Base64 encoding for fuzzing HTTP basic auth

[wil...@gmail.com]

Hello,

I'm new to fuzzing with Boofuzz, and I'm trying to figure out how to fuzz the basic "Authorization" HTTP header in a way that can be decoded and interpreted by the target web server.  Here's some pseudocode for what I think I need to do:

b64encode(s_string("username") + s_static(":") + s_string("password"))

Is there a way to mutate the username/password fields, delimited by a static ":" separator, then base64 encode the whole thing and send it to the target?

Thanks!

[joshua.t...@gmail.com]

Will,

I believe s_group with its encoder parameter can get you where you need: https://boofuzz.readthedocs.io/en/latest/user/static-protocol-definition.html#block-manipulation

If it works, we could use something built-in along these lines!

Cheers,

Joshua

PS: My apologies for the late reply.

[wil...@gmail.com]

Thank you!  I think you may have meant "s_block", because that's what I used with the encoder parameter.

I made a new block to handle mutating/encoding the basic authorization username/password combo:

with s_block("Authorization-Line", encoder=base64.b64encode):
        s_string("username")
        s_static(":")
        s_string("password")

Thanks again for your help.