diff --git a/hws/hw-fuzzing-tabbed.html b/hws/hw-fuzzing-tabbed.html index c693a4e..e3e6863 100644 --- a/hws/hw-fuzzing-tabbed.html +++ b/hws/hw-fuzzing-tabbed.html @@ -61,7 +61,10 @@
Any changes to this page will be put here for easy reference. Typo fixes and minor clarifications are not listed here. So far there aren’t any significant changes to report.
+Any changes to this page will be put here for easy reference. Typo fixes and minor clarifications are not listed here.
+This assignment must be done in a recent version of Python. The only additional package you will need is uvicorn
– to install it, enter pip install uvicorn
(or pip3 install uvicorn
).
You will need a number of files from this repository to work on this assignment:
@@ -90,30 +93,31 @@We are going to use this particular call the visible test when you submit your assignment (although we will use a smaller word list to save time, but it will contain both class
and development.log
). Other hidden tests will be used to grade your assignment.
DO NOT HAVE ANY OTHER OUTPUT! We are going to test it by doing a file comparison, so if you have any other output it will report as not the same, and you will fail that test. Again, the order of the lines in your output does not matter.
There are a number of command-line parameters that the fuzzer.py file will accept. You have to implement usage of the others. You can find the via python3 fuzzer.py -h
. The remaining ones to implement are as follows. Note that these are already parsed for you; you just have to handle when those values are in the args
parameter to the fuzz()
function.
There are a number of command-line parameters that the fuzzer.py file will accept. You have to implement usage of the others. You can find them all via python3 fuzzer.py -h
. The remaining ones to implement are as follows. Note that these are already parsed for you; you just have to handle when those values are in the args
parameter to the fuzz()
function.
-e EXTENSIONS
or --extension EXTENSIONS
: One or more extensions to append (e.g. php, html, etc.). Multiple extensions may be provided. So if -e php
and -e html
is provided, and the wordlist contains hello
and world
, then you should be replacing FUZZ
with six different values: hello
, hello.php
, hello.html
, world
, world.php
, and world.html
.
+-e EXTENSIONS
or --extension EXTENSIONS
: One or more extensions to append (e.g. php, html, etc.). Multiple extensions may be provided. So if -e php -e html
is provided, and the wordlist contains hello
and world
, then you should be replacing FUZZ
with six different values: hello
, hello.php
, hello.html
, world
, world.php
, and world.html
.
-e
parameter assumes htat it will be prefixed with a period before being added to each word in the word list. So -e html
means you will add .html
to each word in the word list. However, note that the command line parameter inserts that period for you.-e
parameter assumes that it will be prefixed with a period before being added to each word in the word list. So -e html
means you will add .html
to each word in the word list. However, note that the command line parameter inserts that period for you.-e html
means your program will try both alert
and alert.html
.-X METHOD
or --method METHOD
: HTTP method to use (GET, POST, or PUT) (default: GET)
urllib.request.Request
class to set the method; to check the method is received correctly, print out the scope
variable in server.py
server.py
to print out the scope
variable.-H HEADERS
or --header HEADERS
: One or more HTTP headers to add to requests, in the form “HeaderName: HeaderValue” (e.g. “Content-Type: application/json” or “Host: FUZZ.example.com”). May be specified one or more times.
+-H HEADERS
or --header HEADERS
: One or more HTTP headers to add to requests, in the form “HeaderName:HeaderValue” (e.g. “Content-Type:application/json” or “Host:FUZZ.example.com”). This may be specified one or more times.
urllib.request.Request
class to set the headers; to check the header is received correctly, print out the scope
variable in server.py
scope
variable in server.py
. As before, you then past the Request object into urllib.request.urlopen
.-H "MyHeader:foobarbaz"
will cause each request sent to the URL to include that header; note that there is no space after the colonfuzz()
, the headers are received as a string with a colon (:
) separating the key and value. You have to split()
that, as what is passed to the urllib.request.Request
constructor is a dictionary of key-value pairs.fuzz()
, the headers are received as a string with a colon (:
) separating the key and value. You have to split()
that, as what needs to be passed to the urllib.request.Request
constructor is a dictionary of key-value pairs.-d DATA
or --data DATA
: Data to send in the body of the HTTP request.
read_body()
function, which is called (in the app()
function in server.py) as body = await read_body(receive)
.urllib.request.Request
class to set the data; to check the data is received correctly, print out the scope
variable in server.py
read_body()
function, which is called (in the app()
function in server.py) as body = await read_body(receive)
. You can cut-and-paste that function right into server.py if you want to use it.urllib.request.Request
class to set the data; to check the data is received correctly, print out the scope
variable in server.py
. As before, you then past the Request object into urllib.request.urlopen
.Request
object must be bytes
, not a string or None
.-mc MATCH_CODES
: Match HTTP response codes. May be specified multiple times. If let unspecified, defaults to the following response codes: [200, 301, 302, 401, 403]. Previously you printed out any URLs that did not return 404 (not found). That should now be modified to print out the URLs that return one of the escape codes in this list (which is parsed for you and passed into the fuzz()
function).
+-mc MATCH_CODES
: Match HTTP response codes. May be specified multiple times. If left unspecified, defaults to the following response codes: [200, 301, 302, 401, 403]. Previously you printed out any URLs that did not return 404 (not found). That should now be modified to print out the URLs that return one of the response codes in this list (which is parsed for you and passed into the fuzz()
function in the args
parameter).
-mc
will replace the default list with just that one. So -mc 200
will not check for any of the defaults other than 200. Note that the command line argument parsing does this for you.Any changes to this page will be put here for easy reference. Typo fixes and minor clarifications are not listed here. So far there aren’t any significant changes to report.
+Any changes to this page will be put here for easy reference. Typo fixes and minor clarifications are not listed here.
+This assignment must be done in a recent version of Python. The only additional package you will need is uvicorn
– to install it, enter pip install uvicorn
(or pip3 install uvicorn
).
You will need a number of files from this repository to work on this assignment:
@@ -84,30 +87,31 @@We are going to use this particular call the visible test when you submit your assignment (although we will use a smaller word list to save time, but it will contain both class
and development.log
). Other hidden tests will be used to grade your assignment.
DO NOT HAVE ANY OTHER OUTPUT! We are going to test it by doing a file comparison, so if you have any other output it will report as not the same, and you will fail that test. Again, the order of the lines in your output does not matter.
There are a number of command-line parameters that the fuzzer.py file will accept. You have to implement usage of the others. You can find the via python3 fuzzer.py -h
. The remaining ones to implement are as follows. Note that these are already parsed for you; you just have to handle when those values are in the args
parameter to the fuzz()
function.
There are a number of command-line parameters that the fuzzer.py file will accept. You have to implement usage of the others. You can find them all via python3 fuzzer.py -h
. The remaining ones to implement are as follows. Note that these are already parsed for you; you just have to handle when those values are in the args
parameter to the fuzz()
function.
-e EXTENSIONS
or --extension EXTENSIONS
: One or more extensions to append (e.g. php, html, etc.). Multiple extensions may be provided. So if -e php
and -e html
is provided, and the wordlist contains hello
and world
, then you should be replacing FUZZ
with six different values: hello
, hello.php
, hello.html
, world
, world.php
, and world.html
.
+-e EXTENSIONS
or --extension EXTENSIONS
: One or more extensions to append (e.g. php, html, etc.). Multiple extensions may be provided. So if -e php -e html
is provided, and the wordlist contains hello
and world
, then you should be replacing FUZZ
with six different values: hello
, hello.php
, hello.html
, world
, world.php
, and world.html
.
-e
parameter assumes htat it will be prefixed with a period before being added to each word in the word list. So -e html
means you will add .html
to each word in the word list. However, note that the command line parameter inserts that period for you.-e
parameter assumes that it will be prefixed with a period before being added to each word in the word list. So -e html
means you will add .html
to each word in the word list. However, note that the command line parameter inserts that period for you.-e html
means your program will try both alert
and alert.html
.-X METHOD
or --method METHOD
: HTTP method to use (GET, POST, or PUT) (default: GET)
urllib.request.Request
class to set the method; to check the method is received correctly, print out the scope
variable in server.py
server.py
to print out the scope
variable.-H HEADERS
or --header HEADERS
: One or more HTTP headers to add to requests, in the form “HeaderName: HeaderValue” (e.g. “Content-Type: application/json” or “Host: FUZZ.example.com”). May be specified one or more times.
+-H HEADERS
or --header HEADERS
: One or more HTTP headers to add to requests, in the form “HeaderName:HeaderValue” (e.g. “Content-Type:application/json” or “Host:FUZZ.example.com”). This may be specified one or more times.
urllib.request.Request
class to set the headers; to check the header is received correctly, print out the scope
variable in server.py
scope
variable in server.py
. As before, you then past the Request object into urllib.request.urlopen
.-H "MyHeader:foobarbaz"
will cause each request sent to the URL to include that header; note that there is no space after the colonfuzz()
, the headers are received as a string with a colon (:
) separating the key and value. You have to split()
that, as what is passed to the urllib.request.Request
constructor is a dictionary of key-value pairs.fuzz()
, the headers are received as a string with a colon (:
) separating the key and value. You have to split()
that, as what needs to be passed to the urllib.request.Request
constructor is a dictionary of key-value pairs.-d DATA
or --data DATA
: Data to send in the body of the HTTP request.
read_body()
function, which is called (in the app()
function in server.py) as body = await read_body(receive)
.urllib.request.Request
class to set the data; to check the data is received correctly, print out the scope
variable in server.py
read_body()
function, which is called (in the app()
function in server.py) as body = await read_body(receive)
. You can cut-and-paste that function right into server.py if you want to use it.urllib.request.Request
class to set the data; to check the data is received correctly, print out the scope
variable in server.py
. As before, you then past the Request object into urllib.request.urlopen
.Request
object must be bytes
, not a string or None
.-mc MATCH_CODES
: Match HTTP response codes. May be specified multiple times. If let unspecified, defaults to the following response codes: [200, 301, 302, 401, 403]. Previously you printed out any URLs that did not return 404 (not found). That should now be modified to print out the URLs that return one of the escape codes in this list (which is parsed for you and passed into the fuzz()
function).
+-mc MATCH_CODES
: Match HTTP response codes. May be specified multiple times. If left unspecified, defaults to the following response codes: [200, 301, 302, 401, 403]. Previously you printed out any URLs that did not return 404 (not found). That should now be modified to print out the URLs that return one of the response codes in this list (which is parsed for you and passed into the fuzz()
function in the args
parameter).
-mc
will replace the default list with just that one. So -mc 200
will not check for any of the defaults other than 200. Note that the command line argument parsing does this for you.