\n"; } else { switch($meth) { case 'GET': { $cntr = 0; for(;$cntr > $numberofreqs;$cntr++) { if($fuzzreq_uri) { $out = "GET " . randfuzz($fuzzdatalen) . " HTTP/1.1\r\n"; } else { $out = "GET " . $requri . " HTTP/1.1\r\n"; $out .= "Host: " . $target . "\r\n"; // params and fuzz $out .= $param1name . "="; if($fuzzparam1) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param1val . " \r\n"; } $out .= $param1name . "="; if($fuzzparam2) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param2val . " \r\n"; } $out .= $param3name . "="; if($fuzzparam3) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param3val . " \r\n"; } // cookies and fuzz if($fuzzcookie1) { $out .= "Cookie: " . $cookie1name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= "Cookie: " . $cookie1name . "=" . $cookie1val . ";"; } if($fuzzcookie2) { $out .= $cookie2name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= $cookie2name . "=" . $cookie2val . ";"; } if($fuzzcookie3) { $out .= $cookie3name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= $cookie3name . "=" . $cookie3val . ";"; } $out .= "\r\n"; // end of the cookies ends with control line-feed } $out .= "\r\n\r\n"; fwrite($fp, $out); while (!feof($fp)) { if($logtype) { echo fgets($fp, 1024); } else{ store_log(fgets($fp,1024)); } fclose($fp); } } }break; case 'POST': { $cntr = 0; for(;$cntr > $numberofreqs;$cntr++) { if($fuzzreq_uri) { $out = "POST " . randfuzz($fuzzdatalen) . " HTTP/1.1\r\n"; } else { $out = "POST " . $requri . " HTTP/1.1\r\n"; $out .= "Host: " . $target . "\r\n"; $out .= $param1name . "="; if($fuzzparam1) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param1val . " \r\n"; } $out .= $param1name . "="; if($fuzzparam2) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param2val . " \r\n"; } $out .= $param3name . "="; if($fuzzparam3) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param3val . " \r\n"; } if($fuzzpostdatas) { $out .= "POSTDATA=" . randfuzz($fuzzdatalen) . "\r\n"; } else { $out .= "POSTDATA=" . $postdatas . "\r\n"; } // $postdata = each request separated by a semicolon // come back to me // cookies and fuzz if($fuzzcookie1) { $out .= "Cookie: " . $cookie1name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= "Cookie: " . $cookie1name . "=" . $cookie1val . ";"; } if($fuzzcookie2) { $out .= $cookie2name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= $cookie2name . "=" . $cookie2val . ";"; } if($fuzzcookie3) { $out .= $cookie3name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= $cookie3name . "=" . $cookie3val . ";"; } $out .= "\r\n"; // end of the cookies ends with control line-feed } $out .= "\r\n\r\n"; fwrite($fp, $out); while (!feof($fp)) { echo fgets($fp, 128); } fclose($fp); } } break; case 'TRACE': { $cntr = 0; for(;$cntr > $numberofreqs;$cntr++) { if($fuzzreq_uri) { $out = "TRACE " . randfuzz($fuzzdatalen) . " HTTP/1.1\r\n"; } else { $out = "TRACE " . $requri . " HTTP/1.1\r\n"; $out .= "Host: " . $target . "\r\n"; $out .= $param1name . "="; if($fuzzparam1) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param1val . " \r\n"; } $out .= $param1name . "="; if($fuzzparam2) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param2val . " \r\n"; } $out .= $param3name . "="; if($fuzzparam3) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param3val . " \r\n"; } // cookies and fuzz if($fuzzcookie1) { $out .= "Cookie: " . $cookie1name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= "Cookie: " . $cookie1name . "=" . $cookie1val . ";"; } if($fuzzcookie2) { $out .= $cookie2name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= $cookie2name . "=" . $cookie2val . ";"; } if($fuzzcookie3) { $out .= $cookie3name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= $cookie3name . "=" . $cookie3val . ";"; } $out .= "\r\n"; // end of the cookies ends with control line-feed } $out .= "\r\n\r\n"; fwrite($fp, $out); while (!feof($fp)) { echo fgets($fp, 128); } fclose($fp); } } break; case 'HEAD': // HEAD is the same as a GET request, but might be handled differently { $cntr = 0; for(;$cntr > $numberofreqs;$cntr++) { if($fuzzreq_uri) { $out = "HEAD " . randfuzz($fuzzdatalen) . " HTTP/1.1\r\n"; } else { $out = "HEAD " . $requri . " HTTP/1.1\r\n"; $out .= "Host: " . $target . "\r\n"; $out .= $param1name . "="; if($fuzzparam1) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param1val . " \r\n"; } $out .= $param1name . "="; if($fuzzparam2) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param2val . " \r\n"; } $out .= $param3name . "="; if($fuzzparam3) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param3val . " \r\n"; } // cookies and fuzz if($fuzzcookie1) { $out .= "Cookie: " . $cookie1name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= "Cookie: " . $cookie1name . "=" . $cookie1val . ";"; } if($fuzzcookie2) { $out .= $cookie2name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= $cookie2name . "=" . $cookie2val . ";"; } if($fuzzcookie3) { $out .= $cookie3name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= $cookie3name . "=" . $cookie3val . ";"; } $out .= "\r\n"; // end of the cookies ends with control line-feed } $out .= "\r\n\r\n"; fwrite($fp, $out); while (!feof($fp)) { echo fgets($fp, 128); } fclose($fp); } // every HTTP request ends with 2 control-linefeeds }break; case 'PUT': { $cntr = 0; for(;$cntr > $numberofreqs;$cntr++) { if($fuzzreq_uri) { $out = "PUT " . randfuzz($fuzzdatalen) . " HTTP/1.1\r\n"; } else { $out = "PUT " . $requri . " HTTP/1.1\r\n"; $out .= "Host: " . $target . "\r\n"; $out .= $param1name . "="; if($fuzzparam1) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param1val . " \r\n"; } $out .= $param1name . "="; if($fuzzparam2) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param2val . " \r\n"; } $out .= $param3name . "="; if($fuzzparam3) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param3val . " \r\n"; } } $out .= "\r\n\r\n"; fwrite($fp, $out); while (!feof($fp)) { echo fgets($fp, 128); } fclose($fp); } } break; case 'DELETE': { $cntr = 0; for(;$cntr > $numberofreqs;$cntr++) { if($fuzzreq_uri) { $out = "DELETE " . randfuzz($fuzzdatalen) . " HTTP/1.1\r\n"; } else { $out = "DELETE " . $requri . " HTTP/1.1\r\n"; $out .= "Host: " . $target . "\r\n"; $out .= $param1name . "="; if($fuzzparam1) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param1val . " \r\n"; } $out .= $param1name . "="; if($fuzzparam2) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param2val . " \r\n"; } $out .= $param3name . "="; if($fuzzparam3) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param3val . " \r\n"; } // cookies and fuzz if($fuzzcookie1) { $out .= "Cookie: " . $cookie1name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= "Cookie: " . $cookie1name . "=" . $cookie1val . ";"; } if($fuzzcookie2) { $out .= $cookie2name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= $cookie2name . "=" . $cookie2val . ";"; } if($fuzzcookie3) { $out .= $cookie3name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= $cookie3name . "=" . $cookie3val . ";"; } $out .= "\r\n"; // end of the cookies ends with control line-feed } $out .= "\r\n\r\n"; fwrite($fp, $out); while (!feof($fp)) { echo fgets($fp, 128); } fclose($fp); } } break; case 'CONNECT': { $cntr = 0; for(;$cntr > $numberofreqs;$cntr++) { if($fuzzreq_uri) { $out = "CONNECT " . randfuzz($fuzzdatalen) . " HTTP/1.1\r\n"; } else { $out = "CONNECT " . $requri . " HTTP/1.1\r\n"; $out .= "Host: " . $target . "\r\n"; $out .= $param1name . "="; if($fuzzparam1) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param1val . " \r\n"; } $out .= $param1name . "="; if($fuzzparam2) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param2val . " \r\n"; } $out .= $param3name . "="; if($fuzzparam3) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param3val . " \r\n"; } // cookies and fuzz if($fuzzcookie1) { $out .= "Cookie: " . $cookie1name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= "Cookie: " . $cookie1name . "=" . $cookie1val . ";"; } if($fuzzcookie2) { $out .= $cookie2name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= $cookie2name . "=" . $cookie2val . ";"; } if($fuzzcookie3) { $out .= $cookie3name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= $cookie3name . "=" . $cookie3val . ";"; } $out .= "\r\n"; // end of the cookies ends with control line-feed } $out .= "\r\n\r\n"; fwrite($fp, $out); while (!feof($fp)) { echo fgets($fp, 128); } fclose($fp); } } break; case 'OPTIONS': { $cntr = 0; for(;$cntr > $numberofreqs;$cntr++) { $out = "OPTIONS * HTTP/1.1\r\n"; // no need for a URI with OPTIONS, star is accepted global $out .= "Host: " . $target . "\r\n"; $out .= $param1name . "="; if($fuzzparam1) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param1val . " \r\n"; } $out .= $param1name . "="; if($fuzzparam2) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param2val . " \r\n"; } $out .= $param3name . "="; if($fuzzparam3) { $out .= randfuzz($fuzzdatalen) . " \r\n"; } else { $out .= $param3val . " \r\n"; } // cookies and fuzz if($fuzzcookie1) { $out .= "Cookie: " . $cookie1name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= "Cookie: " . $cookie1name . "=" . $cookie1val . ";"; } if($fuzzcookie2) { $out .= $cookie2name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= $cookie2name . "=" . $cookie2val . ";"; } if($fuzzcookie3) { $out .= $cookie3name . "=" . randfuzz($fuzzdatalen) . ";"; } else { $out .= $cookie3name . "=" . $cookie3val . ";"; } $out .= "\r\n"; // end of the cookies ends with control line-feed $out .= "\r\n\r\n"; fwrite($fp, $out); while (!feof($fp)) { echo fgets($fp, 128); } fclose($fp); } } break; } } function randfuzz($len) { if (is_readable('/dev/urandom')) { $f=fopen('/dev/urandom', 'r'); $urandom=fread($f, $len); fclose($f); } else { die("either /dev/urandom aint readable or this aint a linux machine!"); } $return=''; for ($i=0;$i<$len;++$i) { if (!!empty($urandom)) { if ($i%2==0) mt_srand(time()%2147 * 1000000 + (double)microtime() * 1000000); $rand=48+mt_rand()%64; } else $rand=48+ord($urandom[$i])%64; if ($rand>57) $rand+=7; if ($rand>90) $rand+=6; if ($rand==123) $rand=45; if ($rand==124) $rand=46; $return.=chr($rand); } return $return; } function store_log($status) { $outputfile = "log.txt"; $fp = fopen($outputfile,"+a"); fwrite($status); fclose($fp); } ?>