First thanks for this very useful plugin. I've been running it on one of my services and it already proved very valuable.
However, I've been getting an error when using this to fuzz an input that is part of an URL. The URL is example.com/service/{{input}}/prediction, where {{input}} could be any string.
To fuzz it, I wrote the following config:
config:
plugins:
fuzzer: {}
phases:
- duration: 100 # Test 100 fuzzed values
arrivalRate: 1 # A single request at a time
environments:
dev:
target: 'http://0.0.0.0:8000'
scenarios:
- name: "Fuzzed URL input"
flow:
- post:
url: "/1/service/{{naughtyString}}/prediction"
json:
query: "What"
- log: "***** POST fuzzed input: '/1/service/{{ naughtyString }}/prediction'"
This results in some of the requests failing to be sent, returning ERR_UNESCAPED_CHARACTERS:
Started phase 0, duration: 100s @ 16:37:47(+0100) 2020-11-25
.. ***** POST fuzzed input: '/1/service/NIL/prediction'
***** POST fuzzed input: '/1/service/LPT1/prediction'
. ***** POST fuzzed input: '/1/service/''/prediction'
.. ***** POST fuzzed input: '/1/service/<img src=x\x11onerror="javascript:alert(1)">/prediction'
. ***** POST fuzzed input: '/1/service/`"'><img src=xxx:x \x09onerror=javascript:alert(1)>/prediction'
***** POST fuzzed input: '/1/service/ABC<div style="x:\x09expression(javascript:alert(1)">DEF/prediction'
.. ***** POST fuzzed input: '/1/service/<a href="\x1Cjavascript:javascript:alert(1)" id="fuzzelement1">test</a>/prediction'
. ***** POST fuzzed input: '/1/service/' OR '1'='1/prediction'
Report @ 16:37:57(+0100) 2020-11-25
Elapsed time: 10 seconds
Scenarios launched: 9
Scenarios completed: 8
Requests completed: 8
Mean response/sec: 0.89
Response time (msec):
min: 1.6
max: 387.6
median: 152.9
p95: 387.6
p99: 387.6
Codes:
404: 8
Errors:
ERR_UNESCAPED_CHARACTERS: 1
It's hard to pinpoint which specific value is causing the issue, as the naughty string used is random each time.
Is there a way to escape the picked value, that's not documented in Artillery's docs nor in this plugin's readme?
If no, do you think there is a workaround to ignore those badly-escaped values?
For now I'm solving this problem by taking the number of reported ERR_UNESCAPED_CHARACTERS to manually fix the reported stats numbers, but that's not ideal.
First thanks for this very useful plugin. I've been running it on one of my services and it already proved very valuable.
However, I've been getting an error when using this to fuzz an input that is part of an URL. The URL is
example.com/service/{{input}}/prediction, where{{input}}could be any string.To fuzz it, I wrote the following config:
This results in some of the requests failing to be sent, returning
ERR_UNESCAPED_CHARACTERS:It's hard to pinpoint which specific value is causing the issue, as the naughty string used is random each time.
For now I'm solving this problem by taking the number of reported
ERR_UNESCAPED_CHARACTERSto manually fix the reported stats numbers, but that's not ideal.