module PWN::Plugins::Fuzz

def self.socket(opts = {})
get].to_s.scrub
.to_i
rotocol]
l? ? encoding = nil : encoding = opts[:encoding].to_s.strip.chomp.scrub.downcase.to_sym
th].nil? ? encoding_depth = 1 : encoding_depth = opts[:encoding_depth].to_i
g].nil? ? char_encoding = 'UTF-8' : char_encoding = opts[:char_encoding].to_s
er].nil? ? fuzz_delimeter = "\u2665" : fuzz_delimeter = opts[:fuzz_delimeter]
quest].to_s.encode(char_encoding, 'UTF-8')
yload].to_s.encode(char_encoding, 'UTF-8')
pth > 1
_depth).each do
Base64.strict_encode64(payload)
se64.strict_encode64(payload)
pth > 1
_depth).each do
d = ''
ch_byte { |b| hex_payload = "#{hex_payload}#{format('\x%02x', b)}" }
hex_payload
= ''
_byte { |b| hex_payload = "#{hex_payload}#{format('\x%02x', b)}" }
x_payload
y
pth > 1
_depth).each do
HTMLEntities.new.encode(payload)
MLEntities.new.encode(payload)
pth > 1
_depth).each do
CGI.escape(payload)
I.escape(payload)
g type: #{encoding} not supported."
eout].nil? ? response_timeout = 0.9 : response_timeout = opts[:response_timeout].to_f
_limit].nil? ? request_rate_limit = 0.3 : request_rate_limit = opts[:request_rate_limit].to_f
s_arr = []
ter index numbers in request
x_arr = []
with_index do |char, char_index|
dex_arr.push(char_index) if char == fuzz_delimeter
dex_arr should always return an even length,
quest is missing a fuzz delimeter.
x_arr.each_slice(2).with_index do |placeholder_slice, placeholder_slice_index|
_result = {}
_index_shift_width = placeholder_slice_index * 2
_index = placeholder_slice[0].to_i - begin_delim_char_index_shift_width
ndex_shift_width = (placeholder_slice_index * 2) + 2
ndex = placeholder_slice[1].to_i - end_delim_char_index_shift_width
equest.dup.delete(fuzz_delimeter).encode(char_encoding, 'UTF-8')
r_index.positive?
egin_delim_char_index..end_delim_char_index] = payload
char_index should always be 0
egin_delim_char_index] = payload
Plugins::Sock.connect(
,
ocol,
_result[:timestamp] = Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s
_result[:request] = this_request
_result[:request_encoding] = this_request.encoding.name
_result[:request_len] = this_request.length
oad in its rawest form (as long as it will undump first)
his_request.encode('ASCII-8BIT', undef: :replace).undump)
ock_obj.wait_readable(response_timeout)
k_obj.read
 response.length
zz_result[:response] = response.to_s.inspect
zz_result[:response_len] = response_len
zz_result[:response] = ''
zz_result[:response_len] = 0
te_limit
Plugins::Sock.disconnect(sock_obj: sock_obj)
o file once array reaches max length (avoid memory consumption issues)
lts_arr.push(this_socket_fuzz_result)
NRESET => e
sage
_result[:response] = response
_result[:response_len] = response.length
te_limit
Plugins::Sock.disconnect(sock_obj: sock_obj) unless sock_obj.nil?
o file once array reaches max length (avoid memory consumption issues)
lts_arr.push(this_socket_fuzz_result)
or => e
class}: #{e.message} #{e.backtrace}"
_result[:response] = response
_result[:response_len] = response.length
te_limit
Plugins::Sock.disconnect(sock_obj: sock_obj) unless sock_obj.nil?
o file once array reaches max length (avoid memory consumption issues)
lts_arr.push(this_socket_fuzz_result)
s_arr
 => e
ugins::Sock.disconnect(sock_obj: sock_obj) unless sock_obj.nil?