOST = VariablesSet()
self._non_parsed_post = None
# diccionario, por ejemplo headers["Cookie"]
self._headers = CaseInsensitiveDict(
{
"Content-Type": "application/x-www-form-urlencoded",
"User-Agent": "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1)",
}
)
self.response = None # Apunta a la response que produce dicha request
# ################## lo de debajo no se deberia acceder directamente
self.time = None # 23:00:00
self.ip = None # 192.168.1.1
self._method = None
self.protocol = "HTTP/1.1" # HTTP/1.1
self.__performHead = ""
self.__performBody = ""
self.__authMethod = None
self.__userpass = ""
self.description = "" # For temporally store imformation
self.__proxy = None
self.proxytype = None
self.__timeout = None
self.__totaltimeout = None
self.__finalurl = ""
self.followLocation = False
self.__userpass = ""
self.totaltime = None
@property
def method(self):
if self._method is None:
return "POST" if self._non_parsed_post is not None else "GET"
return self._method
@method.setter
def method(self, value):
if value == "None":
value = None
self._method = value
def setFinalUrl(self, fu):
self.__finalurl = fu
def __str__(self):
str = "[ URL: %s" % (self.completeUrl)
if self.postdata:
str += ' - {}: "{}"'.format(self.method, self.postdata)
if "Cookie" in self._headers:
str += ' - COOKIE: "%s"' % self._headers["Cookie"]
str += " ]"
return str
def getHost(self):
return self.__host
def getXML(self, obj):
r = obj.createElement("request")
r.setAttribute("method", self.method)
url = obj.createElement("URL")
url.appendChild(obj.createTextNode(self.completeUrl))
r.appendChild(url)
if self.postdata:
pd = obj.createElement("PostData")
pd.appendChild(obj.createTextNode(self.postdata))
r.appendChild(pd)
if "Cookie" in self._headers:
ck = obj.createElement("Cookie")
ck.appendChild(obj.createTextNode(self._headers["Cookie"]))
r.appendChild(ck)
return r
def __getattr__(self, name):
if name == "urlWithoutVariables":
return urlunparse((self.schema, self.__host, self.__path, "", "", ""))
elif name == "pathWithVariables":
return urlunparse(
("", "", self.__path, "", self.__variablesGET.urlEncoded(), "")
)
elif name == "completeUrl":
return urlunparse(
(
self.schema,
self.__host,
self.__path,
self.__params,
self.__variablesGET.urlEncoded(),
"",
)
)
elif name == "finalUrl":
if self.__finalurl:
return self.__finalurl
return self.completeUrl
elif name == "urlWithoutPath":
return "%s://%s" % (self.schema, self._headers["Host"])
elif name == "path":
return self.__path
elif name == "postdata":
if self.ContentType == "application/x-www-form-urlencoded":
return self._variablesPOST.urlEncoded()
elif self.ContentType == "multipart/form-data":
return self._variablesPOST.multipartEncoded()
elif self.ContentType == "application/json":
return self._variablesPOST.json_encoded()
else:
return self._variablesPOST.urlEncoded()
else:
raise AttributeError
def setUrl(self, urltmp):
self.__variablesGET = VariablesSet()
self.schema, self.__host, self.__path, self.__params, variables, f = urlparse(
urltmp
)
if "Host" not in self._headers or (not self._headers["Host"]):
self._headers["Host"] = self.__host
if variables:
self.__variablesGET.parseUrlEncoded(variables)
# ############## PROXY ##################################
def getProxy(self):
return self.__proxy
def setProxy(self, prox, ptype):
self.__proxy = prox
self.proxytype = ptype
# ############## FOLLOW LOCATION ########################
def setFollowLocation(self, value):
self.followLocation = value
# ############# TIMEOUTS ################################
def setConnTimeout(self, time):
self.__timeout = time
def getConnTimeout(self):
return self.__timeout
def setTotalTimeout(self, time):
self.__totaltimeout = time
def getTotalTimeout(self):
return self.__totaltimeout
# ############# Autenticacion ###########################
def setAuth(self, method, string):
self.__authMethod = method
self.__userpass = string
def getAuth(self):
return self.__authMethod, self.__userpass
# ############# TRATAMIENTO VARIABLES GET & POST #########################
def existsGETVar(self, key):
return self.__variablesGET.existsVar(key)
def existPOSTVar(self, key):
return self._variablesPOST.existsVar(key)
def setVariablePOST(self, key, value):
v = self._variablesPOST.getVariable(key)
v.update(value)
# self._headers["Content-Length"] = str(len(self.postdata))
def setVariableGET(self, key, value):
v = self.__variablesGET.getVariable(key)
v.update(value)
def getGETVars(self):
return self.__variablesGET.variables
def getPOSTVars(self):
return self._variablesPOST.variables
def setPostData(self, pd, boundary=None):
self._non_parsed_post = pd
self._variablesPOST = VariablesSet()
try:
if self.ContentType == "multipart/form-data":
self._variablesPOST.parseMultipart(pd, boundary)
elif self.ContentType == "application/json":
self._variablesPOST.parse_json_encoded(pd)
else:
self._variablesPOST.parseUrlEncoded(pd)
except Exception:
try:
self._variablesPOST.parseUrlEncoded(pd)
except Exception:
print("Warning: POST parameters not parsed")
pass
############################################################################
def addHeader(self, key, value):
self._headers[key] = value
def delHeader(self, key):
if key in self._headers:
del self._headers[key]
def __getitem__(self, key):
if key in self._headers:
return self._headers[key]
else:
return ""
def getHeaders(self):
header_list = []
for i, j in self._headers.items():
header_list += ["%s: %s" % (i, j)]
return header_list
def head(self):
conn = pycurl.Curl()
conn.setopt(pycurl.SSL_VERIFYPEER, False)
conn.setopt(pycurl.SSL_VERIFYHOST, 0)
conn.setopt(pycurl.URL, self.completeUrl)
conn.setopt(pycurl.NOBODY, True) # para hacer un pedido HEAD
conn.setopt(pycurl.WRITEFUNCTION, self.header_callback)
conn.perform()
rp = Response()
rp.parseResponse(self.__performHead)
self.response = rp
def createPath(self, newpath):
"""Creates new url from a location header || Hecho para el followLocation=true"""
if "http" in newpath[:4].lower():
return newpath
parts = urlparse(self.completeUrl)
if "/" != newpath[0]:
newpath = "/".join(parts[2].split("/")[:-1]) + "/" + newpath
return urlunparse([parts[0], parts[1], newpath, "", "", ""])
# pycurl - reqresp conversions
@staticmethod
def to_pycurl_object(c, req):
c.setopt(pycurl.MAXREDIRS, 5)
c.setopt(pycurl.WRITEFUNCTION, req.body_callback)
c.setopt(pycurl.HEADERFUNCTION, req.header_callback)
c.setopt(pycurl.NOSIGNAL, 1)
c.setopt(pycurl.SSL_VERIFYPEER, False)
c.setopt(pycurl.SSL_VERIFYHOST, 0)
if PYCURL_PATH_AS_IS:
c.setopt(pycurl.PATH_AS_IS, 1)
c.setopt(pycurl.URL, python2_3_convert_to_unicode(req.completeUrl))
if req.getConnTimeout():
c.setopt(pycurl.CONNECTTIMEOUT, req.getConnTimeout())
if req.getTotalTimeout():
c.setopt(pycurl.TIMEOUT, req.getTotalTimeout())
authMethod, userpass = req.getAuth()
if authMethod or userpass:
if authMethod == "basic":
c.setopt(pycurl.HTTPAUTH, pycurl.HTTPAUTH_BASIC)
elif authMethod == "ntlm":
c.setopt(pycurl.HTTPAUTH, pycurl.HTTPAUTH_NTLM)
elif authMethod == "digest":
c.setopt(pycurl.HTTPAUTH, pycurl.HTTPAUTH_DIGEST)
c.setopt(pycurl.USERPWD, python2_3_convert_to_unicode(userpass))
else:
c.unsetopt(pycurl.USERPWD)
c.setopt(pycurl.HTTPHEADER, python2_3_convert_to_unicode(req.getHeaders()))
curl_options = {
"GET": pycurl.HTTPGET,
"POST": pycurl.POST,
"PATCH": pycurl.UPLOAD,
"HEAD": pycurl.NOBODY,
}
for o in curl_options.values():
c.setopt(o, False)
if req.method in curl_options:
c.unsetopt(pycurl.CUSTOMREQUEST)
c.setopt(curl_options[req.method], True)
else:
c.setopt(pycurl.CUSTOMREQUEST, req.method)
if req._non_parsed_post is not None:
c.setopt(
pycurl.POSTFIELDS, python2_3_convert_to_unicode(req._non_parsed_post)
)
c.setopt(pycurl.FOLLOWLOCATION, 1 if req.followLocation else 0)
# proxy = req.getProxy()
# if proxy is not None:
# c.setopt(pycurl.PROXY, python2_3_convert_to_unicode(proxy))
# if req.proxytype == "SOCKS5":
# c.setopt(pycurl.PROXYTYPE, pycurl.PROXYTYPE_SOCKS5)
# elif req.proxytype == "SOCKS4":
# c.setopt(pycurl.PROXYTYPE, pycurl.PROXYTYPE_SOCKS4)
# req.delHeader("Proxy-Connection")
# else:
# c.setopt(pycurl.PROXY, "")
return c
def response_from_conn_object(self, conn, header, body):
# followlocation
if conn.getinfo(pycurl.EFFECTIVE_URL) != self.completeUrl:
self.setFinalUrl(conn.getinfo(pycurl.EFFECTIVE_URL))
self.totaltime = conn.getinfo(pycurl.TOTAL_TIME)
self.response = Response()
self.response.parseResponse(header, rawbody=body)
return self.response
def perform(self):
self.__performHead = ""
self.__performBody = ""
self.__headersSent = ""
try:
conn = Request.to_pycurl_object(pycurl.Curl(), self)
conn.perform()
self.response_from_conn_object(conn, self.__performHead, self.__performBody)
except pycurl.error as error:
errno, errstr = error
raise ReqRespException(ReqRespException.FATAL, errstr)
finally:
conn.close()
# ######## ESTE conjunto de funciones no es necesario para el uso habitual de la clase
def getAll(self):
pd = self._non_parsed_post if self._non_parsed_post else ""
string = (
str(self.method)
+ " "
+ str(self.pathWithVariables)
+ " "
+ str(self.protocol)
+ "\n"
)
for i, j in self._headers.items():
string += i + ": " + j + "\n"
string += "\n" + pd
return string
# #########################################################################
def header_callback(self, data):
self.__performHead += data
def body_callback(self, data):
self.__performBody += data
def Substitute(self, src, dst):
a = self.getAll()
rx = re.compile(src)
b = rx.sub(dst, a)
del rx
self.parseRequest(b, self.schema)
def parseRequest(self, rawRequest, prot="http"):
""" Aun esta en fase BETA y por probar"""
tp = TextParser()
tp.setSource("string", rawRequest)
self._variablesPOST = VariablesSet()
self._headers = {} # diccionario, por ejemplo headers["Cookie"]
tp.readLine()
try:
tp.search(r"^(\S+) (.*) (HTTP\S*)$")
self.method = tp[0][0]
self.protocol = tp[0][2]
except Exception as a:
print(rawRequest)
raise a
pathTMP = tp[0][1].replace(" ", "%20")
pathTMP = ("", "") + urlparse(pathTMP)[2:]
pathTMP = urlunparse(pathTMP)
while True:
tp.readLine()
if tp.search("^([^:]+): (.*)$"):
self.addHeader(tp[0][0], tp[0][1])
else:
break
self.setUrl(prot + "://" + self._headers["Host"] + pathTMP)
# ignore CRLFs until request line
while tp.lastline == "" and tp.readLine():
pass
# TODO: hacky, might need to change tp.readline returning read bytes instead
pd = ""
if tp.lastFull_line:
pd += tp.lastFull_line
while tp.readLine():
pd += tp.lastFull_line
if pd:
boundary = None
if "Content-Type" in self._headers:
values = self._headers["Content-Type"].split(";")
self.ContentType = values[0].strip().lower()
if self.ContentType == "multipart/form-data":
boundary = values[1].split("=")[1].strip()
self.setPostData(pd, boundary)
================================================
FILE: src/wfuzz/externals/reqresp/Response.py
================================================
import re
import cgi
from io import BytesIO
import gzip
import zlib
from .TextParser import TextParser
from wfuzz.helpers.str_func import python2_3_convert_from_unicode
def get_encoding_from_headers(headers):
"""Returns encodings from given HTTP Header Dict.
:param headers: dictionary to extract encoding from.
:rtype: str
"""
content_type = headers.get("Content-Type")
if not content_type:
return None
content_type, params = cgi.parse_header(content_type)
if "charset" in params:
return params["charset"].strip("'\"")
if "text" in content_type:
return "ISO-8859-1"
if "image" in content_type:
return "utf-8"
if "application/json" in content_type:
return "utf-8"
def get_encodings_from_content(content):
"""Returns encodings from given content string.
:param content: bytestring to extract encodings from.
"""
charset_re = re.compile(r'<meta.*?charset=["\']*(.+?)["\'>]', flags=re.I)
pragma_re = re.compile(r'<meta.*?content=["\']*;?charset=(.+?)["\'>]', flags=re.I)
xml_re = re.compile(r'^<\?xml.*?encoding=["\']*(.+?)["\'>]')
return (
charset_re.findall(content)
+ pragma_re.findall(content)
+ xml_re.findall(content)
)
class Response:
def __init__(self, protocol="", code="", message=""):
self.protocol = protocol # HTTP/1.1
self.code = code # 200
self.message = message # OK
self._headers = [] # bueno pues las cabeceras igual que en la request
self.__content = (
"" # contenido de la response (si i solo si Content-Length existe)
)
self.md5 = "" # hash de los contenidos del resultado
self.charlen = "" # Cantidad de caracteres de la respuesta
def addHeader(self, key, value):
self._headers += [(key, value)]
def delHeader(self, key):
for i in self._headers:
if i[0].lower() == key.lower():
self._headers.remove(i)
def addContent(self, text):
self.__content = self.__content + text
def __getitem__(self, key):
for i, j in self._headers:
if key == i:
return j
print("Error al obtener header!!!")
def getCookie(self):
str = []
for i, j in self._headers:
if i.lower() == "set-cookie":
str.append(j.split(";")[0])
return "; ".join(str)
def has_header(self, key):
for i, j in self._headers:
if i.lower() == key.lower():
return True
return False
def getLocation(self):
for i, j in self._headers:
if i.lower() == "location":
return j
return None
def header_equal(self, header, value):
for i, j in self._headers:
if i == header and j.lower() == value.lower():
return True
return False
def getHeaders(self):
return self._headers
def getContent(self):
return self.__content
def getTextHeaders(self):
string = (
str(self.protocol) + " " + str(self.code) + " " + str(self.message) + "\r\n"
)
for i, j in self._headers:
string += i + ": " + j + "\r\n"
return string
def getAll(self):
string = self.getTextHeaders() + "\r\n" + self.getContent()
return string
def Substitute(self, src, dst):
a = self.getAll()
b = a.replace(src, dst)
self.parseResponse(b)
def getAll_wpost(self):
string = (
str(self.protocol) + " " + str(self.code) + " " + str(self.message) + "\r\n"
)
for i, j in self._headers:
string += i + ": " + j + "\r\n"
return string
def parseResponse(self, rawheader, rawbody=None, type="curl"):
self.__content = ""
self._headers = []
tp = TextParser()
tp.setSource("string", rawheader)
tp.readUntil(r"(HTTP/[0-9.]+) ([0-9]+)")
while True:
while True:
try:
self.protocol = tp[0][0]
except Exception:
self.protocol = "unknown"
try:
self.code = tp[0][1]
except Exception:
self.code = "0"
if self.code != "100":
break
else:
tp.readUntil(r"(HTTP/[0-9.]+) ([0-9]+)")
self.code = int(self.code)
while True:
tp.readLine()
if tp.search("^([^:]+): ?(.*)$"):
self.addHeader(tp[0][0], tp[0][1])
else:
break
# curl sometimes sends two headers when using follow, 302 and the final header
# also when using proxies
tp.readLine()
if not tp.search(r"(HTTP/[0-9.]+) ([0-9]+)"):
break
else:
self._headers = []
# ignore CRLFs until request line
while tp.lastline == "" and tp.readLine():
pass
# TODO: this should be added to rawbody not directly to __content
if tp.lastFull_line:
self.addContent(tp.lastFull_line)
while tp.skip(1):
self.addContent(tp.lastFull_line)
if type == "curl":
self.delHeader("Transfer-Encoding")
if self.header_equal("Transfer-Encoding", "chunked"):
result = ""
content = BytesIO(rawbody)
hexa = content.readline()
nchunk = int(hexa.strip(), 16)
while nchunk:
result += content.read(nchunk)
content.readline()
hexa = content.readline()
nchunk = int(hexa.strip(), 16)
rawbody = result
if self.header_equal("Content-Encoding", "gzip"):
compressedstream = BytesIO(rawbody)
gzipper = gzip.GzipFile(fileobj=compressedstream)
rawbody = gzipper.read()
self.delHeader("Content-Encoding")
elif self.header_equal("Content-Encoding", "deflate"):
deflated_data = None
try:
deflater = zlib.decompressobj()
deflated_data = deflater.decompress(rawbody)
deflated_data += deflater.flush()
except zlib.error:
try:
deflater = zlib.decompressobj(-zlib.MAX_WBITS)
deflated_data = deflater.decompress(rawbody)
deflated_data += deflater.flush()
except zlib.error:
deflated_data = ""
rawbody = deflated_data
self.delHeader("Content-Encoding")
if rawbody is not None:
# Try to get charset encoding from headers
content_encoding = get_encoding_from_headers(dict(self.getHeaders()))
# fallback to default encoding
if content_encoding is None:
content_encoding = "utf-8"
self.__content = python2_3_convert_from_unicode(
rawbody.decode(content_encoding, errors="replace")
)
================================================
FILE: src/wfuzz/externals/reqresp/TextParser.py
================================================
# Covered by GPL V2.0
# Coded by Carlos del Ojo Elias (deepbit@gmail.com)
import sys
import re
# python 2 and 3: iterator
from builtins import object
class TextParser(object):
def __init__(self):
self.string = ""
self.oldindex = 0
self.newindex = 0
self.type = ""
self.lastFull_line = None
self.lastline = None
self.actualIndex = 0
def __del__(self):
if self.type == "file":
self.fd.close()
def __str__(self):
return str(self.matches)
def __iter__(self):
self.actualIndex = 0
return self
def __next__(self):
try:
value = self.matches[self.actualIndex]
self.actualIndex += 1
return value
except Exception:
raise StopIteration
def setSource(self, t, *args):
"""Se especifica el tipo de entrada. Puede ser fichero o entrada estandard
Ejemplos: setSource("file","/tmp/file")
setSource("stdin")\n"""
if t == "file":
self.type = t
self.fd = open(args[0], "r")
elif t == "stdin":
if self.type == "file":
self.fd.close()
self.type = t
elif t == "string":
if self.type == "file":
self.fd.close()
self.type = t
self.string = args[0]
self.oldindex = 0
self.newindex = 0
else:
print("Bad argument -- TextParser.setSource()\n")
sys.exit(-1)
def seekinit(self):
self.oldindex = 0
self.newindex = 0
def readUntil(self, pattern, caseSens=True):
"Lee lineas hasta que el patron (pattern) conincide en alguna linea"
while True:
if self.readLine() == 0:
return False
if self.search(pattern, caseSens) is True:
break
return True
def search(self, pattern, caseSens=True, debug=0):
"Intenta hacer Matching entre el pattern pasado por parametro y la ultima linea leida"
if not caseSens:
self.regexp = re.compile(pattern, re.IGNORECASE)
else:
self.regexp = re.compile(pattern)
self.matches = self.regexp.findall(self.lastline)
j = 0
for i in self.matches:
if not isinstance(i, tuple):
self.matches[j] = tuple([self.matches[j]])
j += 1
# DEBUG PARA MATCHING
if debug == 1:
print(("[", self.lastline, "-", pattern, "]"))
print((len(self.matches)))
print((self.matches))
if len(self.matches) == 0:
return False
else:
return True
def __getitem__(self, key):
"Para acceder a cada uno de los patrones que coinciden, esta preparado paragrupos de patrones, no para solo un patron"
return self.matches[key]
def skip(self, lines):
"Salta las lines que se indiquen en el parametro"
for i in range(lines):
if self.readLine() == 0:
return False
return True
def readLine(self):
"Lee la siguiente linea eliminando retornos de carro"
if self.type == "file":
self.lastFull_line = self.fd.readline()
elif self.type == "stdin":
self.lastFull_line = input()
elif self.type == "string":
if self.newindex == -1:
return 0
if self.oldindex >= 0:
self.newindex = self.string.find("\n", self.oldindex, len(self.string))
if self.newindex == -1:
self.newindex = len(self.string) - 1
self.lastFull_line = self.string[self.oldindex : self.newindex + 1]
self.oldindex = self.newindex + 1
else:
self.lastFull_line = ""
bytes_read = len(self.lastFull_line)
s = self.lastFull_line
self.lastline = s
if s[-2:] == "\r\n":
self.lastline = s[:-2]
elif s[-1:] == "\r" or s[-1:] == "\n":
self.lastline = s[:-1]
return bytes_read
================================================
FILE: src/wfuzz/externals/reqresp/Variables.py
================================================
from .TextParser import TextParser
import json
class Variable:
def __init__(self, name, value="", extraInfo=""):
self.name = name
self.value = value
self.initValue = value
self.extraInfo = extraInfo
def restore(self):
self.value = self.initValue
def change(self, newval):
self.initValue = self.value = newval
def update(self, val):
self.value = val
def append(self, val):
self.value += val
def __str__(self):
return "[ %s : %s ]" % (self.name, self.value)
class VariablesSet:
def __init__(self):
self.variables = []
self.boundary = None
def names(self):
dicc = []
for i in self.variables:
dicc.append(i.name)
return dicc
def existsVar(self, name):
return name in self.names()
def addVariable(self, name, value="", extraInfo=""):
self.variables.append(Variable(name, value, extraInfo))
def getVariable(self, name):
dicc = []
for i in self.variables:
if i.name == name:
dicc.append(i)
if len(dicc) > 1:
raise Exception("Variable exists more than one time!!! :D" % (name))
if not dicc:
var = Variable(name)
self.variables.append(var)
return var
return dicc[0]
def urlEncoded(self):
return "&".join(
[
"=".join([i.name, i.value]) if i.value is not None else i.name
for i in self.variables
]
)
def json_encoded(self):
dicc = {i.name: i.value for i in self.variables}
return json.dumps(dicc)
def parse_json_encoded(self, cad):
dicc = []
for key, value in json.loads(cad).items():
dicc.append(Variable(key, value))
self.variables = dicc
def parseUrlEncoded(self, cad):
dicc = []
if cad == "":
dicc.append(Variable("", None))
for i in cad.split("&"):
if i:
var_list = i.split("=", 1)
if len(var_list) == 1:
dicc.append(Variable(var_list[0], None))
elif len(var_list) == 2:
dicc.append(Variable(var_list[0], var_list[1]))
self.variables = dicc
def multipartEncoded(self):
if not self.boundary:
self.boundary = "---------------------------D33PB1T0R3QR3SP0B0UND4RY2203"
pd = ""
for i in self.variables:
pd += "--" + self.boundary + "\r\n"
pd += "%s\r\n\r\n%s\r\n" % ("\r\n".join(i.extraInfo), i.value)
pd += "--" + self.boundary + "--\r\n"
return pd
def parseMultipart(self, cad, boundary):
self.boundary = boundary
dicc = []
tp = TextParser()
tp.setSource("string", cad)
while True:
headers = []
if not tp.readUntil('name="([^"]+)"'):
break
var = tp[0][0]
headers.append(tp.lastFull_line.strip())
while True:
tp.readLine()
if tp.search("^([^:]+): (.*)$"):
headers.append(tp.lastFull_line.strip())
else:
break
value = ""
while True:
tp.readLine()
if not tp.search(boundary):
value += tp.lastFull_line
else:
break
if value[-2:] == "\r\n":
value = value[:-2]
dicc.append(Variable(var, value.strip(), headers))
self.variables = dicc
================================================
FILE: src/wfuzz/externals/reqresp/__init__.py
================================================
from .Request import Request
from .Response import Response
================================================
FILE: src/wfuzz/externals/reqresp/cache.py
================================================
from collections import defaultdict
class HttpCache:
def __init__(self):
# cache control
self.__cache_map = defaultdict(list)
def update_cache(self, req, category="default"):
key = req.to_cache_key()
# first hit
if key not in self.__cache_map:
self.__cache_map[key].append(category)
return True
elif key in self.__cache_map and category not in self.__cache_map[key]:
self.__cache_map[key].append(category)
return True
return False
def msg_in_cache(self, req, category="default"):
key = req.to_cache_key()
return key in self.__cache_map and category in self.__cache_map[key]
================================================
FILE: src/wfuzz/externals/reqresp/exceptions.py
================================================
class ReqRespException(Exception):
FATAL, RESOLVE_PROXY, RESOLVE_HOST, CONNECT_HOST, SSL, TIMEOUT = list(range(6))
def __init__(self, etype, msg):
self.etype = etype
self.msg = msg
Exception.__init__(self, msg)
================================================
FILE: src/wfuzz/externals/settings/__init__.py
================================================
================================================
FILE: src/wfuzz/externals/settings/settings.py
================================================
# Python 2 and 3 (after ``pip install configparser``):
try:
from configparser import ConfigParser
except ImportError:
import ConfigParser
import os
import sys
class SettingsBase:
"""
Contains application settings. uses a ConfigParser
"""
def __init__(self, save=False):
self.cparser = ConfigParser()
self.set_all(self.set_defaults())
self.filename = os.path.join(
self._path_to_program_dir(), self.get_config_file()
)
self.cparser.read(self.filename)
# Base members should implement
def get_config_file(self):
"""Returns the name of the file where the config is saved."""
raise NotImplementedError
def set_defaults(self):
"""
Returns a dictionary with the default settings in the form of
{ \
Section: [ \
("setting_x", '5'),
...
("setting_y", '5'),
],
...
}
"""
raise NotImplementedError
def has_option(self, section, setting):
return self.cparser.has_option(section, setting)
def set(self, section, setting, value):
self.cparser.set(section, setting, value)
def get(self, section, setting):
value = self.cparser.get(section, setting)
return value
def get_section(self, section):
return self.cparser.items(section)
def get_options(self, section):
return self.cparser.options(section)
def get_sections(self):
return self.cparser.sections()
def get_all(self):
sett = {}
# dump entire config file
for section in self.cparser.sections():
for option in self.cparser.options(section):
if section not in sett:
sett[section] = []
sett[section].append((option, self.cparser.get(section, option)))
return sett
def set_all(self, sett):
self.cparser = ConfigParser()
for section, settings in sett.items():
self.cparser.add_section(section)
for key, value in settings:
self.cparser.set(section, key, value)
def save(self):
try:
with open(self.filename, "w") as iniFile:
self.cparser.write(iniFile)
except Exception:
return False
return True
def _path_to_program_dir(self):
"""
Returns path to program directory
"""
path = sys.argv[0]
if not os.path.isdir(path):
path = os.path.dirname(path)
if not path:
return "."
return path
================================================
FILE: src/wfuzz/facade.py
================================================
from .helpers.file_func import get_home, get_path, get_config_dir
from .helpers.obj_factory import Singleton
from . import __version__ as version
from .externals.moduleman.registrant import MulRegistrant
from .externals.moduleman.loader import DirLoader
from .externals.settings.settings import SettingsBase
from .exception import FuzzExceptNoPluginError, FuzzExceptPluginLoadError
import os
ERROR_CODE = -1
BASELINE_CODE = -2
class Settings(SettingsBase):
def get_config_file(self):
config_file = "wfuzz.ini"
config = os.path.join(get_config_dir(check=False), config_file)
legacy_config = os.path.join(get_home(check=False), config_file)
if os.path.exists(config):
return config
elif os.path.exists(legacy_config):
return legacy_config
return os.path.join(get_config_dir(check=True), config_file)
def set_defaults(self):
return dict(
plugins=[("bing_apikey", ""), ("shodan_apikey", "")],
kbase=[
(
"discovery.blacklist",
".svg-.css-.js-.jpg-.gif-.png-.jpeg-.mov-.avi-.flv-.ico",
)
],
connection=[
("concurrent", "10"),
("conn_delay", "90"),
("req_delay", "90"),
("retries", "3"),
("User-Agent", "Wfuzz/%s" % version),
],
general=[
("default_printer", "raw"),
("cancel_on_plugin_except", "0"),
("concurrent_plugins", "3"),
("lookup_dirs", "."),
("encode_space", "1"),
],
)
class MyRegistrant(MulRegistrant):
def get_plugin(self, identifier):
try:
return MulRegistrant.get_plugin(self, identifier)
except KeyError as e:
raise FuzzExceptNoPluginError(
"Requested plugin %s. Error: %s" % (identifier, str(e))
)
class Facade(metaclass=Singleton):
def __init__(self):
self.__plugins = dict(
printers=None, scripts=None, encoders=None, iterators=None, payloads=None,
)
self.sett = Settings()
def _load(self, cat):
try:
if cat not in self.__plugins:
raise FuzzExceptNoPluginError("Non-existent plugin category %s" % cat)
if not self.__plugins[cat]:
loader_list = []
loader_list.append(
DirLoader(**{"base_dir": cat, "base_path": get_path("../plugins")})
)
loader_list.append(
DirLoader(**{"base_dir": cat, "base_path": get_home()})
)
self.__plugins[cat] = MyRegistrant(loader_list)
return self.__plugins[cat]
except Exception as e:
raise FuzzExceptPluginLoadError("Error loading plugins: %s" % str(e))
def proxy(self, which):
return self._load(which)
def get_registrants(self):
return self.__plugins.keys()
def __getattr__(self, name):
if name in ["printers", "payloads", "iterators", "encoders", "scripts"]:
return self._load(name)
else:
raise AttributeError
================================================
FILE: src/wfuzz/factories/__init__.py
================================================
================================================
FILE: src/wfuzz/factories/dictfactory.py
================================================
# Python 2 and 3: zip_longest
try:
from itertools import zip_longest
except ImportError:
from itertools import izip_longest as zip_longest
from ..helpers.obj_factory import ObjectFactory
from ..exception import FuzzExceptBadOptions
from ..facade import Facade
from ..dictionaries import (
TupleIt,
WrapperIt,
SliceIt,
EncodeIt,
AllVarDictio,
)
class DictionaryFactory(ObjectFactory):
def __init__(self):
ObjectFactory.__init__(
self,
{
"dictio_from_iterable": DictioFromIterableBuilder(),
"dictio_from_payload": DictioFromPayloadBuilder(),
"dictio_from_allvar": DictioFromAllVarBuilder(),
"dictio_from_options": DictioFromOptions(),
},
)
class BaseDictioBuilder:
@staticmethod
def validate(options, selected_dic):
if not selected_dic:
raise FuzzExceptBadOptions("Empty dictionary! Check payload and filter")
if len(selected_dic) == 1 and options["iterator"]:
raise FuzzExceptBadOptions(
"Several dictionaries must be used when specifying an iterator"
)
@staticmethod
def get_dictio(options, selected_dic):
if len(selected_dic) == 1:
return TupleIt(selected_dic[0])
elif options["iterator"]:
return Facade().iterators.get_plugin(options["iterator"])(*selected_dic)
else:
return Facade().iterators.get_plugin("product")(*selected_dic)
class DictioFromIterableBuilder(BaseDictioBuilder):
def __call__(self, options):
selected_dic = []
self._payload_list = []
for d in [WrapperIt(x) for x in options["dictio"]]:
selected_dic.append(d)
self.validate(options, selected_dic)
return self.get_dictio(options, selected_dic)
class DictioFromPayloadBuilder(BaseDictioBuilder):
def __call__(self, options):
selected_dic = []
for payload in options["payloads"]:
try:
name, params, slicestr = [
x[0] for x in zip_longest(payload, (None, None, None))
]
except ValueError:
raise FuzzExceptBadOptions(
"You must supply a list of payloads in the form of [(name, {params}), ... ]"
)
if not params:
raise FuzzExceptBadOptions(
"You must supply a list of payloads in the form of [(name, {params}), ... ]"
)
dictionary = Facade().payloads.get_plugin(name)(params)
if "encoder" in params and params["encoder"] is not None:
dictionary = EncodeIt(dictionary, params["encoder"])
selected_dic.append(
SliceIt(dictionary, slicestr) if slicestr else dictionary
)
self.validate(options, selected_dic)
return self.get_dictio(options, selected_dic)
class DictioFromAllVarBuilder(BaseDictioBuilder):
@staticmethod
def from_all_fuzz_request_gen(options, dictio_list):
for payload in dictio_list:
if len(payload) > 1:
raise FuzzExceptBadOptions(
"Only one payload is allowed when fuzzing all parameters!"
)
for var_name in options["compiled_seed"].history.wf_allvars_set.keys():
yield (var_name, payload[0])
def __call__(self, options):
dictio_list = DictioFromOptions()(options)
return AllVarDictio(
self.from_all_fuzz_request_gen(options, dictio_list),
dictio_list.count() * len(options["compiled_seed"].history.wf_allvars_set),
)
class DictioFromOptions(BaseDictioBuilder):
def __call__(self, options):
if options["dictio"]:
return DictioFromIterableBuilder()(options)
else:
return DictioFromPayloadBuilder()(options)
dictionary_factory = DictionaryFactory()
================================================
FILE: src/wfuzz/factories/fuzzfactory.py
================================================
from ..fuzzrequest import FuzzRequest
from ..helpers.obj_factory import ObjectFactory, SeedBuilderHelper
class FuzzRequestFactory(ObjectFactory):
def __init__(self):
ObjectFactory.__init__(
self,
{
"request_from_options": RequestBuilder(),
"seed_from_options": SeedBuilder(),
},
)
class RequestBuilder:
def __call__(self, options):
fr = FuzzRequest()
fr.url = options["url"]
fr.wf_fuzz_methods = options["method"]
fr.update_from_options(options)
return fr
class SeedBuilder:
def __call__(self, options):
seed = reqfactory.create("request_from_options", options)
marker_dict = SeedBuilderHelper.get_marker_dict(seed)
SeedBuilderHelper.remove_baseline_markers(seed, marker_dict)
return seed
reqfactory = FuzzRequestFactory()
================================================
FILE: src/wfuzz/factories/fuzzresfactory.py
================================================
import copy
from .fuzzfactory import reqfactory
from .payman import payman_factory
from ..fuzzobjects import FuzzResult, FuzzType, FuzzWord, FuzzWordType
from ..helpers.obj_factory import ObjectFactory, SeedBuilderHelper
class FuzzResultFactory(ObjectFactory):
def __init__(self):
ObjectFactory.__init__(
self,
{
"fuzzres_from_options_and_dict": FuzzResultDictioBuilder(),
"fuzzres_from_allvar": FuzzResultAllVarBuilder(),
"fuzzres_from_recursion": FuzzResRecursiveBuilder(),
"seed_from_recursion": SeedRecursiveBuilder(),
"seed_from_options": SeedResultBuilder(),
"seed_from_options_and_dict": FuzzResultDictSeedBuilder(),
"baseline_from_options": BaselineResultBuilder(),
},
)
class FuzzResultDictioBuilder:
def __call__(self, opt
gitextract_30du5tiz/ ├── .flake8 ├── .github/ │ ├── dependabot.yml │ └── workflows/ │ └── docker-release.yml ├── .gitignore ├── .travis.yml ├── Dockerfile ├── ISSUE_TEMPLATE.md ├── LICENSE ├── MANIFEST.in ├── Makefile ├── README.md ├── docs/ │ ├── Makefile │ ├── _templates/ │ │ └── sidebarlogo.html │ ├── conf.py │ ├── dev/ │ │ └── plugins.rst │ ├── index.rst │ ├── library/ │ │ └── guide.rst │ ├── make.bat │ └── user/ │ ├── advanced.rst │ ├── basicusage.rst │ ├── breaking.rst │ ├── getting.rst │ ├── installation.rst │ └── wfpayload.rst ├── requirements.txt ├── setup.py ├── src/ │ ├── wfencode.py │ ├── wfpayload.py │ ├── wfuzz/ │ │ ├── __init__.py │ │ ├── __main__.py │ │ ├── api.py │ │ ├── core.py │ │ ├── dictionaries.py │ │ ├── exception.py │ │ ├── externals/ │ │ │ ├── __init__.py │ │ │ ├── moduleman/ │ │ │ │ ├── __init__.py │ │ │ │ ├── loader.py │ │ │ │ ├── modulefilter.py │ │ │ │ ├── plugin.py │ │ │ │ └── registrant.py │ │ │ ├── reqresp/ │ │ │ │ ├── Request.py │ │ │ │ ├── Response.py │ │ │ │ ├── TextParser.py │ │ │ │ ├── Variables.py │ │ │ │ ├── __init__.py │ │ │ │ ├── cache.py │ │ │ │ └── exceptions.py │ │ │ └── settings/ │ │ │ ├── __init__.py │ │ │ └── settings.py │ │ ├── facade.py │ │ ├── factories/ │ │ │ ├── __init__.py │ │ │ ├── dictfactory.py │ │ │ ├── fuzzfactory.py │ │ │ ├── fuzzresfactory.py │ │ │ ├── payman.py │ │ │ ├── plugin_factory.py │ │ │ └── reqresp_factory.py │ │ ├── filters/ │ │ │ ├── __init__.py │ │ │ ├── ppfilter.py │ │ │ └── simplefilter.py │ │ ├── fuzzobjects.py │ │ ├── fuzzqueues.py │ │ ├── fuzzrequest.py │ │ ├── helpers/ │ │ │ ├── __init__.py │ │ │ ├── file_func.py │ │ │ ├── obj_dic.py │ │ │ ├── obj_dyn.py │ │ │ ├── obj_factory.py │ │ │ ├── str_func.py │ │ │ └── utils.py │ │ ├── mixins.py │ │ ├── myhttp.py │ │ ├── myqueues.py │ │ ├── options.py │ │ ├── plugin_api/ │ │ │ ├── __init__.py │ │ │ ├── base.py │ │ │ ├── mixins.py │ │ │ ├── payloadtools.py │ │ │ └── urlutils.py │ │ ├── plugins/ │ │ │ ├── __init__.py │ │ │ ├── encoders/ │ │ │ │ ├── __init__.py │ │ │ │ └── encoders.py │ │ │ ├── iterators/ │ │ │ │ ├── __init__.py │ │ │ │ └── iterations.py │ │ │ ├── payloads/ │ │ │ │ ├── __init__.py │ │ │ │ ├── autorize.py │ │ │ │ ├── bing.py │ │ │ │ ├── buffer_overflow.py │ │ │ │ ├── burpitem.py │ │ │ │ ├── burplog.py │ │ │ │ ├── burpstate.py │ │ │ │ ├── dirwalk.py │ │ │ │ ├── file.py │ │ │ │ ├── guitab.py │ │ │ │ ├── hexrand.py │ │ │ │ ├── hexrange.py │ │ │ │ ├── ipnet.py │ │ │ │ ├── iprange.py │ │ │ │ ├── list.py │ │ │ │ ├── names.py │ │ │ │ ├── permutation.py │ │ │ │ ├── range.py │ │ │ │ ├── shodanp.py │ │ │ │ ├── stdin.py │ │ │ │ └── wfuzzp.py │ │ │ ├── printers/ │ │ │ │ ├── __init__.py │ │ │ │ └── printers.py │ │ │ └── scripts/ │ │ │ ├── __init__.py │ │ │ ├── backups.py │ │ │ ├── cookies.py │ │ │ ├── cvs_extractor.py │ │ │ ├── errors.py │ │ │ ├── grep.py │ │ │ ├── headers.py │ │ │ ├── links.py │ │ │ ├── listing.py │ │ │ ├── npm_deps.py │ │ │ ├── robots.py │ │ │ ├── screenshot.py │ │ │ ├── sitemap.py │ │ │ ├── svn_extractor.py │ │ │ ├── title.py │ │ │ └── wcdb.py │ │ ├── ui/ │ │ │ ├── __init__.py │ │ │ ├── console/ │ │ │ │ ├── __init__.py │ │ │ │ ├── clparser.py │ │ │ │ ├── common.py │ │ │ │ ├── getch.py │ │ │ │ ├── mvc.py │ │ │ │ └── output.py │ │ │ └── gui/ │ │ │ ├── __init__.py │ │ │ ├── controller.py │ │ │ ├── guicontrols.py │ │ │ └── model.py │ │ └── wfuzz.py │ ├── wfuzz-cli.py │ └── wxfuzz.py ├── tests/ │ ├── acceptance/ │ │ └── test_saved_filter.py │ ├── api/ │ │ ├── test_encoders.py │ │ ├── test_payload.py │ │ └── test_session.py │ ├── conftest.py │ ├── factories/ │ │ └── test_seedbasebuilder.py │ ├── filters/ │ │ ├── test_filter.py │ │ ├── test_filter_codes.py │ │ ├── test_filter_urlp.py │ │ ├── test_prefilter_mangle.py │ │ └── test_prefilter_mangle_codes.py │ ├── helpers/ │ │ ├── test_dotdict.py │ │ └── test_insensitive_dict.py │ ├── plugins/ │ │ ├── test_burplog.py │ │ ├── test_links.py │ │ └── test_summary.py │ ├── server_dir/ │ │ ├── Dockerfile │ │ ├── dir/ │ │ │ ├── a │ │ │ ├── b │ │ │ ├── c │ │ │ └── one │ │ ├── docker-compose.yml │ │ ├── iterators/ │ │ │ ├── aa │ │ │ ├── ac │ │ │ └── bb │ │ ├── plugins/ │ │ │ └── robots.txt │ │ ├── recursive_dir/ │ │ │ └── a/ │ │ │ └── b/ │ │ │ └── c/ │ │ │ └── placeholder.txt │ │ ├── simple_server.py │ │ └── static/ │ │ └── placeholder.txt │ ├── test_acceptance.py │ ├── test_api.py │ ├── test_clparser.py │ ├── test_filterintro.py │ ├── test_moduleman.py │ ├── test_relativeurl.py │ ├── test_req_parse.py │ └── test_reqresp.py ├── tox.ini ├── wfencode ├── wfencode.bat ├── wfpayload ├── wfpayload.bat ├── wfuzz ├── wfuzz.bat ├── wfuzz_bash_completion ├── wordlist/ │ ├── Injections/ │ │ ├── All_attack.txt │ │ ├── SQL.txt │ │ ├── Traversal.txt │ │ ├── XML.txt │ │ ├── XSS.txt │ │ └── bad_chars.txt │ ├── general/ │ │ ├── admin-panels.txt │ │ ├── big.txt │ │ ├── catala.txt │ │ ├── common.txt │ │ ├── euskera.txt │ │ ├── extensions_common.txt │ │ ├── http_methods.txt │ │ ├── medium.txt │ │ ├── megabeast.txt │ │ ├── mutations_common.txt │ │ ├── spanish.txt │ │ └── test.txt │ ├── others/ │ │ ├── common_pass.txt │ │ └── names.txt │ ├── stress/ │ │ ├── alphanum_case.txt │ │ ├── alphanum_case_extra.txt │ │ ├── char.txt │ │ ├── doble_uri_hex.txt │ │ ├── test_ext.txt │ │ └── uri_hex.txt │ ├── vulns/ │ │ ├── apache.txt │ │ ├── cgis.txt │ │ ├── coldfusion.txt │ │ ├── dirTraversal-nix.txt │ │ ├── dirTraversal-win.txt │ │ ├── dirTraversal.txt │ │ ├── domino.txt │ │ ├── fatwire.txt │ │ ├── fatwire_pagenames.txt │ │ ├── frontpage.txt │ │ ├── iis.txt │ │ ├── iplanet.txt │ │ ├── jrun.txt │ │ ├── netware.txt │ │ ├── oracle9i.txt │ │ ├── sharepoint.txt │ │ ├── sql_inj.txt │ │ ├── sunas.txt │ │ ├── tests.txt │ │ ├── tomcat.txt │ │ ├── vignette.txt │ │ ├── weblogic.txt │ │ └── websphere.txt │ └── webservices/ │ ├── ws-dirs.txt │ └── ws-files.txt ├── wxfuzz └── wxfuzz.bat
SYMBOL INDEX (1288 symbols across 114 files)
FILE: src/wfuzz/__init__.py
function warning_on_one_line (line 23) | def warning_on_one_line(message, category, filename, lineno, file=None, ...
FILE: src/wfuzz/api.py
function fuzz (line 10) | def fuzz(**kwargs):
function get_payloads (line 14) | def get_payloads(iterator):
function get_payload (line 20) | def get_payload(iterator):
function encode (line 25) | def encode(name, value):
function decode (line 29) | def decode(name, value):
function payload (line 33) | def payload(**kwargs):
function get_session (line 37) | def get_session(cline):
FILE: src/wfuzz/core.py
class Fuzzer (line 27) | class Fuzzer(object):
method __init__ (line 28) | def __init__(self, options):
method __iter__ (line 104) | def __iter__(self):
method __next__ (line 107) | def __next__(self):
method stats (line 120) | def stats(self):
method cancel_job (line 127) | def cancel_job(self):
method pause_job (line 130) | def pause_job(self):
method resume_job (line 133) | def resume_job(self):
FILE: src/wfuzz/dictionaries.py
class BaseIterator (line 7) | class BaseIterator:
method count (line 8) | def count(self):
method width (line 11) | def width(self):
method payloads (line 14) | def payloads(self):
method cleanup (line 17) | def cleanup(self):
class BaseDictionary (line 22) | class BaseDictionary:
method count (line 23) | def count(self):
method next_word (line 26) | def next_word(self):
method __next__ (line 29) | def __next__(self):
method __iter__ (line 32) | def __iter__(self):
method close (line 35) | def close(self):
class EncodeIt (line 39) | class EncodeIt(BaseDictionary):
method __init__ (line 40) | def __init__(self, parent, encoders_list):
method count (line 45) | def count(self):
method concatenate (line 48) | def concatenate(self, encoder_name, payload_word):
method encode (line 55) | def encode(self, encoder_name, payload_word):
method next_word (line 68) | def next_word(self):
method _gen (line 71) | def _gen(self):
method __next__ (line 85) | def __next__(self):
class TupleIt (line 89) | class TupleIt(BaseDictionary, BaseIterator):
method __init__ (line 90) | def __init__(self, parent):
method count (line 93) | def count(self):
method width (line 96) | def width(self):
method payloads (line 99) | def payloads(self):
method next_word (line 102) | def next_word(self):
class WrapperIt (line 106) | class WrapperIt(BaseDictionary):
method __init__ (line 107) | def __init__(self, iterator):
method count (line 110) | def count(self):
method get_type (line 113) | def get_type(self):
method next_word (line 116) | def next_word(self):
class SliceIt (line 120) | class SliceIt(BaseDictionary):
method __init__ (line 121) | def __init__(self, payload, slicestr):
method count (line 126) | def count(self):
method get_type (line 129) | def get_type(self):
method _get_filtered_value (line 132) | def _get_filtered_value(self, item):
method next_word (line 140) | def next_word(self):
class AllVarDictio (line 160) | class AllVarDictio(BaseDictionary, BaseIterator):
method __init__ (line 161) | def __init__(self, iterator, allvar_len):
method count (line 165) | def count(self):
method width (line 168) | def width(self):
method payloads (line 171) | def payloads(self):
method next_word (line 174) | def next_word(self):
FILE: src/wfuzz/exception.py
class FuzzException (line 1) | class FuzzException(Exception):
class FuzzExceptBadOptions (line 5) | class FuzzExceptBadOptions(FuzzException):
class FuzzExceptNoPluginError (line 9) | class FuzzExceptNoPluginError(FuzzException):
class FuzzExceptPluginLoadError (line 13) | class FuzzExceptPluginLoadError(FuzzException):
class FuzzExceptIncorrectFilter (line 17) | class FuzzExceptIncorrectFilter(FuzzException):
class FuzzExceptBadAPI (line 21) | class FuzzExceptBadAPI(FuzzException):
class FuzzExceptInternalError (line 25) | class FuzzExceptInternalError(FuzzException):
class FuzzExceptBadFile (line 29) | class FuzzExceptBadFile(FuzzException):
class FuzzExceptBadInstall (line 33) | class FuzzExceptBadInstall(FuzzException):
class FuzzExceptBadRecipe (line 37) | class FuzzExceptBadRecipe(FuzzException):
class FuzzExceptMissingAPIKey (line 41) | class FuzzExceptMissingAPIKey(FuzzException):
class FuzzExceptPluginBadParams (line 45) | class FuzzExceptPluginBadParams(FuzzException):
class FuzzExceptResourceParseError (line 49) | class FuzzExceptResourceParseError(FuzzException):
class FuzzExceptPluginError (line 53) | class FuzzExceptPluginError(FuzzException):
class FuzzExceptNetError (line 57) | class FuzzExceptNetError(FuzzException):
FILE: src/wfuzz/externals/moduleman/loader.py
class IModuleLoader (line 7) | class IModuleLoader:
method __init__ (line 8) | def __init__(self, **params):
method set_params (line 11) | def set_params(self, **params):
method load (line 14) | def load(self, registrant):
class FileLoader (line 18) | class FileLoader(IModuleLoader):
method __init__ (line 19) | def __init__(self, **params):
method set_params (line 23) | def set_params(self, **params):
method load (line 34) | def load(self, registrant):
method _build_id (line 39) | def _build_id(self, filename, objname):
method _load_py_from_file (line 49) | def _load_py_from_file(self, filename):
class DirLoader (line 96) | class DirLoader(FileLoader):
method __init__ (line 97) | def __init__(self, **params):
method set_params (line 101) | def set_params(self, **params):
method load (line 112) | def load(self, registrant):
method _build_id (line 116) | def _build_id(self, filename, objname):
method __load_all (line 128) | def __load_all(self, dir_name):
method __walk_dir_tree (line 144) | def __walk_dir_tree(self, dirname):
FILE: src/wfuzz/externals/moduleman/modulefilter.py
class IFilter (line 41) | class IFilter:
method is_visible (line 42) | def is_visible(self, plugin, filter_string):
class Filter (line 46) | class Filter(IFilter):
method __init__ (line 47) | def __init__(self):
method __compute_neg_formula (line 69) | def __compute_neg_formula(self, tokens):
method __compute_element (line 75) | def __compute_element(self, tokens):
method __myreduce (line 87) | def __myreduce(self, elements):
method __compute_formula (line 97) | def __compute_formula(self, tokens):
method simple_filter (line 100) | def simple_filter(self, plugin, filter_string):
method simple_filter_banned_keywords (line 117) | def simple_filter_banned_keywords(self, filter_string):
method is_visible (line 127) | def is_visible(self, plugin, filter_string):
FILE: src/wfuzz/externals/moduleman/plugin.py
function moduleman_plugin (line 7) | def moduleman_plugin(*args):
FILE: src/wfuzz/externals/moduleman/registrant.py
class IRegistrant (line 11) | class IRegistrant:
method __init__ (line 12) | def __init__(self, loader, plg_filter):
method register (line 20) | def register(self, identifier, module):
method start_loading (line 23) | def start_loading(self):
method load (line 26) | def load(self):
method end_loading (line 29) | def end_loading(self):
method modify_instance (line 32) | def modify_instance(self, module):
class KnowledgeBase (line 36) | class KnowledgeBase(MutableMapping):
method __init__ (line 37) | def __init__(self, *args, **kwargs):
method __getitem__ (line 41) | def __getitem__(self, key):
method __setitem__ (line 45) | def __setitem__(self, key, value):
method __delitem__ (line 49) | def __delitem__(self, key):
method __len__ (line 53) | def __len__(self):
method __str__ (line 57) | def __str__(self):
method __iter__ (line 61) | def __iter__(self):
class BRegistrant (line 65) | class BRegistrant(IRegistrant):
method __init__ (line 66) | def __init__(self, loader, plg_filter=Filter()):
method register (line 73) | def register(self, identifier, module):
method load (line 77) | def load(self):
method start_loading (line 80) | def start_loading(self):
method end_loading (line 83) | def end_loading(self):
method modify_instance (line 86) | def modify_instance(self, module):
method plugin_state (line 94) | def plugin_state(self, identifier, state):
method __get_plugins (line 97) | def __get_plugins(self, category, sorting):
method get_plugin (line 118) | def get_plugin(self, identifier):
method get_plugins (line 141) | def get_plugins(self, category="$all$", sorting="true"):
method get_plugins_ext (line 144) | def get_plugins_ext(self, category="$all$", sorting="true"):
method get_plugins_names (line 160) | def get_plugins_names(self, category="$all$", sorting="true"):
method get_plugins_ids (line 163) | def get_plugins_ids(self, category="$all$", sorting="true"):
class MulRegistrant (line 167) | class MulRegistrant(BRegistrant):
method load (line 168) | def load(self):
FILE: src/wfuzz/externals/reqresp/Request.py
class Request (line 33) | class Request:
method __init__ (line 34) | def __init__(self):
method method (line 95) | def method(self):
method method (line 102) | def method(self, value):
method setFinalUrl (line 108) | def setFinalUrl(self, fu):
method __str__ (line 111) | def __str__(self):
method getHost (line 120) | def getHost(self):
method getXML (line 123) | def getXML(self, obj):
method __getattr__ (line 140) | def __getattr__(self, name):
method setUrl (line 178) | def setUrl(self, urltmp):
method getProxy (line 190) | def getProxy(self):
method setProxy (line 193) | def setProxy(self, prox, ptype):
method setFollowLocation (line 198) | def setFollowLocation(self, value):
method setConnTimeout (line 202) | def setConnTimeout(self, time):
method getConnTimeout (line 205) | def getConnTimeout(self):
method setTotalTimeout (line 208) | def setTotalTimeout(self, time):
method getTotalTimeout (line 211) | def getTotalTimeout(self):
method setAuth (line 215) | def setAuth(self, method, string):
method getAuth (line 219) | def getAuth(self):
method existsGETVar (line 224) | def existsGETVar(self, key):
method existPOSTVar (line 227) | def existPOSTVar(self, key):
method setVariablePOST (line 230) | def setVariablePOST(self, key, value):
method setVariableGET (line 236) | def setVariableGET(self, key, value):
method getGETVars (line 240) | def getGETVars(self):
method getPOSTVars (line 243) | def getPOSTVars(self):
method setPostData (line 246) | def setPostData(self, pd, boundary=None):
method addHeader (line 266) | def addHeader(self, key, value):
method delHeader (line 269) | def delHeader(self, key):
method __getitem__ (line 273) | def __getitem__(self, key):
method getHeaders (line 279) | def getHeaders(self):
method head (line 285) | def head(self):
method createPath (line 300) | def createPath(self, newpath):
method to_pycurl_object (line 313) | def to_pycurl_object(c, req):
method response_from_conn_object (line 385) | def response_from_conn_object(self, conn, header, body):
method perform (line 397) | def perform(self):
method getAll (line 414) | def getAll(self):
method header_callback (line 432) | def header_callback(self, data):
method body_callback (line 435) | def body_callback(self, data):
method Substitute (line 438) | def Substitute(self, src, dst):
method parseRequest (line 445) | def parseRequest(self, rawRequest, prot="http"):
FILE: src/wfuzz/externals/reqresp/Response.py
function get_encoding_from_headers (line 13) | def get_encoding_from_headers(headers):
function get_encodings_from_content (line 40) | def get_encodings_from_content(content):
class Response (line 56) | class Response:
method __init__ (line 57) | def __init__(self, protocol="", code="", message=""):
method addHeader (line 68) | def addHeader(self, key, value):
method delHeader (line 71) | def delHeader(self, key):
method addContent (line 76) | def addContent(self, text):
method __getitem__ (line 79) | def __getitem__(self, key):
method getCookie (line 85) | def getCookie(self):
method has_header (line 92) | def has_header(self, key):
method getLocation (line 98) | def getLocation(self):
method header_equal (line 104) | def header_equal(self, header, value):
method getHeaders (line 110) | def getHeaders(self):
method getContent (line 113) | def getContent(self):
method getTextHeaders (line 116) | def getTextHeaders(self):
method getAll (line 125) | def getAll(self):
method Substitute (line 129) | def Substitute(self, src, dst):
method getAll_wpost (line 134) | def getAll_wpost(self):
method parseResponse (line 142) | def parseResponse(self, rawheader, rawbody=None, type="curl"):
FILE: src/wfuzz/externals/reqresp/TextParser.py
class TextParser (line 11) | class TextParser(object):
method __init__ (line 12) | def __init__(self):
method __del__ (line 22) | def __del__(self):
method __str__ (line 26) | def __str__(self):
method __iter__ (line 29) | def __iter__(self):
method __next__ (line 33) | def __next__(self):
method setSource (line 41) | def setSource(self, t, *args):
method seekinit (line 65) | def seekinit(self):
method readUntil (line 69) | def readUntil(self, pattern, caseSens=True):
method search (line 80) | def search(self, pattern, caseSens=True, debug=0):
method __getitem__ (line 105) | def __getitem__(self, key):
method skip (line 110) | def skip(self, lines):
method readLine (line 119) | def readLine(self):
FILE: src/wfuzz/externals/reqresp/Variables.py
class Variable (line 5) | class Variable:
method __init__ (line 6) | def __init__(self, name, value="", extraInfo=""):
method restore (line 12) | def restore(self):
method change (line 15) | def change(self, newval):
method update (line 18) | def update(self, val):
method append (line 21) | def append(self, val):
method __str__ (line 24) | def __str__(self):
class VariablesSet (line 28) | class VariablesSet:
method __init__ (line 29) | def __init__(self):
method names (line 33) | def names(self):
method existsVar (line 40) | def existsVar(self, name):
method addVariable (line 43) | def addVariable(self, name, value="", extraInfo=""):
method getVariable (line 46) | def getVariable(self, name):
method urlEncoded (line 62) | def urlEncoded(self):
method json_encoded (line 70) | def json_encoded(self):
method parse_json_encoded (line 75) | def parse_json_encoded(self, cad):
method parseUrlEncoded (line 83) | def parseUrlEncoded(self, cad):
method multipartEncoded (line 99) | def multipartEncoded(self):
method parseMultipart (line 109) | def parseMultipart(self, cad, boundary):
FILE: src/wfuzz/externals/reqresp/cache.py
class HttpCache (line 4) | class HttpCache:
method __init__ (line 5) | def __init__(self):
method update_cache (line 9) | def update_cache(self, req, category="default"):
method msg_in_cache (line 22) | def msg_in_cache(self, req, category="default"):
FILE: src/wfuzz/externals/reqresp/exceptions.py
class ReqRespException (line 1) | class ReqRespException(Exception):
method __init__ (line 4) | def __init__(self, etype, msg):
FILE: src/wfuzz/externals/settings/settings.py
class SettingsBase (line 10) | class SettingsBase:
method __init__ (line 15) | def __init__(self, save=False):
method get_config_file (line 26) | def get_config_file(self):
method set_defaults (line 30) | def set_defaults(self):
method has_option (line 44) | def has_option(self, section, setting):
method set (line 47) | def set(self, section, setting, value):
method get (line 50) | def get(self, section, setting):
method get_section (line 54) | def get_section(self, section):
method get_options (line 57) | def get_options(self, section):
method get_sections (line 60) | def get_sections(self):
method get_all (line 63) | def get_all(self):
method set_all (line 75) | def set_all(self, sett):
method save (line 82) | def save(self):
method _path_to_program_dir (line 90) | def _path_to_program_dir(self):
FILE: src/wfuzz/facade.py
class Settings (line 16) | class Settings(SettingsBase):
method get_config_file (line 17) | def get_config_file(self):
method set_defaults (line 29) | def set_defaults(self):
class MyRegistrant (line 55) | class MyRegistrant(MulRegistrant):
method get_plugin (line 56) | def get_plugin(self, identifier):
class Facade (line 65) | class Facade(metaclass=Singleton):
method __init__ (line 66) | def __init__(self):
method _load (line 74) | def _load(self, cat):
method proxy (line 93) | def proxy(self, which):
method get_registrants (line 96) | def get_registrants(self):
method __getattr__ (line 99) | def __getattr__(self, name):
FILE: src/wfuzz/factories/dictfactory.py
class DictionaryFactory (line 19) | class DictionaryFactory(ObjectFactory):
method __init__ (line 20) | def __init__(self):
class BaseDictioBuilder (line 32) | class BaseDictioBuilder:
method validate (line 34) | def validate(options, selected_dic):
method get_dictio (line 44) | def get_dictio(options, selected_dic):
class DictioFromIterableBuilder (line 53) | class DictioFromIterableBuilder(BaseDictioBuilder):
method __call__ (line 54) | def __call__(self, options):
class DictioFromPayloadBuilder (line 66) | class DictioFromPayloadBuilder(BaseDictioBuilder):
method __call__ (line 67) | def __call__(self, options):
class DictioFromAllVarBuilder (line 98) | class DictioFromAllVarBuilder(BaseDictioBuilder):
method from_all_fuzz_request_gen (line 100) | def from_all_fuzz_request_gen(options, dictio_list):
method __call__ (line 110) | def __call__(self, options):
class DictioFromOptions (line 119) | class DictioFromOptions(BaseDictioBuilder):
method __call__ (line 120) | def __call__(self, options):
FILE: src/wfuzz/factories/fuzzfactory.py
class FuzzRequestFactory (line 6) | class FuzzRequestFactory(ObjectFactory):
method __init__ (line 7) | def __init__(self):
class RequestBuilder (line 17) | class RequestBuilder:
method __call__ (line 18) | def __call__(self, options):
class SeedBuilder (line 28) | class SeedBuilder:
method __call__ (line 29) | def __call__(self, options):
FILE: src/wfuzz/factories/fuzzresfactory.py
class FuzzResultFactory (line 10) | class FuzzResultFactory(ObjectFactory):
method __init__ (line 11) | def __init__(self):
class FuzzResultDictioBuilder (line 26) | class FuzzResultDictioBuilder:
method __call__ (line 27) | def __call__(self, options, dictio_item):
class SeedResultBuilder (line 40) | class SeedResultBuilder:
method __call__ (line 41) | def __call__(self, options):
class BaselineResultBuilder (line 49) | class BaselineResultBuilder:
method __call__ (line 50) | def __call__(self, options):
class FuzzResultAllVarBuilder (line 69) | class FuzzResultAllVarBuilder:
method __call__ (line 70) | def __call__(self, options, var_name, payload):
class FuzzResultDictSeedBuilder (line 82) | class FuzzResultDictSeedBuilder:
method __call__ (line 83) | def __call__(self, options, dictio):
class SeedRecursiveBuilder (line 93) | class SeedRecursiveBuilder:
method __call__ (line 94) | def __call__(self, seed):
class FuzzResRecursiveBuilder (line 110) | class FuzzResRecursiveBuilder:
method __call__ (line 111) | def __call__(self, seed, url):
FILE: src/wfuzz/factories/payman.py
class PayManFactory (line 6) | class PayManFactory(ObjectFactory):
method __init__ (line 7) | def __init__(self):
class FuzzReqPayloadManBuilder (line 18) | class FuzzReqPayloadManBuilder:
method __call__ (line 19) | def __call__(self, freq):
class OnePayloadManBuilder (line 32) | class OnePayloadManBuilder:
method __call__ (line 33) | def __call__(self, content):
class BaselinePayloadManBuilder (line 42) | class BaselinePayloadManBuilder:
method __call__ (line 43) | def __call__(self, freq):
FILE: src/wfuzz/factories/plugin_factory.py
class PluginFactory (line 7) | class PluginFactory(ObjectFactory):
method __init__ (line 8) | def __init__(self):
class PluginRecursiveBuilder (line 20) | class PluginRecursiveBuilder:
method __call__ (line 21) | def __call__(self, name, seed, url):
class PluginErrorBuilder (line 30) | class PluginErrorBuilder:
method __call__ (line 31) | def __call__(self, name, exception):
class PluginFindingBuilder (line 41) | class PluginFindingBuilder:
method __call__ (line 42) | def __call__(self, name, itype, message, data, severity):
class PluginFindingSummaryBuilder (line 55) | class PluginFindingSummaryBuilder:
method __call__ (line 56) | def __call__(self, message):
FILE: src/wfuzz/factories/reqresp_factory.py
class ReqRespRequestFactory (line 20) | class ReqRespRequestFactory(HttpRequestFactory):
method to_http_object (line 21) | def to_http_object(options, req, pycurl_c):
method from_http_object (line 103) | def from_http_object(options, req, pycurl_c, header, body):
FILE: src/wfuzz/filters/ppfilter.py
class FuzzResFilter (line 41) | class FuzzResFilter:
method __init__ (line 44) | def __init__(self, filter_string=None):
method set_baseline (line 110) | def set_baseline(self, res):
method _compute_res_symbol (line 113) | def _compute_res_symbol(self, tokens):
method _compute_fuzz_symbol (line 116) | def _compute_fuzz_symbol(self, tokens):
method __compute_res_value (line 133) | def __compute_res_value(self, tokens):
method _get_payload_value (line 151) | def _get_payload_value(self, p_index):
method _get_field_value (line 159) | def _get_field_value(self, fuzz_val, field):
method __compute_bbb_symbol (line 179) | def __compute_bbb_symbol(self, tokens):
method _get_operator_value (line 209) | def _get_operator_value(self, location, fuzz_val, match_dict):
method __compute_xxx_value (line 259) | def __compute_xxx_value(self, tokens):
method __compute_expr (line 262) | def __compute_expr(self, tokens):
method __myreduce (line 324) | def __myreduce(self, elements):
method __compute_not_operator (line 338) | def __compute_not_operator(self, tokens):
method __compute_formula (line 348) | def __compute_formula(self, tokens):
method is_active (line 351) | def is_active(self):
method is_visible (line 354) | def is_visible(self, res, filter_string=None):
method get_fuzz_words (line 370) | def get_fuzz_words(self):
class FuzzResFilterSlice (line 376) | class FuzzResFilterSlice(FuzzResFilter):
method _compute_fuzz_symbol (line 378) | def _compute_fuzz_symbol(self, tokens):
FILE: src/wfuzz/filters/simplefilter.py
class FuzzResSimpleFilter (line 9) | class FuzzResSimpleFilter:
method __init__ (line 10) | def __init__(self, ffilter=None):
method is_active (line 28) | def is_active(self):
method set_baseline (line 36) | def set_baseline(self, res):
method is_visible (line 46) | def is_visible(self, res):
method from_options (line 72) | def from_options(filter_options):
FILE: src/wfuzz/fuzzobjects.py
class FuzzWordType (line 22) | class FuzzWordType(Enum):
class FuzzType (line 26) | class FuzzType(Enum):
class FuzzItem (line 30) | class FuzzItem(object):
method __init__ (line 33) | def __init__(self, item_type):
method __str__ (line 39) | def __str__(self):
method __lt__ (line 42) | def __lt__(self, other):
method __le__ (line 45) | def __le__(self, other):
method __gt__ (line 48) | def __gt__(self, other):
method __ge__ (line 51) | def __ge__(self, other):
method __eq__ (line 54) | def __eq__(self, other):
method __ne__ (line 57) | def __ne__(self, other):
class FuzzStats (line 61) | class FuzzStats:
method __init__ (line 62) | def __init__(self):
method from_options (line 81) | def from_options(options):
method get_stats (line 90) | def get_stats(self):
method mark_start (line 102) | def mark_start(self):
method mark_end (line 106) | def mark_end(self):
method cancelled (line 111) | def cancelled(self):
method cancelled (line 116) | def cancelled(self, v):
method __str__ (line 120) | def __str__(self):
method update (line 141) | def update(self, fuzzstats2):
class FuzzPayload (line 153) | class FuzzPayload:
method __init__ (line 154) | def __init__(self):
method value (line 164) | def value(self):
method description (line 173) | def description(self):
method __str__ (line 188) | def __str__(self):
class FPayloadManager (line 199) | class FPayloadManager:
method __init__ (line 200) | def __init__(self):
method add (line 203) | def add(self, payload_dict, fuzzword=None, is_baseline=False):
method update_from_dictio (line 217) | def update_from_dictio(self, dictio_item):
method get_fuzz_words (line 231) | def get_fuzz_words(self):
method get_payload (line 234) | def get_payload(self, index):
method get_payload_type (line 237) | def get_payload_type(self, index):
method get_payload_content (line 240) | def get_payload_content(self, index):
method get_payloads (line 243) | def get_payloads(self):
method description (line 248) | def description(self):
method __str__ (line 254) | def __str__(self):
class FuzzError (line 258) | class FuzzError(FuzzItem):
method __init__ (line 259) | def __init__(self, exception):
class FuzzResult (line 264) | class FuzzResult(FuzzItem):
method __init__ (line 268) | def __init__(self, history=None, exception=None, track_id=True):
method plugins (line 292) | def plugins(self):
method update (line 308) | def update(self, exception=None):
method __str__ (line 324) | def __str__(self):
method description (line 340) | def description(self):
method eval (line 363) | def eval(self, expr):
method _field (line 366) | def _field(self, separator=", "):
method content (line 377) | def content(self):
method url (line 381) | def url(self):
method code (line 385) | def code(self):
method timer (line 394) | def timer(self):
method update_from_options (line 399) | def update_from_options(self, options):
class FuzzPlugin (line 404) | class FuzzPlugin(FuzzItem):
method __init__ (line 410) | def __init__(self):
method is_visible (line 420) | def is_visible(self, verbose):
FILE: src/wfuzz/fuzzqueues.py
class AllVarQ (line 24) | class AllVarQ(FuzzQueue):
method __init__ (line 25) | def __init__(self, options):
method get_name (line 30) | def get_name(self):
method cancel (line 33) | def cancel(self):
method items_to_process (line 36) | def items_to_process(self):
method process (line 39) | def process(self, item):
class SeedQ (line 57) | class SeedQ(FuzzQueue):
method __init__ (line 58) | def __init__(self, options):
method get_name (line 62) | def get_name(self):
method cancel (line 65) | def cancel(self):
method items_to_process (line 68) | def items_to_process(self):
method send_baseline (line 71) | def send_baseline(self):
method restart (line 82) | def restart(self, seed):
method process (line 86) | def process(self, item):
method get_fuzz_res (line 97) | def get_fuzz_res(self, dictio_item):
method send_dictionary (line 107) | def send_dictionary(self):
class SaveQ (line 132) | class SaveQ(FuzzQueue):
method __init__ (line 133) | def __init__(self, options):
method get_name (line 142) | def get_name(self):
method _cleanup (line 145) | def _cleanup(self):
method process (line 148) | def process(self, item):
class ConsolePrinterQ (line 153) | class ConsolePrinterQ(FuzzQueue):
method __init__ (line 154) | def __init__(self, options):
method mystart (line 160) | def mystart(self):
method get_name (line 163) | def get_name(self):
method _cleanup (line 166) | def _cleanup(self):
method process (line 169) | def process(self, item):
class CLIPrinterQ (line 174) | class CLIPrinterQ(FuzzQueue):
method __init__ (line 175) | def __init__(self, options):
method mystart (line 179) | def mystart(self):
method process_discarded (line 182) | def process_discarded(self):
method get_name (line 185) | def get_name(self):
method _cleanup (line 188) | def _cleanup(self):
method process (line 191) | def process(self, item):
class PrinterQ (line 196) | class PrinterQ(FuzzQueue):
method __init__ (line 197) | def __init__(self, options):
method get_name (line 203) | def get_name(self):
method _cleanup (line 206) | def _cleanup(self):
method process (line 209) | def process(self, item):
class RoutingQ (line 214) | class RoutingQ(FuzzQueue):
method __init__ (line 215) | def __init__(self, options, routes):
method get_name (line 219) | def get_name(self):
method items_to_process (line 222) | def items_to_process(self):
method process (line 225) | def process(self, item):
class FilterQ (line 232) | class FilterQ(FuzzQueue):
method __init__ (line 233) | def __init__(self, options, ffilter):
method get_name (line 238) | def get_name(self):
method process (line 241) | def process(self, item):
class SliceQ (line 251) | class SliceQ(FuzzQueue):
method __init__ (line 252) | def __init__(self, options, prefilter):
method get_name (line 257) | def get_name(self):
method process (line 260) | def process(self, item):
class JobQ (line 267) | class JobQ(FuzzRRQueue):
method __init__ (line 268) | def __init__(self, options):
method get_name (line 282) | def get_name(self):
method process (line 285) | def process(self, item):
class JobMan (line 289) | class JobMan(FuzzQueue):
method __init__ (line 290) | def __init__(self, options, selected_plugins):
method get_name (line 297) | def get_name(self):
method process (line 303) | def process(self, res):
method process_results (line 338) | def process_results(self, res, plugins_res_queue):
class RecursiveQ (line 373) | class RecursiveQ(FuzzQueue):
method __init__ (line 374) | def __init__(self, options):
method get_name (line 380) | def get_name(self):
method process (line 383) | def process(self, fuzz_res):
class PassPayloadQ (line 402) | class PassPayloadQ(FuzzQueue):
method __init__ (line 403) | def __init__(self, options):
method get_name (line 407) | def get_name(self):
method process (line 410) | def process(self, item):
class DryRunQ (line 421) | class DryRunQ(FuzzQueue):
method __init__ (line 422) | def __init__(self, options):
method get_name (line 426) | def get_name(self):
method process (line 429) | def process(self, item):
class HttpQueue (line 433) | class HttpQueue(FuzzQueue):
method __init__ (line 434) | def __init__(self, options):
method cancel (line 443) | def cancel(self):
method mystart (line 446) | def mystart(self):
method get_name (line 453) | def get_name(self):
method _cleanup (line 456) | def _cleanup(self):
method items_to_process (line 460) | def items_to_process(self):
method process (line 463) | def process(self, obj):
method __read_http_results (line 467) | def __read_http_results(self):
class HttpReceiver (line 476) | class HttpReceiver(FuzzQueue):
method __init__ (line 477) | def __init__(self, options):
method get_name (line 480) | def get_name(self):
method process (line 483) | def process(self, res):
FILE: src/wfuzz/fuzzrequest.py
class headers (line 22) | class headers(object):
class header (line 23) | class header(DotDict):
method __str__ (line 24) | def __str__(self):
method __init__ (line 27) | def __init__(self, req):
method response (line 31) | def response(self):
method request (line 39) | def request(self):
method request (line 43) | def request(self, values_dict):
method all (line 49) | def all(self):
class cookies (line 53) | class cookies(object):
class cookie (line 54) | class cookie(DotDict):
method __str__ (line 55) | def __str__(self):
method __init__ (line 58) | def __init__(self, req):
method response (line 62) | def response(self):
method request (line 73) | def request(self):
method request (line 84) | def request(self, values):
method all (line 88) | def all(self):
class params (line 92) | class params(object):
class param (line 93) | class param(DotDict):
method __str__ (line 94) | def __str__(self):
method __init__ (line 97) | def __init__(self, req):
method get (line 101) | def get(self):
method get (line 105) | def get(self, values):
method post (line 113) | def post(self):
method post (line 117) | def post(self, pp):
method raw_post (line 130) | def raw_post(self):
method all (line 134) | def all(self):
method all (line 138) | def all(self, values):
class FuzzRequest (line 143) | class FuzzRequest(FuzzRequestUrlMixing, FuzzRequestSoupMixing):
method __init__ (line 144) | def __init__(self):
method __str__ (line 159) | def __str__(self):
method raw_request (line 163) | def raw_request(self):
method raw_request (line 167) | def raw_request(self, rawReq, scheme):
method raw_content (line 171) | def raw_content(self):
method headers (line 178) | def headers(self):
method params (line 182) | def params(self):
method cookies (line 186) | def cookies(self):
method method (line 190) | def method(self):
method method (line 194) | def method(self, method):
method scheme (line 198) | def scheme(self):
method scheme (line 202) | def scheme(self, s):
method host (line 206) | def host(self):
method path (line 210) | def path(self):
method redirect_url (line 214) | def redirect_url(self):
method url (line 218) | def url(self):
method url (line 222) | def url(self, u):
method content (line 241) | def content(self):
method code (line 245) | def code(self):
method code (line 249) | def code(self, c):
method auth (line 253) | def auth(self):
method auth (line 259) | def auth(self, creds_dict):
method follow (line 266) | def follow(self):
method follow (line 270) | def follow(self, f):
method reqtime (line 274) | def reqtime(self):
method reqtime (line 278) | def reqtime(self, t):
method wf_allvars_set (line 283) | def wf_allvars_set(self):
method wf_allvars_set (line 294) | def wf_allvars_set(self, varset):
method wf_allvars (line 310) | def wf_allvars(self):
method wf_allvars (line 314) | def wf_allvars(self, bl):
method wf_proxy (line 323) | def wf_proxy(self):
method wf_proxy (line 327) | def wf_proxy(self, proxy_tuple):
method update_from_raw_http (line 335) | def update_from_raw_http(self, raw, scheme, raw_response=None, raw_con...
method to_cache_key (line 353) | def to_cache_key(self):
method update_from_options (line 368) | def update_from_options(self, options):
FILE: src/wfuzz/helpers/file_func.py
function get_filter_help_file (line 12) | def get_filter_help_file():
function create_dir (line 26) | def create_dir(dir_path):
function get_home (line 31) | def get_home(check=False, directory=None):
function get_config_dir (line 39) | def get_config_dir(check=False):
function get_path (line 49) | def get_path(directory=None):
function find_file_in_paths (line 56) | def find_file_in_paths(name, path):
class FileDetOpener (line 64) | class FileDetOpener:
method __init__ (line 84) | def __init__(self, file_path, encoding=None):
method close (line 90) | def close(self):
method reset (line 93) | def reset(self):
method __iter__ (line 96) | def __iter__(self):
method __next__ (line 99) | def __next__(self):
method detect_encoding (line 135) | def detect_encoding(self):
function open_file_detect_encoding (line 152) | def open_file_detect_encoding(file_path):
FILE: src/wfuzz/helpers/obj_dic.py
class CaseInsensitiveDict (line 5) | class CaseInsensitiveDict(MutableMapping):
method __init__ (line 6) | def __init__(self, *args, **kwargs):
method __contains__ (line 12) | def __contains__(self, k):
method __delitem__ (line 15) | def __delitem__(self, k):
method __getitem__ (line 21) | def __getitem__(self, k):
method get (line 25) | def get(self, k, default=None):
method __setitem__ (line 29) | def __setitem__(self, k, v):
method __iter__ (line 33) | def __iter__(self):
method __len__ (line 36) | def __len__(self):
class DotDict (line 40) | class DotDict(CaseInsensitiveDict):
method __getattr__ (line 41) | def __getattr__(obj, name):
method __add__ (line 51) | def __add__(self, other):
method __radd__ (line 60) | def __radd__(self, other):
method __getitem__ (line 64) | def __getitem__(self, key):
method __str__ (line 70) | def __str__(self):
FILE: src/wfuzz/helpers/obj_dyn.py
function _check_allowed_field (line 46) | def _check_allowed_field(attr):
function _get_alias (line 52) | def _get_alias(attr):
function rsetattr (line 67) | def rsetattr(obj, attr, new_val, operation):
function rgetattr (line 103) | def rgetattr(obj, attr, *args):
FILE: src/wfuzz/helpers/obj_factory.py
class Singleton (line 11) | class Singleton(type):
method __call__ (line 17) | def __call__(class_, *args, **kwargs):
method deleteInstance (line 22) | def deleteInstance(class_):
method hasInstance (line 28) | def hasInstance(class_):
class ObjectFactory (line 33) | class ObjectFactory:
method __init__ (line 34) | def __init__(self, builders):
method create (line 37) | def create(self, key, *args, **kwargs):
class HttpRequestFactory (line 44) | class HttpRequestFactory(abc.ABC):
method to_http_object (line 47) | def to_http_object(options, to_http, from_req):
method from_http_object (line 52) | def from_http_object(options, from_http, raw_header, raw_body):
class SeedBuilderHelper (line 56) | class SeedBuilderHelper:
method _get_markers (line 63) | def _get_markers(text):
method get_marker_dict (line 69) | def get_marker_dict(freq):
method _remove_markers (line 84) | def _remove_markers(freq, markers, mark_name):
method remove_baseline_markers (line 99) | def remove_baseline_markers(freq, markers):
method remove_nonfuzz_markers (line 104) | def remove_nonfuzz_markers(freq, markers):
method replace_markers (line 117) | def replace_markers(freq, fpm):
FILE: src/wfuzz/helpers/str_func.py
function json_minify (line 9) | def json_minify(string, strip_space=True):
function python2_3_convert_from_unicode (line 66) | def python2_3_convert_from_unicode(text):
function python2_3_convert_to_unicode (line 73) | def python2_3_convert_to_unicode(text):
function convert_to_unicode (line 80) | def convert_to_unicode(text):
function value_in_any_list_item (line 94) | def value_in_any_list_item(value, list_obj):
FILE: src/wfuzz/helpers/utils.py
class MyCounter (line 5) | class MyCounter:
method __init__ (line 6) | def __init__(self, count=0):
method inc (line 10) | def inc(self):
method dec (line 13) | def dec(self):
method _operation (line 16) | def _operation(self, dec):
method __call__ (line 21) | def __call__(self):
function diff (line 26) | def diff(param1, param2):
FILE: src/wfuzz/mixins.py
class FuzzRequestSoupMixing (line 13) | class FuzzRequestSoupMixing(object):
method get_soup (line 14) | def get_soup(self):
class FuzzRequestUrlMixing (line 25) | class FuzzRequestUrlMixing(object):
method urlparse (line 28) | def urlparse(self):
method urlp (line 32) | def urlp(self):
method pstrip (line 36) | def pstrip(self):
method is_path (line 40) | def is_path(self):
method recursive_url (line 47) | def recursive_url(self):
FILE: src/wfuzz/myhttp.py
class HttpPool (line 25) | class HttpPool:
method __init__ (line 29) | def __init__(self, options):
method _initialize (line 48) | def _initialize(self):
method job_stats (line 67) | def job_stats(self):
method iter_results (line 77) | def iter_results(self, poolid):
method _new_pool (line 85) | def _new_pool(self):
method _prepare_curl_h (line 98) | def _prepare_curl_h(self, curl_h, fuzzres, poolid):
method enqueue (line 110) | def enqueue(self, fuzzres, poolid):
method _stop_to_pools (line 116) | def _stop_to_pools(self):
method cleanup (line 120) | def cleanup(self):
method register (line 125) | def register(self):
method deregister (line 134) | def deregister(self):
method _get_next_proxy (line 141) | def _get_next_proxy(self, proxy_list):
method _set_extra_options (line 148) | def _set_extra_options(self, c, fuzzres, poolid):
method _process_curl_handle (line 179) | def _process_curl_handle(self, curl_h):
method _process_curl_should_retry (line 199) | def _process_curl_should_retry(self, res, errno, poolid):
method _process_curl_handle_error (line 209) | def _process_curl_handle_error(self, res, errno, errmsg, poolid):
method _read_multi_stack (line 217) | def _read_multi_stack(self):
FILE: src/wfuzz/myqueues.py
class MyPriorityQueue (line 16) | class MyPriorityQueue(PriorityQueue):
method __init__ (line 17) | def __init__(self, limit=0):
method _put_priority (line 22) | def _put_priority(self, prio, item, wait):
method put (line 26) | def put(self, item, wait=True):
method put_first (line 29) | def put_first(self, item, wait=True):
method put_last (line 32) | def put_last(self, item, wait=True):
method get (line 35) | def get(self):
class FuzzQueue (line 41) | class FuzzQueue(MyPriorityQueue, Thread):
method __init__ (line 42) | def __init__(self, options, queue_out=None, limit=0):
method next_queue (line 54) | def next_queue(self, q):
method process (line 57) | def process(self, item):
method get_name (line 60) | def get_name(self):
method process_discarded (line 63) | def process_discarded(self):
method items_to_process (line 66) | def items_to_process(self):
method cancel (line 70) | def cancel(self):
method mystart (line 74) | def mystart(self):
method set_syncq (line 77) | def set_syncq(self, q):
method qstart (line 80) | def qstart(self):
method send_first (line 84) | def send_first(self, item):
method send_last (line 87) | def send_last(self, item):
method qout_join (line 90) | def qout_join(self):
method send (line 93) | def send(self, item):
method discard (line 96) | def discard(self, item):
method join (line 100) | def join(self):
method tjoin (line 103) | def tjoin(self):
method _cleanup (line 107) | def _cleanup(self):
method _throw (line 110) | def _throw(self, e):
method get_stats (line 113) | def get_stats(self):
method run (line 116) | def run(self):
class LastFuzzQueue (line 159) | class LastFuzzQueue(FuzzQueue):
method __init__ (line 160) | def __init__(self, options, queue_out=None, limit=0):
method get_name (line 163) | def get_name(self):
method process (line 166) | def process(self):
method _cleanup (line 169) | def _cleanup(self):
method _throw (line 172) | def _throw(self, e):
method run (line 175) | def run(self):
class FuzzListQueue (line 217) | class FuzzListQueue(FuzzQueue):
method __init__ (line 218) | def __init__(self, options, queues_out, limit=0):
method set_syncq (line 225) | def set_syncq(self, q):
method qstart (line 229) | def qstart(self):
method send_first (line 235) | def send_first(self, item):
method send_last (line 239) | def send_last(self, item):
method send (line 243) | def send(self, item):
method qout_join (line 247) | def qout_join(self):
method join (line 251) | def join(self):
method next_queue (line 255) | def next_queue(self, nextq):
method get_stats (line 259) | def get_stats(self):
class FuzzRRQueue (line 270) | class FuzzRRQueue(FuzzListQueue):
method __init__ (line 271) | def __init__(self, options, queues_out, limit=0):
method send (line 275) | def send(self, item):
method _get_next_route (line 278) | def _get_next_route(self):
class QueueManager (line 286) | class QueueManager:
method __init__ (line 287) | def __init__(self, options):
method add (line 295) | def add(self, name, q):
method bind (line 298) | def bind(self, lastq):
method __getitem__ (line 314) | def __getitem__(self, key):
method join (line 317) | def join(self, remove=False):
method start (line 324) | def start(self):
method cleanup (line 333) | def cleanup(self):
method cancel (line 344) | def cancel(self):
method get_stats (line 358) | def get_stats(self):
FILE: src/wfuzz/options.py
class FuzzSession (line 38) | class FuzzSession(UserDict):
method __init__ (line 39) | def __init__(self, **kwargs):
method _defaults (line 68) | def _defaults(self):
method update (line 130) | def update(self, options):
method validate (line 133) | def validate(self):
method export_to_file (line 184) | def export_to_file(self, filename):
method import_from_file (line 191) | def import_from_file(self, filename):
method import_json (line 202) | def import_json(self, data):
method export_json (line 219) | def export_json(self):
method payload (line 230) | def payload(self, **kwargs):
method fuzz (line 240) | def fuzz(self, **kwargs):
method get_payloads (line 259) | def get_payloads(self, iterator):
method get_payload (line 264) | def get_payload(self, iterator):
method __enter__ (line 267) | def __enter__(self):
method __exit__ (line 272) | def __exit__(self, *args):
method get_fuzz_words (line 275) | def get_fuzz_words(self):
method compile_dictio (line 290) | def compile_dictio(self):
method compile_seeds (line 300) | def compile_seeds(self):
method compile (line 306) | def compile(self):
method close (line 397) | def close(self):
FILE: src/wfuzz/plugin_api/base.py
class BasePlugin (line 20) | class BasePlugin:
method __init__ (line 21) | def __init__(self):
method run (line 37) | def run(self, fuzzresult, control_queue, results_queue):
method process (line 49) | def process(self, fuzzresult):
method validate (line 59) | def validate(self):
method add_result (line 62) | def add_result(self, itype, issue, data, severity=FuzzPlugin.INFO):
method queue_url (line 69) | def queue_url(self, url):
method _bool (line 76) | def _bool(self, value):
class BasePrinter (line 80) | class BasePrinter:
method __init__ (line 81) | def __init__(self, output):
method header (line 93) | def header(self):
method footer (line 96) | def footer(self):
method result (line 99) | def result(self):
class BasePayload (line 103) | class BasePayload(object):
method __init__ (line 104) | def __init__(self, params):
method get_type (line 135) | def get_type(self):
method get_next (line 138) | def get_next(self):
method __next__ (line 141) | def __next__(self):
method count (line 144) | def count(self):
method __iter__ (line 147) | def __iter__(self):
method close (line 150) | def close(self):
method find_file (line 153) | def find_file(self, name):
FILE: src/wfuzz/plugin_api/mixins.py
class DiscoveryPluginMixin (line 6) | class DiscoveryPluginMixin:
method queue_url (line 7) | def queue_url(self, url):
FILE: src/wfuzz/plugin_api/payloadtools.py
class BingIter (line 141) | class BingIter(object):
method __init__ (line 142) | def __init__(self, dork, offset=0, limit=0, key=None):
method _do_search (line 180) | def _do_search(self, offset=0, limit=50):
method __iter__ (line 224) | def __iter__(self):
method __next__ (line 227) | def __next__(self):
class ShodanIter (line 255) | class ShodanIter:
method __init__ (line 261) | def __init__(self, dork, page, limit):
method _do_search (line 286) | def _do_search(self):
method __iter__ (line 321) | def __iter__(self):
method _start (line 324) | def _start(self):
method _stop (line 336) | def _stop(self):
method __next__ (line 351) | def __next__(self):
FILE: src/wfuzz/plugin_api/urlutils.py
class FuzzRequestParse (line 20) | class FuzzRequestParse(ParseResult):
method ffname (line 22) | def ffname(self):
method fext (line 32) | def fext(self):
method fname (line 40) | def fname(self):
method isbllist (line 48) | def isbllist(self):
method hasquery (line 55) | def hasquery(self):
method cache_key (line 58) | def cache_key(self, base_urlp=None):
function parse_url (line 77) | def parse_url(url):
function check_content_type (line 85) | def check_content_type(fuzzresult, which):
FILE: src/wfuzz/plugins/encoders/encoders.py
class none (line 27) | class none:
method encode (line 35) | def encode(self, string):
method decode (line 38) | def decode(self, string):
class urlencode (line 43) | class urlencode:
method encode (line 55) | def encode(self, string):
method decode (line 58) | def decode(self, string):
class double_urlencode (line 63) | class double_urlencode:
method encode (line 75) | def encode(self, string):
method decode (line 78) | def decode(self, string):
class base64 (line 83) | class base64:
method encode (line 95) | def encode(self, string):
method decode (line 98) | def decode(self, string):
class uri_triple_hex (line 103) | class uri_triple_hex:
method encode (line 115) | def encode(self, string):
class uri_double_hex (line 128) | class uri_double_hex:
method encode (line 140) | def encode(self, string):
class uri_hex (line 153) | class uri_hex:
method encode (line 165) | def encode(self, string):
class random_upper (line 178) | class random_upper:
method encode (line 190) | def encode(self, string):
class second_nibble_hex (line 203) | class second_nibble_hex:
method encode (line 215) | def encode(self, string):
class first_nibble_hex (line 228) | class first_nibble_hex:
method encode (line 240) | def encode(self, string):
class doble_nibble_hex (line 253) | class doble_nibble_hex:
method encode (line 265) | def encode(self, string):
class sha1 (line 284) | class sha1:
method encode (line 296) | def encode(self, string):
class sha256 (line 304) | class sha256:
method encode (line 312) | def encode(self, string):
class sha512 (line 320) | class sha512:
method encode (line 328) | def encode(self, string):
class md5 (line 336) | class md5:
method encode (line 348) | def encode(self, string):
class hexlify (line 356) | class hexlify:
method encode (line 368) | def encode(self, string):
method decode (line 371) | def decode(self, string):
class html_escape (line 376) | class html_escape:
method encode (line 388) | def encode(self, string):
class html_decimal (line 393) | class html_decimal:
method encode (line 405) | def encode(self, string):
class html_hexadecimal (line 413) | class html_hexadecimal:
method encode (line 425) | def encode(self, string):
class utf8_binary (line 434) | class utf8_binary:
method encode (line 446) | def encode(self, string):
class utf8 (line 455) | class utf8:
method encode (line 467) | def encode(self, string):
class uri_unicode (line 479) | class uri_unicode:
method encode (line 491) | def encode(self, string):
class mysql_char (line 503) | class mysql_char:
method encode (line 515) | def encode(self, string):
method decode (line 524) | def decode(self, string):
class mssql_char (line 533) | class mssql_char:
method encode (line 545) | def encode(self, string):
method decode (line 553) | def decode(self, string):
class oracle_char (line 563) | class oracle_char:
method encode (line 575) | def encode(self, string):
method decode (line 583) | def decode(self, string):
FILE: src/wfuzz/plugins/iterators/iterations.py
class zip (line 11) | class zip(BaseIterator):
method __init__ (line 19) | def __init__(self, *i):
method count (line 25) | def count(self):
method width (line 28) | def width(self):
method payloads (line 31) | def payloads(self):
method __next__ (line 34) | def __next__(self):
method __iter__ (line 37) | def __iter__(self):
class product (line 42) | class product(BaseIterator):
method __init__ (line 50) | def __init__(self, *i):
method count (line 56) | def count(self):
method width (line 59) | def width(self):
method payloads (line 62) | def payloads(self):
method __next__ (line 65) | def __next__(self):
method __iter__ (line 68) | def __iter__(self):
class chain (line 73) | class chain(BaseIterator):
method __init__ (line 81) | def __init__(self, *i):
method count (line 86) | def count(self):
method width (line 89) | def width(self):
method payloads (line 92) | def payloads(self):
method __next__ (line 95) | def __next__(self):
method __iter__ (line 98) | def __iter__(self):
FILE: src/wfuzz/plugins/payloads/autorize.py
class autorize (line 13) | class autorize(BasePayload):
method __init__ (line 34) | def __init__(self, params):
method count (line 41) | def count(self):
method get_next (line 44) | def get_next(self):
method get_type (line 49) | def get_type(self):
method _gen_wfuzz (line 52) | def _gen_wfuzz(self, output_fn):
FILE: src/wfuzz/plugins/payloads/bing.py
class bing (line 8) | class bing(BasePayload):
method __init__ (line 30) | def __init__(self, params):
method count (line 38) | def count(self):
method get_next (line 41) | def get_next(self):
method get_type (line 44) | def get_type(self):
FILE: src/wfuzz/plugins/payloads/buffer_overflow.py
class buffer_overflow (line 7) | class buffer_overflow(BasePayload):
method __init__ (line 20) | def __init__(self, params):
method count (line 26) | def count(self):
method get_next (line 29) | def get_next(self):
method get_type (line 37) | def get_type(self):
FILE: src/wfuzz/plugins/payloads/burpitem.py
class burpitem (line 12) | class burpitem(BasePayload):
method __init__ (line 35) | def __init__(self, params):
method count (line 42) | def count(self):
method get_next (line 45) | def get_next(self):
method get_type (line 50) | def get_type(self):
method _gen_burpitem (line 53) | def _gen_burpitem(self, output_fn):
FILE: src/wfuzz/plugins/payloads/burplog.py
class burplog (line 25) | class burplog(BasePayload):
method __init__ (line 46) | def __init__(self, params):
method count (line 53) | def count(self):
method get_type (line 56) | def get_type(self):
method get_next (line 59) | def get_next(self):
method parse_burp_log (line 64) | def parse_burp_log(self, burp_log):
FILE: src/wfuzz/plugins/payloads/burpstate.py
class burpstate (line 21) | class burpstate(BasePayload):
method __init__ (line 63) | def __init__(self, params):
method __iter__ (line 84) | def __iter__(self):
method count (line 87) | def count(self):
method get_type (line 90) | def get_type(self):
method get_next (line 93) | def get_next(self):
method milliseconds_to_date (line 98) | def milliseconds_to_date(self, milliseconds):
method burp_binary_field (line 122) | def burp_binary_field(self, field, i):
method strip_cdata (line 152) | def strip_cdata(self, data):
method burp_to_xml (line 161) | def burp_to_xml(self, filename):
FILE: src/wfuzz/plugins/payloads/dirwalk.py
class dirwalk (line 15) | class dirwalk(BasePayload):
method __init__ (line 35) | def __init__(self, params):
method _my_gen (line 40) | def _my_gen(self, directory):
method get_next (line 46) | def get_next(self):
method get_type (line 49) | def get_type(self):
method count (line 52) | def count(self):
FILE: src/wfuzz/plugins/payloads/file.py
class file (line 9) | class file(BasePayload):
method __init__ (line 35) | def __init__(self, params):
method get_type (line 50) | def get_type(self):
method get_next (line 53) | def get_next(self):
method count (line 60) | def count(self):
FILE: src/wfuzz/plugins/payloads/guitab.py
class guitab (line 9) | class guitab(BasePayload):
method __init__ (line 33) | def __init__(self, params):
method count (line 39) | def count(self):
method get_type (line 42) | def get_type(self):
method get_next (line 45) | def get_next(self):
FILE: src/wfuzz/plugins/payloads/hexrand.py
class hexrand (line 10) | class hexrand(BasePayload):
method __init__ (line 34) | def __init__(self, params):
method __iter__ (line 45) | def __iter__(self):
method count (line 48) | def count(self):
method get_type (line 51) | def get_type(self):
method get_next (line 54) | def get_next(self):
FILE: src/wfuzz/plugins/payloads/hexrange.py
class hexrange (line 8) | class hexrange(BasePayload):
method __init__ (line 27) | def __init__(self, params):
method count (line 42) | def count(self):
method get_type (line 45) | def get_type(self):
method get_next (line 48) | def get_next(self):
FILE: src/wfuzz/plugins/payloads/ipnet.py
class ipnet (line 8) | class ipnet(BasePayload):
method __init__ (line 21) | def __init__(self, params):
method get_type (line 50) | def get_type(self):
method get_next (line 53) | def get_next(self):
method count (line 56) | def count(self):
FILE: src/wfuzz/plugins/payloads/iprange.py
class iprange (line 8) | class iprange(BasePayload):
method __init__ (line 26) | def __init__(self, params):
method get_type (line 50) | def get_type(self):
method get_next (line 53) | def get_next(self):
method count (line 56) | def count(self):
FILE: src/wfuzz/plugins/payloads/list.py
class list (line 7) | class list(BasePayload):
method __init__ (line 22) | def __init__(self, params):
method count (line 40) | def count(self):
method get_type (line 43) | def get_type(self):
method get_next (line 46) | def get_next(self):
FILE: src/wfuzz/plugins/payloads/names.py
class names (line 7) | class names(BasePayload):
method __init__ (line 23) | def __init__(self, params):
method count (line 79) | def count(self):
method get_type (line 82) | def get_type(self):
method get_next (line 85) | def get_next(self):
FILE: src/wfuzz/plugins/payloads/permutation.py
class permutation (line 8) | class permutation(BasePayload):
method __init__ (line 21) | def __init__(self, params):
method count (line 43) | def count(self):
method get_type (line 46) | def get_type(self):
method get_next (line 49) | def get_next(self):
method xcombinations (line 56) | def xcombinations(self, items, n):
FILE: src/wfuzz/plugins/payloads/range.py
class range (line 8) | class range(BasePayload):
method __init__ (line 25) | def __init__(self, params):
method get_type (line 38) | def get_type(self):
method get_next (line 41) | def get_next(self):
method count (line 54) | def count(self):
method __iter__ (line 57) | def __iter__(self):
FILE: src/wfuzz/plugins/payloads/shodanp.py
class shodanp (line 8) | class shodanp(BasePayload):
method __init__ (line 31) | def __init__(self, params):
method count (line 40) | def count(self):
method close (line 43) | def close(self):
method get_type (line 46) | def get_type(self):
method get_next (line 49) | def get_next(self):
FILE: src/wfuzz/plugins/payloads/stdin.py
class stdin (line 9) | class stdin(BasePayload):
method __init__ (line 22) | def __init__(self, params):
method count (line 26) | def count(self):
method get_type (line 29) | def get_type(self):
method get_next (line 32) | def get_next(self):
FILE: src/wfuzz/plugins/payloads/wfuzzp.py
class wfuzzp (line 12) | class wfuzzp(BasePayload):
method __init__ (line 38) | def __init__(self, params):
method count (line 45) | def count(self):
method get_next (line 48) | def get_next(self):
method get_type (line 53) | def get_type(self):
method _gen_wfuzz (line 56) | def _gen_wfuzz(self, output_fn):
FILE: src/wfuzz/plugins/printers/printers.py
class magictree (line 12) | class magictree(BasePrinter):
method __init__ (line 20) | def __init__(self, output):
method __create_xml_element (line 25) | def __create_xml_element(self, parent, caption, text):
method header (line 37) | def header(self, summary):
method result (line 75) | def result(self, fuzz_result):
method footer (line 95) | def footer(self, summary):
class html (line 100) | class html(BasePrinter):
method __init__ (line 112) | def __init__(self, output):
method header (line 115) | def header(self, summary):
method result (line 123) | def result(self, fuzz_result):
method footer (line 165) | def footer(self, summary):
class json (line 170) | class json(BasePrinter):
method __init__ (line 178) | def __init__(self, output):
method header (line 182) | def header(self, res):
method result (line 185) | def result(self, res):
method footer (line 213) | def footer(self, summary):
class raw (line 218) | class raw(BasePrinter):
method __init__ (line 226) | def __init__(self, output):
method header (line 229) | def header(self, summary):
method _print_verbose (line 258) | def _print_verbose(self, res):
method _print (line 297) | def _print(self, res):
method result (line 316) | def result(self, res):
method footer (line 322) | def footer(self, summary):
class field (line 347) | class field(BasePrinter):
method __init__ (line 355) | def __init__(self, output):
method header (line 358) | def header(self, summary):
method result (line 361) | def result(self, res):
method footer (line 371) | def footer(self, summary):
class csv (line 376) | class csv(BasePrinter):
method write (line 387) | def write(self, e):
method __init__ (line 391) | def __init__(self, output):
method header (line 395) | def header(self, summary):
method result (line 400) | def result(self, res):
method noresult (line 412) | def noresult(self, res):
method footer (line 415) | def footer(self, summary):
method _print_csv (line 418) | def _print_csv(self, values):
FILE: src/wfuzz/plugins/scripts/backups.py
class backups (line 12) | class backups(BasePlugin):
method __init__ (line 34) | def __init__(self):
method validate (line 38) | def validate(self, fuzzresult):
method process (line 43) | def process(self, fuzzresult):
FILE: src/wfuzz/plugins/scripts/cookies.py
class cookies (line 9) | class cookies(BasePlugin):
method __init__ (line 20) | def __init__(self):
method validate (line 23) | def validate(self, fuzzresult):
method process (line 26) | def process(self, fuzzresult):
FILE: src/wfuzz/plugins/scripts/cvs_extractor.py
class cvs_extractor (line 19) | class cvs_extractor(BasePlugin, DiscoveryPluginMixin):
method __init__ (line 29) | def __init__(self):
method validate (line 32) | def validate(self, fuzzresult):
method process (line 39) | def process(self, fuzzresult):
FILE: src/wfuzz/plugins/scripts/errors.py
class errors (line 8) | class errors(BasePlugin):
method __init__ (line 19) | def __init__(self):
method validate (line 108) | def validate(self, fuzzresult):
method process (line 111) | def process(self, fuzzresult):
FILE: src/wfuzz/plugins/scripts/grep.py
class grep (line 9) | class grep(BasePlugin):
method __init__ (line 23) | def __init__(self):
method validate (line 35) | def validate(self, fuzzresult):
method process (line 38) | def process(self, fuzzresult):
FILE: src/wfuzz/plugins/scripts/headers.py
class headers (line 100) | class headers(BasePlugin):
method __init__ (line 116) | def __init__(self):
method validate (line 119) | def validate(self, fuzzresult):
method check_request_header (line 122) | def check_request_header(self, fuzzresult, header, value):
method check_response_header (line 140) | def check_response_header(self, fuzzresult, header, value):
method check_server_header (line 160) | def check_server_header(self, fuzzresult, header, value):
method process (line 172) | def process(self, fuzzresult):
FILE: src/wfuzz/plugins/scripts/links.py
class links (line 23) | class links(BasePlugin, DiscoveryPluginMixin):
method __init__ (line 54) | def __init__(self):
method validate (line 95) | def validate(self, fuzzresult):
method process (line 99) | def process(self, fuzzresult):
method process_link (line 116) | def process_link(self, fuzzresult, link_url):
method enqueue_link (line 129) | def enqueue_link(self, fuzzresult, link_url, parsed_link):
method from_domain (line 146) | def from_domain(self, fuzzresult, parsed_link):
FILE: src/wfuzz/plugins/scripts/listing.py
class listing (line 8) | class listing(BasePlugin):
method __init__ (line 19) | def __init__(self):
method validate (line 44) | def validate(self, fuzzresult):
method process (line 47) | def process(self, fuzzresult):
FILE: src/wfuzz/plugins/scripts/npm_deps.py
class npm_deps (line 9) | class npm_deps(BasePlugin):
method __init__ (line 30) | def __init__(self):
method validate (line 33) | def validate(self, fuzzresult):
method process (line 42) | def process(self, fuzzresult):
FILE: src/wfuzz/plugins/scripts/robots.py
class robots (line 16) | class robots(BasePlugin, DiscoveryPluginMixin):
method __init__ (line 27) | def __init__(self):
method validate (line 30) | def validate(self, fuzzresult):
method process (line 37) | def process(self, fuzzresult):
FILE: src/wfuzz/plugins/scripts/screenshot.py
class screenshot (line 12) | class screenshot(BasePlugin):
method __init__ (line 26) | def __init__(self):
method validate (line 29) | def validate(self, fuzzresult):
method process (line 32) | def process(self, fuzzresult):
FILE: src/wfuzz/plugins/scripts/sitemap.py
class sitemap (line 10) | class sitemap(BasePlugin, DiscoveryPluginMixin):
method __init__ (line 21) | def __init__(self):
method validate (line 24) | def validate(self, fuzzresult):
method process (line 30) | def process(self, fuzzresult):
FILE: src/wfuzz/plugins/scripts/svn_extractor.py
class svn_extractor (line 13) | class svn_extractor(BasePlugin, DiscoveryPluginMixin):
method __init__ (line 24) | def __init__(self):
method validate (line 27) | def validate(self, fuzzresult):
method readsvn (line 30) | def readsvn(self, content):
method process (line 54) | def process(self, fuzzresult):
FILE: src/wfuzz/plugins/scripts/title.py
class title (line 6) | class title(BasePlugin):
method __init__ (line 17) | def __init__(self):
method validate (line 20) | def validate(self, fuzzresult):
method process (line 23) | def process(self, fuzzresult):
FILE: src/wfuzz/plugins/scripts/wcdb.py
class wcdb_extractor (line 17) | class wcdb_extractor(BasePlugin, DiscoveryPluginMixin):
method __init__ (line 28) | def __init__(self):
method validate (line 31) | def validate(self, fuzzresult):
method readwc (line 34) | def readwc(self, content):
method process (line 64) | def process(self, fuzzresult):
FILE: src/wfuzz/ui/console/clparser.py
class CLParser (line 81) | class CLParser:
method __init__ (line 82) | def __init__(
method show_brief_usage (line 100) | def show_brief_usage(self):
method show_verbose_usage (line 104) | def show_verbose_usage(self):
method show_usage (line 108) | def show_usage(self):
method show_plugins_help (line 112) | def show_plugins_help(self, registrant, cols=3, category="$all$"):
method show_plugins_names (line 119) | def show_plugins_names(self, registrant):
method show_plugin_ext_help (line 122) | def show_plugin_ext_help(self, registrant, category="$all$"):
method parse_cl (line 147) | def parse_cl(self):
method _parse_help_opt (line 233) | def _parse_help_opt(self, optsd):
method _check_options (line 330) | def _check_options(self, optsd):
method _parse_filters (line 352) | def _parse_filters(self, optsd, filter_params):
method _parse_payload (line 403) | def _parse_payload(self, optsd, options):
method _parse_seed (line 466) | def _parse_seed(self, url, optsd, options):
method _parse_conn_options (line 524) | def _parse_conn_options(self, optsd, conn_options):
method _parse_options (line 561) | def _parse_options(self, optsd, options):
method _parse_scripts (line 601) | def _parse_scripts(self, optsd, options):
FILE: src/wfuzz/ui/console/common.py
class Term (line 211) | class Term:
method get_colour (line 243) | def get_colour(self, code):
method delete_line (line 259) | def delete_line(self):
method set_colour (line 262) | def set_colour(self, colour):
method write (line 265) | def write(self, string, colour):
method go_up (line 268) | def go_up(self, lines):
method erase_lines (line 271) | def erase_lines(self, lines):
FILE: src/wfuzz/ui/console/getch.py
class _Getch (line 10) | class _Getch:
method __init__ (line 13) | def __init__(self):
method __call__ (line 22) | def __call__(self):
class _GetchUnix (line 26) | class _GetchUnix:
method __init__ (line 27) | def __init__(self):
method __call__ (line 31) | def __call__(self):
class _GetchWindows (line 46) | class _GetchWindows:
method __init__ (line 47) | def __init__(self):
method __call__ (line 50) | def __call__(self):
class _GetchMacCarbon (line 54) | class _GetchMacCarbon:
method __init__ (line 62) | def __init__(self):
method __call__ (line 68) | def __call__(self):
FILE: src/wfuzz/ui/console/mvc.py
class SimpleEventDispatcher (line 26) | class SimpleEventDispatcher:
method __init__ (line 27) | def __init__(self):
method create_event (line 30) | def create_event(self, msg):
method subscribe (line 33) | def subscribe(self, func, msg, dynamic=False):
method notify (line 39) | def notify(self, msg, **event):
class KeyPress (line 47) | class KeyPress(threading.Thread):
method __init__ (line 48) | def __init__(self):
method cancel_job (line 61) | def cancel_job(self):
method run (line 64) | def run(self):
class Controller (line 79) | class Controller:
method __init__ (line 80) | def __init__(self, fuzzer, view):
method on_exit (line 93) | def on_exit(self, **event):
method on_help (line 98) | def on_help(self, **event):
method on_pause (line 101) | def on_pause(self, **event):
method on_stats (line 108) | def on_stats(self, **event):
method show_debug_stats (line 114) | def show_debug_stats(self):
method show_stats (line 121) | def show_stats(self):
class View (line 153) | class View:
method __init__ (line 157) | def __init__(self, session_options):
method _print_verbose (line 164) | def _print_verbose(self, res, print_nres=True):
method _print_header (line 199) | def _print_header(self, rows, maxWidths):
method _print_line (line 205) | def _print_line(self, rows, maxWidths):
method _print (line 233) | def _print(self, res, print_nres=True):
method header (line 255) | def header(self, summary):
method result (line 292) | def result(self, res):
method footer (line 328) | def footer(self, summary):
FILE: src/wfuzz/ui/console/output.py
function indent (line 18) | def indent(
function wrap_always (line 83) | def wrap_always(text, width):
function wrap_always_list (line 94) | def wrap_always_list(alltext, width):
function table_print (line 107) | def table_print(rows, width=80):
function getTerminalSize (line 120) | def getTerminalSize():
function _getTerminalSize_windows (line 144) | def _getTerminalSize_windows():
function _getTerminalSize_tput (line 181) | def _getTerminalSize_tput():
function _getTerminalSize_linux (line 202) | def _getTerminalSize_linux():
FILE: src/wfuzz/ui/gui/controller.py
class WfuzzInterpreter (line 14) | class WfuzzInterpreter:
method __init__ (line 15) | def __init__(self, model):
method onecmd (line 18) | def onecmd(self, cmd):
method do_wfilter (line 30) | def do_wfilter(self, cmd):
method do_wfuzz (line 48) | def do_wfuzz(self, cmd):
method do_delete (line 60) | def do_delete(self, cmd):
method do_tab (line 63) | def do_tab(self, cmd):
class GUIController (line 71) | class GUIController:
method __init__ (line 72) | def __init__(self, view):
method start_gui (line 85) | def start_gui(self):
method on_exit (line 88) | def on_exit(self, msg):
FILE: src/wfuzz/ui/gui/guicontrols.py
class RedirectText (line 29) | class RedirectText(object):
method __init__ (line 30) | def __init__(self, aWxTextCtrl):
method write (line 33) | def write(self, string):
class ConsolePanel (line 37) | class ConsolePanel(wx.Panel):
method __init__ (line 38) | def __init__(self, parent, interpreter):
method __bind_events (line 78) | def __bind_events(self, e):
method get_last_line (line 125) | def get_last_line(self):
class ListPanel (line 136) | class ListPanel(wx.Panel):
method __init__ (line 137) | def __init__(self, parent, log, model, interpreter):
method OnItemSelected (line 169) | def OnItemSelected(self, event):
method MakePaneContent (line 180) | def MakePaneContent(self, pane):
class HttpRawPanel (line 188) | class HttpRawPanel(wx.Panel):
method __init__ (line 189) | def __init__(self, parent, frame):
method CreateHTMLCtrl (line 208) | def CreateHTMLCtrl(self):
class MainNotebookPanel (line 218) | class MainNotebookPanel(wx.Panel):
method __init__ (line 219) | def __init__(self, parent, frame, interpreter):
method create_web_view (line 240) | def create_web_view(self):
method on_selected_row (line 243) | def on_selected_row(self, row):
class WfuzzFrame (line 266) | class WfuzzFrame(wx.Frame):
method __init__ (line 267) | def __init__(
method start_gui (line 278) | def start_gui(self, controller):
method OnClose (line 320) | def OnClose(self, event):
method OnExit (line 326) | def OnExit(self, event):
method OnAbout (line 330) | def OnAbout(self, event):
method CreateNotebook (line 336) | def CreateNotebook(self):
method OnAddTab (line 360) | def OnAddTab(self, name, model, interp):
FILE: src/wfuzz/ui/gui/model.py
class GUIModel (line 9) | class GUIModel(dv.PyDataViewIndexListModel):
method __init__ (line 10) | def __init__(self, data=None):
method GetColumnType (line 25) | def GetColumnType(self, col):
method GetValueByRow (line 28) | def GetValueByRow(self, row, col):
method GetColumnCount (line 34) | def GetColumnCount(self):
method GetCount (line 37) | def GetCount(self):
method GetAttrByRow (line 42) | def GetAttrByRow(self, row, col, attr):
method Compare (line 50) | def Compare(self, item1, item2, col, ascending):
method DeleteRows (line 64) | def DeleteRows(self, rows):
method AddRow (line 76) | def AddRow(self, value):
method Clear (line 80) | def Clear(self):
method DeleteRows_by_filter (line 84) | def DeleteRows_by_filter(self, filter_string):
FILE: src/wfuzz/wfuzz.py
function print_profiling (line 21) | def print_profiling(profiling_list, profiling_header):
function main (line 37) | def main():
function main_filter (line 96) | def main_filter():
function main_encoder (line 173) | def main_encoder():
function main_gui (line 234) | def main_gui():
FILE: tests/acceptance/test_saved_filter.py
function get_temp_file (line 8) | def get_temp_file():
function test_filter_prev_payload (line 15) | def test_filter_prev_payload():
FILE: tests/api/test_encoders.py
function test_encode (line 24) | def test_encode(encoder, text, expected_result):
function test_decode (line 42) | def test_decode(encoder, text, expected_result):
FILE: tests/api/test_payload.py
function test_payload_iterator (line 102) | def test_payload_iterator(params, expected_result):
function test_get_payload (line 110) | def test_get_payload(payload, expected_result):
FILE: tests/api/test_session.py
function test_get_payload (line 71) | def test_get_payload(session, expected_result):
FILE: tests/conftest.py
function full_fuzzres (line 12) | def full_fuzzres(request):
function full_fuzzreq (line 21) | def full_fuzzreq(request):
function fuzzres_from_url (line 30) | def fuzzres_from_url(request):
function filter_obj (line 38) | def filter_obj():
function example_full_fuzzres (line 43) | def example_full_fuzzres():
function example_full_fuzzres_content (line 72) | def example_full_fuzzres_content(request):
function example_full_fuzzres_no_response (line 103) | def example_full_fuzzres_no_response():
function get_plugin (line 113) | def get_plugin():
FILE: tests/factories/test_seedbasebuilder.py
function test_get_marker_dict (line 107) | def test_get_marker_dict(full_fuzzreq, expected_result):
function test_replace_markers (line 134) | def test_replace_markers(session_string, dictio, expected_field, expecte...
FILE: tests/filters/test_filter.py
function test_filter_ret_values (line 27) | def test_filter_ret_values(
function test_filter_ret_values_no_response (line 42) | def test_filter_ret_values_no_response(
function test_filter_operators (line 68) | def test_filter_operators(
FILE: tests/filters/test_filter_codes.py
function test_urlp (line 45) | def test_urlp(filter_obj, fuzzres_from_url, filter_string, expected_resu...
function test_ispath (line 54) | def test_ispath(filter_obj, fuzzres_from_url, filter_string, expected_re...
function test_pstrip (line 69) | def test_pstrip(filter_obj, fuzzres_from_url, filter_string, expected_re...
FILE: tests/filters/test_filter_urlp.py
function test_urlp (line 45) | def test_urlp(filter_obj, fuzzres_from_url, filter_string, expected_resu...
function test_ispath (line 54) | def test_ispath(filter_obj, fuzzres_from_url, filter_string, expected_re...
function test_pstrip (line 69) | def test_pstrip(filter_obj, fuzzres_from_url, filter_string, expected_re...
FILE: tests/filters/test_prefilter_mangle.py
function test_url_set (line 21) | def test_url_set(filter_obj, fuzzres_from_url, filter_string, expected_r...
function test_params_set_no_value (line 31) | def test_params_set_no_value(
function test_params_set (line 79) | def test_params_set(filter_obj, fuzzres_from_url, filter_string, expecte...
FILE: tests/filters/test_prefilter_mangle_codes.py
function test_code_set (line 8) | def test_code_set(filter_obj, example_full_fuzzres, filter_string, expec...
FILE: tests/helpers/test_dotdict.py
function dotdict_ex1 (line 8) | def dotdict_ex1():
function dotdict_ex2 (line 13) | def dotdict_ex2():
function test_operators (line 17) | def test_operators(dotdict_ex1, dotdict_ex2):
function test_nonexisting_key_returns_none (line 25) | def test_nonexisting_key_returns_none(dotdict_ex1):
function test_nonexisting_attr_returns_empty_dict (line 29) | def test_nonexisting_attr_returns_empty_dict(dotdict_ex1):
FILE: tests/helpers/test_insensitive_dict.py
function case_dict (line 7) | def case_dict():
function test_key_get_item (line 12) | def test_key_get_item(case_dict, key, expected_result):
function test_key_in_item (line 21) | def test_key_in_item(case_dict, key, expected_result):
function test_update (line 25) | def test_update():
function test_key_in (line 33) | def test_key_in(case_dict):
FILE: tests/plugins/test_burplog.py
function burplog_file (line 17) | def burplog_file(request):
function test_burplog_content (line 189) | def test_burplog_content(burplog_file, expected_content):
function test_burplog_headers (line 285) | def test_burplog_headers(burplog_file, expected_req_headers, expected_re...
FILE: tests/plugins/test_links.py
function test_parsed_links (line 28) | def test_parsed_links(example_full_fuzzres_content, get_plugin, expected...
function test_regex_option (line 61) | def test_regex_option(example_full_fuzzres_content, get_plugin, expected...
FILE: tests/plugins/test_summary.py
function test_sum_plugin_output (line 7) | def test_sum_plugin_output(example_full_fuzzres):
function test_find_plugin_output_from_factory (line 14) | def test_find_plugin_output_from_factory():
function test_find_plugin_output (line 28) | def test_find_plugin_output(get_plugin):
FILE: tests/server_dir/simple_server.py
class GetHandler (line 9) | class GetHandler(SimpleHTTPRequestHandler):
method do_HEAD (line 10) | def do_HEAD(self):
method do_GET (line 40) | def do_GET(self):
method do_POST (line 70) | def do_POST(self):
FILE: tests/test_acceptance.py
class DynamicTests (line 1315) | class DynamicTests(unittest.TestCase):
function wfuzz_me_test_generator (line 1323) | def wfuzz_me_test_generator(url, payloads, params, expected_list, extra_...
function wfuzz_me_test_generator_exception (line 1368) | def wfuzz_me_test_generator_exception(fn, exception_string):
function wfuzz_me_test_generator_saveres (line 1377) | def wfuzz_me_test_generator_saveres(url, payloads, params, expected_list):
function wfuzz_me_test_generator_recipe (line 1416) | def wfuzz_me_test_generator_recipe(url, payloads, params, expected_list):
function wfuzz_me_test_generator_previous_session (line 1449) | def wfuzz_me_test_generator_previous_session(
function create_test (line 1474) | def create_test(
function create_tests_from_list (line 1485) | def create_tests_from_list(test_list):
function duplicate_tests_diff_params (line 1493) | def duplicate_tests_diff_params(
function duplicate_tests (line 1519) | def duplicate_tests(test_list, group, test_gen_fun):
function create_savedsession_tests (line 1535) | def create_savedsession_tests(test_list, test_gen_fun):
function create_tests (line 1549) | def create_tests():
FILE: tests/test_api.py
class APITests (line 20) | class APITests(unittest.TestCase):
method test_payload_description (line 21) | def test_payload_description(self):
method test_payload (line 124) | def test_payload(self):
FILE: tests/test_clparser.py
class CLParserTest (line 6) | class CLParserTest(unittest.TestCase):
method test_listplugins (line 7) | def test_listplugins(self):
method test_ip_option (line 13) | def test_ip_option(self):
method test_ze_zd_option (line 33) | def test_ze_zd_option(self):
FILE: tests/test_filterintro.py
class FilterTest (line 30) | class FilterTest(unittest.TestCase):
method __init__ (line 31) | def __init__(self, *args, **kwargs):
method get_filtered_fuzzrequest (line 35) | def get_filtered_fuzzrequest(self, filter_str):
method test_nonexisting (line 46) | def test_nonexisting(self):
FILE: tests/test_moduleman.py
class test_plugin1 (line 21) | class test_plugin1:
class test_plugin2 (line 34) | class test_plugin2:
class test_plugin3 (line 47) | class test_plugin3:
class ModuleFilterTests (line 59) | class ModuleFilterTests(unittest.TestCase):
method test_load_dir2 (line 60) | def test_load_dir2(self):
method test_load_file (line 118) | def test_load_file(self):
method test_simple_filter (line 144) | def test_simple_filter(self):
method test_plugin_decorator (line 179) | def test_plugin_decorator(self):
FILE: tests/test_relativeurl.py
function full_fuzzreq (line 9) | def full_fuzzreq(request):
function test_relative_url (line 66) | def test_relative_url(full_fuzzreq, expected_result):
function test_is_path (line 134) | def test_is_path(full_fuzzreq, expected_result):
FILE: tests/test_req_parse.py
class ParseRequestTest (line 114) | class ParseRequestTest(unittest.TestCase):
method __init__ (line 115) | def __init__(self, *args, **kwargs):
method test_2_ways_of_parsing_content (line 119) | def test_2_ways_of_parsing_content(self):
method test_parse_multi_raw_request (line 135) | def test_parse_multi_raw_request(self):
method test_parse_raw_multi_response (line 143) | def test_parse_raw_multi_response(self):
method test_parse_get_crlf_request (line 150) | def test_parse_get_crlf_request(self):
method test_parse_crlf_post_request (line 157) | def test_parse_crlf_post_request(self):
FILE: tests/test_reqresp.py
class FuzzResultFactoryTest (line 34) | class FuzzResultFactoryTest(unittest.TestCase):
method __init__ (line 35) | def __init__(self, *args, **kwargs):
method test_baseline (line 39) | def test_baseline(self):
method test_from_conn (line 63) | def test_from_conn(self):
class FuzzRequestTest (line 73) | class FuzzRequestTest(unittest.TestCase):
method __init__ (line 74) | def __init__(self, *args, **kwargs):
method test_seturl (line 78) | def test_seturl(self):
method test_empy_post (line 135) | def test_empy_post(self):
method test_setpostdata (line 157) | def test_setpostdata(self):
method test_setgetdata (line 192) | def test_setgetdata(self):
method test_allvars (line 200) | def test_allvars(self):
method test_cache_key (line 226) | def test_cache_key(self):
method test_cache_key_json_header_before (line 263) | def test_cache_key_json_header_before(self):
method test_cache_key_json_header_after (line 271) | def test_cache_key_json_header_after(self):
method test_cache_key_get_var (line 279) | def test_cache_key_get_var(self):
method test_get_vars (line 285) | def test_get_vars(self):
method test_setpostdata_with_json (line 298) | def test_setpostdata_with_json(self):
method test_post_bad_json (line 311) | def test_post_bad_json(self):
Condensed preview — 235 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (1,883K chars).
[
{
"path": ".flake8",
"chars": 98,
"preview": "[flake8]\nmax-line-length = 80\nselect = C,E,F,W,B,B950\nignore = E203, E501, W503, E402, F401, W504\n"
},
{
"path": ".github/dependabot.yml",
"chars": 295,
"preview": "version: 2\nupdates:\n\n - package-ecosystem: \"github-actions\"\n directory: \"/\"\n schedule:\n interval: \"daily\"\n\n "
},
{
"path": ".github/workflows/docker-release.yml",
"chars": 917,
"preview": "name: docker-release\n\non:\n release:\n types: [published]\n\njobs:\n docker:\n name: Build and push Docker image\n r"
},
{
"path": ".gitignore",
"chars": 739,
"preview": "wfuzz.ini\n\n# Byte-compiled / optimized / DLL files\n__pycache__/\n*.py[cod]\n\n# C extensions\n*.so\n\n# Distribution / packagi"
},
{
"path": ".travis.yml",
"chars": 1471,
"preview": "sudo: required\nlanguage: python\nservices:\n - docker\npython:\n - \"3.4\"\n - \"3.5\"\n - \"3.6\"\n - \"3.7\"\n - \"3.8\"\nbefore_in"
},
{
"path": "Dockerfile",
"chars": 258,
"preview": "FROM python:3.8-alpine3.12 as builder\n\nRUN apk add --no-cache build-base curl-dev\n\nCOPY . wfuzz/\n\nWORKDIR wfuzz/\n\nRUN py"
},
{
"path": "ISSUE_TEMPLATE.md",
"chars": 483,
"preview": "# Issue template\n\n## Context\n\n**Please check:**\n\n- [ ] I've read the docs for [Wfuzz](http://wfuzz.readthedocs.io/)\n\n**P"
},
{
"path": "LICENSE",
"chars": 18027,
"preview": "GNU GENERAL PUBLIC LICENSE\n Version 2, June 1991\n\n Copyright (C) 1989, 1991 Free Software Foundati"
},
{
"path": "MANIFEST.in",
"chars": 49,
"preview": "include README.md\ninclude LICENSE\ninclude docs/*\n"
},
{
"path": "Makefile",
"chars": 1153,
"preview": ".PHONY: docs\ntox:\n\tpip install tox\n\ttox --recreate\ntest:\n\tpytest -v -s tests/\nflake8:\n\tblack --check src tests\n\tflake8 s"
},
{
"path": "README.md",
"chars": 2417,
"preview": "<img src=\"https://github.com/xmendez/wfuzz/blob/master/docs/_static/logo/wfuzz_letters.svg\" width=\"500\">\n\n[![Build Statu"
},
{
"path": "docs/Makefile",
"chars": 602,
"preview": "# Minimal makefile for Sphinx documentation\n#\n\n# You can set these variables from the command line.\nSPHINXOPTS =\nSPHI"
},
{
"path": "docs/_templates/sidebarlogo.html",
"chars": 1098,
"preview": "<p class=\"logo\">\n <a href=\"{{ pathto(master_doc) }}\">\n <img class=\"logo\" src=\"{{ pathto('_static/logo/wfuzz.svg', 1)"
},
{
"path": "docs/conf.py",
"chars": 5032,
"preview": "# -*- coding: utf-8 -*-\n#\n# Wfuzz documentation build configuration file, created by\n# sphinx-quickstart on Thu Mar 2 1"
},
{
"path": "docs/dev/plugins.rst",
"chars": 100,
"preview": "Plugin template\n===============\n\nPrinter template\n===============\n\nEncoder template\n===============\n"
},
{
"path": "docs/index.rst",
"chars": 5503,
"preview": ".. Wfuzz documentation master file, created by\n sphinx-quickstart on Thu Mar 2 13:44:00 2017.\n You can adapt this f"
},
{
"path": "docs/library/guide.rst",
"chars": 7561,
"preview": "Python library\n===============\n\nWfuzz's Python library allows to automate tasks and integrate Wfuzz into new tools or sc"
},
{
"path": "docs/make.bat",
"chars": 809,
"preview": "@ECHO OFF\r\n\r\npushd %~dp0\r\n\r\nREM Command file for Sphinx documentation\r\n\r\nif \"%SPHINXBUILD%\" == \"\" (\r\n\tset SPHINXBUILD=sp"
},
{
"path": "docs/user/advanced.rst",
"chars": 38827,
"preview": "Advanced Usage\n===============\n\nWfuzz global options\n--------------------\n\nWfuzz global options can be tweaked by modify"
},
{
"path": "docs/user/basicusage.rst",
"chars": 12528,
"preview": "Basic Usage\n===============\n\nFuzzing Paths and Files\n-----------------------\n\nWfuzz can be used to look for hidden conte"
},
{
"path": "docs/user/breaking.rst",
"chars": 290,
"preview": "Breaking changes\n=============\n\nFollowing https://semver.org/ versioning since Wfuzz 3.0.0.\n\n* Wfuzz 3.0.0:\n * In wfu"
},
{
"path": "docs/user/getting.rst",
"chars": 11130,
"preview": "Getting Started\n===============\n\nA typical Wfuzz command line execution, specifying a dictionary payload and a URL, look"
},
{
"path": "docs/user/installation.rst",
"chars": 5802,
"preview": "Installation\n==================================\n\nPip install Wfuzz\n--------------------\n\nTo install WFuzz using `pip <ht"
},
{
"path": "docs/user/wfpayload.rst",
"chars": 3059,
"preview": "wfpayload\n=========\n\nwfpayload uses the same motor as wfuzz but instead of performing HTTP requests, uses wfuzz's payloa"
},
{
"path": "requirements.txt",
"chars": 647,
"preview": "#\n# This file is autogenerated by pip-compile\n# To update, run:\n#\n# pip-compile --output-file=requirements.txt setup."
},
{
"path": "setup.py",
"chars": 2530,
"preview": "import os\nimport sys\nimport re\nfrom setuptools import setup, find_packages\n\nwith open(\"README.md\", \"rb\") as f:\n long_"
},
{
"path": "src/wfencode.py",
"chars": 106,
"preview": "#!/usr/bin/env python\nfrom wfuzz.wfuzz import main_encoder\n\nif __name__ == \"__main__\":\n main_encoder()\n"
},
{
"path": "src/wfpayload.py",
"chars": 104,
"preview": "#!/usr/bin/env python\nfrom wfuzz.wfuzz import main_filter\n\nif __name__ == \"__main__\":\n main_filter()\n"
},
{
"path": "src/wfuzz/__init__.py",
"chars": 1667,
"preview": "__title__ = \"wfuzz\"\n__version__ = \"3.1.0\"\n__build__ = 0x023000\n__author__ = \"Xavier Mendez\"\n__license__ = \"GPL 2.0\"\n__co"
},
{
"path": "src/wfuzz/__main__.py",
"chars": 32,
"preview": "from .wfuzz import main\n\nmain()\n"
},
{
"path": "src/wfuzz/api.py",
"chars": 722,
"preview": "from .options import FuzzSession\nfrom .facade import Facade\nfrom .ui.console.clparser import CLParser\n\n\"\"\"\nWfuzz API\n\"\"\""
},
{
"path": "src/wfuzz/core.py",
"chars": 4251,
"preview": "from .fuzzobjects import FuzzType\n\nfrom .myqueues import MyPriorityQueue, QueueManager\nfrom .fuzzqueues import (\n See"
},
{
"path": "src/wfuzz/dictionaries.py",
"chars": 4718,
"preview": "from .exception import FuzzExceptNoPluginError, FuzzExceptBadOptions\nfrom .facade import Facade\nfrom .filters.ppfilter i"
},
{
"path": "src/wfuzz/exception.py",
"chars": 820,
"preview": "class FuzzException(Exception):\n pass\n\n\nclass FuzzExceptBadOptions(FuzzException):\n pass\n\n\nclass FuzzExceptNoPlugi"
},
{
"path": "src/wfuzz/externals/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/externals/moduleman/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/externals/moduleman/loader.py",
"chars": 5152,
"preview": "import inspect\nimport logging\nimport imp\nimport os.path\n\n\nclass IModuleLoader:\n def __init__(self, **params):\n "
},
{
"path": "src/wfuzz/externals/moduleman/modulefilter.py",
"chars": 4797,
"preview": "# mimicking nmap script filter\n\n\n# nmap --script \"http-*\"\n# Loads all scripts whose name starts with http-, such as "
},
{
"path": "src/wfuzz/externals/moduleman/plugin.py",
"chars": 552,
"preview": "try:\n from collections.abc import Callable\nexcept ImportError:\n from collections import Callable\n\n\ndef moduleman_p"
},
{
"path": "src/wfuzz/externals/moduleman/registrant.py",
"chars": 4670,
"preview": "from .modulefilter import Filter\nfrom collections import defaultdict\n\ntry:\n from collections.abc import MutableMappin"
},
{
"path": "src/wfuzz/externals/reqresp/Request.py",
"chars": 15917,
"preview": "# Covered by GPL V2.0\n# Coded by Carlos del Ojo Elias (deepbit@gmail.com)\n# Lately maintained by Xavi Mendez (xmendez@ed"
},
{
"path": "src/wfuzz/externals/reqresp/Response.py",
"chars": 7256,
"preview": "import re\nimport cgi\n\nfrom io import BytesIO\nimport gzip\nimport zlib\n\nfrom .TextParser import TextParser\n\nfrom wfuzz.hel"
},
{
"path": "src/wfuzz/externals/reqresp/TextParser.py",
"chars": 4204,
"preview": "# Covered by GPL V2.0\n# Coded by Carlos del Ojo Elias (deepbit@gmail.com)\n\nimport sys\nimport re\n\n# python 2 and 3: itera"
},
{
"path": "src/wfuzz/externals/reqresp/Variables.py",
"chars": 3685,
"preview": "from .TextParser import TextParser\nimport json\n\n\nclass Variable:\n def __init__(self, name, value=\"\", extraInfo=\"\"):\n "
},
{
"path": "src/wfuzz/externals/reqresp/__init__.py",
"chars": 60,
"preview": "from .Request import Request\nfrom .Response import Response\n"
},
{
"path": "src/wfuzz/externals/reqresp/cache.py",
"chars": 713,
"preview": "from collections import defaultdict\n\n\nclass HttpCache:\n def __init__(self):\n # cache control\n self.__ca"
},
{
"path": "src/wfuzz/externals/reqresp/exceptions.py",
"chars": 244,
"preview": "class ReqRespException(Exception):\n FATAL, RESOLVE_PROXY, RESOLVE_HOST, CONNECT_HOST, SSL, TIMEOUT = list(range(6))\n\n"
},
{
"path": "src/wfuzz/externals/settings/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/externals/settings/settings.py",
"chars": 2680,
"preview": "# Python 2 and 3 (after ``pip install configparser``):\ntry:\n from configparser import ConfigParser\nexcept ImportError"
},
{
"path": "src/wfuzz/facade.py",
"chars": 3285,
"preview": "from .helpers.file_func import get_home, get_path, get_config_dir\nfrom .helpers.obj_factory import Singleton\nfrom . impo"
},
{
"path": "src/wfuzz/factories/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/factories/dictfactory.py",
"chars": 4015,
"preview": "# Python 2 and 3: zip_longest\ntry:\n from itertools import zip_longest\nexcept ImportError:\n from itertools import i"
},
{
"path": "src/wfuzz/factories/fuzzfactory.py",
"chars": 903,
"preview": "from ..fuzzrequest import FuzzRequest\n\nfrom ..helpers.obj_factory import ObjectFactory, SeedBuilderHelper\n\n\nclass FuzzRe"
},
{
"path": "src/wfuzz/factories/fuzzresfactory.py",
"chars": 4150,
"preview": "import copy\n\nfrom .fuzzfactory import reqfactory\nfrom .payman import payman_factory\n\nfrom ..fuzzobjects import FuzzResul"
},
{
"path": "src/wfuzz/factories/payman.py",
"chars": 1416,
"preview": "from ..fuzzobjects import FPayloadManager, FuzzWord, FuzzWordType\n\nfrom ..helpers.obj_factory import ObjectFactory, Seed"
},
{
"path": "src/wfuzz/factories/plugin_factory.py",
"chars": 1905,
"preview": "from ..helpers.obj_factory import ObjectFactory\n\nfrom ..fuzzobjects import FuzzPlugin, FuzzError\nfrom ..factories.fuzzre"
},
{
"path": "src/wfuzz/factories/reqresp_factory.py",
"chars": 4019,
"preview": "import abc\n\nimport pycurl\n\nfrom ..helpers.obj_factory import HttpRequestFactory\nfrom ..helpers.str_func import (\n pyt"
},
{
"path": "src/wfuzz/filters/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/filters/ppfilter.py",
"chars": 13771,
"preview": "from ..exception import FuzzExceptIncorrectFilter, FuzzExceptBadOptions\nfrom ..helpers.obj_dyn import (\n rgetattr,\n "
},
{
"path": "src/wfuzz/filters/simplefilter.py",
"chars": 3567,
"preview": "from ..exception import FuzzExceptBadOptions\n\nimport re\nimport collections\n\nfrom ..facade import BASELINE_CODE\n\n\nclass F"
},
{
"path": "src/wfuzz/fuzzobjects.py",
"chars": 11996,
"preview": "import time\nimport hashlib\nimport re\nimport itertools\nfrom enum import Enum\n\nfrom threading import Lock\nfrom collections"
},
{
"path": "src/wfuzz/fuzzqueues.py",
"chars": 14220,
"preview": "import time\nimport pickle as pickle\nimport gzip\nfrom threading import Thread, Event\nfrom queue import Queue\nfrom collect"
},
{
"path": "src/wfuzz/fuzzrequest.py",
"chars": 11147,
"preview": "import pycurl\n\n# Python 2 and 3\nimport sys\n\nif sys.version_info >= (3, 0):\n from urllib.parse import urlparse\nelse:\n "
},
{
"path": "src/wfuzz/helpers/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/helpers/file_func.py",
"chars": 4484,
"preview": "import os\nimport sys\nimport re\nimport pkg_resources\n\nfrom chardet.universaldetector import UniversalDetector\nimport char"
},
{
"path": "src/wfuzz/helpers/obj_dic.py",
"chars": 2161,
"preview": "from collections.abc import MutableMapping\nfrom itertools import chain\n\n\nclass CaseInsensitiveDict(MutableMapping):\n "
},
{
"path": "src/wfuzz/helpers/obj_dyn.py",
"chars": 2627,
"preview": "import functools\nfrom .obj_dic import DotDict\n\n\nallowed_fields = [\n \"description\",\n \"nres\",\n \"code\",\n \"chars"
},
{
"path": "src/wfuzz/helpers/obj_factory.py",
"chars": 4429,
"preview": "import re\nimport abc\n\nfrom ..helpers.obj_dyn import (\n rgetattr,\n rsetattr,\n)\nfrom ..exception import FuzzExceptBa"
},
{
"path": "src/wfuzz/helpers/str_func.py",
"chars": 2893,
"preview": "import re\nimport sys\nimport six\n\n\nfrom .obj_dic import DotDict\n\n\ndef json_minify(string, strip_space=True):\n \"\"\"\n "
},
{
"path": "src/wfuzz/helpers/utils.py",
"chars": 701,
"preview": "from threading import Lock\nimport difflib\n\n\nclass MyCounter:\n def __init__(self, count=0):\n self._count = coun"
},
{
"path": "src/wfuzz/mixins.py",
"chars": 1481,
"preview": "from .plugin_api.urlutils import parse_url\nfrom .exception import FuzzExceptBadInstall\n\n# python 2 and 3\nimport sys\n\nif "
},
{
"path": "src/wfuzz/myhttp.py",
"chars": 8028,
"preview": "import pycurl\nfrom io import BytesIO\nfrom threading import Thread, Lock\nimport itertools\nfrom queue import Queue\nimport "
},
{
"path": "src/wfuzz/myqueues.py",
"chars": 9891,
"preview": "import collections\n\n# python 2 and 3\ntry:\n from itertools import zip_longest\nexcept ImportError:\n from itertools i"
},
{
"path": "src/wfuzz/options.py",
"chars": 12920,
"preview": "from .exception import (\n FuzzExceptBadRecipe,\n FuzzExceptBadOptions,\n FuzzExceptBadFile,\n)\nfrom .facade import"
},
{
"path": "src/wfuzz/plugin_api/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/plugin_api/base.py",
"chars": 5234,
"preview": "from wfuzz.fuzzobjects import FuzzWord, FuzzPlugin\nfrom wfuzz.exception import (\n FuzzExceptBadFile,\n FuzzExceptBa"
},
{
"path": "src/wfuzz/plugin_api/mixins.py",
"chars": 338,
"preview": "# Plugins specializations with common methods useful for their own type\nfrom wfuzz.plugin_api.urlutils import parse_url\n"
},
{
"path": "src/wfuzz/plugin_api/payloadtools.py",
"chars": 12726,
"preview": "from wfuzz.exception import (\n FuzzExceptMissingAPIKey,\n FuzzExceptResourceParseError,\n FuzzExceptPluginLoadErr"
},
{
"path": "src/wfuzz/plugin_api/urlutils.py",
"chars": 2818,
"preview": "import os\n\n\n# Python 2 and 3\nimport sys\n\nif sys.version_info >= (3, 0):\n from urllib.parse import ParseResult\n fro"
},
{
"path": "src/wfuzz/plugins/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/plugins/encoders/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/plugins/encoders/encoders.py",
"chars": 14768,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\n\n# Python 2 and 3\ntry:\n from urllib.parse import quote\n"
},
{
"path": "src/wfuzz/plugins/iterators/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/plugins/iterators/iterations.py",
"chars": 2348,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.dictionaries import BaseIterator\n\nimport iterto"
},
{
"path": "src/wfuzz/plugins/payloads/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/plugins/payloads/autorize.py",
"chars": 2490,
"preview": "import re\nimport base64\n\nfrom wfuzz.exception import FuzzExceptBadFile\nfrom wfuzz.fuzzobjects import FuzzResult, FuzzWor"
},
{
"path": "src/wfuzz/plugins/payloads/bing.py",
"chars": 1287,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.plugin_api.payloadtools import BingIter\nfrom wf"
},
{
"path": "src/wfuzz/plugins/payloads/buffer_overflow.py",
"chars": 1004,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.plugin_api.base import BasePayload\nfrom wfuzz.f"
},
{
"path": "src/wfuzz/plugins/payloads/burpitem.py",
"chars": 2492,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.exception import FuzzExceptBadFile\nfrom wfuzz.f"
},
{
"path": "src/wfuzz/plugins/payloads/burplog.py",
"chars": 4128,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.exception import FuzzExceptBadFile\nfrom wfuzz.f"
},
{
"path": "src/wfuzz/plugins/payloads/burpstate.py",
"chars": 8104,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.exception import FuzzExceptBadFile, FuzzExceptB"
},
{
"path": "src/wfuzz/plugins/payloads/dirwalk.py",
"chars": 1495,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.plugin_api.base import BasePayload\nfrom wfuzz.f"
},
{
"path": "src/wfuzz/plugins/payloads/file.py",
"chars": 1900,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.exception import FuzzExceptBadFile\nfrom wfuzz.p"
},
{
"path": "src/wfuzz/plugins/payloads/guitab.py",
"chars": 1314,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.plugin_api.base import BasePayload\nfrom wfuzz.f"
},
{
"path": "src/wfuzz/plugins/payloads/hexrand.py",
"chars": 1636,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.plugin_api.base import BasePayload\nfrom wfuzz.e"
},
{
"path": "src/wfuzz/plugins/payloads/hexrange.py",
"chars": 1661,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.plugin_api.base import BasePayload\nfrom wfuzz.e"
},
{
"path": "src/wfuzz/plugins/payloads/ipnet.py",
"chars": 1763,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.exception import FuzzExceptPluginBadParams, Fuz"
},
{
"path": "src/wfuzz/plugins/payloads/iprange.py",
"chars": 1717,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.exception import FuzzExceptPluginBadParams, Fuz"
},
{
"path": "src/wfuzz/plugins/payloads/list.py",
"chars": 1612,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.plugin_api.base import BasePayload\nfrom wfuzz.f"
},
{
"path": "src/wfuzz/plugins/payloads/names.py",
"chars": 3282,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.plugin_api.base import BasePayload\nfrom wfuzz.f"
},
{
"path": "src/wfuzz/plugins/payloads/permutation.py",
"chars": 1709,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.plugin_api.base import BasePayload\nfrom wfuzz.e"
},
{
"path": "src/wfuzz/plugins/payloads/range.py",
"chars": 1635,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.exception import FuzzExceptPluginBadParams\nfrom"
},
{
"path": "src/wfuzz/plugins/payloads/shodanp.py",
"chars": 1602,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.plugin_api.payloadtools import ShodanIter\nfrom "
},
{
"path": "src/wfuzz/plugins/payloads/stdin.py",
"chars": 750,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.plugin_api.base import BasePayload\nfrom wfuzz.f"
},
{
"path": "src/wfuzz/plugins/payloads/wfuzzp.py",
"chars": 2277,
"preview": "import pickle as pickle\nimport gzip\n\nfrom wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.exception "
},
{
"path": "src/wfuzz/plugins/printers/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/plugins/printers/printers.py",
"chars": 13472,
"preview": "import socket\nimport csv as csvmod\nimport json as jjson\nfrom xml.dom import minidom\n\nfrom wfuzz.externals.moduleman.plug"
},
{
"path": "src/wfuzz/plugins/scripts/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/plugins/scripts/backups.py",
"chars": 2068,
"preview": "from wfuzz.externals.moduleman.plugin import moduleman_plugin\nfrom wfuzz.plugin_api.base import BasePlugin\n\n# Python 2 a"
},
{
"path": "src/wfuzz/plugins/scripts/cookies.py",
"chars": 1132,
"preview": "from wfuzz.plugin_api.base import BasePlugin\nfrom wfuzz.externals.moduleman.plugin import moduleman_plugin\n\n\nKBASE_NEW_C"
},
{
"path": "src/wfuzz/plugins/scripts/cvs_extractor.py",
"chars": 1612,
"preview": "# Python 2 and 3\ntry:\n from urllib.parse import urljoin\nexcept ImportError:\n from urlparse import urljoin\n\nfrom wf"
},
{
"path": "src/wfuzz/plugins/scripts/errors.py",
"chars": 4128,
"preview": "import re\n\nfrom wfuzz.plugin_api.base import BasePlugin\nfrom wfuzz.externals.moduleman.plugin import moduleman_plugin\n\n\n"
},
{
"path": "src/wfuzz/plugins/scripts/grep.py",
"chars": 1199,
"preview": "import re\n\nfrom wfuzz.plugin_api.base import BasePlugin\nfrom wfuzz.exception import FuzzExceptPluginBadParams\nfrom wfuzz"
},
{
"path": "src/wfuzz/plugins/scripts/headers.py",
"chars": 5090,
"preview": "from wfuzz.plugin_api.base import BasePlugin\nfrom wfuzz.externals.moduleman.plugin import moduleman_plugin\n\nimport re\n\nK"
},
{
"path": "src/wfuzz/plugins/scripts/links.py",
"chars": 5921,
"preview": "import re\n\n# Python 2 and 3\ntry:\n from urllib.parse import urljoin\nexcept ImportError:\n from urlparse import urljo"
},
{
"path": "src/wfuzz/plugins/scripts/listing.py",
"chars": 1791,
"preview": "import re\n\nfrom wfuzz.plugin_api.base import BasePlugin\nfrom wfuzz.externals.moduleman.plugin import moduleman_plugin\n\n\n"
},
{
"path": "src/wfuzz/plugins/scripts/npm_deps.py",
"chars": 1674,
"preview": "import re\n\nfrom wfuzz.plugin_api.base import BasePlugin\nfrom wfuzz.exception import FuzzExceptPluginBadParams\nfrom wfuzz"
},
{
"path": "src/wfuzz/plugins/scripts/robots.py",
"chars": 1800,
"preview": "import sys\n\n# Python 2 and 3\nif sys.version_info >= (3, 0):\n from urllib.parse import urljoin\nelse:\n from urlparse"
},
{
"path": "src/wfuzz/plugins/scripts/screenshot.py",
"chars": 1398,
"preview": "from wfuzz.plugin_api.base import BasePlugin\nfrom wfuzz.externals.moduleman.plugin import moduleman_plugin\n\nimport subpr"
},
{
"path": "src/wfuzz/plugins/scripts/sitemap.py",
"chars": 1206,
"preview": "from wfuzz.plugin_api.mixins import DiscoveryPluginMixin\nfrom wfuzz.plugin_api.base import BasePlugin\nfrom wfuzz.excepti"
},
{
"path": "src/wfuzz/plugins/scripts/svn_extractor.py",
"chars": 2193,
"preview": "# Python 2 and 3\ntry:\n from urllib.parse import urljoin\nexcept ImportError:\n from urlparse import urljoin\n\nfrom wf"
},
{
"path": "src/wfuzz/plugins/scripts/title.py",
"chars": 881,
"preview": "from wfuzz.plugin_api.base import BasePlugin\nfrom wfuzz.externals.moduleman.plugin import moduleman_plugin\n\n\n@moduleman_"
},
{
"path": "src/wfuzz/plugins/scripts/wcdb.py",
"chars": 2484,
"preview": "# Python 2 and 3\ntry:\n from urllib.parse import urljoin\nexcept ImportError:\n from urlparse import urljoin\n\nfrom wf"
},
{
"path": "src/wfuzz/ui/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/ui/console/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/ui/console/clparser.py",
"chars": 20210,
"preview": "import re\nimport sys\nimport getopt\nimport warnings\nfrom collections import defaultdict\n\nfrom wfuzz.helpers.file_func imp"
},
{
"path": "src/wfuzz/ui/console/common.py",
"chars": 15081,
"preview": "import sys\nfrom wfuzz import __version__ as version\nimport os\n\nif os.name == \"nt\":\n import colorama\n\n colorama.ini"
},
{
"path": "src/wfuzz/ui/console/getch.py",
"chars": 2634,
"preview": "# http://code.activestate.com/recipes/134892/\n#\n# getch()-like unbuffered character reading from stdin on both Windows a"
},
{
"path": "src/wfuzz/ui/console/mvc.py",
"chars": 10785,
"preview": "import sys\nfrom collections import defaultdict\nimport threading\n\ntry:\n from itertools import zip_longest\nexcept Impor"
},
{
"path": "src/wfuzz/ui/console/output.py",
"chars": 6657,
"preview": "# python 2 and 3\nfrom __future__ import print_function\n\nimport math\nimport string\nimport operator\nfrom functools import "
},
{
"path": "src/wfuzz/ui/gui/__init__.py",
"chars": 0,
"preview": ""
},
{
"path": "src/wfuzz/ui/gui/controller.py",
"chars": 2250,
"preview": "import wx\n\nfrom .ui.console.clparser import CLParser\nfrom .ui.gui.model import GUIModel\nfrom .facade import Facade\n\nif \""
},
{
"path": "src/wfuzz/ui/gui/guicontrols.py",
"chars": 10862,
"preview": "import wx\nimport wx.py\nimport wx.grid\nimport wx.aui\nimport wx.html\n\nimport wx.lib.agw.aui as aui\nimport wx.dataview as d"
},
{
"path": "src/wfuzz/ui/gui/model.py",
"chars": 3026,
"preview": "from collections import namedtuple\nimport wx.dataview as dv\n\nfrom wfuzz.filters.ppfilter import FuzzResFilter\n\nRow = nam"
},
{
"path": "src/wfuzz/wfuzz.py",
"chars": 6755,
"preview": "#!/usr/bin/env python\nimport sys\nimport warnings\n\nfrom .core import Fuzzer\nfrom .facade import Facade\nfrom .exception im"
},
{
"path": "src/wfuzz-cli.py",
"chars": 91,
"preview": "#!/usr/bin/env python\n\nfrom wfuzz.wfuzz import main\n\nif __name__ == \"__main__\":\n main()\n"
},
{
"path": "src/wxfuzz.py",
"chars": 99,
"preview": "#!/usr/bin/env python\n\nfrom wfuzz.wfuzz import main_gui\n\nif __name__ == \"__main__\":\n main_gui()\n"
},
{
"path": "tests/acceptance/test_saved_filter.py",
"chars": 1269,
"preview": "import pytest\nimport os\nimport tempfile\n\nimport wfuzz\n\n\ndef get_temp_file():\n temp_name = next(tempfile._get_candidat"
},
{
"path": "tests/api/test_encoders.py",
"chars": 1800,
"preview": "import pytest\nimport wfuzz\n\n\n@pytest.mark.parametrize(\n \"encoder, text, expected_result\",\n [\n (\"none\", \"tes"
},
{
"path": "tests/api/test_payload.py",
"chars": 3468,
"preview": "import pytest\nimport wfuzz\n\n\n@pytest.mark.parametrize(\n \"params, expected_result\",\n [\n (\n {\n "
},
{
"path": "tests/api/test_session.py",
"chars": 2228,
"preview": "import pytest\nimport wfuzz\n\n\n@pytest.mark.parametrize(\n \"session, expected_result\",\n [\n (\n \"-z r"
},
{
"path": "tests/conftest.py",
"chars": 3107,
"preview": "import pytest\n\n\nfrom wfuzz.fuzzrequest import FuzzRequest\nfrom wfuzz.fuzzobjects import FuzzResult\nfrom wfuzz.fuzzobject"
},
{
"path": "tests/factories/test_seedbasebuilder.py",
"chars": 4353,
"preview": "import pytest\n\nfrom wfuzz.fuzzobjects import FuzzWord, FuzzWordType\nfrom wfuzz.factories.fuzzfactory import SeedBuilderH"
},
{
"path": "tests/filters/test_filter.py",
"chars": 2559,
"preview": "import pytest\n\n\n@pytest.mark.parametrize(\n \"filter_string, expected_result\",\n [\n (\"h=28 or w=6 or l=2\", Tru"
},
{
"path": "tests/filters/test_filter_codes.py",
"chars": 2134,
"preview": "import pytest\n\n\n@pytest.mark.parametrize(\n \"fuzzres_from_url, filter_string, expected_result\",\n [\n (\n "
},
{
"path": "tests/filters/test_filter_urlp.py",
"chars": 2134,
"preview": "import pytest\n\n\n@pytest.mark.parametrize(\n \"fuzzres_from_url, filter_string, expected_result\",\n [\n (\n "
},
{
"path": "tests/filters/test_prefilter_mangle.py",
"chars": 2702,
"preview": "import pytest\n\n\n@pytest.mark.parametrize(\n \"fuzzres_from_url, filter_string, expected_result\",\n [\n (\n "
},
{
"path": "tests/filters/test_prefilter_mangle_codes.py",
"chars": 369,
"preview": "import pytest\n\n\n@pytest.mark.parametrize(\n \"filter_string, expected_result\",\n [(\"r.code:=429\", 429), (\"r.c:=404\", "
},
{
"path": "tests/helpers/test_dotdict.py",
"chars": 730,
"preview": "import pytest\n\nfrom wfuzz.helpers.obj_dic import DotDict\nfrom wfuzz.helpers.obj_dyn import rgetattr\n\n\n@pytest.fixture\nde"
},
{
"path": "tests/helpers/test_insensitive_dict.py",
"chars": 814,
"preview": "import pytest\n\nfrom wfuzz.helpers.obj_dic import CaseInsensitiveDict\n\n\n@pytest.fixture\ndef case_dict():\n return CaseI"
},
{
"path": "tests/plugins/test_burplog.py",
"chars": 11798,
"preview": "import pytest\nimport sys\nfrom io import BytesIO\n\nimport wfuzz\nfrom wfuzz.facade import Facade\n\ntry:\n # Python >= 3.3\n"
},
{
"path": "tests/plugins/test_links.py",
"chars": 2602,
"preview": "import pytest\nimport re\n\nfrom queue import Queue\n\n\n@pytest.mark.parametrize(\n \"example_full_fuzzres_content, expected"
},
{
"path": "tests/plugins/test_summary.py",
"chars": 982,
"preview": "from wfuzz.factories.plugin_factory import plugin_factory\nfrom wfuzz.fuzzobjects import FuzzPlugin\n\nfrom queue import Qu"
},
{
"path": "tests/server_dir/Dockerfile",
"chars": 100,
"preview": "FROM python:3.6-alpine\nADD . /code\nWORKDIR /code\nEXPOSE 8000/tcp\nCMD [\"python\", \"simple_server.py\"]\n"
},
{
"path": "tests/server_dir/dir/a",
"chars": 28,
"preview": "one two thre\ntwo\nthree\nfour\n"
},
{
"path": "tests/server_dir/dir/b",
"chars": 8,
"preview": "one\ntwo\n"
},
{
"path": "tests/server_dir/dir/c",
"chars": 22,
"preview": "1 2 3 4 5\n1 2 3\n1 2\n1\n"
},
{
"path": "tests/server_dir/dir/one",
"chars": 28,
"preview": "one two thre\ntwo\nthree\nfour\n"
},
{
"path": "tests/server_dir/docker-compose.yml",
"chars": 331,
"preview": "version: '2'\nservices:\n httpserver:\n build:\n context: .\n dockerfile: Dockerfile\n ports:\n - \"8000:8"
},
{
"path": "tests/server_dir/iterators/aa",
"chars": 7,
"preview": "1\n2\n3\n\n"
},
{
"path": "tests/server_dir/iterators/ac",
"chars": 8,
"preview": "ac\n1\n2\n\n"
},
{
"path": "tests/server_dir/iterators/bb",
"chars": 3,
"preview": "4\n\n"
},
{
"path": "tests/server_dir/plugins/robots.txt",
"chars": 120,
"preview": "user-agent: *\nDisallow: /osrun/*\nDisallow: /cal_endar/*\nDisallow: /crawlsnags/*\nDisallow: /static/*\nvagrant@vagrant-ubu\n"
},
{
"path": "tests/server_dir/recursive_dir/a/b/c/placeholder.txt",
"chars": 0,
"preview": ""
},
{
"path": "tests/server_dir/simple_server.py",
"chars": 3589,
"preview": "# slightly modified from\n# https://gist.github.com/trungly/5889154\n\nfrom http.server import HTTPServer\nfrom http.server "
},
{
"path": "tests/server_dir/static/placeholder.txt",
"chars": 0,
"preview": ""
},
{
"path": "tests/test_acceptance.py",
"chars": 46945,
"preview": "#!/usr/bin/python\n# -*- coding: utf-8 -*-\n\nimport copy\nimport os\nimport unittest\nimport tempfile\n\nimport wfuzz\n\nLOCAL_DO"
},
{
"path": "tests/test_api.py",
"chars": 5591,
"preview": "import unittest\nimport sys\nfrom io import BytesIO\nimport gzip\nimport pickle as pickle\n\nimport wfuzz\nfrom wfuzz.facade im"
},
{
"path": "tests/test_clparser.py",
"chars": 2668,
"preview": "import unittest\n\nfrom wfuzz.ui.console.clparser import CLParser\n\n\nclass CLParserTest(unittest.TestCase):\n def test_li"
},
{
"path": "tests/test_filterintro.py",
"chars": 1966,
"preview": "import unittest\n\n# Python 2 and 3: urlib.parse\n\nfrom wfuzz.fuzzobjects import FuzzResult\nfrom wfuzz.fuzzrequest import F"
},
{
"path": "tests/test_moduleman.py",
"chars": 7281,
"preview": "import sys\n\n\ntry:\n # Python >= 3.3\n from unittest import mock\nexcept ImportError:\n # Python < 3.3\n import mo"
},
{
"path": "tests/test_relativeurl.py",
"chars": 4602,
"preview": "import pytest\n\n# Python 2 and 3: urlib.parse\n\nfrom wfuzz.fuzzrequest import FuzzRequest\n\n\n@pytest.fixture\ndef full_fuzzr"
},
{
"path": "tests/test_req_parse.py",
"chars": 5148,
"preview": "import unittest\n\nfrom wfuzz.fuzzrequest import FuzzRequest\n\n\nhttp_post_request = \"\"\"POST /slipstream/view HTTP/1.1\nHost:"
},
{
"path": "tests/test_reqresp.py",
"chars": 12488,
"preview": "import unittest\n\n# Python 2 and 3: urlib.parse\n\nfrom wfuzz.fuzzrequest import FuzzRequest\nfrom wfuzz.ui.console.clparser"
},
{
"path": "tox.ini",
"chars": 527,
"preview": "[tox]\nenvlist = begin,docker,py38,end\n\n[testenv]\nallowlist_externals = make\ncommands =\n make flake8\n coverage run --ap"
},
{
"path": "wfencode",
"chars": 38,
"preview": "#!/bin/sh\npython src/wfencode.py \"$@\"\n"
},
{
"path": "wfencode.bat",
"chars": 31,
"preview": "call python src\\wfencode.py %*\n"
},
{
"path": "wfpayload",
"chars": 39,
"preview": "#!/bin/sh\npython src/wfpayload.py \"$@\"\n"
},
{
"path": "wfpayload.bat",
"chars": 32,
"preview": "call python src\\wfpayload.py %*\n"
},
{
"path": "wfuzz",
"chars": 39,
"preview": "#!/bin/sh\npython src/wfuzz-cli.py \"$@\"\n"
},
{
"path": "wfuzz.bat",
"chars": 32,
"preview": "call python src\\wfuzz-cli.py %*\n"
},
{
"path": "wfuzz_bash_completion",
"chars": 1786,
"preview": "# wfuzz bash completion file\n# by Xavier Mendez (xavi.mendez@gmail.com) aka Javi\n\n_wfuzz() {\n \n COMPREPLY=()\n l"
},
{
"path": "wordlist/Injections/All_attack.txt",
"chars": 10343,
"preview": "A\nTRUE\nFALSE\n0\n00\n1\n-1\n1.0\n-1.0\n2\n-2\n-20\n65536\n268435455\n-268435455\n2147483647\n0xfffffff\nNULL\nnull\n\\0\n\\00\n< script > < "
},
{
"path": "wordlist/Injections/SQL.txt",
"chars": 1580,
"preview": "'\r\n\"\r\n#\r\n-\r\n--\r\n'%20--\r\n--';\r\n'%20;\r\n=%20'\r\n=%20;\r\n=%20--\r\n\\x23\r\n\\x27\r\n\\x3D%20\\x3B'\r\n\\x3D%20\\x27\r\n\\x27\\x4F\\x52 SELECT *\r"
},
{
"path": "wordlist/Injections/Traversal.txt",
"chars": 3386,
"preview": "../../../../../../../../../../../../etc/hosts%00\r\n../../../../../../../../../../../../etc/hosts\r\n../../boot.ini\r\n/../../"
},
{
"path": "wordlist/Injections/XML.txt",
"chars": 1498,
"preview": "count(/child::node())\r\nx' or name()='username' or 'x'='y\r\n<name>','')); phpinfo(); exit;/*</name>\r\n<![CDATA[<script>var "
},
{
"path": "wordlist/Injections/XSS.txt",
"chars": 2433,
"preview": "\"><script>\"\r\n<script>alert(\"WXSS\")</script>\r\n<<script>alert(\"WXSS\");//<</script>\r\n<script>alert(document.cookie)</script"
},
{
"path": "wordlist/Injections/bad_chars.txt",
"chars": 58,
"preview": "!\n\"\n%\n%0a\n%0d\n%7f\n%ff\n%n\n%s\n%x \n&\n'\n*\n+\n,\n-\n-1\n;\n<\n=\n>\n_\n\n"
},
{
"path": "wordlist/general/admin-panels.txt",
"chars": 2441,
"preview": "account.html\naccount.php\nadm/\nadm/admloginuser.php\nadm_auth.php\nadm.html\nadmin/\nadmin2/index.php\nadmin2/login.php\nadmin2"
},
{
"path": "wordlist/general/big.txt",
"chars": 21458,
"preview": "~\n@\n0\n00\n000000\n00000000\n0007\n007\n007007\n01\n02\n0246\n0249\n03\n1\n10\n100\n1000\n1022\n10sne1\n111111\n121212\n1225\n123\n123123\n1234"
},
{
"path": "wordlist/general/catala.txt",
"chars": 1157,
"preview": "acces\nactivitats\nadministracio\nafegir\nagafar\nagenda\najuda\najudes\nantic\narrel\narticle\narticles\narxiu\narxius\nborsa\nbotiga\n"
},
{
"path": "wordlist/general/common.txt",
"chars": 6520,
"preview": "@\n00\n01\n02\n03\n1\n10\n100\n1000\n123\n2\n20\n200\n2000\n2001\n2002\n2003\n2004\n2005\n3\na\naa\naaa\nabc\nabout\nacademic\naccess\naccessgrante"
},
{
"path": "wordlist/general/euskera.txt",
"chars": 278,
"preview": "administrazio \nadministrazioa\nargitalpenak\nartxiboa\nataria\naupa\naurrera\nbai\nberri\nbidali\nbilatu\nbuzoia\ndataz\ndokumentuak"
},
{
"path": "wordlist/general/extensions_common.txt",
"chars": 141,
"preview": "/\n.asp\n.aspx\n.bat\n.c\n.cfm\n.cgi\n.com\n.dll\n.exe\n.htm\n.html\n.inc\n.jhtml\n.jsa\n.jsp\n.log\n.mdb\n.nsf\n.php\n.phtml\n.pl\n.reg\n.sh\n."
},
{
"path": "wordlist/general/http_methods.txt",
"chars": 238,
"preview": "ACL\nCHECKIN\nCHECKOUT\nCONNECT\nCOPY\nDELETE\nGET\nHEAD\nINDEX\nLINK\nLOCK\nMKCOL\nMOVE\nNOEXISTE\nOPTIONS\nORDERPATCH\nPATCH\nPOST\nPROP"
},
{
"path": "wordlist/general/medium.txt",
"chars": 11892,
"preview": "@\n0\n00\n01\n02\n03\n1\n10\n100\n1000\n123\n2\n20\n200\n2000\n2001\n2002\n2003\n3\na\naa\naaa\nabajo\nabc\nabout\nacademia\nacademic\nacces\nacceso"
},
{
"path": "wordlist/general/megabeast.txt",
"chars": 409592,
"preview": "Aarhus\nAaron\nAbaba\naback\nabaft\nabandon\nabandoned\nabandoning\nabandonment\nabandons\nabase\nabased\nabasement\nabasements\nabase"
},
{
"path": "wordlist/general/mutations_common.txt",
"chars": 239,
"preview": "~\n.001\n.002\n.1\n.2\n.7z\n.back\n.backup\n.bak\n.bakup\n.bas\n.bz2\n.c\n.conf\n.copia\n.core\n.cpp\n.dat\n.db\n.default\n.dll\n.doc\n.ini\n.j"
},
{
"path": "wordlist/general/spanish.txt",
"chars": 2113,
"preview": "abajo\nacceso\nacciones\nactividad\nactividades\nactual\nadministracion\nadminsitradores\nagenda\nalias\nalmacen\nantiguo\naplicacio"
},
{
"path": "wordlist/general/test.txt",
"chars": 72,
"preview": "classes\ncss\ndocs\nenvironment\nimages\nincludes\nmaster\nprueba\nscripts\ntest\n"
}
]
// ... and 35 more files (download for full content)
About this extraction
This page contains the full source code of the xmendez/wfuzz GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 235 files (1.7 MB), approximately 595.5k tokens, and a symbol index with 1288 extracted functions, classes, methods, constants, and types. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.