class Payload(db.Model):
"""
Payload model contains the following parameters:
payload = payload used in xss injection testing.
url = url where payload is submitted to
method = method of request to faciliate xss testing
paramater = parameter which contains the payload
notes = notes
Payload provides primary key to Capture, which stores
a xss capture.
"""
__tablename__ = 'payloads'
id = db.Column(db.Integer, primary_key=True)
payload = db.Column(db.String(500))
url = db.Column(db.String(500))
method = db.Column(db.String(12))
parameter = db.Column(db.String(50))
notes = db.Column(db.String(200))
assessment = db.Column(db.Integer, db.ForeignKey('assessments.id'))
# When payloads are deleted, cascade the delete and remove associated captures
captures = db.relationship("Capture",
cascade="all,delete",
backref="payloads")
def as_dict(self):
"""
Return JSON API object
"""
# Replace $1 template with configured hostname
payload = self.payload.replace(
"$1", "//{}/x?u={}".format(app.config['HOSTNAME'], str(self.id)))
payload_dict = {
"id": self.id,
"assessments": [i.as_dict() for i in self.assessments],
"payload": payload,
"url": self.url,
"method": self.method,
"parameter": self.parameter,
"notes": self.notes
}
return payload_dict
def show_assessment_ids(self):
"""
Print payload assessments as a list of assessment ids.
"""
return [i.id for i in self.assessments]
def show_assessment_names(self):
"""
Print payload assessments as a string of assessment names.
"""
return ','.join([i.name for i in self.assessments])
class Capture(db.Model):
"""
Capture model contains the following parameters:
assessment = assessment name(s) assocaited with capture
url = url where cross-site scripting was triggered
referrer = referrer string of request
cookies = any cookies not containing the HttpOnly flag from request
user_agent = user-agent string
payload = to be removed
screenshot = screenshot identifier
pub_date = Date with which the capature was recieved
"""
__tablename__ = 'captures'
id = db.Column(db.Integer, primary_key=True)
assessment = db.Column(db.String(200))
url = db.Column(db.String(2000), unique=False)
referrer = db.Column(db.String(2000), unique=False)
cookies = db.Column(db.String(2000), unique=False)
user_agent = db.Column(db.String(512), unique=False)
payload = db.Column(db.Integer)
screenshot = db.Column(db.String(20), unique=False)
pub_date = db.Column(db.String(512), unique=False)
dom = db.Column(db.String(65535), unique=False)
payload_id = db.Column(db.Integer, db.ForeignKey('payloads.id'))
def as_dict(self):
"""Return Capture model as JSON object"""
return {c.name: getattr(self, c.name) for c in self.__table__.columns}
def __init__(self,
assessment,
url,
referrer,
cookies,
user_agent,
payload,
screenshot,
dom,
pub_date=None):
self.assessment = assessment
self.url = url
self.referrer = referrer
self.cookies = cookies
self.user_agent = user_agent
self.payload = payload
self.screenshot = screenshot
self.dom = dom
self.payload_id = payload
# Set datetime when a capture is recieved
if pub_date is None:
pub_date = str(datetime.datetime.now())
self.pub_date = pub_date
def __repr__(self):
return '<Uri %r>' % self.url
class GenericCollector(db.Model):
"""
Puppyscript model contains the following parameters:
name = name of javascript file.
code = code that will be executed when a sleepy puppy payload is executed
notes = notes
Puppyscript is many to many with payload.
"""
__tablename__ = 'generic_collector'
id = db.Column(db.Integer, primary_key=True)
payload = db.Column(db.Integer, db.ForeignKey('payloads.id'))
assessment = db.Column(db.String(200))
puppyscript_name = db.Column(db.String(500), nullable=False)
data = db.Column(db.Text())
url = db.Column(db.Text(), unique=False)
referrer = db.Column(db.Text(), unique=False)
pub_date = db.Column(db.String(512), unique=False)
def as_dict(self):
"""Return Capture model as JSON object"""
return {c.name: getattr(self, c.name) for c in self.__table__.columns}
def __init__(self,
payload,
assessment,
puppyscript_name,
url,
referrer,
data,
pub_date=None):
self.payload = payload
self.assessment = assessment
self.puppyscript_name = puppyscript_name
self.url = url
self.referrer = referrer
self.data = data
# Set datetime when a capture is received
if pub_date is None:
pub_date = str(datetime.datetime.now())
self.pub_date = pub_date
def __repr__(self):
return str(self.payload)