Skip to content

Latest commit

 

History

History
120 lines (85 loc) · 4.25 KB

README.md

File metadata and controls

120 lines (85 loc) · 4.25 KB
Raw

Configuration File

  • FUSE uses a user-provided configuration file that specifies parameters for a target PHP application. The script must be filled out before testing a target Web application.
The configuration file requires the following fields:
USER_CREDENTIAL
  1. ID: Username for the Web application under testing.
  2. PW: Password for the Web application under testing.
  3. WebRootPath: Root path for the Web server.
  4. WebHost: Host information for the WEb application under testing.
  5. WebLoginIDName: Username for the login page.
  6. WebLoginPWName: Password for the login page.
  7. WebLoginURL: The URL for the login processing page.
  8. WebLoginPageURL: The URL for the page where login form exists.
  9. WebLoginCSRFName: The name of CSRF parameter used in the login form.
  10. WebLoginAdditionalValue: Parameters name and value other than ID, PW, and CSRF.
  11. WebLoginSuccessStr: String to identify login success on page after login processing.
  12. WebUploadURL: The URL for the page that handles the upload request.
  13. WebUploadPageURL: The URL for the page where upload form exists.
  14. WebUploadFormAttr: Attribute for upload form (Optional).
  15. WebUploadCSRFName: The name for parameter of CSRF token used for upload.
  16. WebUploadSuccessStr: String to identify upload success.
  17. WebUploadAdditionalValue: Name and value of additional parameters used for upload.
  18. WebUploadCustomHeader: Header information used for upload.
  19. WebUploadedFileUrlPattern: File to be uploaded.
  20. WebUploadFilesURL: The URL for summary page of uploaded file.
  21. WebUploadFilesParameter: Additional parameters to access summary page of the uploaded file.
DETECTOR_CONF
  1. MutationChainLimit: Maximum length of mutation chain.
  2. MonitorEnable: Whether to use File Monitor.
  3. MonitorHost: Host address for File Monitor.
  4. MonitorPort: Port for File Monitor.
  • Custom Tag: To support various applications, there are tags that can be used in specific parts of the configuration file. Different custom tags are available for each configuration attribute.
WebLoginCSRFName
WebUploadCSRFName

%cookietoken#
=> Get all name and value pairs of cookies and place them in this location.

%headertoken:html_tag@[Tag Type]=[Tag Name]=[Tag Value]=[Get Attr Name]=[Header Name]#
=> In the UploadPage, search for a tag of the [Tag Type] type with the attribute name [Tag Name] and the value [Tag Value]. Among them, the value corresponding to [Get Attr Name] is added to the HTTP Request [Header Name] header.

%headertoken:html_regex@[Regex1]=[Regex2]=[Header Name]#
=> Find the string corresponding to regular expression [Regex2] among the values retrieved by the [Regex1] from the UploadPage, and use it as the value of [Header Name] name in request header.

%headertoken:header@[headername]#
=> Insert the [headername] header of the HTTP(S) response for UploadPage into the request header.

%reg:[Regex]#
=> In UploadPage, find the tag whose name corresponds to the [Regex] regular expression, and use the tag as name and value pair.

----

WebLoginPageURL
WebUploadPageURL

%randint#
=> Place a random number at this location.

%cookie:[cookiename]#
=> Place the value corresponding to [cookiename] of the cookie

%cookie:reg:[regex]#
=> Place the value of the parameter whose name matches [regex] in the cookie.

---

WebUploadURL

%find#
=> Find upload form and use action value as upload URL.

---

WebUploadAdditionalValue

%filename#
=> Place the name of the upload file.

%filebinary#
=> Place the content of the upload file.

%domtoken:[regex1]@[regex2]#
=> Place the value corresponding to the regular expression [regex2] in this location among the values retrieved by the [regex1] from the UploadPageURL.

%randint#
=> Place a random number at this location.

%cookie:[cookiename]#
=> The value corresponding to [cookiename] of the cookie.

%cookie:reg:[regex]#
=> The value of the parameter whose name is matched with [regex] in the cookie.

---

WebUploadedFileUrlPattern

%genfile#
=> Insert a regular expression for the filename generated by FUSE.

%filename#
=> Insert the file name you uploaded.
  • Test to make sure your configuration is successfully working
$ python ../tester/#_upload_test.py [config]