Kypto

Kypto
Selling Your Soul To The Devil Can Be Bad.

Monday, 13 August 2012

WebScape BeanShell

  1. mport org.owasp.webscarab.model.ConversationID;
  2. import org.owasp.webscarab.model.HttpUrl;
  3. import org.owasp.webscarab.model.Request;
  4. import org.owasp.webscarab.model.Response;
  5.  
  6. // define subroutines BEFORE the main part of the script executes,
  7. // otherwise they won't be found
  8.  
  9. // call this to fetch the requests one after another
  10. void fetchSequentially() {
  11.     while (hasMoreRequests()) {
  12.         request = getNextRequest();
  13.         response = scripted.fetchResponse(request);
  14.         out.println("Conversation " + scripted.addConversation(response));
  15.     }
  16. }
  17.  
  18. // call this to fetch them in parallel
  19. // the number of simultaneous connections is controlled by the Scripting plugin
  20. // It is currently fixed at 4 simultaneous requests
  21.  
  22. void fetchParallel() {
  23.     while (hasMoreRequests() || scripted.isAsyncBusy()) {
  24.         while (scripted.hasAsyncCapacity() && hasMoreRequests()) {
  25.             scripted.submitAsyncRequest(getNextRequest());
  26.         }
  27.         if (scripted.hasAsyncResponse()) {
  28.             while (scripted.hasAsyncResponse()) {
  29.                 response = scripted.getAsyncResponse();
  30.                 request = response.getRequest();
  31.                 out.println("Conversation " + scripted.addConversation(response));
  32.             }
  33.         } else Thread.sleep(100);
  34.     }
  35. }
  36.  
  37. /******************************************************************************
  38.  ***************** USER EDITABLE SCRIPT STARTS HERE ***************************
  39.  *                                                                            *
  40.  * Of course, you can modify the bits above, but you shouldn't need           *
  41.  * to, if you follow the algorithm suggested below.                           *
  42.  *                                                                            *
  43.  ******************************************************************************/
  44.  
  45. // modify this routine to determine when we are finished
  46. boolean hasMoreRequests() {
  47.     return i<10;
  48. }
  49.  
  50. // modify this routine to construct the next request
  51. Request getNextRequest() {
  52.     // create a new request copied from the template
  53.     Request request = new Request(template);
  54.     // now customise it
  55.     request.setHeader("Authorization", "Basic whatever " + i++);
  56.     return request;
  57. }
  58.  
  59. // Do some initialisation here
  60.  
  61. // create a template that contains the basics
  62. Request template = new Request();
  63. template.setMethod("GET");
  64. template.setURL(new HttpUrl("http://localhost:8080/"));
  65. template.setVersion("HTTP/1.0");
  66. template.setHeader("User-Agent","WebScarab");
  67.  
  68. // a counter, so we can know when to stop
  69. int i=0;
  70.  
  71. // Choose how to submit the requests, sequentially, or in parallel
  72.  
  73. // fetchSequential();
  74.  
  75. fetchParallel();
  76.  
  77.  
  78. ##################
  79. ### Kypto 2012 ###
  80. #######################
  81. # twitter.com/ddos101 #
  82. #######################
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)