def write_vuln_to_kb(vulnty, url, funcs):
vulndata = php_sca.KB_DATA[vulnty]
for f in funcs:
vuln_sev = vulndata['severity']
desc = name = vulndata['name']
v = Vuln(name, desc, vuln_sev, 1, 'PHP Static Code Analyzer')
v.set_uri(url)
v.set_token((f.vulnsources[0], 0))
args = list(vulndata['kb_key']) + [v]
# TODO: Extract the method from the PHP code
# $_GET == GET
# $_POST == POST
# $_REQUEST == GET
v.set_method('GET')
# TODO: Extract all the other variables that are
# present in the PHP file using the SCA
v.set_dc(DataContainer())
#
# TODO: This needs to be checked! OS Commanding specific
# attributes.
v['os'] = 'unix'
v['separator'] = ''
kb.kb.append(*args)
def write_vuln_to_kb(vulnty, url, funcs):
vulndata = php_sca.KB_DATA[vulnty]
for f in funcs:
vuln_sev = vulndata['severity']
desc = name = vulndata['name']
v = Vuln(name, desc, vuln_sev, 1, 'PHP Static Code Analyzer')
v.set_uri(url)
v.set_token((f.vulnsources[0], 0))
args = list(vulndata['kb_key']) + [v]
# TODO: Extract the method from the PHP code
# $_GET == GET
# $_POST == POST
# $_REQUEST == GET
v.set_method('GET')
# TODO: Extract all the other variables that are
# present in the PHP file using the SCA
v.set_dc(DataContainer())
#
# TODO: This needs to be checked! OS Commanding specific
# attributes.
v['os'] = 'unix'
v['separator'] = ''
kb.kb.append(*args)
