Stephen, On Wed, May 9, 2012 at 2:58 PM, Stephen Breen <breen.mach...@gmail.com> wrote: > I've been working on an HTTP Parameter Pollution plugin a little bit lately > and noticed that the append functionality of createMutants in > core/data/fuzzer/fuzzer.py doesn't seem to work, unless I'm misunderstanding > its use. I've fixed it for my current purposes (simple query string mutants) > by changing line 501 in fuzzer.py which is part of the _createMutantsWorker > method as follows:
I think your finding is correct, it seems to be a bug. > Index: core/data/fuzzer/fuzzer.py > =================================================================== > --- core/data/fuzzer/fuzzer.py (revision 5000) > +++ core/data/fuzzer/fuzzer.py (working copy) > @@ -498,7 +498,10 @@ > m.setVar( pname, index=element_index ) > m.setDc( dc_copy ) > m.setOriginalValue( original_value ) > - m.setModValue( mutant_str ) > + if(append): > + m.setModValue( original_value+''+mutant_str ) > + else: > + m.setModValue( mutant_str ) > > # Done, add it to the result > result.append( m ) The patch seems to have a syntax error here: original_value+''+mutant_str (note the " in the middle of the two +). It looks like we need more unit-testing for the fuzzer in order to avoid things like this! Any takers for that task? Once the patch is fixed and tested, please send again and I'll commit it. > I'm not sure if any other methods in fuzzer.py should also be fixed since > I've never used them before. Looking at the code it's a little unclear; > _createFileNameMutants and _createUrlPartsMutants do something with the > append flag but I haven't tested it to be sure. > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > W3af-develop mailing list > W3af-develop@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/w3af-develop > -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
