Class: Watobo::Gui::FuzzRequestEditor

Inherits:
RequestEditor show all
Defined in:
lib/watobo/gui/fuzzer_gui.rb

Constant Summary

Constants included from Constants

Constants::AC_GROUP_APACHE, Constants::AC_GROUP_DOMINO, Constants::AC_GROUP_ENUMERATION, Constants::AC_GROUP_FILE_INCLUSION, Constants::AC_GROUP_FLASH, Constants::AC_GROUP_GENERIC, Constants::AC_GROUP_JBOSS, Constants::AC_GROUP_JOOMLA, Constants::AC_GROUP_SAP, Constants::AC_GROUP_SQL, Constants::AC_GROUP_TYPO3, Constants::AC_GROUP_XSS, Constants::AUTH_TYPE_BASIC, Constants::AUTH_TYPE_DIGEST, Constants::AUTH_TYPE_NONE, Constants::AUTH_TYPE_NTLM, Constants::AUTH_TYPE_UNKNOWN, Constants::CHAT_SOURCE_AUTO_SCAN, Constants::CHAT_SOURCE_FUZZER, Constants::CHAT_SOURCE_INTERCEPT, Constants::CHAT_SOURCE_MANUAL, Constants::CHAT_SOURCE_MANUAL_SCAN, Constants::CHAT_SOURCE_PROXY, Constants::CHAT_SOURCE_UNDEF, Constants::DEFAULT_PORT_HTTP, Constants::DEFAULT_PORT_HTTPS, Constants::FINDING_TYPE_HINT, Constants::FINDING_TYPE_INFO, Constants::FINDING_TYPE_UNDEFINED, Constants::FINDING_TYPE_VULN, Constants::FIRST_TIME_FILE, Constants::GUI_REGULAR_FONT_SIZE, Constants::GUI_SMALL_FONT_SIZE, Constants::ICON_PATH, Constants::LOG_DEBUG, Constants::LOG_INFO, Constants::SCAN_CANCELED, Constants::SCAN_FINISHED, Constants::SCAN_PAUSED, Constants::SCAN_STARTED, Constants::TE_CHUNKED, Constants::TE_COMPRESS, Constants::TE_DEFLATE, Constants::TE_GZIP, Constants::TE_IDENTITY, Constants::TE_NONE, Constants::VULN_RATING_CRITICAL, Constants::VULN_RATING_HIGH, Constants::VULN_RATING_INFO, Constants::VULN_RATING_LOW, Constants::VULN_RATING_MEDIUM, Constants::VULN_RATING_UNDEFINED

Instance Attribute Summary

Attributes inherited from SimpleTextView

#max_len, #style, #textbox

Instance Method Summary collapse

Methods inherited from SimpleTextView

#clear, #clearEvents, #editable=, #editable?, #filter, #makeMatchVisible, #numMatches, #rawRequest, #resetMatches, #setFont, #setText, #subscribe, #textStyle, #textStyle=

Methods included from Utils

#addDecoder, #addEncoder, #addStringInfo, #cleanupHTTP, load_plugins, #removeTags, #replace_text

Constructor Details

#initialize(owner, opts) ⇒ FuzzRequestEditor

Returns a new instance of FuzzRequestEditor.



301
302
303
304
305
306
 
# File 'lib/watobo/gui/fuzzer_gui.rb', line 301

def initialize(owner, opts)
  super(owner, opts)

  @tags = []

end

Instance Method Details

#addTag(tag) ⇒ Object 



289
290
291
 
# File 'lib/watobo/gui/fuzzer_gui.rb', line 289

def addTag(tag)
  @tags.push tag
end

#highlight(pattern) ⇒ Object 



216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
 
# File 'lib/watobo/gui/fuzzer_gui.rb', line 216

def highlight(pattern)
  sindex = nil
  eindex = nil

  dummy = @textbox.to_s
  @textbox.setText(dummy)

  pos = 0
  @pattern_matches.clear

  loop do

    sindex, eindex = @textbox.findText(pattern, pos, SEARCH_EXACT|SEARCH_IGNORECASE|SEARCH_FORWARD)
    #   puts sindex
    sindex, eindex = @textbox.findText(pattern, pos, :flags => SEARCH_REGEX|SEARCH_IGNORECASE|SEARCH_FORWARD) if not sindex
    #  puts sindex
    sindex, eindex = @textbox.findText(Regexp.quote(pattern), pos, :flags => SEARCH_REGEX|SEARCH_IGNORECASE|SEARCH_FORWARD) if not sindex

    break if not sindex or sindex.length == 0


    pos = eindex.last+1

    sindex.length.times do |i|
      start = sindex[i]
      len = eindex[i] - sindex[i]
      @pattern_matches.push [start, len] if start >= 0

    end

    break if sindex.last < 0
    #   puts sindex

  end

  # puts "* found pattern #{pattern} #{@pattern_matches.length} times"

  @pattern_matches.each do |start, len|
    begin
      style = @style
      match = @textbox.to_s.slice(start, len)
      # puts "#{match}/#{start}/#{len}"
      match.gsub!(/%%/, '')
      style = @tags.include?(match) ? 1 : 2

      @textbox.changeStyle(start, len, style)
    rescue => bang
      puts "outch"
      puts bang
    end
  end
  return @pattern_matches
end

#highlightTagsObject 



297
298
299
 
# File 'lib/watobo/gui/fuzzer_gui.rb', line 297

def highlightTags()
  highlight("(%%[^%]*%%)")
end

#parseRequest(fuzzels) ⇒ Object 



271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
 
# File 'lib/watobo/gui/fuzzer_gui.rb', line 271

def parseRequest(fuzzels)
  begin
    new_request = nil
    if fuzzels then
      new_request = @textbox.to_s
      fuzzels.each do |marker, value|
        new_request.gsub!(/%%#{marker}%%/, value.to_s)
      end
    end

    return Watobo::Utils.text2request(new_request)
  rescue => bang
    puts bang
    puts bang.backtrace if $DEBUG
  end
  return nil
end

#removeTag(tag) ⇒ Object 



293
294
295
 
# File 'lib/watobo/gui/fuzzer_gui.rb', line 293

def removeTag(tag)
  @tags.delete(tag)
end