本文整理汇总了Python中w3af.core.data.kb.vuln.Vuln.set_uri方法的典型用法代码示例。如果您正苦于以下问题:Python Vuln.set_uri方法的具体用法?Python Vuln.set_uri怎么用?Python Vuln.set_uri使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类w3af.core.data.kb.vuln.Vuln
的用法示例。
在下文中一共展示了Vuln.set_uri方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: write_vuln_to_kb
# 需要导入模块: from w3af.core.data.kb.vuln import Vuln [as 别名]
# 或者: from w3af.core.data.kb.vuln.Vuln import set_uri [as 别名]
def write_vuln_to_kb(vulnty, url, funcs):
vulndata = php_sca.KB_DATA[vulnty]
for f in funcs:
vuln_sev = vulndata['severity']
desc = name = vulndata['name']
v = Vuln(name, desc, vuln_sev, 1, 'PHP Static Code Analyzer')
v.set_uri(url)
v.set_token((f.vulnsources[0], 0))
args = list(vulndata['kb_key']) + [v]
# TODO: Extract the method from the PHP code
# $_GET == GET
# $_POST == POST
# $_REQUEST == GET
v.set_method('GET')
# TODO: Extract all the other variables that are
# present in the PHP file using the SCA
v.set_dc(DataContainer())
#
# TODO: This needs to be checked! OS Commanding specific
# attributes.
v['os'] = 'unix'
v['separator'] = ''
kb.kb.append(*args)
示例2: grep
# 需要导入模块: from w3af.core.data.kb.vuln import Vuln [as 别名]
# 或者: from w3af.core.data.kb.vuln.Vuln import set_uri [as 别名]
def grep(self, request, response):
"""
Plugin entry point.
:param request: The HTTP request object.
:param response: The HTTP response object
:return: None, all results are saved in the kb.
"""
if not response.is_text_or_html():
return
uri = response.get_uri()
for regex in self.RE_LIST:
for m in regex.findall(response.get_body()):
user = m[0]
desc = 'The URL: "%s" contains a SVN versioning signature'\
' with the username "%s".'
desc = desc % (uri, user)
v = Vuln('SVN user disclosure vulnerability', desc,
severity.LOW, response.id, self.get_name())
v.add_to_highlight(user)
v.set_uri(uri)
v[SVNUserInfoSet.ITAG] = user
self.kb_append_uniq_group(self, 'users', v,
group_klass=SVNUserInfoSet)
示例3: end
# 需要导入模块: from w3af.core.data.kb.vuln import Vuln [as 别名]
# 或者: from w3af.core.data.kb.vuln.Vuln import set_uri [as 别名]
def end(self):
"""
This method is called when the plugin wont be used anymore.
The real job of this plugin is done here, where I will try to see if
one of the error_500 responses were not identified as a vuln by some
of my audit plugins
"""
all_vuln_ids = set()
for info in kb.kb.get_all_findings():
for _id in info.get_id():
all_vuln_ids.add(_id)
for request, error_500_response_id in self._error_500_responses:
if error_500_response_id not in all_vuln_ids:
# Found a error 500 that wasn't identified !
desc = 'An unidentified web application error (HTTP response'\
' code 500) was found at: "%s". Enable all plugins and'\
' try again, if the vulnerability still is not'\
' identified, please verify manually and report it to'\
' the w3af developers.'
desc = desc % request.get_url()
v = Vuln('Unhandled error in web application', desc,
severity.MEDIUM, error_500_response_id,
self.get_name())
v.set_uri(request.get_uri())
self.kb_append_uniq(self, 'error_500', v, 'VAR')
self._error_500_responses.cleanup()
示例4: _analyze_SQL
# 需要导入模块: from w3af.core.data.kb.vuln import Vuln [as 别名]
# 或者: from w3af.core.data.kb.vuln.Vuln import set_uri [as 别名]
def _analyze_SQL(self, request, response, ref, token_name, token_value):
"""
To find this kind of vulns
http://thedailywtf.com/Articles/Oklahoma-
Leaks-Tens-of-Thousands-of-Social-Security-Numbers,-Other-
Sensitive-Data.aspx
:return: True if the parameter value contains SQL sentences
"""
for match in SQL_RE.findall(token_value):
if request.sent(match):
continue
desc = ('The URI: "%s" has a parameter named: "%s" with value:'
' "%s", which is a SQL query.')
desc %= (response.get_uri(), token_name, token_value)
v = Vuln('Parameter has SQL sentence', desc, severity.LOW,
response.id, self.get_name())
v['parameter_value'] = token_value
v.add_to_highlight(token_value)
v.set_uri(ref)
self.kb_append(self, 'strange_parameters', v)
return True
return False
示例5: grep
# 需要导入模块: from w3af.core.data.kb.vuln import Vuln [as 别名]
# 或者: from w3af.core.data.kb.vuln.Vuln import set_uri [as 别名]
def grep(self, request, response):
"""
Plugin entry point, find the SSN numbers.
:param request: The HTTP request object.
:param response: The HTTP response object
:return: None.
"""
if not response.is_text_or_html() or response.get_code() != 200 \
or response.get_clear_text_body() is None:
return
found_ssn, validated_ssn = self._find_SSN(response.get_clear_text_body())
if validated_ssn:
uri = response.get_uri()
desc = 'The URL: "%s" possibly discloses a US Social Security'\
' Number: "%s".'
desc = desc % (uri, validated_ssn)
v = Vuln('US Social Security Number disclosure', desc,
severity.LOW, response.id, self.get_name())
v.set_uri(uri)
v.add_to_highlight(found_ssn)
self.kb_append_uniq(self, 'ssn', v, 'URL')
示例6: _from_csv_get_vulns
# 需要导入模块: from w3af.core.data.kb.vuln import Vuln [as 别名]
# 或者: from w3af.core.data.kb.vuln.Vuln import set_uri [as 别名]
def _from_csv_get_vulns(self):
file_vulns = []
vuln_reader = csv.reader(open(self.OUTPUT_FILE, 'rb'), delimiter=',',
quotechar='|', quoting=csv.QUOTE_MINIMAL)
for name, method, uri, var, dc, _id, desc in vuln_reader:
v = Vuln(name, desc, 'High', json.loads(_id), 'TestCase')
v.set_method(method)
v.set_uri(URL(uri))
v.set_var(var)
v.set_dc(dc)
file_vulns.append(v)
return file_vulns
示例7: grep
# 需要导入模块: from w3af.core.data.kb.vuln import Vuln [as 别名]
# 或者: from w3af.core.data.kb.vuln.Vuln import set_uri [as 别名]
def grep(self, request, response):
"""
Plugin entry point.
:param request: The HTTP request object.
:param response: The HTTP response object
:return: None, all results are saved in the kb.
"""
try:
dp = parser_cache.dpc.get_document_parser_for(response)
except BaseFrameworkException:
return
# Note:
# - With parsed_references I'm 100% that it's really something in the
# HTML that the developer intended to add.
#
# - The re_references are the result of regular expressions, which in
# some cases are just false positives.
#
parsed_references, _ = dp.get_references()
for ref in parsed_references:
qs = ref.querystring
for param_name in qs:
# This for loop is to address the repeated parameter name issue
for element_index in xrange(len(qs[param_name])):
if self._is_strange(request, param_name, qs[param_name][element_index])\
and (ref.uri2url(), param_name) not in self._already_reported:
# Don't repeat findings
self._already_reported.add((ref.uri2url(), param_name))
desc = 'The URI: "%s" has a parameter named: "%s"'\
' with value: "%s", which is very uncommon.'\
' and requires manual verification.'
desc = desc % (response.get_uri(), param_name,
qs[param_name][element_index])
i = Info('Uncommon query string parameter', desc,
response.id, self.get_name())
i.set_uri(ref)
i.set_var(param_name)
i['parameter_value'] = qs[param_name][element_index]
i.add_to_highlight(qs[param_name][element_index])
self.kb_append(self, 'strange_parameters', i)
# To find this kind of vulns
# http://thedailywtf.com/Articles/Oklahoma-
# Leaks-Tens-of-Thousands-of-Social-Security-Numbers,-Other-
# Sensitive-Data.aspx
if self._is_SQL(request, param_name, qs[param_name][element_index])\
and ref not in self._already_reported:
# Don't repeat findings
self._already_reported.add(ref)
desc = 'The URI: "%s" has a parameter named: "%s"'\
' with value: "%s", which is a SQL query.'
desc = desc % (response.get_uri(), param_name,
qs[param_name][element_index])
v = Vuln('Parameter has SQL sentence', desc,
severity.LOW, response.id, self.get_name())
v.set_uri(ref)
v.set_var(param_name)
v['parameter_value'] = qs[param_name][element_index]
v.add_to_highlight(qs[param_name][element_index])
self.kb_append(self, 'strange_parameters', v)