diff --git a/afl.go b/afl.go index 8e469f6..c450186 100644 --- a/afl.go +++ b/afl.go @@ -46,6 +46,10 @@ func runAFL(fuzzingPath string, fuzzerNumber int) { createScript(fuzzingPath, i) createSeed(fuzzingPath, i) + u, _ := url.Parse(fuzzStat.Targets[i].TargetPath) + os.Setenv("SCRIPT_FILENAME", "/app" + u.Path) + fmt.Println("SCRIPT_FILENAME" + "/app" + u.Path) + // cmd := exec.Command("sh", fuzzingPath + "/run.sh") cmd := exec.Command(script[1], script[2:]...) stdout, _ := cmd.StdoutPipe() @@ -248,7 +252,7 @@ func createFuzzStat(fuzzingPath string) { fuzzStat.Targets = []fuzzTarget{} for key, value := range requestData.RequestsFound { - targetURL := strings.Split(value.URL, "?")[0] + targetURL := strings.Split(value.URLString, "?")[0] method := strings.Split(key, " ")[0] _, exist := uniqCheck[targetURL] @@ -263,7 +267,7 @@ func createFuzzStat(fuzzingPath string) { Methods: make(map[string]int), } - tempFuzzTarget.TargetPath = strings.Split(value.URL, "?")[0] + tempFuzzTarget.TargetPath = strings.Split(value.URLString, "?")[0] tempFuzzTarget.Requests = append(tempFuzzTarget.Requests, key) tempFuzzTarget.Methods[method] = 1 diff --git a/json/config.json b/json/config.json index 103dca3..917ca6f 100644 --- a/json/config.json +++ b/json/config.json @@ -1,23 +1,23 @@ { "testname": "test", - "afl_path": "/afl", - "target_binary": "/httpreqr --json --url ", - "base_url": "http://localhost:@@PORT_INCREMENT@@/", - "base_port": 3000, - "timeout" : 60, + "afl_path": "/afl/", + "target_binary": "/usr/local/bin/php-cgi ", + "base_url": "http://localhost:{PORT}", + "base_port": 80, + "timeout" : 200, "ld_library_path": "/lib", "ld_preload": "/lib/hook_recv.so", "memory": "8G", "first_crash": true, "cores": 1, "login": { - "url": "http://localhost", - "port": 3000, - "postData": "id=admin&pw=admin", + "url": "http://localhost/login.php", + "port": 80, + "postData": "username=admin&password=admin&&Login=Login", "getData": "id=guest&pw=guest", - "positiveHeaders": {"content-type": "Application/json"}, + "positiveHeaders": {"content-type": "application/x-www-form-urlencoded"}, "positiveBody": "", "method": "POST", - "loginSessionCookie" : "" + "loginSessionCookie" : "PHPSESSID" } -} \ No newline at end of file +} diff --git a/json/request_data.json b/json/request_data.json index 7a58ea4..1ca5c8f 100644 --- a/json/request_data.json +++ b/json/request_data.json @@ -1,589 +1,66 @@ { - "requestsFound":{ - "GET http://localhost:8080/login ":{ - "_id":1, - "_urlstr":"http://localhost:8080/login", - "_method":"GET", - "_postData":"", - "_headers":{ - }, - "_resourceType":"endpoint", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/login", - "attempts":1, - "processed":2, - "from":"", - "key":"GET http://localhost:8080/login ", - "response_status":200, - "response_content-type":"text/html; charset=UTF-8" - }, - "GET http://localhost:8080/cmdi ":{ - "_id":2, - "_urlstr":"http://localhost:8080/cmdi", - "_method":"GET", - "_postData":"", - "_headers":{ - }, - "_resourceType":"endpoint", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/cmdi", - "attempts":1, - "processed":2, - "from":"", - "key":"GET http://localhost:8080/cmdi ", - "response_status":200, - "response_content-type":"text/html; charset=UTF-8" - }, - "GET http://localhost:8080/message ":{ - "_id":3, - "_urlstr":"http://localhost:8080/message", - "_method":"GET", - "_postData":"", - "_headers":{ - }, - "_resourceType":"endpoint", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/message", - "attempts":1, - "processed":2, - "from":"", - "key":"GET http://localhost:8080/message ", - "response_status":200, - "response_content-type":"text/html; charset=UTF-8" - }, - "POST http://localhost:8080/login username=W'tcher&password=Witcher":{ - "_id":4, - "_urlstr":"http://localhost:8080/login", - "_method":"POST", - "_postData":"username=W'tcher&password=Witcher", - "_headers":{ - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-platform":"\"Linux\"", - "referer":"http://localhost:8080/login", - "sec-ch-ua-mobile":"?0", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "content-type":"application/json", - "accept":"*/*", - "origin":"http://localhost:8080" - }, - "_resourceType":"fetch", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/login", - "attempts":1, - "processed":1, - "from":"InterceptedRequestSelf", - "response_status":200, - "key":"POST http://localhost:8080/login username=W'tcher&password=Witcher", - "response_content-type":"text/html; charset=utf-8" - }, - "POST http://localhost:8080/login username=127.0.0.1&password=Witcher":{ - "_id":5, - "_urlstr":"http://localhost:8080/login", - "_method":"POST", - "_postData":"username=127.0.0.1&password=Witcher", - "_headers":{ - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-platform":"\"Linux\"", - "referer":"http://localhost:8080/login", - "sec-ch-ua-mobile":"?0", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "content-type":"application/json", - "accept":"*/*", - "origin":"http://localhost:8080" - }, - "_resourceType":"fetch", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/login", - "attempts":1, - "processed":1, - "from":"InterceptedRequestSelf", - "response_status":200, - "key":"POST http://localhost:8080/login username=127.0.0.1&password=Witcher", - "response_content-type":"text/html; charset=utf-8" - }, - "GET http://localhost:8080/login?username=127.0.0.1&password=Witcher ":{ - "_id":6, - "_urlstr":"http://localhost:8080/login?username=127.0.0.1&password=Witcher", - "_method":"GET", - "_postData":"", - "_headers":{ - "referer":"http://localhost:8080/login", - "upgrade-insecure-requests":"1", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-mobile":"?0", - "sec-ch-ua-platform":"\"Linux\"", - "accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" - }, - "_resourceType":"document", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/login?username=127.0.0.1&password=Witcher", - "attempts":1, - "processed":1, - "from":"InterceptedRequest", - "key":"GET http://localhost:8080/login?username=127.0.0.1&password=Witcher ", - "response_status":200, - "response_content-type":"text/html; charset=UTF-8" - }, - "POST http://localhost:8080/login username=1998-10-11&password=Wi'cher":{ - "_id":7, - "_urlstr":"http://localhost:8080/login", - "_method":"POST", - "_postData":"username=1998-10-11&password=Wi'cher", - "_headers":{ - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-platform":"\"Linux\"", - "referer":"http://localhost:8080/login", - "sec-ch-ua-mobile":"?0", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "content-type":"application/json", - "accept":"*/*", - "origin":"http://localhost:8080" - }, - "_resourceType":"fetch", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/login", - "attempts":1, - "processed":1, - "from":"InterceptedRequestSelf", - "response_status":200, - "key":"POST http://localhost:8080/login username=1998-10-11&password=Wi'cher", - "response_content-type":"text/html; charset=utf-8" - }, - "POST http://localhost:8080/login username=1998-10-11&password=Witcher":{ - "_id":8, - "_urlstr":"http://localhost:8080/login", - "_method":"POST", - "_postData":"username=1998-10-11&password=Witcher", - "_headers":{ - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-platform":"\"Linux\"", - "referer":"http://localhost:8080/login", - "sec-ch-ua-mobile":"?0", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "content-type":"application/json", - "accept":"*/*", - "origin":"http://localhost:8080" - }, - "_resourceType":"fetch", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/login", - "attempts":1, - "processed":1, - "from":"InterceptedRequestSelf", - "response_status":200, - "key":"POST http://localhost:8080/login username=1998-10-11&password=Witcher" - }, - "GET http://localhost:8080/login?username=1998-10-11&password=Witcher ":{ - "_id":9, - "_urlstr":"http://localhost:8080/login?username=1998-10-11&password=Witcher", - "_method":"GET", - "_postData":"", - "_headers":{ - "referer":"http://localhost:8080/login", - "upgrade-insecure-requests":"1", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-mobile":"?0", - "sec-ch-ua-platform":"\"Linux\"", - "accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" - }, - "_resourceType":"document", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/login?username=1998-10-11&password=Witcher", - "attempts":1, - "processed":1, - "from":"InterceptedRequest", - "key":"GET http://localhost:8080/login?username=1998-10-11&password=Witcher " - }, - "GET http://localhost:8080/login?username=W%27tcher&password=Witcher ":{ - "_id":10, - "_urlstr":"http://localhost:8080/login?username=W%27tcher&password=Witcher", - "_method":"GET", - "_postData":"", - "_headers":{ - "referer":"http://localhost:8080/login", - "upgrade-insecure-requests":"1", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-mobile":"?0", - "sec-ch-ua-platform":"\"Linux\"", - "accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" - }, - "_resourceType":"document", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/login?username=W%27tcher&password=Witcher", - "attempts":1, - "processed":1, - "from":"InterceptedRequest", - "key":"GET http://localhost:8080/login?username=W%27tcher&password=Witcher " - }, - "POST http://localhost:8080/login username=127.0.0.1&password=Wi'cher":{ - "_id":11, - "_urlstr":"http://localhost:8080/login", - "_method":"POST", - "_postData":"username=127.0.0.1&password=Wi'cher", - "_headers":{ - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-platform":"\"Linux\"", - "referer":"http://localhost:8080/login", - "sec-ch-ua-mobile":"?0", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "content-type":"application/json", - "accept":"*/*", - "origin":"http://localhost:8080" - }, - "_resourceType":"fetch", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/login", - "attempts":1, - "processed":1, - "from":"InterceptedRequestSelf", - "response_status":200, - "key":"POST http://localhost:8080/login username=127.0.0.1&password=Wi'cher" - }, - "POST http://localhost:8080/login username=W'tcher&password=Wi'cher":{ - "_id":12, - "_urlstr":"http://localhost:8080/login", - "_method":"POST", - "_postData":"username=W'tcher&password=Wi'cher", - "_headers":{ - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-platform":"\"Linux\"", - "referer":"http://localhost:8080/login", - "sec-ch-ua-mobile":"?0", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "content-type":"application/json", - "accept":"*/*", - "origin":"http://localhost:8080" - }, - "_resourceType":"fetch", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/login", - "attempts":1, - "processed":1, - "from":"InterceptedRequestSelf", - "response_status":200, - "key":"POST http://localhost:8080/login username=W'tcher&password=Wi'cher" - }, - "GET http://localhost:8080/login?username=1998-10-11&password=Wi%27cher ":{ - "_id":13, - "_urlstr":"http://localhost:8080/login?username=1998-10-11&password=Wi%27cher", - "_method":"GET", - "_postData":"", - "_headers":{ - "referer":"http://localhost:8080/login", - "upgrade-insecure-requests":"1", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-mobile":"?0", - "sec-ch-ua-platform":"\"Linux\"", - "accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" - }, - "_resourceType":"document", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/login?username=1998-10-11&password=Wi%27cher", - "attempts":1, - "processed":1, - "from":"InterceptedRequest", - "key":"GET http://localhost:8080/login?username=1998-10-11&password=Wi%27cher " - }, - "GET http://localhost:8080/login?username=127.0.0.1&password=Wi%27cher ":{ - "_id":14, - "_urlstr":"http://localhost:8080/login?username=127.0.0.1&password=Wi%27cher", - "_method":"GET", - "_postData":"", - "_headers":{ - "referer":"http://localhost:8080/login", - "upgrade-insecure-requests":"1", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-mobile":"?0", - "sec-ch-ua-platform":"\"Linux\"", - "accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" - }, - "_resourceType":"document", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/login?username=127.0.0.1&password=Wi%27cher", - "attempts":1, - "processed":0, - "from":"InterceptedRequest" - }, - "GET http://localhost:8080/login?username=W%27tcher&password=Wi%27cher ":{ - "_id":15, - "_urlstr":"http://localhost:8080/login?username=W%27tcher&password=Wi%27cher", - "_method":"GET", - "_postData":"", - "_headers":{ - "referer":"http://localhost:8080/login", - "upgrade-insecure-requests":"1", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-mobile":"?0", - "sec-ch-ua-platform":"\"Linux\"", - "accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" - }, - "_resourceType":"document", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/login?username=W%27tcher&password=Wi%27cher", - "attempts":1, - "processed":0, - "from":"InterceptedRequest" - }, - "POST http://localhost:8080/cmdi command=1998-10-11":{ - "_id":16, - "_urlstr":"http://localhost:8080/cmdi", - "_method":"POST", - "_postData":"command=1998-10-11", - "_headers":{ - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-platform":"\"Linux\"", - "referer":"http://localhost:8080/cmdi", - "sec-ch-ua-mobile":"?0", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "content-type":"application/json", - "accept":"*/*", - "origin":"http://localhost:8080" - }, - "_resourceType":"fetch", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/cmdi", - "attempts":1, - "processed":1, - "from":"InterceptedRequestSelf", - "response_status":200, - "key":"POST http://localhost:8080/cmdi command=1998-10-11", - "response_content-type":"text/html; charset=utf-8" - }, - "POST http://localhost:8080/cmdi command=127.0.0.1":{ - "_id":17, - "_urlstr":"http://localhost:8080/cmdi", - "_method":"POST", - "_postData":"command=127.0.0.1", - "_headers":{ - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-platform":"\"Linux\"", - "referer":"http://localhost:8080/cmdi", - "sec-ch-ua-mobile":"?0", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "content-type":"application/json", - "accept":"*/*", - "origin":"http://localhost:8080" - }, - "_resourceType":"fetch", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/cmdi", - "attempts":1, - "processed":1, - "from":"InterceptedRequestSelf", - "response_status":200, - "key":"POST http://localhost:8080/cmdi command=127.0.0.1", - "response_content-type":"text/html; charset=utf-8" - }, - "GET http://localhost:8080/cmdi?command=127.0.0.1 ":{ - "_id":18, - "_urlstr":"http://localhost:8080/cmdi?command=127.0.0.1", - "_method":"GET", - "_postData":"", - "_headers":{ - "referer":"http://localhost:8080/cmdi", - "upgrade-insecure-requests":"1", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-mobile":"?0", - "sec-ch-ua-platform":"\"Linux\"", - "accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" - }, - "_resourceType":"document", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/cmdi?command=127.0.0.1", - "attempts":1, - "processed":1, - "from":"InterceptedRequest", - "key":"GET http://localhost:8080/cmdi?command=127.0.0.1 ", - "response_status":200, - "response_content-type":"text/html; charset=UTF-8" - }, - "GET http://localhost:8080/cmdi?command=1998-10-11 ":{ - "_id":19, - "_urlstr":"http://localhost:8080/cmdi?command=1998-10-11", - "_method":"GET", - "_postData":"", - "_headers":{ - "referer":"http://localhost:8080/cmdi", - "upgrade-insecure-requests":"1", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-mobile":"?0", - "sec-ch-ua-platform":"\"Linux\"", - "accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" - }, - "_resourceType":"document", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/cmdi?command=1998-10-11", - "attempts":1, - "processed":1, - "from":"InterceptedRequest", - "key":"GET http://localhost:8080/cmdi?command=1998-10-11 " - }, - "POST http://localhost:8080/cmdi command=W'tcher":{ - "_id":20, - "_urlstr":"http://localhost:8080/cmdi", - "_method":"POST", - "_postData":"command=W'tcher", - "_headers":{ - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-platform":"\"Linux\"", - "referer":"http://localhost:8080/cmdi", - "sec-ch-ua-mobile":"?0", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "content-type":"application/json", - "accept":"*/*", - "origin":"http://localhost:8080" - }, - "_resourceType":"fetch", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/cmdi", - "attempts":1, - "processed":1, - "from":"InterceptedRequestSelf", - "response_status":200, - "key":"POST http://localhost:8080/cmdi command=W'tcher" - }, - "GET http://localhost:8080/cmdi?command=W%27tcher ":{ - "_id":21, - "_urlstr":"http://localhost:8080/cmdi?command=W%27tcher", - "_method":"GET", - "_postData":"", - "_headers":{ - "referer":"http://localhost:8080/cmdi", - "upgrade-insecure-requests":"1", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-mobile":"?0", - "sec-ch-ua-platform":"\"Linux\"", - "accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" - }, - "_resourceType":"document", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/cmdi?command=W%27tcher", - "attempts":1, - "processed":1, - "from":"InterceptedRequest", - "key":"GET http://localhost:8080/cmdi?command=W%27tcher " - }, - "POST http://localhost:8080/message message=127.0.0.1":{ - "_id":22, - "_urlstr":"http://localhost:8080/message", - "_method":"POST", - "_postData":"message=127.0.0.1", - "_headers":{ - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-platform":"\"Linux\"", - "referer":"http://localhost:8080/message", - "sec-ch-ua-mobile":"?0", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "content-type":"application/json", - "accept":"*/*", - "origin":"http://localhost:8080" - }, - "_resourceType":"fetch", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/message", - "attempts":1, - "processed":1, - "from":"InterceptedRequestSelf", - "response_status":200, - "key":"POST http://localhost:8080/message message=127.0.0.1" - }, - "POST http://localhost:8080/message message=1998-10-11":{ - "_id":23, - "_urlstr":"http://localhost:8080/message", - "_method":"POST", - "_postData":"message=1998-10-11", - "_headers":{ - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-platform":"\"Linux\"", - "referer":"http://localhost:8080/message", - "sec-ch-ua-mobile":"?0", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "content-type":"application/json", - "accept":"*/*", - "origin":"http://localhost:8080" - }, - "_resourceType":"fetch", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/message", - "attempts":1, - "processed":1, - "from":"InterceptedRequestSelf", - "response_status":200, - "key":"POST http://localhost:8080/message message=1998-10-11" - }, - "POST http://localhost:8080/message message=W'tcher":{ - "_id":24, - "_urlstr":"http://localhost:8080/message", - "_method":"POST", - "_postData":"message=W'tcher", - "_headers":{ - "sec-ch-ua":"\"Chromium\";v=\"117\", \"Not;A=Brand\";v=\"8\"", - "sec-ch-ua-platform":"\"Linux\"", - "referer":"http://localhost:8080/message", - "sec-ch-ua-mobile":"?0", - "user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/117.0.0.0 Safari/537.36", - "content-type":"application/json", - "accept":"*/*", - "origin":"http://localhost:8080" - }, - "_resourceType":"fetch", - "multipleParamKeys":{ - }, - "_url":"http://localhost:8080/message", - "attempts":1, - "processed":1, - "from":"InterceptedRequestSelf", - "response_status":200, - "key":"POST http://localhost:8080/message message=W'tcher" + "requestsFound": { + "GET http://localhost/vulnerabilities/sqli/index.php?id=cr'awlergo%40gmail.com&Submit=Submit": { + "url": "http://localhost/vulnerabilities/sqli/index.php?id=c'rawlergo%40gmail.com&Submit=Submit", + "method": "GET", + "headers": { + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7", + "Cookie": "PHPSESSID=78c68eb138c4182a9b43deeb2124f38d; security=low", + "Referer": "http://localhost/vulnerabilities/sqli/", + "Upgrade-Insecure-Requests": "1", + "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36", + "sec-ch-ua": "\"HeadlessChrome\";v=\"119\", \"Chromium\";v=\"119\", \"Not?A_Brand\";v=\"24\"", + "sec-ch-ua-mobile": "?0", + "sec-ch-ua-platform": "\"Linux\"" + }, + "data": "", + "source": "XHR" + }, + "GET http://localhost/vulnerabilities/sqli_blind/index.php?id=craw'lergo%40gmail.com&Submit=Submit": { + "url": "http://localhost/vulnerabilities/sqli_blind/index.php?id=craw'lergo%40gmail.com&Submit=Submit", + "method": "GET", + "headers": { + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7", + "Cookie": "PHPSESSID=78c68eb138c4182a9b43deeb2124f38d; security=low", + "Referer": "http://localhost/vulnerabilities/sqli_blind/", + "Upgrade-Insecure-Requests": "1", + "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36", + "sec-ch-ua": "\"HeadlessChrome\";v=\"119\", \"Chromium\";v=\"119\", \"Not?A_Brand\";v=\"24\"", + "sec-ch-ua-mobile": "?0", + "sec-ch-ua-platform": "\"Linux\"" + }, + "data": "", + "source": "XHR" } - }, - "inputSet":[ - "password=Witcher", - "username=W'tcher", - "username=127.0.0.1", - "username=1998-10-11", - "password=Wi'cher", - "username=W%27tcher", - "password=Wi%27cher", - "command=1998-10-11", - "command=127.0.0.1", - "command=W'tcher", - "command=W%27tcher", - "message=127.0.0.1", - "=127.0.0.1", - "message=1998-10-11", - "message=W'tcher" - ] -} \ No newline at end of file + }, + "inputSet": [ + "page=include.php", + "redirect=info.php?id=1", + "security=low", + "locale=en", + "id=open_redirect", + "id=fi", + "page=file1.php", + "page=file2.php", + "page=file3.php", + "id=upload", + "id=sqli", + "id=gordonb", + "Submit=Submit", + "id=sqli_blind", + "id=exec", + "ip=Crawlergo", + "id=brute", + "username=gordonb", + "password=abc123", + "Login=Login", + "default=English", + "id=xss_d", + "id=weak_id", + "txtName=Cgroarwdol", + "mtxMessage=", + "id=1", + "user_token=065b7a53f8f8bfc4505b5873fdd40067" + ] +} + diff --git a/main.go b/main.go index 6f8faa6..5d5fda5 100644 --- a/main.go +++ b/main.go @@ -31,7 +31,7 @@ func main() { fmt.Println("------------------------------------------------------------") - // Login() + Login() // fmt.Println("------------------------------------------------------------") diff --git a/requestParser.go b/requestParser.go index 17d342c..2c6fb1b 100644 --- a/requestParser.go +++ b/requestParser.go @@ -10,20 +10,20 @@ import ( var requestData RequestData type RequestInfo struct { - ID int `json:"_id"` - URLString string `json:"_urlstr"` - Method string `json:"_method"` - PostData string `json:"_postData"` - Headers map[string]string `json:"_headers"` - ResourceType string `json:"_resourceType"` - MultipleParamKeys map[string]interface{} `json:"multipleParamKeys"` - URL string `json:"_url"` - Attempts int `json:"attempts"` - Processed int `json:"processed"` - From string `json:"from"` - Key string `json:"key"` - ResponseStatus int `json:"response_status"` - ResponseContentType string `json:"response_content-type"` + // ID int `json:"_id"` + URLString string `json:"url"` + Method string `json:"method"` + PostData string `json:data"` + Headers map[string]string `json:"headers"` + // ResourceType string `json:"_resourceType"` + // MultipleParamKeys map[string]interface{} `json:"multipleParamKeys"` + // URL string `json:"_url"` + // Attempts int `json:"attempts"` + // Processed int `json:"processed"` + // From string `json:"from"` + // Key string `json:"key"` + // ResponseStatus int `json:"response_status"` + // ResponseContentType string `json:"response_content-type"` } type InputSet []string @@ -51,20 +51,20 @@ func printRequest() { for key, value := range requestData.RequestsFound { fmt.Printf(" %-20v\n", key) - fmt.Printf(" %-20v %v\n", "ID:", value.ID) + // fmt.Printf(" %-20v %v\n", "ID:", value.ID) fmt.Printf(" %-20v %v\n", "URLString:", value.URLString) fmt.Printf(" %-20v %v\n", "Method:", value.Method) fmt.Printf(" %-20v %v\n", "PostData:", value.PostData) fmt.Printf(" %-20v %v\n", "Headers:", value.Headers) - fmt.Printf(" %-20v %v\n", "ResourceType:", value.ResourceType) - fmt.Printf(" %-20v %v\n", "MultipleParamKeys:", value.MultipleParamKeys) - fmt.Printf(" %-20v %v\n", "URL:", value.URL) - fmt.Printf(" %-20v %v\n", "Attempts:", value.Attempts) - fmt.Printf(" %-20v %v\n", "Processed:", value.Processed) - fmt.Printf(" %-20v %v\n", "From:", value.From) - fmt.Printf(" %-20v %v\n", "Key:", value.Key) - fmt.Printf(" %-20v %v\n", "ResponseStatus:", value.ResponseStatus) - fmt.Printf(" %-20v %v\n", "ResponseContentType:", value.ResponseContentType) + // fmt.Printf(" %-20v %v\n", "ResourceType:", value.ResourceType) + // fmt.Printf(" %-20v %v\n", "MultipleParamKeys:", value.MultipleParamKeys) + // fmt.Printf(" %-20v %v\n", "URL:", value.URL) + // fmt.Printf(" %-20v %v\n", "Attempts:", value.Attempts) + // fmt.Printf(" %-20v %v\n", "Processed:", value.Processed) + // fmt.Printf(" %-20v %v\n", "From:", value.From) + // fmt.Printf(" %-20v %v\n", "Key:", value.Key) + // fmt.Printf(" %-20v %v\n", "ResponseStatus:", value.ResponseStatus) + // fmt.Printf(" %-20v %v\n", "ResponseContentType:", value.ResponseContentType) } fmt.Printf("%-20v %v\n", "InputSet:", requestData.InputSet) diff --git a/timer.go b/timer.go index f2d73a0..73e96ad 100644 --- a/timer.go +++ b/timer.go @@ -26,7 +26,7 @@ func runTimer(fuzzingPath string, timeout int) { default: progress := float64(i) / float64(timeout) * 100 - files, err := ioutil.ReadDir(fuzzingPath + "/output/default/crashes") + files, err := ioutil.ReadDir(fuzzingPath + "/output/crashes") if err != nil { panic(err)