some problem about callback

[Young Thomas]

In the source code , i can see 

sess = sessions.session() 

sess.connect(sess.root, s_get("HTTP"))

in the defination of session.connect()

connect(src, dst=None, callback=None) 

how to use callback fuction ,can anybody give us some example code ?

callback_function's detail

[Joshua Pereyda]

Good job looking in the source. The documentation on Connection in session.py will help a bit. I don't have an example handy, but one would define a function and then pass it in.

The Session class's transmit function shows how it is used:

    def transmit(self, sock, node, edge):

        """

        Render and transmit a node, process callbacks accordingly.

        Args:

            sock (Target, optional): Socket-like object on which to transmit node

            node (pgraph.node.node (Node), optional): Request/Node to transmit

            edge (pgraph.edge.edge (pgraph.edge), optional): Edge along the current fuzz path from "node" to next node.

        """

        data = None

        # if the edge has a callback, process it. the callback has the option to render the node, modify it and return.

        if edge.callback:

            data = edge.callback(self, node, edge, sock)

        # if no data was returned by the callback, render the node here.

        if not data:

            data = node.render()

It may not be obvious: this is being called on the edge leading to a node. That is, before the node is actually rendered and transmitted.

Within the callback, you can use session.last_recv and session.last_send to access what was last sent and received; this can be used to customize behavior based on what the target replies.

I don't have any examples that do anything useful, but here is a simple example, modifying the current version of boofuzz-ftp:

def initialize_ftp(session, username, password):

    s_initialize("user")

    s_string("USER")

    s_delim(" ")

    s_string(username.encode('ascii'))

    s_static("\r\n")

    s_initialize("pass")

    s_string("PASS")

    s_delim(" ")

    s_string(password.encode('ascii'))

    s_static("\r\n")

    s_initialize("stor")

    s_string("STOR")

    s_delim(" ")

    s_string("AAAA")

    s_static("\r\n")

    s_initialize("retr")

    s_string("RETR")

    s_delim(" ")

    s_string("AAAA")

    s_static("\r\n")

    def my_callback(session, node, edge, sock):

        session.targets[0].send('more data')

    session.connect(s_get("user"))

    session.connect(s_get("user"), s_get("pass"), my_callback)

    session.connect(s_get("pass"), s_get("stor"))

    session.connect(s_get("pass"), s_get("retr"))

I used session's target to send rather than sock so that sending is logged properly.