Fuzzing
- class Fuzz(project, flow, fuzzing_point, flags=0)[source]
Fuzz an input.
- __init__(project, flow, fuzzing_point, flags=0)[source]
Initialize the Fuzz object.
Given a
Flow
, a fuzzing point (in case of Raider this should be aPlugin
), and a function, run the attack. The function is used to generate the strings to be used for fuzzing. Thefuzzing_point
attribute should contain the name of the plugin.- Parameters
project (
Project
) – AnProject
object.fuzzing_point (
str
) – The name given to thePlugin
which should be fuzzed.fuzzing_generator – A function which returns a Python generator, that will create the strings that will be used for fuzzing. The function should accept one argument. This will be the value of the plugin before fuzzing. It can be considered when building the fuzzing list, or ignored.
- set_input_file(filename, prepend=False, append=False)[source]
Sets the input file for the fuzzer.
Uses the input file to generate fuzzing strings, and sets the generator function to return those values.
- Return type
None
- attack_function()[source]
Attacks a flow defined in
_functions
.Fuzz blindly the Flow object. It doesn’t take into account the authentication process, so this function is useful for fuzzing stuff as an already authenticated user.
- attack_authentication()[source]
Attacks a Flow defined in
_authentication
.Unlike
attack_function
, this will take into account the finite state machine defined in the hyfiles. This should be used when the authentication process can be altered by the fuzzing, for example if some token needs to be extracted again from a previous authentication step for fuzzing to work.It will first follow the authentication process until reaching the desired state, then it will try fuzzing it, and if a
Next
operation is encountered, it will follow the instruction and move to this flow, then continue fuzzing.- Return type
None
- property is_authentication: bool
Returns True if the IS_AUTHENTICATION flag is set.
- Return type
bool