the-web-application-hackers-handbook

580 Chapter 14 n Automating Customized Attacks
This configuration includes the basic target information, creates a single
request parameter called PageNo, and configures our numeric payload source
to cycle through the range 10060 to 10080.
To cycle through a series of requests, potentially targeting multiple parameters,
we need to maintain some state. Let’s use a simple nextRequest method to
advance the state of our request engine, returning true until no more requests
remain:
// attack state
int currentParam = 0;
boolean nextRequest()
{
if (currentParam >= params.length)
return false;
if (!params[currentParam].attack)
{
currentParam++;
return nextRequest();
}
if (!payloads.nextPayload())
{
payloads.reset();
currentParam++;
return nextRequest();
}
}
return true;
This stateful request engine keeps track of which parameter we are currently
targeting and which attack payload to place into it. The next step is to actually
build a complete HTTP request using this information. This involves inserting
each type of parameter into the correct place in the request and adding any
other required headers:
String buildRequest()
{
// build parameters
StringBuffer urlParams = new StringBuffer();
StringBuffer cookieParams = new StringBuffer();
StringBuffer bodyParams = new StringBuffer();
for (int i = 0; i < params.length; i++)
{
String value = (i == currentParam) ?
payloads.getPayload() :
params[i].value;