# upload-fuzz-dic-builder

**Repository Path**: csharphpython/upload-fuzz-dic-builder

## Basic Information

- **Project Name**: upload-fuzz-dic-builder
- **Description**: 上传漏洞fuzz字典生成脚本
- **Primary Language**: Unknown
- **License**: MIT
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 0
- **Created**: 2021-10-17
- **Last Updated**: 2021-10-17

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

# upload-fuzz-dic-builder 上传漏洞fuzz字典生成脚本

![生成的字典](doc/upload_fuzz_dic.png)

## 一、uasg

```
$ python upload-fuzz-dic-builder.py -h
usage: upload-fuzz-dic-builder [-h] [-n] [-a] [-l] [-m] [--os] [-d] [-o]

optional arguments:
  -h, --help            show this help message and exit
  -n , --upload-filename
                        Upload file name
  -a , --allow-suffix   Allowable upload suffix
  -l , --language       Uploaded script language
  -m , --middleware     Middleware used in Web System
  --os                  Target operating system type
  -d, --double-suffix   Is it possible to generate double suffix?
  -o , --output         Output file
```

### 1.1 Example1
生成适合全语言，全部中间件，全部操作系统的fuzz字典

```
python upload-fuzz-dic-builder.py
```

### 1.2 Example2
生成适合后端语言为`asp`的fuzz字典

```
python upload-fuzz-dic-builder.py -l asp
```

### 1.3 Example3
上传文件名为：`test`，可以上传后缀为`jpg`，后端语言为`php`，中间件为`apache`，操作系统为`Windows`，输出字典名为`upload_filename.txt`的fuzz字典

```
python upload-fuzz-dic-builder.py -n test -a jpg -l php -m apache --os win -o upload_file.txt
```


### 1.4 注意：

1. 生成时给的上传点相关信息越详细，生成的字典越精确！
2. 在使用burp的Intruder模块进行fuzz时将Payload面板中`Payload Encoding`一栏的`URL-encode these characters`选项设置为未选中状态。

![burp intruder模块设置](doc/burp_intruder_setting.png)

## 二、more

[构造优质上传漏洞fuzz字典](http://gv7.me/articles/2018/make-upload-vul-fuzz-dic/)