--field as an expression

meprajjwal · Apr 6, 2019 · d9f0cd9 · d9f0cd9
1 parent a9c9b64
commit d9f0cd9
Show file tree

Hide file tree

Showing 8 changed files with 24 additions and 18 deletions.
diff --git a/docs/library/guide.rst b/docs/library/guide.rst
@@ -170,3 +170,8 @@ Once a Wfuzz result is available the grammar defined in the filter language can
     test
     test
     >>>
+
+The result object has also a method to evaluate a language expression::
+
+    >> print(r.eval("r.cookies.response"))
+    login=test%2Ftest
diff --git a/docs/user/basicusage.rst b/docs/user/basicusage.rst
@@ -252,11 +252,11 @@ For example, to show results in json format use the following command::
 
     $ wfuzz -o json -w wordlist/general/common.txt http://testphp.vulnweb.com/FUZZ
 
-When in using the default output you can also select what FuzzResult's field to show instead of the payload description::
+When in using the default output you can also select an additional FuzzResult's field to show together with the payload description::
 
     $ wfuzz -z range --zD 0-1 -u http://testphp.vulnweb.com/artists.php?artist=FUZZ --field r
     ...
-    000000001:   200        99 L     272 W    3868 Ch   GET /artists.php?artist=0 HTTP/1.1
+    000000001:   200        99 L     272 W    3868 Ch   0 | GET /artists.php?artist=0 HTTP/1.1
                                                         Content-Type: application/x-www-form-urlencoded
                                                         User-Agent: Wfuzz/2.4
                                                         Host: testphp.vulnweb.com

diff --git a/src/wfuzz/facade.py b/src/wfuzz/facade.py
@@ -13,6 +13,7 @@
 ERROR_CODE = -1
 BASELINE_CODE = -2
 
+
 class Settings(SettingsBase):
     def get_config_file(self):
         return os.path.join(utils.get_home(check=True), "wfuzz.ini")

diff --git a/src/wfuzz/fuzzobjects.py b/src/wfuzz/fuzzobjects.py
@@ -16,6 +16,7 @@
 from collections import namedtuple
 from collections import defaultdict
 
+from .filter import FuzzResFilter
 from .externals.reqresp import Request, Response
 from .exception import FuzzExceptBadAPI, FuzzExceptBadOptions, FuzzExceptInternalError
 from .facade import Facade, ERROR_CODE
@@ -748,9 +749,6 @@ def __str__(self):
 
     @property
     def description(self):
-        if self._description:
-            return str(rgetattr(self, self._description))
-
         payl_descriptions = [payload.description(self.url) for payload in self.payload]
         ret_str = ' - '.join([p_des for p_des in payl_descriptions if p_des])
 
@@ -759,6 +757,15 @@ def description(self):
 
         return ret_str
 
+    def get_full_description(self):
+        if self._description is not None:
+            return "{} | {}".format(self.description, self.eval(self._description))
+
+        return self.description
+
+    def eval(self, expr):
+        return FuzzResFilter(filter_string=expr).is_visible(self)
+
     # parameters in common with fuzzrequest
     @property
     def content(self):

diff --git a/src/wfuzz/options.py b/src/wfuzz/options.py
@@ -7,7 +7,6 @@
 from .utils import (
     json_minify,
     python2_3_convert_from_unicode,
-    _check_allowed_field
 )
 
 from .core import Fuzzer
@@ -130,9 +129,6 @@ def validate(self):
         if self.data["rlevel"] < 0:
             return "Bad usage: Recursion level must be a positive int."
 
-        if self.data["description"] and not _check_allowed_field(self.data["description"]):
-            return "Bad usage: '{}' is not a valid field.".format(self.data['description'])
-
         if self.data['allvars'] not in [None, 'allvars', 'allpost', 'allheaders']:
             raise FuzzExceptBadOptions("Bad options: Incorrect all parameters brute forcing type specified, correct values are allvars,allpost or allheaders.")
 

diff --git a/src/wfuzz/ui/console/common.py b/src/wfuzz/ui/console/common.py
@@ -95,7 +95,7 @@
 \t--interact                : (beta) If selected,all key presses are captured. This allows you to interact with the program.
 \t--dry-run                 : Print the results of applying the requests without actually making any HTTP request.
 \t--prev                    : Print the previous HTTP requests (only when using payloads generating fuzzresults)
-\t--field <field>           : Show the specified FuzzResult field instead of the current payload
+\t--field <expr>            : Show the specified language expression together with the current payload
 \t
 \t-p addr                   : Use Proxy in format ip:port:type. Repeat option for using various proxies.
 \t                            Where type could be SOCKS4,SOCKS5 or HTTP if omitted.

diff --git a/src/wfuzz/ui/console/mvc.py b/src/wfuzz/ui/console/mvc.py
@@ -1,8 +1,6 @@
 import sys
 from collections import defaultdict
 import threading
-import operator
-from functools import reduce
 try:
     from itertools import zip_longest
 except ImportError:
@@ -177,7 +175,7 @@ def _print_verbose(self, res, print_nres=True):
             ("%d Ch" % res.chars, txt_colour),
             (server, txt_colour),
             (location, txt_colour),
-            ("\"%s\"" % str(res.description), txt_colour),
+            ("\"%s\"" % res.get_full_description(), txt_colour),
         ]
 
         self.term.set_colour(txt_colour)
@@ -218,7 +216,7 @@ def _print(self, res, print_nres=True):
             ("%d L" % res.lines, txt_colour),
             ("%d W" % res.words, txt_colour),
             ("%d Ch" % res.chars, txt_colour),
-            ("\"%s\"" % str(res.description), txt_colour),
+            ("\"%s\"" % res.get_full_description(), txt_colour),
         ]
 
         self.term.set_colour(txt_colour)

diff --git a/tests/test_acceptance.py b/tests/test_acceptance.py
@@ -8,7 +8,6 @@
 
 import wfuzz
 
-
 LOCAL_DOMAIN = "http://localhost"
 URL_LOCAL = "%s:8000/dir" % (LOCAL_DOMAIN)
 HTTPD_PORT = 8000
@@ -86,7 +85,7 @@
     # fails ("test_set_fuzz_from_fuz2z_url", "-z range,1-1 {}/FUZZ?param=1".format(HTTPBIN_URL), "-z wfuzzp,$$PREVFILE$$ -z list,6-3 --prefilter r.params.get.param:=FUZ2Z FUZZ[url]", ["http://localhost:9000/1?param=6", "http://localhost:9000/1?param=3"], None),
 
     # test different field
-    ("test_field", "-z range,1-1 {}/FUZZ".format(HTTPBIN_URL), "-z wfuzzp,$$PREVFILE$$ --field c FUZZ", ["404"], None),
+    ("test_field", "-z range,1-1 {}/FUZZ".format(HTTPBIN_URL), "-z wfuzzp,$$PREVFILE$$ --field c FUZZ", [404], None),
 
 ]
 
@@ -376,11 +375,11 @@ def test(self):
 
         # first session
         with wfuzz.get_session(prev_session_cli) as s:
-            ret_list = [x.description for x in s.fuzz(save=filename)]
+            ret_list = [x.eval(x._description) if x._description else x.description for x in s.fuzz(save=filename)]
 
         # second session wfuzzp as payload
         with wfuzz.get_session(next_session_cli.replace("$$PREVFILE$$", filename)) as s:
-            ret_list = [x.description for x in s.fuzz()]
+            ret_list = [x.eval(x._description) if x._description else x.description for x in s.fuzz()]
 
         self.assertEqual(sorted(ret_list), sorted(expected_list))