Question:How do I fuzz HTTP POST body? which is in the format of json?
User-debbie opened this issue · 4 comments
Sorry, this is the first time that I use any fuzz software, I'd like to ask how to fuzz a HTTP request body? My POST request is as follows, it was copied from Postman :
POST /appstore/market/apps/v1/forms HTTP/1.1
Host: zian.test.com:443
Authorization:xxxx
Content-Type: application/json
Content-Length: 73
{
"formTitle": "fromBooFuffzz",
"formDescription": "fromBooFuzz"
}
and I would like to fuzz "formTitle" and keep everything else the same.
I have learnt that I can use s_static or fuzzable=False to keep things unchanged, and I can fuzz some http parameters, but I don't know how to fuzz the things in body.
I would be more than glad to get replys from you.Thank u vert much!
To fuzz the POST body, it should be defined the same as the HTTP Header. Take {"fromTitle": "fromBooFuffzz"} as an example, it can be defined as follows:
with s_block("post_data"):
s_static('{"')
s_string('fromTitle')
s_static('": "fromBooFuffzz"}')That's it.
For other things, you can refer to the example https://github.com/jtpereyda/boofuzz/blob/master/examples/http_with_body.py in the repository.
Thank you, now I can successfully fuzz POST Body! And I would like to raise a small question, how can boofuzz get the HTTP response status code and monitor it? For example , deeming it as crush when the status code of the response is 400, thank you! I tried to read the docs but I haven't finish them yet ╮(︶﹏︶")╭
If you can receive the response from the server, you can check the status code manually for that purpose. One way to achieve that may be to add the above logic in the edge callback. In addition, the pre/post_callback mechanism may be able to achieve it as well.
PS: I achieved the similar purpose against a much old version of boofuzz by mofdifing the session.py 4 years ago, and didn't try the newly introduced pre/post_callback mechanism.