|
|
||
|---|---|---|
| lib | ||
| SecLists@abfb39df60 | ||
| .gitignore | ||
| .gitlab-ci.yml | ||
| .gitmodules | ||
| .woodpecker.yml | ||
| all-extensionless.txt | ||
| Common-PHP-Filenames.txt | ||
| CommonBackdoors-PHP.fuzz.txt | ||
| Gemfile | ||
| Gemfile.lock | ||
| google.rb | ||
| LICENSE | ||
| Rakefile | ||
| README.md | ||
| web-extensions.txt | ||
DVWA Fuzzer
This is a project intended to test the DVWA project, for SWEN-331.
This is explicitly built around the RIT Software Engineering department's variation of DVWA, available on Dockerhub as andymeneely/swen331fuzzer.
This project is built in Ruby, and uses the dependency management system Bundler (which comes pre-installed with Ruby). Once you have Ruby installed, run the following command in the root of this project:
bundle install
To run the script directly, call the script (located in lib/) directly, like so.
ruby lib/fuzzer.rb discover http://localhost --custom-auth=dvwa
Alternatively, for both ease of use and to follow Ruby project structure conventions, this can be run by running the following command.
rake run["http://localhost","dvwa"]
This runs the command using the Ruby Make file system rake.
The brackets shown are used to pass the arguments through rake to the command, and are not explicitly necessary.
Running without the brackets, or without some information in the brackets, results in falling back to the default values of http://localhost for the URL to access, and no custom auth argument.