From d2e0d8bbad27c94bf8374ed42a12aec0e2e31cfc Mon Sep 17 00:00:00 2001
From: javi <xmendez@edge-security.com>
Date: Mon, 2 Nov 2020 14:32:42 +0100
Subject: [PATCH] burplog test and fix

---
 src/wfuzz/plugins/payloads/burplog.py |   2 +-
 tests/plugins/test_burplog.py         | 132 ++++++++++++++++++++++++++
 2 files changed, 133 insertions(+), 1 deletion(-)
 create mode 100644 tests/plugins/test_burplog.py

diff --git a/src/wfuzz/plugins/payloads/burplog.py b/src/wfuzz/plugins/payloads/burplog.py
index 4ece4f20..9664e96f 100644
--- a/src/wfuzz/plugins/payloads/burplog.py
+++ b/src/wfuzz/plugins/payloads/burplog.py
@@ -113,7 +113,7 @@ def parse_burp_log(self, burp_log):
                     if rl == CRLF:
                         fr = FuzzRequest()
                         fr.update_from_raw_http(
-                            raw_request, host[: host.find("://")], raw_response
+                            raw_request, host[: host.find("://")], raw_response.rstrip()
                         )
                         frr = FuzzResult(history=fr)
 
diff --git a/tests/plugins/test_burplog.py b/tests/plugins/test_burplog.py
new file mode 100644
index 00000000..b8febb6c
--- /dev/null
+++ b/tests/plugins/test_burplog.py
@@ -0,0 +1,132 @@
+import pytest
+import sys
+from io import BytesIO
+
+import wfuzz
+from wfuzz.facade import Facade
+
+try:
+    # Python >= 3.3
+    from unittest import mock
+except ImportError:
+    # Python < 3.3
+    import mock
+
+
+@pytest.fixture
+def burp_log_raw():
+    return """======================================================
+22:35:55  https://aus5.mozilla.org:443  [35.244.181.201]
+======================================================
+GET /update/3/SystemAddons/81.0/20200917005511/Linux_x86_64-gcc3/null/release-cck-ubuntu/Linux%205.4.0-48-generic%20(GTK%203.24.20%2Clibpulse%2013.99.0)/canonical/1.0/update.xml HTTP/1.1
+Host: aus5.mozilla.org
+User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:81.0) Gecko/20100101 Firefox/81.0
+Accept: */*
+Accept-Language: en-GB,en;q=0.5
+Accept-Encoding: gzip, deflate
+Cache-Control: no-cache
+Pragma: no-cache
+Connection: close
+
+
+======================================================
+HTTP/1.1 200 OK
+Server: nginx/1.17.9
+Date: Sun, 01 Nov 2020 21:35:08 GMT
+Content-Type: text/xml; charset=utf-8
+Content-Length: 42
+Strict-Transport-Security: max-age=31536000;
+X-Content-Type-Options: nosniff
+Content-Security-Policy: default-src 'none'; frame-ancestors 'none'
+X-Proxy-Cache-Status: EXPIRED
+Via: 1.1 google
+Age: 47
+Cache-Control: public, max-age=90
+Alt-Svc: clear
+Connection: close
+
+<?xml version="1.0"?>
+<updates>
+</updates>
+======================================================
+
+
+
+"""
+
+
+class mock_saved_session(object):
+    def __init__(self, infile):
+        self.outfile = BytesIO(bytes(infile, "ascii"))
+        self.outfile.seek(0)
+        self.outfile.name = "mockfile"
+
+    def close(self):
+        pass
+
+    def read(self, *args, **kwargs):
+        return self.outfile.read(*args, **kwargs)
+
+    def seek(self, *args, **kwargs):
+        return self.outfile.seek(*args, **kwargs)
+
+    def tell(self):
+        return self.outfile.tell()
+
+    def readline(self, *args, **kwargs):
+        line = self.outfile.readline()
+        if line:
+            return line.decode("utf-8")
+        return ""
+
+
+def test_burplog(burp_log_raw):
+    # load plugins before mocking file object
+    Facade().payloads
+
+    m = mock.MagicMock(name="open", spec=open)
+    m.return_value = mock_saved_session(burp_log_raw)
+
+    mocked_fun = "builtins.open" if sys.version_info >= (3, 0) else "__builtin__.open"
+    with mock.patch(mocked_fun, m, create=True):
+        payload_list = list(
+            wfuzz.payload(
+                **{
+                    "payloads": [
+                        ("burplog", {"default": "mockedfile", "encoder": None}, None)
+                    ],
+                }
+            )
+        )
+
+        fres = payload_list[0][0]
+
+        assert fres.history.headers.response["Server"] == "nginx/1.17.9"
+        assert fres.history.headers.response["server"] == "nginx/1.17.9"
+        assert fres.history.content == '<?xml version="1.0"?>\n<updates>\n</updates>'
+        assert fres.history.headers.request == {
+            "Host": "aus5.mozilla.org",
+            "User-Agent": "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:81.0) Gecko/20100101 Firefox/81.0",
+            "Accept": "*/*",
+            "Accept-Language": "en-GB,en;q=0.5",
+            "Accept-Encoding": "gzip, deflate",
+            "Cache-Control": "no-cache",
+            "Pragma": "no-cache",
+            "Connection": "close",
+        }
+
+        assert fres.history.headers.response == {
+            'Server': 'nginx/1.17.9',
+            'Date': 'Sun, 01 Nov 2020 21:35:08 GMT',
+            'Content-Type': 'text/xml; charset=utf-8',
+            'Content-Length': '42',
+            'Strict-Transport-Security': 'max-age=31536000;',
+            'X-Content-Type-Options': 'nosniff',
+            'Content-Security-Policy': "default-src 'none'; frame-ancestors 'none'",
+            'X-Proxy-Cache-Status': 'EXPIRED',
+            'Via': '1.1 google',
+            'Age': '47',
+            'Cache-Control': 'public, max-age=90',
+            'Alt-Svc': 'clear',
+            'Connection': 'close',
+        }