static Attack buildTransformationAttack(IHttpRequestResponse baseRequestResponse, IScannerInsertionPoint insertionPoint, String leftAnchor, String payload, String rightAnchor) { IHttpRequestResponse req = attemptRequest(baseRequestResponse.getHttpService(), insertionPoint.buildRequest(helpers.stringToBytes(insertionPoint.getBaseValue() + leftAnchor + payload + rightAnchor))); return new Attack(Utilities.highlightRequestResponse(req, leftAnchor, leftAnchor+payload+rightAnchor, insertionPoint), null, payload, ""); }
static Attack buildTransformationAttack(IHttpRequestResponse baseRequestResponse, IScannerInsertionPoint insertionPoint, String leftAnchor, String payload, String rightAnchor) { IHttpRequestResponse req = attemptRequest(baseRequestResponse.getHttpService(), insertionPoint.buildRequest(helpers.stringToBytes(insertionPoint.getBaseValue() + leftAnchor + payload + rightAnchor))); return new Attack(Utilities.highlightRequestResponse(req, leftAnchor, leftAnchor+payload+rightAnchor, insertionPoint), null, payload, ""); }
private Attack buildAttackFromProbe(Probe probe, String payload) { boolean randomAnchor = probe.getRandomAnchor(); byte prefix = probe.getPrefix(); String anchor = ""; if (randomAnchor) { anchor = Utilities.generateCanary(); } //else { // payload = payload.replace("z", Utilities.generateCanary()); //} String base_payload = payload; if (prefix == Probe.PREPEND) { payload += insertionPoint.getBaseValue(); } else if (prefix == Probe.APPEND) { payload = insertionPoint.getBaseValue() + anchor + payload; } else if (prefix == Probe.REPLACE) { // payload = payload; } else { Utilities.err("Unknown payload position"); } IHttpRequestResponse req = buildRequest(payload, probe.useCacheBuster()); if(randomAnchor) { req = Utilities.highlightRequestResponse(req, anchor, anchor, insertionPoint); } return new Attack(req, probe, base_payload, anchor); }
private Attack buildAttackFromProbe(Probe probe, String payload) { boolean randomAnchor = probe.getRandomAnchor(); byte prefix = probe.getPrefix(); String anchor = ""; if (randomAnchor) { anchor = Utilities.generateCanary(); } //else { // payload = payload.replace("z", Utilities.generateCanary()); //} String base_payload = payload; if (prefix == Probe.PREPEND) { payload += insertionPoint.getBaseValue(); } else if (prefix == Probe.APPEND) { payload = insertionPoint.getBaseValue() + anchor + payload; } else if (prefix == Probe.REPLACE) { // payload = payload; } else { Utilities.err("Unknown payload position"); } IHttpRequestResponse req = buildRequest(payload, probe.useCacheBuster()); if(randomAnchor) { req = Utilities.highlightRequestResponse(req, anchor, anchor, insertionPoint); } return new Attack(req, probe, base_payload, anchor); }