From 8fa77c21b5a53ac80ffc9f698fc6d258bfeed9b9 Mon Sep 17 00:00:00 2001 From: Dhrumil Mistry <56185972+dmdhrumilmistry@users.noreply.github.com> Date: Sat, 4 Nov 2023 12:43:36 +0530 Subject: [PATCH] use openapi v3 docs servers as host fix typo in regexs handle exception while running all tasks fix readme bump project --- README.md | 2 +- src/README.md | 2 ++ src/offat/openapi.py | 26 +++++++++++++++++++++++--- src/offat/tester/regexs.py | 2 +- src/offat/tester/test_runner.py | 9 ++++++++- src/pyproject.toml | 2 +- 6 files changed, 36 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index a396b9f..06c8543 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ OWASP OFFAT (OFFensive Api Tester) is created to automatically test API for common vulnerabilities after generating tests from openapi specification file. It provides feature to automatically fuzz inputs and use user provided inputs during tests specified via YAML config file. -![UnDocumented petstore API endpoint HTTP method results](/assets/images/tests/offat-v0.5.0.png) +![UnDocumented petstore API endpoint HTTP method results](./assets/images/tests/offat-v0.5.0.png) ## Demo diff --git a/src/README.md b/src/README.md index d2e138f..27b7140 100644 --- a/src/README.md +++ b/src/README.md @@ -171,6 +171,8 @@ The disclaimer advises users to use the open-source project for ethical and legi offat -f swagger_file.json -p http://localhost:8080 --no-ssl -o output.json ``` +> Make sure that proxy can handle multiple requests at the same time + - Use user provided inputs for generating tests ```bash diff --git a/src/offat/openapi.py b/src/offat/openapi.py index 2e76638..15b812f 100644 --- a/src/offat/openapi.py +++ b/src/offat/openapi.py @@ -17,12 +17,32 @@ def __init__(self, fpath:str, spec:dict=None) -> None: self._spec = self._parser.specification else: self._spec = spec - - self.host = self._spec.get('host') - self.http_scheme = 'https' if 'https' in self._spec.get('schemes') else 'http' + + self.hosts = [] + self._populate_hosts() + self.host = self.hosts[0] + + self.http_scheme = 'https' if 'https' in self._spec.get('schemes',[]) else 'http' self.base_url = f"{self.http_scheme}://{self.host}{self._spec.get('basePath','')}" self.request_response_params = self._get_request_response_params() + def _populate_hosts(self): + if self._spec.get('openapi'): # for openapi v3 + servers = self._spec.get('servers',[]) + hosts = [] + for server in servers: + host = server.get('url','').removeprefix('http://').removeprefix('http://').removesuffix('/') + host = None if host == '' else host + hosts.append(host) + else: + host = self._spec.get('host') # for swagger files + if not host: + logger.error('Invalid Host: Host is missing') + raise ValueError(f'Host Not Found in spec file') + hosts = [host] + + self.hosts = hosts + def _get_endpoints(self): '''Returns list of endpoint paths along with HTTP methods allowed''' diff --git a/src/offat/tester/regexs.py b/src/offat/tester/regexs.py index a4ff638..1fb9f39 100644 --- a/src/offat/tester/regexs.py +++ b/src/offat/tester/regexs.py @@ -6,7 +6,7 @@ 'ip': r'(?:\d{1,3}\.){3}\d{1,3}\b|\b(?:[A-Fa-f0-9]{1,4}:){7}[A-Fa-f0-9]{1,4}\b', 'ccn': r'\b\d{4}-\d{4}-\d{4}-\d{4}\b', 'jwtToken':r'(^|\s|")[A-Za-z0-9_-]{2,}(?:\.[A-Za-z0-9_-]{2,}){2}($|\s|")', - 'ato_data':r'\b(auth_code|otp|password|password_hash|auth_token|access_token|refresh_token|secret|session_id|key|pin|accessToken|refreshToken|authenticationCode|authentication_code|jwt|api_secret|apiSecret)\b' + 'ato_data':r'\b(auth_code|otp|password|password_hash|auth_token|access_token|refresh_token|secret|session_id|key|pin|accessToken|refreshToken|authenticationCode|authentication_code|jwt|api_secret|apiSecret)\b', # BRAZIL 'BrazilCPF':r'\b(\d{3}\.){2}\d{3}\-\d{2}\b', diff --git a/src/offat/tester/test_runner.py b/src/offat/tester/test_runner.py index 39e1db1..b2004fd 100644 --- a/src/offat/tester/test_runner.py +++ b/src/offat/tester/test_runner.py @@ -1,6 +1,7 @@ from asyncio import ensure_future, gather from aiohttp.client_exceptions import ClientProxyConnectionError from enum import Enum +from traceback import print_exc from ..http import AsyncRequests from ..logger import create_logger @@ -115,4 +116,10 @@ async def run_tests(self, test_tasks:list): ) ) - return await gather(*tasks) \ No newline at end of file + try: + results = await gather(*tasks) + return results + except Exception as e: + print(f'[*] Exception occurred while gathering results: {e}') + print_exc() + return [] \ No newline at end of file diff --git a/src/pyproject.toml b/src/pyproject.toml index 60e47cf..536be97 100644 --- a/src/pyproject.toml +++ b/src/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "offat" -version = "0.10.0" +version = "0.10.1" description = "Offensive API tester tool automates checks for common API vulnerabilities" authors = ["Dhrumil Mistry "] license = "MIT"