|
| 1 | +# Version 1.0 |
| 2 | +# @author RUFFENACH Timothée |
| 3 | +# Script inspired from https://02108124551050482571.googlegroups.com/attach/54c6e34f6fe20/message_processor.js?part=0.1&view=1&vt=ANaJVrEJuACewYorhYYa_zyhyMSug06pmlERCqfYdLsukQBC3OW3LATuXG1WHk_Fw9a0nhexG8ykFDuFgBGYrKAg_pOQ61M36MwC9SOBGvK4KLZn3eDkNzY (dot run on owasp 2.12.0) |
| 4 | +# The script fuzz in mode pitchfork. |
| 5 | +# To Use : Enable script. |
| 6 | +# In fuzzer Add 2 EmptyNull with good number. |
| 7 | +# Select two 2 files and launch the fuzzer. |
| 8 | + |
| 9 | +from java.nio.file import Paths |
| 10 | +from javax.swing import JFileChooser |
| 11 | +from org.zaproxy.zap.extension.fuzz.payloads.generator import FileStringPayloadGenerator |
| 12 | + |
| 13 | +payloads1 = None |
| 14 | +payloads2 = None |
| 15 | +init = False |
| 16 | + |
| 17 | +def processMessage(utils, message): |
| 18 | + global payloads1, payloads2, init |
| 19 | + |
| 20 | + if not init: |
| 21 | + initialise() |
| 22 | + |
| 23 | + # Stop if has end of payloads |
| 24 | + if not (payloads1.hasNext() and payloads2.hasNext()): |
| 25 | + utils.stopFuzzer() |
| 26 | + payloads1.close() |
| 27 | + payloads2.close() |
| 28 | + return |
| 29 | + |
| 30 | + # Get the next value of payloas |
| 31 | + payload1 = payloads1.next().getValue() |
| 32 | + payload2 = payloads2.next().getValue() |
| 33 | + |
| 34 | + # Get information of body and replace with payload value |
| 35 | + body = message.getRequestBody().toString() |
| 36 | + body = body.replace(utils.getPaylaods().get(0).getValue(), payload1) |
| 37 | + body = body.replace(utils.getPaylaods().get(1).getValue(), payload2) |
| 38 | + |
| 39 | + # Set payload value to show in Fuzzer |
| 40 | + utils.getPaylaods().set(0, payload1) |
| 41 | + utils.getPaylaods().set(1, payload2) |
| 42 | + |
| 43 | + # Apply the payload in body |
| 44 | + message.getRequestBody().setBody(body) |
| 45 | + message.getRequestHeader().setContentLength(message.getRequestBody().length()) |
| 46 | + |
| 47 | +def processResult(utils, fuzzResult): |
| 48 | + return True |
| 49 | + |
| 50 | +def initialise(): |
| 51 | + global payloads1, payloads2, init |
| 52 | + |
| 53 | + # Choose file1 for first payload |
| 54 | + fileChooser = JFileChooser() |
| 55 | + fileChooser.setMultiSelectionEnabled(True) |
| 56 | + filePath1 = "" |
| 57 | + result = fileChooser.showOpenDialog(None) |
| 58 | + |
| 59 | + if result == JFileChooser.APPROVE_OPTION: |
| 60 | + selectedFiles = fileChooser.getSelectedFiles() |
| 61 | + for file in selectedFiles: |
| 62 | + filePath1 = file.getAbsolutePath() |
| 63 | + print('The path is :', filePath1) |
| 64 | + |
| 65 | + # Choose file2 for second payload |
| 66 | + fileChooser = JFileChooser() |
| 67 | + fileChooser.setMultiSelectionEnabled(True) |
| 68 | + filePath2 = "" |
| 69 | + result = fileChooser.showOpenDialog(None) |
| 70 | + |
| 71 | + if result == JFileChooser.APPROVE_OPTION: |
| 72 | + selectedFiles = fileChooser.getSelectedFiles() |
| 73 | + for file in selectedFiles: |
| 74 | + filePath2 = file.getAbsolutePath() |
| 75 | + print('The path is :', filePath2) |
| 76 | + |
| 77 | + # Setup path |
| 78 | + file1 = Paths.get(filePath1) |
| 79 | + file2 = Paths.get(filePath2) |
| 80 | + |
| 81 | + # Get payload in file to var payloads |
| 82 | + payloads1 = FileStringPayloadGenerator(file1).iterator() |
| 83 | + payloads2 = FileStringPayloadGenerator(file2).iterator() |
| 84 | + init = True |
0 commit comments