Merge pull request #20 from Sebitosh/uri-override

Utility change: allow manually defining URI for using reflection capability of albedo

Author: airween

README.md

@@ -454,6 +454,25 @@ The field `input.encoded_request` allows defining a whole request encoded in bas
               encoded_request: R0VUIC8gSFRUUC8xLjENCkhvc3Q6IGxvY2FsaG9zdA0KDQo=
 ```
 
+#### Uri
+
+The field `input.uri` allows defining the uri used for the request manually. This is in particular useful for using the `/reflect` endpoint of [albedo](https://github.com/coreruleset/albedo) which allows defining what the server response should be from within the body of the post request that was sent.
+
+```yaml
+  targets:
+    - target: ''
+      test:
+        data: '{"status": 201, "body": "<html>reflected-token</html>"}'
+        input:
+          headers:
+            - name: Content-Type
+              value: application/json
+          uri: '/reflect'
+        output:
+          status: 201
+          response_contains: "reflected-token"
+```
+
 ### Constants
 The yaml schema has a mechanism to handle global and local constants.
 

feature_demo/config_tests/DEMO_008_URI_REFLECT.yaml

@@ -0,0 +1,28 @@
+target: ARGS
+rulefile: DEMO_008_URI_REFLECT.conf
+testfile: DEMO_008_URI_REFLECT.yaml
+templates:
+- SecRule for TARGETS
+colkey:
+- - ''
+operator:
+- '@contains'
+oparg:
+- foo
+phase:
+- 2
+testdata:
+  phase_methods:
+    2: post
+  targets:
+    - target: ''
+      test:
+        data: '{"status": 201, "body": "<html>reflected-token</html>"}'
+        input:
+          headers:
+            - name: Content-Type
+              value: application/json
+          uri: '/reflect'
+        output:
+          status: 201
+          response_contains: "reflected-token"

feature_demo/generated/rules/DEMO_008_URI_REFLECT.conf

@@ -0,0 +1,9 @@
+SecRule ARGS "@contains foo" \
+    "id:100013,\
+    phase:2,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:2',\
+    ver:'MRTS/0.1'"
+

feature_demo/generated/tests/DEMO_008_URI_REFLECT_100013.yaml

@@ -0,0 +1,29 @@
+---
+meta:
+  author: MRTS generate-rules.py
+  enabled: true
+  name: DEMO_008_URI_REFLECT.yaml
+  description: Desc
+tests:
+- test_title: 100013-1
+  ruleid: 100013
+  test_id: 1
+  desc: 'Test case for rule 100013, #1'
+  stages:
+  - description: Send request
+    input:
+      dest_addr: 127.0.0.1
+      port: 80
+      protocol: http
+      method: POST
+      headers:
+        User-Agent: OWASP MRTS test agent
+        Host: localhost
+        Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
+        Content-Type: application/json
+      uri: /reflect
+      version: HTTP/1.1
+      data: '{"status": 201, "body": "<html>reflected-token</html>"}'
+    output:
+      status: 201
+      response_contains: reflected-token

mrts/generate-rules.py

@@ -349,6 +349,8 @@ def genrulefromtemplate(self, tpl, current_confdata):
                                                                 item['stages'][0]['input']['headers'][h['name']] = h['value']
                                                         if 'encoded_request' in test['test']['input']:
                                                             item['stages'][0]['input']['encoded_request'] = test['test']['input']['encoded_request']
+                                                        if 'uri' in test['test']['input']:
+                                                            item['stages'][0]['input']['uri'] = test['test']['input']['uri']
                                                     # overwrite default output field
                                                     if 'output' in test['test']:
                                                         item['stages'][0]['output'] = test['test']['output']