def grep(self, request, response):
"""
Analyze if the HTTP response reason messages are strange.
:param request: The HTTP request object.
:param response: The HTTP response object
:return: None, all results are saved in the kb.
"""
response_code = response.get_code()
msg_list = W3C_REASONS.get(response_code, None)
if msg_list is None:
return
response_reason = response.get_msg().lower()
if response_reason in msg_list:
# It's common, nothing to do here.
return
# Create a new info object from scratch and save it to the kb:
desc = "The remote Web server sent a strange HTTP reason" 'message "%s", manual inspection is recommended.'
desc = desc % response.get_msg()
i = Info("Strange HTTP Reason message", desc, response.id, self.get_name())
i.set_url(response.get_url())
i.add_to_highlight(response.get_msg())
i[StrangeHeaderInfoSet.ITAG] = response.get_msg()
self.kb_append_uniq_group(self, "strange_reason", i, group_klass=StrangeHeaderInfoSet)
def grep(self, request, response):
"""
Analyze if the HTTP response reason messages are strange.
:param request: The HTTP request object.
:param response: The HTTP response object
:return: None, all results are saved in the kb.
"""
response_code = response.get_code()
msg_list = W3C_REASONS.get(response_code, None)
if msg_list is None:
return
response_reason = response.get_msg().lower()
if response_reason in msg_list:
# It's common, nothing to do here.
return
# Create a new info object from scratch and save it to the kb:
desc = ('The remote Web server sent a strange HTTP reason'
' message "%s", manual inspection is recommended.')
desc %= response.get_msg()
i = Info('Strange HTTP Reason message', desc, response.id,
self.get_name())
i.set_url(response.get_url())
i.add_to_highlight(response.get_msg())
i[StrangeHeaderInfoSet.ITAG] = response.get_msg()
self.kb_append_uniq_group(self,
'strange_reason',
i,
group_klass=StrangeHeaderInfoSet)
def grep(self, request, response):
"""
Plugin entry point. Analyze if the HTTP response reason messages are strange.
:param request: The HTTP request object.
:param response: The HTTP response object
:return: None, all results are saved in the kb.
"""
response_code = response.get_code()
msg_list = W3C_REASONS.get(response_code, None)
if msg_list is not None:
response_reason = response.get_msg().lower()
if response_reason not in msg_list:
#
# I check if the kb already has a info object with this code:
#
strange_reason_infos = kb.kb.get('strange_reason',
'strange_reason')
corresponding_info = None
for info_obj in strange_reason_infos:
if info_obj['reason'] == response.get_msg():
corresponding_info = info_obj
break
if corresponding_info:
# Work with the "old" info object:
id_list = corresponding_info.get_id()
id_list.append(response.id)
corresponding_info.set_id(id_list)
else:
# Create a new info object from scratch and save it to the kb:
desc = 'The remote Web server sent a strange HTTP reason'\
'message: "%s" manual inspection is advised.'
desc = desc % response.get_msg()
i = Info('Strange HTTP Reason message', desc,
response.id, self.get_name())
i.set_url(response.get_url())
i['reason'] = response.get_msg()
i.add_to_highlight(response.get_msg())
self.kb_append_uniq(self, 'strange_reason', i, 'URL')
def grep(self, request, response):
"""
Plugin entry point. Analyze if the HTTP response reason messages are strange.
:param request: The HTTP request object.
:param response: The HTTP response object
:return: None, all results are saved in the kb.
"""
response_code = response.get_code()
msg_list = W3C_REASONS.get(response_code, None)
if msg_list is not None:
response_reason = response.get_msg().lower()
if response_reason not in msg_list:
#
# I check if the kb already has a info object with this code:
#
strange_reason_infos = kb.kb.get('strange_reason',
'strange_reason')
corresponding_info = None
for info_obj in strange_reason_infos:
if info_obj['reason'] == response.get_msg():
corresponding_info = info_obj
break
if corresponding_info:
# Work with the "old" info object:
id_list = corresponding_info.get_id()
id_list.append(response.id)
corresponding_info.set_id(id_list)
else:
# Create a new info object from scratch and save it to the kb:
desc = 'The remote Web server sent a strange HTTP reason'\
'message: "%s" manual inspection is advised.'
desc = desc % response.get_msg()
i = Info('Strange HTTP Reason message', desc, response.id,
self.get_name())
i.set_url(response.get_url())
i['reason'] = response.get_msg()
i.add_to_highlight(response.get_msg())
self.kb_append_uniq(self, 'strange_reason', i, 'URL')