def sql_detected(log, url, method_type, detected_level, shell):
    data = {"uname": "admin", "passwd": "admin", "submit": "Submit"}
    if method_type == "get":
        urls = Url(url, method_type, [], gen_fake_header())
    else:
        urls = Url(url, method_type, data, gen_fake_header())
    dbms = CheckDbms(urls, log, detected_level, shell)
    dbms.detected()
Exemple #2
0
def test_http_post():
    data = {
        "uname": "admin", "passwd":"admin", "submit":"Submit"
    }
    change_data = {
        "uname": "ss"
    }    
    tmp_urls = Url("http://192.168.45.144:81/sqli-labs-master/Less-11/index.php", "post", data, gen_fake_header())
    replace_url = tmp_urls.url_replacer("uname", "admin", "admins")
    logging.info(replace_url)
    # 检测post请求
    logging.info(tmp_urls.http_request(replace_url).text)
Exemple #3
0
def test_1():
    queue_length = 1
    # 先进后出队列
    my__queue = queue.Queue(queue_length * 10)
    threads = []
    urls = Url("http://sample.com", "test", [], gen_fake_header())
    payload = "test"
    data_payload = "data_test"
    param_id = 1
    top_boundaries = []
    param = "test"
    i = 2
    j = 3

    for i in range(queue_length * 10):
        mt = MyTask(urls, payload, data_payload, param_id, top_boundaries,
                    param, i, j)
        my__queue.put_nowait(mt)

    for i in range(queue_length):
        mtd = MyThread(my__queue, payload)
        threads.append(mtd)

    for i in range(queue_length):
        threads[i].start()

    for i in range(queue_length):
        threads[i].join()

    for i in range(queue_length):
        assert threads[i].result == i
Exemple #4
0
def test_params():
    data = {
        "uname": "ysy", "passwd":"ysy", "submit":"Submit"
    }
    urls = Url("http://192.168.45.144:81/sqli-labs-master/Less-20/index.php?id=1", "post", data, gen_fake_header())
    logging.info(urls.headers["User-Agent"])
    logging.info(urls.headers["Referer"])
    logging.info(urls.headers["Cookie"].split(";"))          
    # urls.method = "cookie"
    # logging.info(urls.get_params())
def xss_detected(log, url):
    log.info("开始检测xss")
    """ xss_url_list = [
        "http://192.168.45.1/xss/xssgame/level1.php?name=1&x=2",
        "http://192.168.45.1/xss/xssgame/level2.php?keyword=2",
        "http://192.168.45.1/xss/xssgame/level3.php?keyword=2",
        "http://192.168.45.1/xss/xssgame/level4.php?keyword=2",
        "http://192.168.45.1/xss/xssgame/level5.php?keyword=2",
        "http://192.168.45.1/xss/xssgame/level6.php?keyword=2",
        "http://192.168.45.1/xss/xssgame/level7.php?keyword=2",
        r"http://192.168.45.1/xss/xssgame/level8.php?keyword=2&submit=%E6%B7%BB%E5%8A%A0%E5%8F%8B%E6%83%85%E9%93%BE%E6%8E%A5",
        "http://192.168.45.1/xss/xssgame/level9.php?name=2", 
        "http://192.168.45.1/xss/xssgame/level9a.php?name=2",
        "http://192.168.45.1/xss/xssgame/level10.php?name=2",
        "http://192.168.45.1/xss/xssgame/level11.php?name=2",
    ]
    for url in xss_url_list: """
    xss_urls = Url(url, "get", [], gen_fake_header())
    xss = CheckXss(xss_urls, log)
    xss_result = xss.detected()
    log.debug('检测出xss_payload:')
    log.debug(xss_result)
Exemple #6
0
def test_similar():
    tmp_urls = Url('http://192.168.45.1/sqli-labs-master/Less-8/index-oracle.php?id=1', "get", [], gen_fake_header())
    logging.info(tmp_urls.check_url_page(0,"http://192.168.45.1/sqli-labs-master/Less-8/index-oracle.php?id=1"))
Exemple #7
0
def test_keyword():
    tmp_urls = Url(r"http://192.168.45.1/xss/xssgame/level10.php?name=2&t_sort=ysy%22%3E%3Cimg%20sRc=1/onERRor=%22aLErt(1)", "get", [],gen_fake_header())
    logging.info(tmp_urls.check_keyword(r'http://192.168.45.1/xss/xssgame/level10.php?name=2&t_sort=ysy%22%3E%3Cimg%20sRc=1 onERRor=%22alert(1)', '(<img sRc=1 onERRor="alert".*>)'))
Exemple #8
0
import os
from lib.utils.json_file import *
import pytest
import logging
import random
import string
logging.basicConfig(level=logging.DEBUG)



boundaries = get_json("../"+BOUNDARIES_FILE_NAME, "low")
expressions = get_json("../"+DETECTED_FILE_NAME,"mysql")
data = {
    "uname": "admin", "passwd":"admin", "submit":"Submit"
}
urls = Url("http://192.168.45.144:81/sqli-labs-master/Less-1/index.php?id=1&s=2", "get", [], gen_fake_header())
urls2 = Url("http://192.168.45.144:81/sqli-labs-master/Less-1/index.php?id=1&s=2", "post", data, gen_fake_header())
payloads = ["'", '"']
# 随机数字
rand_num = str(random.randint(1000,9999))
rand_str = ''.join(random.sample(string.ascii_letters + string.digits, 4))
parmas = urls.params

@pytest.mark.url
def test_url():
    logging.getLogger("test_url")
    logging.info((boundaries,True))
    logging.info((expressions, True))
    urls.http_request_payloads(parmas[0],boundaries, expressions, True)

@pytest.mark.http