def dataReceived(self, data): """ HTTP request from learning mode might be received here :) """ # print str(threading.currentThread().name)+"\n" sig = signature_parser("localhost", "root", "trivialpassword", "naxsi_sig") sig_idx = data.find("\r\nnaxsi_sig: ") if (sig_idx == -1): print "ERROR: request doesn't contain naxis_sig header" print data + "\n---\n" self.finish() return sig_idx = sig_idx + 2 sig_end = data[sig_idx:].find("\r\n") if (sig_end == -1): print "ERROR: request doesn't contain naxsi_sig header" print data + "\n---\n" self.finish() return self.finish() threads.deferToThread(sig.raw_parser, *(data, data[sig_idx:sig_idx + sig_end])) #sig.raw_parser(data[sig_idx:sig_idx+sig_end], is_from_http=True) return
def background(self, fullstr, sig): wrapper = SQLWrapper.SQLWrapper(conf_path) wrapper.connect() parser = signature_parser(wrapper) parser.wrapper.StartInsert() parser.sig_to_db(fullstr, sig) parser.wrapper.StopInsert()
def background(self, fullstr, sig): self.db = MySQLConnector.MySQLConnector().connect() if self.db is None: raise ValueError("Cannot connect to db.") self.cursor = self.db.cursor() if self.cursor is None: raise ValueError("Cannot connect to db.") parser = signature_parser(self.cursor) parser.sig_to_db(fullstr, sig) self.db.close()
def fill_db(filename, conf_path): fd = open(filename, 'r') mysqlh = MySQLConnector.MySQLConnector(conf_path) db = mysqlh.connect() sig = '' if db is None: raise ValueError('Cannot connect to db') cursor = db.cursor() if cursor is None: raise ValueError('Cannot connect to db') if re.match("[a-z0-9]+$", mysqlh.dbname) == False: print 'bad db name :)' exit(-2) cursor.execute("DROP DATABASE IF EXISTS %s;" % mysqlh.dbname) cursor.execute("CREATE DATABASE %s;" % mysqlh.dbname) db.select_db(mysqlh.dbname) for line in fd: fullstr = '' if 'NAXSI_FMT' in line: l = line.split(", ") date = ' '.join(l[0].split()[:2]) sig = l[0].split('NAXSI_FMT:')[1][1:] l = l[1:] request_args = {} for i in l: s = i.split(':') request_args[s[0]] = urllib.unquote(''.join(s[1:])) # print 'args are ', request_args if request_args: fullstr = request_args['request'][ 2:-1] + ' Referer : ' + request_args.get( 'referrer', ' "None"')[2:-1].strip( '"\n') + ',Cookie : ' + request_args.get( 'cookie', ' "None"')[2:-1] if sig != '' and fullstr != '': # print "adding %s (%s) " % (sig, fullstr) parser = signature_parser(cursor) parser.sig_to_db(fullstr, sig, date=date) fd.close() db.close()
def fill_db(files, conf_path): wrapper = SQLWrapper.SQLWrapper(conf_path) wrapper.connect() sig = '' if re.match("[a-z0-9]+$", wrapper.dbname) == False: print 'bad db name :)' exit(-2) wrapper.drop_database() wrapper.create_db() wrapper.select_db(wrapper.dbname) #wrapper.exec() print "Filling db with %s (TABLES WILL BE DROPPED !)" % ' '.join(files) # parser = signature_parser(wrapper) parser = signature_parser(wrapper) parser.wrapper.StartInsert() for filename in files: with open(filename, 'r') as fd: for line in fd: fullstr = '' if 'NAXSI_FMT' in line: l = line.split(", ") date = ' '.join(l[0].split()[:2]) sig = l[0].split('NAXSI_FMT:')[1][1:] l = l[1:] request_args = {} for i in l: s = i.split(':') request_args[s[0]] = urllib.unquote(''.join(s[1:])) fullstr = request_args.get( 'request', 'None')[2:-1] + ' Referer : ' + request_args.get( 'referrer', ' "None"')[2:-1].strip( '"\n') + ',Cookie : ' + request_args.get( 'cookie', ' "None"')[2:-1] if sig != '' and fullstr != '': parser.sig_to_db(fullstr, sig, date=date) parser.wrapper.StopInsert()
def fill_db(filename, conf_path): fd = open(filename, 'r') mysqlh = MySQLConnector.MySQLConnector(conf_path) db = mysqlh.connect() sig = '' if db is None: raise ValueError('Cannot connect to db') cursor = db.cursor() if cursor is None: raise ValueError('Cannot connect to db') if re.match("[a-z0-9]+$", mysqlh.dbname) == False: print 'bad db name :)' exit(-2) cursor.execute("DROP DATABASE IF EXISTS %s;" % mysqlh.dbname) cursor.execute("CREATE DATABASE %s;" % mysqlh.dbname) db.select_db(mysqlh.dbname) for line in fd: fullstr = '' if 'NAXSI_FMT' in line: l = line.split(", ") date = ' '.join(l[0].split()[:2]) sig = l[0].split('NAXSI_FMT:')[1][1:] l = l[1:] request_args = {} for i in l: s = i.split(':') request_args[s[0]] = urllib.unquote(''.join(s[1:])) # print 'args are ', request_args if request_args: fullstr = request_args['request'][2:-1] + ' Referer : ' + request_args.get('referrer', ' "None"')[2:-1].strip('"\n') + ',Cookie : ' + request_args.get('cookie', ' "None"')[2:-1] if sig != '' and fullstr != '': # print "adding %s (%s) " % (sig, fullstr) parser = signature_parser(cursor) parser.sig_to_db(fullstr, sig, date=date) fd.close() db.close()
def fill_db(files, conf_path): wrapper = SQLWrapper.SQLWrapper(conf_path) wrapper.connect() sig = '' if re.match("[a-z0-9]+$", wrapper.dbname) == False: print 'bad db name :)' exit(-2) wrapper.drop_database() wrapper.create_db() wrapper.select_db(wrapper.dbname) #wrapper.exec() print "Filling db with %s (TABLES WILL BE DROPPED !)" % ' '.join(files) # parser = signature_parser(wrapper) parser = signature_parser(wrapper) parser.wrapper.StartInsert() for filename in files: with open(filename, 'r') as fd: for line in fd: fullstr = '' if 'NAXSI_FMT' in line: l = line.split(", ") date = ' '.join(l[0].split()[:2]) sig = l[0].split('NAXSI_FMT:')[1][1:] l = l[1:] request_args = {} for i in l: s = i.split(':') request_args[s[0]] = urllib.unquote(''.join(s[1:])) fullstr = request_args.get('request', 'None')[2:-1] + ' Referer : ' + request_args.get('referrer', ' "None"')[2:-1].strip('"\n') + ',Cookie : ' + request_args.get('cookie', ' "None"')[2:-1] if sig != '' and fullstr != '': parser.sig_to_db(fullstr, sig, date=date) parser.wrapper.StopInsert()
def dataReceived(self, data): """ HTTP request from learning mode might be received here :) """ # print str(threading.currentThread().name)+"\n" sig = signature_parser("localhost", "root", "trivialpassword", "naxsi_sig") sig_idx = data.find("\r\nnaxsi_sig: ") if (sig_idx == -1): print "ERROR: request doesn't contain naxis_sig header" print data+"\n---\n" self.finish() return sig_idx = sig_idx + 2 sig_end = data[sig_idx:].find("\r\n") if (sig_end == -1): print "ERROR: request doesn't contain naxsi_sig header" print data+"\n---\n" self.finish() return self.finish() threads.deferToThread(sig.raw_parser, *(data, data[sig_idx:sig_idx+sig_end])) #sig.raw_parser(data[sig_idx:sig_idx+sig_end], is_from_http=True) return