Wednesday, July 2, 2008

Template for WebScarab Scripted



If you've ever used WebScarab and been interested in the scripted tab, here is a nice template to get you started. One of the problems with the default template is that it leaves a lot of work to just get the output displayed to the window. I created two easy helper methods (printRequest and printResponse) and also rearranged the layout to be easier to traverse. Edit the details at the bottom. It should be pretty clear.

Never used webscarab? Time to learn.

-Michael Coates

---




/* ======================================= */
/* Provided by http://michael-coates.blogspot.com */
/* ======================================= */

import org.owasp.webscarab.model.ConversationID;
import org.owasp.webscarab.model.HttpUrl;
import org.owasp.webscarab.model.Request;
import org.owasp.webscarab.model.Response;

// define subroutines BEFORE the main part of the script executes,
// otherwise they won't be found

void printRequest(Request request){
out.println("========");
out.println(request.getMethod());
out.println(request.getURL());
out.println(request.getVersion());
String[] headers=request.getHeaderNames();
for(String header : headers){
out.println(header+" : " + request.getHeader(header));
}
out.println("========");
}

void printResponse(Response response){
out.println("========");
out.println(response.getStatus());
out.println(response.getMessage());
//print the headers
String[] headers=response.getHeaderNames();
for(String header : headers){
out.println(header+" : " + response.getHeader(header));
}
out.println("");
//print the content
byte[] data=response.getContent();
String data_response=new String(data);
out.println(data_response);

out.println("========");
}
// call this to fetch the requests one after another
void fetchSequential() {
out.println("===================================");
while (hasMoreRequests()) {
request = getNextRequest();
printRequest(request);
response = scripted.fetchResponse(request);
printResponse(response);

//Print the time
Date now = new Date();
long nowLong = now.getTime();
out.println("Current Time " + nowLong);
out.println("");
}
//Print the time
Date now = new Date();
long nowLong = now.getTime();
out.println("Done - Current Time " + nowLong);
out.println("");
out.println("");
}

// call this to fetch them in parallel
// the number of simultaneous connections is controlled by the Scripting plugin
// It is currently fixed at 4 simultaneous requests
void fetchParallel() {
while (hasMoreRequests() || scripted.isAsyncBusy()) {
while (scripted.hasAsyncCapacity() && hasMoreRequests()) {
request = getNextRequest();
scripted.submitAsyncRequest(request);
printRequest(request);
}

if (scripted.hasAsyncResponse()) {
while (scripted.hasAsyncResponse()) {
response = scripted.getAsyncResponse();
request = response.getRequest();

}
} else Thread.sleep(100);
}
}

// a counter, so we can know when to stop
int i=0;
int TotalRequests;
boolean hasMoreRequests() {
return i < TotalRequests;
}

/******************************************************************************
***************** USER EDITABLE SCRIPT STARTS HERE ***************************
* *
* Of course, you can modify the bits above, but you shouldn't need *
* to, if you follow the algorithm suggested below. *
* *
******************************************************************************/
//====Set the number below equal to the total number of requests====
TotalRequests=3;

// modify this routine to construct the next request - no changes needed
Request getNextRequest() {
// create a new request copied from the template
Request request = new Request(template);
i++; //need to increment the counter
return request;
}

//====Edit this section====
// create a template that contains the basics
Request template = new Request();
template.setMethod("GET");
template.setURL(new HttpUrl("http://www.google.com"));
template.setVersion("HTTP/1.0");
template.setHeader("User-Agent","WebScarab");
template.setHeader("Host","www.google.com:80");
template.setHeader("Accept"," text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5");
template.setHeader("Accept-Language"," en-us,en;q=0.5");
template.setHeader("Accept-Encoding"," gzip,deflate");
template.setHeader("Accept-Charset"," ISO-8859-1,utf-8;q=0.7,*;q=0.7");
template.setHeader("Keep-Alive"," 300");
template.setHeader("Proxy-Connection"," keep-alive");
//template.setHeader("Cookie"," Some cookie values here");

//====Choose Sequential or Parallel Requests====
// Choose how to submit the requests, sequentially, or in parallel
//fetchSequential();
fetchParallel();