How to use test_double_quote method in autotest

Best Python code snippet using autotest_python

PrepareAttackRequest.py

Source:PrepareAttackRequest.py Github

copy

Full Screen

1# -*- coding: utf-8 -*-2# This program is free software; you can redistribute it and/or modify3# it under the terms of the GNU General Public License as published by4# the Free Software Foundation; either version 2 of the License, or5# (at your option) any later version.6#7# This program is distributed in the hope that it will be useful,8# but WITHOUT ANY WARRANTY; without even the implied warranty of9# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the10# GNU General Public License for more details.11#12# You should have received a copy of the GNU General Public License13# along with this program; if not, write to the Free Software14# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,15# MA 02110-1301, USA.16#17# Author: Damian Schwyrz18from urllib.parse import urlparse19from inc.Headers import *20from inc.Payload import *21from random import shuffle22class PrepareAttackRequest:23 def __init__(self, config, host_params):24 self.config = config25 self.host_params = host_params26 self.tests = []27 self.__create_request_data()28 def __create_request_data(self):29 for attacked_site in self.config.urls:30 url = self.__make_url(attacked_site)31 path = self.__get_path(url)32 hostname = self.__get_host(url)33 port = self.__get_port(url)34 self.custom_params = []35 self.wordlist_params = self.config.parameters36 if hostname in self.host_params:37 self.custom_params = self.host_params[hostname]38 self.__resort_parameters()39 self.__create_tests_when_only_base_request_is_allowed(hostname, path, port, url)40 self.__create_tests_if_attack_mode_is_allowed(hostname, path, port, url)41 self.__shuffle_tests_if_allowed()42 def __shuffle_tests_if_allowed(self):43 if self.config.shuffle_tests:44 shuffle(self.tests)45 def __create_tests_if_attack_mode_is_allowed(self, hostname, path, port, url):46 if self.config.type_get and not self.config.type_only_base_request:47 self.custom_params_get = list(self.__chunks(self.custom_params, self.config.chunk_size_get))48 self.wordlist_params_get = list(self.__chunks(self.wordlist_params, self.config.chunk_size_get))49 for inner_list in self.custom_params_get:50 if self.config.test_double_quote:51 self.__put_get_attack_to_tests("GET", url, hostname, port, path, '"', inner_list)52 if self.config.test_escaped_double_quote:53 self.__put_get_attack_to_tests("GET", url, hostname, port, path, '\\\"', inner_list)54 if self.config.test_single_quote:55 self.__put_get_attack_to_tests("GET", url, hostname, port, path, "'", inner_list)56 if self.config.test_escaped_single_quote:57 self.__put_get_attack_to_tests("GET", url, hostname, port, path, '\\\'', inner_list)58 if self.config.test_bigger_sign:59 self.__put_get_attack_to_tests("GET", url, hostname, port, path, ">", inner_list)60 for inner_list in self.wordlist_params_get:61 if self.config.test_double_quote and self.config.extended_mode:62 self.__put_get_attack_to_tests("GET", url, hostname, port, path, '"', inner_list)63 if self.config.test_escaped_double_quote and self.config.extended_mode:64 self.__put_get_attack_to_tests("GET", url, hostname, port, path, '\\\"', inner_list)65 if self.config.test_single_quote and self.config.extended_mode:66 self.__put_get_attack_to_tests("GET", url, hostname, port, path, "'", inner_list)67 if self.config.test_escaped_single_quote and self.config.extended_mode:68 self.__put_get_attack_to_tests("GET", url, hostname, port, path, '\\\'', inner_list)69 if self.config.test_bigger_sign and self.config.extended_mode:70 self.__put_get_attack_to_tests("GET", url, hostname, port, path, ">", inner_list)71 if self.config.type_post and not self.config.type_only_base_request:72 self.custom_params_post = list(self.__chunks(self.custom_params, self.config.chunk_size_post))73 self.wordlist_params_post = list(self.__chunks(self.wordlist_params, self.config.chunk_size_post))74 for inner_list in self.custom_params_post:75 if self.config.test_double_quote:76 self.__put_post_attack_to_tests("POST", url, hostname, port, path, '"', inner_list)77 if self.config.test_single_quote:78 self.__put_post_attack_to_tests("POST", url, hostname, port, path, "'", inner_list)79 if self.config.test_escaped_double_quote:80 self.__put_post_attack_to_tests("POST", url, hostname, port, path, '\\\"', inner_list)81 if self.config.test_escaped_single_quote:82 self.__put_post_attack_to_tests("POST", url, hostname, port, path, "\\\'", inner_list)83 if self.config.test_bigger_sign:84 self.__put_post_attack_to_tests("POST", url, hostname, port, path, ">", inner_list)85 for inner_list in self.wordlist_params_post:86 if self.config.test_double_quote and self.config.extended_mode:87 self.__put_post_attack_to_tests("POST", url, hostname, port, path, '"', inner_list)88 if self.config.test_escaped_double_quote and self.config.extended_mode:89 self.__put_post_attack_to_tests("POST", url, hostname, port, path, '\\\"', inner_list)90 if self.config.test_single_quote and self.config.extended_mode:91 self.__put_post_attack_to_tests("POST", url, hostname, port, path, "'", inner_list)92 if self.config.test_escaped_single_quote and self.config.extended_mode:93 self.__put_post_attack_to_tests("POST", url, hostname, port, path, "\\\'", inner_list)94 if self.config.test_bigger_sign and self.config.extended_mode:95 self.__put_post_attack_to_tests("POST", url, hostname, port, path, ">", inner_list)96 def __create_tests_when_only_base_request_is_allowed(self, hostname, path, port, url):97 if self.config.type_only_base_request and self.config.type_get:98 self.custom_params_base_get = list(self.__chunks(self.custom_params, self.config.chunk_size_get))99 for inner_list in self.custom_params_base_get:100 self.__put_get_attack_to_tests("GET", url, hostname, port, path, '', inner_list)101 if self.config.type_only_base_request and self.config.type_post:102 self.custom_params_base_post = list(self.__chunks(self.custom_params, self.config.chunk_size_post))103 for inner_list in self.custom_params_base_post:104 self.__put_post_attack_to_tests("POST", url, hostname, port, path, '', inner_list)105 def __put_post_attack_to_tests(self, method, url, hostname, port, path, test_char, parameters):106 headers = Headers(self.config)107 headers.set("Host", hostname)108 headers.add_user_defined_headers()109 if self.config.cookies != "":110 headers.set("Cookie", self.config.cookies)111 headers.set("Referer", "{}".format(url))112 headers.set("User-Agent", headers.get_random_user_agent())113 headers.set("Content-Type", "application/x-www-form-urlencoded")114 payload = Payload()115 payload.generate_get_string(parameters, test_char)116 self.tests.append({117 'url': url,118 'port': port,119 'method': method,120 'host': hostname,121 'path': "{}".format(path),122 'base_path': "{}?".format(path),123 'headers': headers.make(),124 'body': payload.string,125 'test_char': test_char,126 'payload_information': payload.payload_information127 })128 def __put_get_attack_to_tests(self, method, url, hostname, port, path, test_char, parameters):129 headers = Headers(self.config)130 headers.set("Host", hostname)131 headers.add_user_defined_headers()132 if self.config.cookies != "":133 headers.set("Cookie", self.config.cookies)134 headers.set("Referer", "{}".format(url))135 headers.set("User-Agent", headers.get_random_user_agent())136 headers.set("Content-Type", "text/html")137 payload = Payload()138 payload.generate_get_string(parameters, test_char)139 self.tests.append({140 'url': url,141 'port': port,142 'method': method,143 'host': hostname,144 'path': "{}?{}".format(path, payload.string),145 'base_path': "{}?".format(path),146 'headers': headers.make(),147 'body': '',148 'test_char': test_char,149 'payload_information': payload.payload_information150 })151 def __resort_parameters(self):152 new_wordlist = []153 for param in self.wordlist_params:154 if param not in self.custom_params:155 new_wordlist.append(param)156 self.wordlist_params = new_wordlist157 @staticmethod158 def __make_url(attacked_site):159 url = attacked_site160 if not attacked_site.startswith("http"):161 url = "http://{}/".format(attacked_site)162 return url163 @staticmethod164 def __get_path(url):165 parser = urlparse(url)166 return parser.path167 @staticmethod168 def __get_host(url):169 parser = urlparse(url)170 return parser.hostname171 @staticmethod172 def __get_port(url):173 parser = urlparse(url)174 return parser.port175 @staticmethod176 def __chunks(params, size):177 for i in range(0, len(params), size):...

Full Screen

Full Screen

TestQuoting.py

Source:TestQuoting.py Github

copy

Full Screen

...14 def test_no_quote(self):15 self.do_test_args("a b c", "a\0b\0c\0")16 def test_single_quote(self):17 self.do_test_args("'a b c'", "a b c\0")18 def test_double_quote(self):19 self.do_test_args('"a b c"', "a b c\0")20 def test_double_quote(self):21 self.do_test_args('"a b c"', 'a b c\0')22 def test_single_quote_escape(self):23 self.do_test_args("'a b\\' c", "a b\\\0c\0")24 def test_double_quote_escape(self):25 self.do_test_args('"a b\\" c"', 'a b" c\0')26 def test_double_quote_escape(self):27 self.do_test_args('"a b\\" c"', 'a b" c\0')28 def test_double_quote_escape2(self):29 self.do_test_args('"a b\\\\" c', 'a b\\\0c\0')30 def test_double_quote_escape2(self):31 self.do_test_args('"a b\\\\" c', 'a b\\\0c\0')32 def test_single_in_double(self):33 self.do_test_args('"a\'b"', "a'b\0")34 def test_double_in_single(self):...

Full Screen

Full Screen

Automation Testing Tutorials

Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.

LambdaTest Learning Hubs:

YouTube

You could also refer to video tutorials over LambdaTest YouTube channel to get step by step demonstration from industry experts.

Run autotest automation tests on LambdaTest cloud grid

Perform automation testing on 3000+ real desktop and mobile devices online.

Try LambdaTest Now !!

Get 100 minutes of automation test minutes FREE!!

Next-Gen App & Browser Testing Cloud

Was this article helpful?

Helpful

NotHelpful