diff --git a/src/offat/http.py b/src/offat/http.py index f5584bc..01b06bc 100644 --- a/src/offat/http.py +++ b/src/offat/http.py @@ -13,7 +13,7 @@ import aiohttp.resolver aiohttp.resolver.DefaultResolver = aiohttp.resolver.AsyncResolver -if os_name == "nt": +if os_name == 'nt': asyncio.set_event_loop_policy(asyncio.WindowsSelectorEventLoopPolicy()) @@ -89,10 +89,13 @@ def __init__( @retry( stop=stop_after_attempt(3), retry=retry_if_not_exception_type( - KeyboardInterrupt or asyncio.exceptions.CancelledError + ( + KeyboardInterrupt, + asyncio.exceptions.CancelledError, + ), ), ) - async def request(self, url: str, *args, method: str = "GET", **kwargs) -> dict: + async def request(self, url: str, *args, method: str = 'GET', **kwargs) -> dict: """Send HTTP requests asynchronously Args: @@ -105,26 +108,10 @@ async def request(self, url: str, *args, method: str = "GET", **kwargs) -> dict: """ async with self._limiter: async with ClientSession( - headers=self._headers, timeout=self._timeout + headers=self._headers, + timeout=self._timeout, ) as session: - method = str(method).upper() - match method: - case "GET": - req_method = session.get - case "POST": - req_method = session.post - case "PUT": - req_method = session.put - case "PATCH": - req_method = session.patch - case "HEAD": - req_method = session.head - case "OPTIONS": - req_method = session.options - case "DELETE": - req_method = session.delete - case _: - req_method = session.get + req_method = getattr(session, method.lower(), session.get) async with req_method( url, @@ -135,14 +122,14 @@ async def request(self, url: str, *args, method: str = "GET", **kwargs) -> dict: **kwargs, ) as response: resp_data = { - "status": response.status, - "req_url": str(response.request_info.real_url), - "query_url": str(response.url), - "req_method": response.request_info.method, - "req_headers": dict(**response.request_info.headers), - "res_redirection": str(response.history), - "res_headers": dict(response.headers), - "res_body": await response.text(), + 'status': response.status, + 'req_url': str(response.request_info.real_url), + 'query_url': str(response.url), + 'req_method': response.request_info.method, + 'req_headers': dict(**response.request_info.headers), + 'res_redirection': str(response.history), + 'res_headers': dict(response.headers), + 'res_body': await response.text(), } return resp_data diff --git a/src/offat/tester/handler.py b/src/offat/tester/handler.py index 5ab72ac..44bf376 100644 --- a/src/offat/tester/handler.py +++ b/src/offat/tester/handler.py @@ -69,6 +69,7 @@ def generate_and_run_tests( rate_limit=rate_limit, headers=req_headers, proxies=proxies, + ssl_verify=ssl_verify, ) results: list = [] diff --git a/src/offat/tester/runner.py b/src/offat/tester/runner.py index 0e904f9..d61fbdb 100644 --- a/src/offat/tester/runner.py +++ b/src/offat/tester/runner.py @@ -2,6 +2,7 @@ from asyncio.exceptions import CancelledError from enum import Enum from sys import exc_info, exit +from traceback import format_exc from rich.progress import Progress, TaskID from ..http import AsyncRequests @@ -30,7 +31,7 @@ def __init__( rate_limit=rate_limit, headers=headers, proxies=proxies, - ssl_verify=ssl_verify + ssl_verify=ssl_verify, ) self.progress = Progress(console=console) self.progress_task_id: TaskID | None = None @@ -147,8 +148,9 @@ async def send_request(self, test_task: dict): test_result['error'] = True logger.debug('Exception Debug Data:', exc_info=exc_info()) + logger.debug(format_exc()) + logger.debug(locals()) logger.error('Unable to send request due to error: %s', e) - logger.error(locals()) # generate curl command for reproducing result test_result['curl_command'] = result_to_curl(test_result) diff --git a/src/pyproject.toml b/src/pyproject.toml index 2236f93..692034c 100644 --- a/src/pyproject.toml +++ b/src/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "offat" -version = "0.19.2" +version = "0.19.3" description = "Offensive API tester tool automates checks for common API vulnerabilities" authors = ["Dhrumil Mistry "] license = "MIT"