import pipes
import os
import taint
def raw_input():
# a function which gets something user-supplied from the network, let's use
# the following string as an example: 'google.com'. If the user would be
# malicious he could supply a shell injection string like 'google.com;killall
# python'.
return 'google.com'
class ShellMerit(Merit):
'''A string has been cleaned for usage as a shell parameter'''
propagation = Merit.FullPropagation
taint.enable('example_simple.json')
s = raw_input()
s = pipes.quote(s) # pipes.quote returns shell escaped version of s
c = 'host ' + s
os.system(c)
import pipes
import os
import taint
def raw_input():
# a function which gets something user-supplied from the network, let's use
# the following string as an example: 'google.com'. If the user would be
# malicious he could supply a shell injection string like 'google.com;killall
# python'.
return 'google.com'
class ShellMerit(Merit):
'''A string has been cleaned for usage as a shell parameter'''
propagation = Merit.FullPropagation
taint.enable('example_simple.json')
s = raw_input()
s = pipes.quote(s) # pipes.quote returns shell escaped version of s
c = 'host ' + s
os.system(c)
fh = open('/tmp/db', 'w')
fh.write(params['value'][0])
fh.close()
self.send_response("stored")
elif path == '/get':
fh = open('/tmp/db', 'r')
data = fh.read()
data = data.taint()
fh.close()
self.send_response("stored: %s" % (data))
# Example 6 -- Arbritary File Read
# TODO
# Example 7 -- Arbritary File Write
# TODO
self.wfile.close()
taint.enable('example_practical.json')
SECRET_KEY = SECRET_KEY.taint() # Manually taint this string
try:
server = HTTPServer(('localhost', 8888), Handler)
print('Started http server')
server.serve_forever()
except KeyboardInterrupt:
print('^C received, shutting down server')
server.socket.close()
def test_main():
taint.enable(CONFIG_1)
test_support.run_unittest(DecoratorTest, SimplePatcherTest,
ImportedObjectsPatchingTest, ConfigValidation,
PropagationContextsTest, PropagatorTest,
OptionsTest)
def setUp(self):
taint.enable(CONFIG_4)
elif path == '/store':
fh = open('/tmp/db','w')
fh.write(params['value'][0])
fh.close()
self.send_response("stored")
elif path == '/get':
fh = open('/tmp/db','r')
data = fh.read()
data = data.taint()
fh.close()
self.send_response("stored: %s" % (data))
# Example 6 -- Arbritary File Read
# TODO
# Example 7 -- Arbritary File Write
# TODO
self.wfile.close()
taint.enable('example_practical.json')
SECRET_KEY = SECRET_KEY.taint() # Manually taint this string
try:
server = HTTPServer(('localhost', 8888), Handler)
print('Started http server')
server.serve_forever()
except KeyboardInterrupt:
print('^C received, shutting down server')
server.socket.close()
