syntribos

Not working for URL

Bug #1658036 reported by anubhav on 2017-01-20

6

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	syntribos	New	Undecided	Unassigned

Bug Description

I am trying to test
http://localhost:8000/mutillidae/webservices/rest/ws-user-account.php?username=adrian
I have used the following command
syntribos --config-file /root/syntribos/examples/configs/keystone.conf -t SQL_INJECTION_URL run

But this is not working. I tried to debug and and found:
1. It is not getting any task.
2. It is calling _fuzz_data() which is calling:
model_iter = _build_dict_combinations(stri, data, skip_var)
For URL, it is getting null model_iter. It is happening because of the following:

def _build_str_combinations(fuzz_string, data):
    var_regex = r"{([\w]*):?([^}]*)}"
    for match in re.finditer(var_regex, data):
        start, stop = match.span()
        model = "{0}{1}{2}".format(data[:start], fuzz_string, data[stop:])
        if match.group(1):
            # The string is of the format "{identifier:value}", so we just
            # want the identifier as the param_path
            yield model, match.group(1)
        else:
            yield model, match.group(0)

As the for loop is not working for URL. So it is not getting anything and hence returning null.

Please see what can be done in this case.

Revision history for this message

anubhav (anubhavsingh6663) wrote on 2017-01-23:

#1

The regex here i.e:{([\w]*):?([^}]*)} is expecting URL in {}. That's why it is not working. To make it work for URL do remove {} from regex.

Revision history for this message

Rahul U Nair (rahulunair) wrote on 2017-01-23:

#2

Anubhav,

That regex is not for fetching URL, but for identifying possible fuzzing areas. Can you post your config file content as well. Also, could you give some details about the platform you are testing on, the expected response from the server etc.

Revision history for this message

anubhav (anubhavsingh6663) wrote on 2017-01-24:

#3

mutilldae.template Edit (578 bytes, text/plain)

It's trying to identifying possible fuzzing areas in URL right ?
I am attaching the conf and template file.

Revision history for this message

anubhav (anubhavsingh6663) wrote on 2017-01-24:

#4

mutilldae.template Edit (578 bytes, text/plain)

It's trying to identifying possible fuzzing areas in URL right ?
I am attaching the conf and template file.

Revision history for this message

anubhav (anubhavsingh6663) wrote on 2017-01-24:

#5

keystone.conf Edit (1.4 KiB, text/plain)

Revision history for this message

anubhav (anubhavsingh6663) wrote on 2017-01-24:

#6

I am using Kali-linux on VM-ware i.e 4.3.0-kali1-amd64.

Revision history for this message

Rahul U Nair (rahulunair) wrote on 2017-04-10:

#7

Are you still facing this issue?

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.