from boofuzz import *
import time

def post_test_callback(target, fuzz_data_logger, session, *args, **kwargs):

	target = target.recv(10000)
	#print(target) # debug if you want to see returned strings

	failed = bytes("500", 'utf-8')
	good = bytes("200", 'utf-8')
	page_not_found = bytes("404", 'utf-8')
	created = bytes('201', 'utf-8')
	ok = bytes("Status: OK", 'utf-8')
	not_ok = bytes("Status: Fail", 'utf-8')
	
	if failed in target:
		fuzz_data_logger.log_fail('500 banner')
		exit(1)
	elif good in target:
		fuzz_data_logger.log_pass('200 banner')
		return
	elif page_not_found in target:
		fuzz_data_logger.log_pass('404 Not Found')
		return
	elif created in target:
		fuzz_data_logger.log_pass('201 Found')
		return
	elif ok in target:
		fuzz_data_logger.log_pass('Good Status')
		return
	elif not_ok in target:
		fuzz_data_logger.log_fail('Bad Status')
		return
	else:
		fuzz_data_logger.log_fail('Other received')
		print ("Other response or failed")
		print(target)
		print("FAILED")
		exit(1)

def main():

	port = 8000
	host = 'localhost'
	protocol = 'tcp'

	fuzz_data_loggers = []

	csv_log = open('fuzz_results.csv', 'w+')
	fuzz_data_logger = [FuzzLoggerCsv(file_handle=csv_log)] 

	session = Session(
	    keep_web_open=False,
	    post_test_case_callbacks=[post_test_callback],
	    target=Target(connection = TCPSocketConnection(host, port),), 
	    fuzz_loggers=fuzz_data_logger,
	)
	
	s_initialize(name="Request")	
	s_static("POST / HTTP/1.1\r\n")
	s_static("Host: 127.0.0.1\r\n")
	s_static("Content-Length: ")
	s_size('post blob', output_format="ascii", signed=True, fuzzable=False)
	s_static("\r\n")
	s_static("Connection: ")
	s_string("keep-alive\r\n", fuzzable=False)
	s_static("Cache-Control: ")
	s_string("max-age=0\r\n", fuzzable=False)
	s_static("Origin: ")
	s_string("http://" + host + "\r\n", fuzzable=False)
	s_static("Upgrade-Insecure-Requests: ")
	s_string("1\r\n", fuzzable=False)
	s_static("Content-Type: ")
	s_string("application/x-www-form-urlencoded\r\n", fuzzable=False)
	s_static("User-Agent: ")
	s_string("My Host\r\n", fuzzable=False)
	s_static("Accept: ")
	s_string("text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\r\n", fuzzable=False)
	s_static("Referer: ")
	s_string("http://" + host + '/' + "\r\n", fuzzable=False)	
	s_static("Accept-Encoding: ")
	s_string("gzip, deflate\r\n", fuzzable=False)	
	s_static("Accept-Language: ")
	s_string("en-US,en;q=0.9\r\n\r\n", fuzzable=False)
	
	if s_block_start("post blob"):
	  s_byte(0x41, name ='blah1', signed=False, full_range=True, fuzzable=True)
	  s_byte(0x42, name ='blah2', signed=False, full_range=True, fuzzable=True)
#	  s_word(0x4343, name ='blah3', signed=False, full_range=False, fuzzable=True)
	s_block_end()
	
	print ("Boo: Connecting...")
	session.connect(s_get("Request"))
	
	print ("Boo: Start Fuzzing...")

	session.fuzz()
	print ("Boo: Fuzzing Complete")

if __name__ == "__main__":
    main()