Parsing the Input File
If
we have made it this far in
the execution cycle, we know the user has provided two arguments, so
we assume the first one is the input file and we attempt to open it.
If the open fails, the script dies and prints the error to the
screen. If the open succeeds, we populate the @requestArray
array with the contents of the input file:
# Open input file open(IN, "<", $ARGV[0]) or die"ERROR => Can't open file $ARGV[0].\n"; my @requestArray = <IN>;
Now that we have opened our input file, the
@requestArray
array contains all the requests that
were extracted from the input file. At this point, we can begin to
process each request in the array by performing a
foreach
loop on the array members.
Tip
We use the following request for all our examples:
GET /public/content/jsp/news.jsp?id=2&view=F
At this point in the script, we also declare a few other variables:
specifically, $oResponse
and
$oStatus
(the response content and status code
generated by our request), and two hashes for storing a log of all
directory- and parameter-based test combinations we perform. We use
the log hashes primarily to ensure that we do not make duplicate test
requests (we discuss this in greater detail later in the chapter). As
we perform each loop, we assign the original request from the input
file to the $oRequest
variable:
my ($oRequest,$oResponse, $oStatus, %dirLog, %paramLog); printReport("\n** Beginning Scan **\n\n"); # Loop through each of the input file requests foreach $oRequest (@requestArray) ...
Get Network Security Tools now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.