instrospection for accessing any fuzzres attr in wfuzz payload (refs …

…#386)
MaxNcu · Feb 22, 2015 · e9d8971 · e9d8971
1 parent 4510726
commit e9d8971
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 4 deletions.
diff --git a/framework/plugins/api/payloadtools.py b/framework/plugins/api/payloadtools.py
@@ -5,6 +5,31 @@
 import urllib2
 import json
 
+class FuzzResPayload:
+    def __init__(self, default_param, extra_params):
+	self._it = None
+
+	if extra_params:
+	    self._attr = "url" if not extra_params.has_key('attr') else extra_params['attr']
+	    self._params = extra_params['attr_params'].split("-") if extra_params.has_key('attr_params') else []
+	else:
+	    self._attr = "url"
+	    self._params = []
+
+    def next(self):
+	try:
+	    attr = reduce(lambda x, y: getattr(x, y), self._attr.split("."), self._it.next())
+	except AttributeError:
+	    raise FuzzException(FuzzException.FATAL, "Unknown fuzz result attribute.")
+
+	try:
+	    if callable(attr):
+		attr = attr(*self._params)
+
+	except TypeError:
+	    raise FuzzException(FuzzException.FATAL, "Incorrect paramaters specified for Fuzz result attribute.")
+
+	return str(attr)
 
 def filter_results(extra_params, itera):
     ffilter = None

diff --git a/framework/plugins/base.py b/framework/plugins/base.py
@@ -64,6 +64,7 @@ def add_kbase(self, key, value):
 
 class DiscoveryPlugin(BasePlugin):
     def __init__(self):
+	BasePlugin.__init__(self)
 	self.black_list = self.get_kbase("discovery.blacklist")[0].split("-")
 
     def blacklisted_extension(self, url):

diff --git a/plugins/payloads.py b/plugins/payloads.py
@@ -8,6 +8,7 @@
 from framework.fuzzer.base import wfuzz_iterator
 from framework.plugins.api.payloadtools import BingIter
 from framework.plugins.api.payloadtools import range_results, filter_results
+from framework.plugins.api.payloadtools import FuzzResPayload
 
 @wfuzz_iterator
 class file:
@@ -400,13 +401,14 @@ def next(self):
 	return self._it.next()
 
 @wfuzz_iterator
-class wfuzz:
+class wfuzz(FuzzResPayload):
     name = "wfuzz"
     description = "Returns fuzz results' URL from a previous stored wfuzz session."
     category = ["default"]
     priority = 99
 
     def __init__(self, default_param, extra_params):
+	FuzzResPayload.__init__(self, default_param, extra_params)
 	self.__max = -1
 	self._it = range_results(extra_params, filter_results(extra_params, self._gen_wfuzz(default_param)))
 
@@ -416,9 +418,6 @@ def __iter__(self, default_param, extra):
     def count(self):
 	return self.__max
 
-    def next(self):
-	return self._it.next().url
-
     def _gen_wfuzz(self, output_fn):
 	try:
 	    with gzip.open(output_fn, 'r+b') as output: