Perl: recipe

Main Menu

It doesn't matter how good your programmers are, rigorous testing will always be part of producing secure software. Hope and Walther steal Web security testing back from the L33T hax0rs and return it to the realm of the disciplined professional.

Brian Chess,
Founder/Chief Scientist Fortify Software

Perl: recipe_5.3.pl

Wednesday, 23 September 2009 21:15

#!/usr/bin/perl

$BASEURL="http://www.example.com/weather.jsp";
$PARAMS="zip=20170";

# If $strategy == "prefill", then the bogus parameters will come before the
# legit one above. Otherwise, the bogus parameters will come after.
$strategy = "foo";

# How many URLs to generate. Each URL is 16 characters longer than the one
# before it. With $depth set to 16, the last one is 256 characters in the
# parameters. You need to get up to depth 256 to get interesting URLs (4K
# or more).
$depth = 256;

# How many to skip, each time through the loop. If you set this to 1, when
# you have $depth 256, you'll get 256 different URLs, starting at 16 characters
# and going on up to 4096. If you set $skip to 8, you'll only get 32 unique
# URLs (256/8), because we'll skip by 8s.
$skip  = 8;

for( my $i = 0; $i < $depth; $i += $skip ) {
	# build one URL's worth of paramters
	$bogusParams = "";
	for( my $j = 1; $j <= $i; $j++ ) {
		$bogusParams .= sprintf( "a%0.7d=z%0.7d&", $j, $j );
	}
	if( $strategy eq "prefill" ) {
		$url = $BASEURL . "?" . $bogusParams . "&" . $PARAMS;
	} else {
		# use substr() to strip the trailing & off the URL and make it legit.
		$url = $BASEURL . "?" . $PARAMS . "&" . substr ($bogusParams, 1, -1);
	}
	print "$url\n";
}

follow pacohope at http://twitter.com/

follow OWASP NoVA at http://twitter.com/