Fuzzing HTTP Request In Python With Scapy

What is Fuzzing ?

Fuzzing or Fuzz Testing is a testing technique which is used for finding bugs, coding errors or any security loopholes using injecting malformed or modifying data inside software or OS or Network.

What is Scapy ?

Scapy is packet manipulation tool for network.
It is able to decode or forge packets, send them over wire, capture the packets, send requests and replies, etc.

Fuzzing HTTP Get Request In Python With Scapy:

#Sample Fuzzing Script
import logging
logging.getLogger(“scapy.runtime”).setLevel(logging.ERROR)

from scapy.all import *
import sys

conf.L3socket
conf.L3socket=L3RawSocket

def main():
    syn = IP(dst=’localhost’) / TCP(dport=80, flags=’S’)
    syn_ack = sr1(syn, iface=’lo’)
    getStr = ‘GET / HTTP/1.1rnHost: localhostrnrn’
    request = IP(dst=’localhost’) / TCP(dport=80, sport=syn_ack[TCP].dport,
                 seq=syn_ack[TCP].ack, ack=syn_ack[TCP].seq + 1, flags=’A’) / getStr
    reply = sr1(request, iface=’lo’)
 
if __name__== “__main__”:
    main()

Test Cases and Response:

Modifying GET Request:

e.g., < getStr = ‘GET / HTTP/1111rnHost: localhostrnrn’ >

e.g., <getStr = ‘GET / HTTP/1111rnContent-Lenght: -1111rnHost: localhostrnrn >

e.g., <getStr = ‘GET / HTTP/1111rnAccept: png/txtrnHost: localhostrnrn’ >

e.g.,<getStr = ‘GET / HTTP/1111rnKeep-Alive: 10rnHost: localhostrnrn’>

e.g.,<getStr = ‘GET / HTTP/1111rnAccept-Encoding: jpeg. xmlrnHost: localhostrnrn’>