{
"cells": [
{
"attachments": {},
"cell_type": "markdown",
"metadata": {
"button": false,
"new_sheet": false,
"run_control": {
"read_only": false
},
"slideshow": {
"slide_type": "slide"
}
},
"source": [
"# Testing Web Applications\n",
"\n",
"In this chapter, we explore how to generate tests for Graphical User Interfaces (GUIs), notably on Web interfaces. We set up a (vulnerable) Web server and demonstrate how to systematically explore its behavior – first with handwritten grammars, then with grammars automatically inferred from the user interface. We also show how to conduct systematic attacks on these servers, notably with code and SQL injection."
]
},
{
"cell_type": "code",
"execution_count": 1,
"metadata": {
"execution": {
"iopub.execute_input": "2024-01-18T17:26:54.625820Z",
"iopub.status.busy": "2024-01-18T17:26:54.625670Z",
"iopub.status.idle": "2024-01-18T17:26:54.661029Z",
"shell.execute_reply": "2024-01-18T17:26:54.660727Z"
},
"slideshow": {
"slide_type": "skip"
}
},
"outputs": [
{
"data": {
"text/html": [
"\n",
" \n",
" "
],
"text/plain": [
"
\n",
" We will send {item_name} to {name} in {city}, {zip}
\n",
" A confirmation mail will be sent to {email}.\n",
"
\n", " Want more swag? Use our order form!\n", "
\n", "\n",
" We will send One FuzzingBook Rotary Hammer to Jane Doe in Seattle, 98104
\n",
" A confirmation mail will be sent to doe@example.com.\n",
"
\n", " Want more swag? Use our order form!\n", "
\n", "\n", " The content of this project is licensed under the\n", " Creative Commons\n", " Attribution-NonCommercial-ShareAlike 4.0 International License.\n", "
\n", "\n", " To place an order, use our order form.\n", "
\n", "\n", " The content of this project is licensed under the\n", " Creative Commons\n", " Attribution-NonCommercial-ShareAlike 4.0 International License.\n", "
\n", "\n", " To place an order, use our order form.\n", "
\n", "\n", " This page does not exist. Try our order form instead.\n", "
\n", "\n", " This page does not exist. Try our order form instead.\n", "
\n", "\n", " The server has encountered an internal error. Go to our order form.\n", "
{error_message}\n", " \n", "
\n", " The server has encountered an internal error. Go to our order form.\n", "
{error_message}\n", " \n", "
' +\n", " message +\n", " \"\"))\n", " else:\n", " print(terminal_escape(message))" ] }, { "cell_type": "code", "execution_count": 46, "metadata": { "execution": { "iopub.execute_input": "2024-01-18T17:26:54.853519Z", "iopub.status.busy": "2024-01-18T17:26:54.853415Z", "iopub.status.idle": "2024-01-18T17:26:54.855598Z", "shell.execute_reply": "2024-01-18T17:26:54.855304Z" }, "slideshow": { "slide_type": "fragment" } }, "outputs": [ { "data": { "text/html": [ "
I am a httpd server message" ], "text/plain": [ "
I am another message" ], "text/plain": [ "
I am one more message" ], "text/plain": [ "
%s' % (url, url)))\n", " else:\n", " print(terminal_escape(url))" ] }, { "cell_type": "code", "execution_count": 59, "metadata": { "execution": { "iopub.execute_input": "2024-01-18T17:26:55.988752Z", "iopub.status.busy": "2024-01-18T17:26:55.988640Z", "iopub.status.idle": "2024-01-18T17:26:55.990906Z", "shell.execute_reply": "2024-01-18T17:26:55.990657Z" }, "slideshow": { "slide_type": "subslide" } }, "outputs": [ { "data": { "text/html": [ "
http://127.0.0.1:8800" ], "text/plain": [ "
127.0.0.1 - - [18/Jan/2024 18:26:56] \"GET / HTTP/1.1\" 200 -\n", "" ], "text/plain": [ "
127.0.0.1 - - [18/Jan/2024 18:26:56] INSERT INTO orders VALUES ('tshirt', 'Jane Doe', 'doe@example.com', 'Seattle', '98104')\n", "" ], "text/plain": [ "
127.0.0.1 - - [18/Jan/2024 18:26:56] \"GET /order?item=tshirt&name=Jane+Doe&email=doe%40example.com&city=Seattle&zip=98104 HTTP/1.1\" 200 -\n", "" ], "text/plain": [ "
\n",
" We will send One FuzzingBook T-Shirt to Jane Doe in Seattle, 98104
\n",
" A confirmation mail will be sent to doe@example.com.\n",
"
\n", " Want more swag? Use our order form!\n", "
\n", "127.0.0.1 - - [18/Jan/2024 18:26:56] \"GET /some/other/path HTTP/1.1\" 404 -\n", "" ], "text/plain": [ "
\n", " This page does not exist. Try our order form instead.\n", "
\n", "127.0.0.1 - - [18/Jan/2024 18:26:56] INSERT INTO orders VALUES ('lockset', 'Jane Doe', 'j_smith@example.com', 'Seattle', '16631')\n", "" ], "text/plain": [ "
127.0.0.1 - - [18/Jan/2024 18:26:56] \"GET /order?item=lockset&name=Jane+Doe&email=j_smith%40example.com&city=Seattle&zip=16631 HTTP/1.1\" 200 -\n", "" ], "text/plain": [ "
\n",
" We will send One FuzzingBook Lock Set to Jane Doe in Seattle, 16631
\n",
" A confirmation mail will be sent to j_smith@example.com.\n",
"
\n", " Want more swag? Use our order form!\n", "
\n", "127.0.0.1 - - [18/Jan/2024 18:26:56] \"GET /order?item=drill&nae=Jane+Doe&email=j.doe%40example.com&city=Seattle&zip=45732 HTTP/1.1\" 500 -\n", "" ], "text/plain": [ "
127.0.0.1 - - [18/Jan/2024 18:26:56] Traceback (most recent call last):\n", " File \"/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_79707/3183845167.py\", line 8, in do_GET\n", " self.handle_order()\n", " File \"/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_79707/1342827050.py\", line 4, in handle_order\n", " self.store_order(values)\n", " File \"/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_79707/1382513861.py\", line 5, in store_order\n", " sql_command = \"INSERT INTO orders VALUES ('{item}', '{name}', '{email}', '{city}', '{zip}')\".format(**values)\n", "KeyError: 'name'\n", "" ], "text/plain": [ "
\n", " The server has encountered an internal error. Go to our order form.\n", "
Traceback (most recent call last):\n", " File \"/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_79707/3183845167.py\", line 8, in do_GET\n", " self.handle_order()\n", " File \"/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_79707/1342827050.py\", line 4, in handle_order\n", " self.store_order(values)\n", " File \"/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_79707/1382513861.py\", line 5, in store_order\n", " sql_command = \"INSERT INTO orders VALUES ('{item}', '{name}', '{email}', '{city}', '{zip}')\".format(**values)\n", "KeyError: 'name'\n", "\n", " \n", "
127.0.0.1 - - [18/Jan/2024 18:26:56] \"GET /order HTTP/1.1\" 500 -\n", "" ], "text/plain": [ "
127.0.0.1 - - [18/Jan/2024 18:26:56] Traceback (most recent call last):\n", " File \"/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_79707/3183845167.py\", line 8, in do_GET\n", " self.handle_order()\n", " File \"/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_79707/1342827050.py\", line 4, in handle_order\n", " self.store_order(values)\n", " File \"/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_79707/1382513861.py\", line 5, in store_order\n", " sql_command = \"INSERT INTO orders VALUES ('{item}', '{name}', '{email}', '{city}', '{zip}')\".format(**values)\n", "KeyError: 'item'\n", "" ], "text/plain": [ "
\n", " The server has encountered an internal error. Go to our order form.\n", "
Traceback (most recent call last):\n", " File \"/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_79707/3183845167.py\", line 8, in do_GET\n", " self.handle_order()\n", " File \"/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_79707/1342827050.py\", line 4, in handle_order\n", " self.store_order(values)\n", " File \"/var/folders/n2/xd9445p97rb3xh7m1dfx8_4h0006ts/T/ipykernel_79707/1382513861.py\", line 5, in store_order\n", " sql_command = \"INSERT INTO orders VALUES ('{item}', '{name}', '{email}', '{city}', '{zip}')\".format(**values)\n", "KeyError: 'item'\n", "\n", " \n", "
127.0.0.1 - - [18/Jan/2024 18:26:56] \"GET / HTTP/1.1\" 200 -\n", "" ], "text/plain": [ "