module PWN::Reports::Fuzz

def self.authors

def self.authors
rt@0dayinc.com>

def self.generate(opts = {})

def self.generate(opts = {})
ir_path].to_s if File.directory?(opts[:dir_path].to_s)
Invalid Directory #{dir_path}" if dir_path.nil?
s[:results_hash]
lts_hash[:report_name]
g].nil? ? char_encoding = 'UTF-8' : char_encoding = opts[:char_encoding].to_s
letion
ath}/#{report_name}.json", "w:#{char_encoding}") do |f|
nerate(results_hash).force_encoding(char_encoding)
ugs!!! \o/
DOCTYPE HTML>
co from https://0dayinc.com -->
n" href="data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAQAABIXAAASFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIkAAACJAgAAiSYAAIlbAACJcAAAiX0AAIlmAACJLQAAiQQAAIkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIkAAACJAAAAiS0AAIluAACJdwAAiXgAAIl+AACJeAAAiXQAAIk5AACJAQAAiQAAAAAAAAAAAAAAAAAAAAAAAACJAAAAiRgAAIlvAACJbQAAiXcAAIl7AACJcwAAiXEAAIl1AACJZwAAiR4AAIkAAACJAAAAAAAAAAAAAACJAAAAiQAAAIlEAACJfAAAiXIAAIlyAACJewAAiX4AAIl5AACJdQAAiXcAAIlIAACJAAAAiQAAAAAAAAAAAAAAiQAAAIkJAACJWQAAiXUAAIl9AACJdAAAiYYAAImLAACJdAAAiXkAAImNAACJfQAAiQwAAIkAAAAAAAAAAAAAAIkAAACJFQAAiWsAAIl2AACJfAAAiYIAAImCAACJfwAAiXYAAIl5AACJiQAAiYYAAIkWAACJAAAAAAAAAAAAAACJAAAAiSAAAIl2AACJeQAAiXkAAIl1AACJfwAAiYEAAIl8AACJbwAAiXoAAImBAACJFgAAiQAAAAAAAAAAAAAAiQAAAIkpAACJeAAAiXMAAIl3AACJeQAAiXUAAImAAACJfwAAiWYAAIl4AACJfwAAiR4AAIkAAAAAAAAAAAAAAIkAAACJKAAAiXkAAIlyAACJdQAAiXQAAIluAACJfAAAiXwAAIl3AACJewAAiXwAAIkvAACJAAAAAAAAAAAAAACJAAAAiSMAAIl4AACJdgAAiXsAAIl1AACJcQAAiXcAAIl6AACJeQAAiXoAAIl0AACJKQAAiQAAAAAAAAAAAAAAiQAAAIkXAACJaAAAiXgAAIl3AACJfAAAiXkAAIl3AACJZwAAiXcAAIl0AACJagAAiSgAAIkAAAAAAAAAAAAAAIkAAACJDgAAiV4AAIl5AACJbwAAiW4AAIl9AACJewAAiXcAAIl6AACJfQAAiW8AAIkWAACJAAAAAAAAAAAAAACJAAAAiQ0AAIllAACJewAAiXYAAIl4AACJdQAAiXUAAIl4AACJbQAAiXkAAIlNAACJAwAAiQAAAAAAAAAAAAAAiQAAAIkCAACJPQAAiXMAAIl2AACJeAAAiWgAAIlsAACJfQAAiXsAAIlwAACJGQAAiQAAAIkAAAAAAAAAAAAAAAAAAACJAAAAiQcAAIk4AACJXAAAiXoAAIl7AACJfAAAiYAAAIlsAACJJwAAiQMAAIkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIkAAACJAQAAiSsAAIluAACJewAAiXwAAIluAACJKgAAiQAAAIkAAAAAAAAAAAAAAAAA8A8AAPAHAADgBwAA4AcAAMADAADAAwAAwAMAAMADAADAAwAAwAMAAMADAADAAwAAwAMAAMAHAADgBwAA8B8AAA==" type="image/x-icon" />
y: Verdana, Geneva, sans-serif;
 11px;
-color: #FFFFFF;
4B8A !important;
74DF;
ation: none;
0404;
ation: none;
A9DB;
ation: underline;
0B5E;
ation: underline;
%;
cing:0px;
lign: top;
 break-word !important;
td {
-color: #FFF396 !important;
DataTables -->
/code.jquery.com/jquery-3.6.0.min.js"></script>
lesheet" type="text/css" href="//cdn.datatables.net/v/dt/dt-1.11.4/b-2.2.2/b-colvis-2.2.2/b-html5-2.2.2/b-print-2.2.2/cr-1.5.5/fc-4.0.1/fh-3.2.1/kt-2.6.4/r-2.2.9/rg-1.1.4/rr-1.2.8/sc-2.0.5/sp-1.4.0/sl-1.3.4/datatables.min.css"/>
text/javascript" src="//cdn.datatables.net/v/dt/dt-1.11.4/b-2.2.2/b-colvis-2.2.2/b-html5-2.2.2/b-print-2.2.2/cr-1.5.5/fc-4.0.1/fh-3.2.1/kt-2.6.4/r-2.2.9/rg-1.1.4/rr-1.2.8/sc-2.0.5/sp-1.4.0/sl-1.3.4/datatables.min.js"></script>
dy">
play:inline">
;<a href="https://github.com/0dayinc/pwn/tree/master">pwn network fuzzer</a>
 />
="button" id="export_selected">Export Selected to JSON</button>
lumn(s):</b>&nbsp;
ggle-vis" data-column="1" href="#">Timestamp</a>&nbsp;|&nbsp;
ggle-vis" data-column="2" href="#">Request</a>&nbsp;|&nbsp;
ggle-vis" data-column="3" href="#">Request Encoding</a>&nbsp;|&nbsp;
ggle-vis" data-column="4" href="#">Request Length</a>&nbsp;|&nbsp;
ggle-vis" data-column="5" href="#">Response</a>&nbsp;|&nbsp;
ggle-vis" data-column="6" href="#">Response Length</a>&nbsp;|&nbsp;
 Use space-separated keywords for AND search, prefix with - to exclude (e.g., "security -password"), or enclose in / / for regex (e.g., "/^important.*$/i").
wn_fuzz_net_app_proto" class="display" cellspacing="0">
/th>
mestamp</th>
quest</th>
quest Encoding</th>
quest Length</th>
sponse</th>
sponse Length</th>
="30px" />
="60px" />
="300px" />
="90px" />
="90px" />
="300px" />
="90px" />
ables <tbody> -->
tyEncode = $.fn.dataTable.render.text().display;
ready(function() {
rt = 0;
= $('#pwn_fuzz_net_app_proto').DataTable( {
: true,
enu": [10, 25, 50, 100, 250, 500, 1000, 2500, 5000],
ype": "full_numbers",
allback": function ( oSettings ) {
d to redo the counters if filtered or sorted */
Settings.bSorted || oSettings.bFiltered ) {
( var i=0, iLen=oSettings.aiDisplay.length ; i<iLen ; i++ ) {
'td:eq(0)', oSettings.aoData[ oSettings.aiDisplay[i] ].nTr ).html( i+1 );
p to top when utilizing pagination
Settings._iDisplayStart != oldStart ) {
targetOffset = $('#pwn_body').offset().top;
tml,body').animate({scrollTop: targetOffset}, 500);
tart = oSettings._iDisplayStart;
"#{report_name}.json",
Render": true,
fplitfpliS",
th": false,
: {
": "multi"
efs": [
ets: 4,
sName: 'dt-body-center'
ets: 6,
sName: 'dt-body-center'
": [
a": null },
a": "timestamp",
der": $.fn.dataTable.render.text()
a": "request",
der": $.fn.dataTable.render.text()
a": "request_encoding",
der": $.fn.dataTable.render.text()
a": "request_len",
der": $.fn.dataTable.render.text()
a": "response",
der": $.fn.dataTable.render.text()
a": "response_len",
der": $.fn.dataTable.render.text()
advanced search handling
bles_filter input').unbind();
bles_filter input').on('keyup', function() {
ch = $(this).val();
erFunc;
ch.match(/^\\/.*\\/$/)) {
regex = new RegExp(search.slice(1, -1), 'i');
erFunc = function(settings, data, dataIndex) {
r rowData = data.join(' ');
turn regex.test(rowData);
h (e) {
erFunc = function(settings, data, dataIndex) {
turn true;

sitives = [];
gatives = [];
rms = search.split(/\\s+/).filter(function(t) { return t.length > 0; });
ar i = 0; i < terms.length; i++) {
term = terms[i];
term.startsWith('-')) {
r cleanTerm = term.substring(1).toLowerCase();
 (cleanTerm) negatives.push(cleanTerm);
se {
sitives.push(term.toLowerCase());
Func = function(settings, data, dataIndex) {
rowData = data.join(' ').toLowerCase();
(var j = 0; j < positives.length; j++) {
 (!rowData.includes(positives[j])) return false;
(var k = 0; k < negatives.length; k++) {
 (rowData.includes(negatives[k])) return false;
rn true;
aTable.ext.search.pop();
aTable.ext.search.push(filterFunc);
arch('');
aw();
Columns
e-vis').on('click', function (e) {
tDefault();
he column API object
mn = table.column( $(this).attr('data-column') );
e the visibility
isible( ! column.visible() );
_selected').click( function () {
ctedRows = table.rows({ selected: true });
ctedRows.count() === 0) {
'No rows selected');
;
N(table.ajax.url(), function(original_json) {
lected_data = selectedRows.data().toArray();
al_json.data = selected_data;
on_str = JSON.stringify(original_json, null, 2);
ob = new Blob([json_str], { type: 'application/json' });
l = URL.createObjectURL(blob);
= document.createElement('a');
 = url;
load = (original_json.report_name || 'selected') + '.json';
nt.body.appendChild(a);
k();
nt.body.removeChild(a);
vokeObjectURL(url);
ath}/#{report_name}.html", 'w') do |f|
ort)
 => e

def self.help

def self.help
(
path,
results_hash,
 'optional - character encoding returned by PWN::Plugins::Char.list_encoders (defaults to UTF-8)'

Class Methods

Defined in

lib/pwn/reports/fuzz.rb