Python PhpSCA.get_vulns Beispiele

Beispiel #1

    def api_read(self, localtmpdir=None):
        '''
        :param localtmpdir: Local temporary directory where to save
                            the remote code.
        '''
        def write_vuln_to_kb(vulnty, url, funcs):
            vulndata = php_sca.KB_DATA[vulnty]
            for f in funcs:
                vuln_sev = vulndata['severity']
                desc = name = vulndata['name']

                v = Vuln(name, desc, vuln_sev, 1, 'PHP Static Code Analyzer')
                v.set_uri(url)
                v.set_var(f.vulnsources[0])

                args = list(vulndata['kb_key']) + [v]

                # TODO: Extract the method from the PHP code
                #     $_GET == GET
                #     $_POST == POST
                #     $_REQUEST == GET
                v.set_method('GET')

                # TODO: Extract all the other variables that are
                # present in the PHP file using the SCA
                v.set_dc(DataContainer())

                #
                # TODO: This needs to be checked! OS Commanding specific
                #       attributes.
                v['os'] = 'unix'
                v['separator'] = ''

                kb.kb.append(*args)

        if not localtmpdir:
            localtmpdir = tempfile.mkdtemp()

        res = {}
        files = self.exec_payload('get_source_code', args=(localtmpdir, ))

        for url, file in files.iteritems():
            sca = PhpSCA(file=file[1])
            for vulnty, funcs in sca.get_vulns().iteritems():
                # Write to KB
                write_vuln_to_kb(vulnty, url, funcs)
                # Fill res dict
                res.setdefault(vulnty, []).extend([{
                    'loc':
                    url,
                    'lineno':
                    fc.lineno,
                    'funcname':
                    fc.name,
                    'vulnsrc':
                    str(fc.vulnsources[0])
                } for fc in funcs])
        return res

Beispiel #2

Datei: php_sca.py Projekt: Adastra-thw/w3af

    def api_read(self, localtmpdir=None):
        '''
        :param localtmpdir: Local temporary directory where to save
                            the remote code.
        '''
        def write_vuln_to_kb(vulnty, url, funcs):
            vulndata = php_sca.KB_DATA[vulnty]
            for f in funcs:
                vuln_sev = vulndata['severity']
                desc = name = vulndata['name']
                
                v = Vuln(name, desc, vuln_sev, 1, 'PHP Static Code Analyzer')
                v.set_uri(url)
                v.set_var(f.vulnsources[0])

                args = list(vulndata['kb_key']) + [v]

                # TODO: Extract the method from the PHP code
                #     $_GET == GET
                #     $_POST == POST
                #     $_REQUEST == GET
                v.set_method('GET')

                # TODO: Extract all the other variables that are
                # present in the PHP file using the SCA
                v.set_dc(DataContainer())

                #
                # TODO: This needs to be checked! OS Commanding specific
                #       attributes.
                v['os'] = 'unix'
                v['separator'] = ''

                kb.kb.append(*args)

        if not localtmpdir:
            localtmpdir = tempfile.mkdtemp()

        res = {}
        files = self.exec_payload('get_source_code', args=(localtmpdir,))

        for url, file in files.iteritems():
            sca = PhpSCA(file=file[1])
            for vulnty, funcs in sca.get_vulns().iteritems():
                # Write to KB
                write_vuln_to_kb(vulnty, url, funcs)
                # Fill res dict
                res.setdefault(vulnty, []).extend(
                    [{'loc': url, 'lineno': fc.lineno, 'funcname': fc.name,
                      'vulnsrc': str(fc.vulnsources[0])} for fc in funcs])
        return res