def test_case(self):
self.run_default_checks()
self.test_signals.register(has_string(self))
if "FAILURE_KEYS_PRESENT" in self.test_signals:
failed_strings = self.test_signals.find(
slugs="FAILURE_KEYS_PRESENT")[0].data["failed_strings"]
self.register_issue(
defect_type="command_injection",
severity=syntribos.HIGH,
confidence=syntribos.MEDIUM,
description=("A string known to be commonly returned after a "
"successful command injection attack was "
"included in the response. This could indicate "
"a vulnerability to command injection "
"attacks.").format(failed_strings))
self.diff_signals.register(time_diff(self))
if "TIME_DIFF_OVER" in self.diff_signals:
self.register_issue(
defect_type="command_injection",
severity=syntribos.HIGH,
confidence=syntribos.MEDIUM,
description=("The time elapsed between the sending of "
"the request and the arrival of the res"
"ponse exceeds the expected amount of time, "
"suggesting a vulnerability to command "
"injection attacks."))
def test_case(self):
self.run_default_checks()
self.test_signals.register(has_string(self))
if "FAILURE_KEYS_PRESENT" in self.test_signals:
failed_strings = self.test_signals.find(
slugs="FAILURE_KEYS_PRESENT")[0].data["failed_strings"]
self.register_issue(
defect_type="json_depth_limit_strings",
severity=syntribos.MEDIUM,
confidence=syntribos.HIGH,
description=(
"The string(s): '{0}', is known to be commonly "
"returned after a successful overflow of the json"
" parsers depth limit. This could possibly "
"result in a dos vulnerability.").format(failed_strings))
self.diff_signals.register(time_diff(self))
if "TIME_DIFF_OVER" in self.diff_signals:
self.register_issue(
defect_type="json_depth_timing",
severity=syntribos.MEDIUM,
confidence=syntribos.LOW,
description=(_("The time it took to resolve a request "
"was too long compared to the "
"baseline request. This could indicate a "
"vulnerability to denial of service attacks.")))
def test_case(self):
self.run_default_checks()
self.test_signals.register(has_string(self))
if "FAILURE_KEYS_PRESENT" in self.test_signals:
failed_strings = self.test_signals.find(slugs="FAILURE_KEYS_PRESENT")[0].data["failed_strings"]
self.register_issue(
defect_type="user_defined_strings",
severity=syntribos.MEDIUM,
confidence=syntribos.LOW,
description=(
"The string(s): '{0}', is in the list of "
"possible vulnerable keys. This may "
"indicate a vulnerability to this form of "
"user defined attack."
).format(failed_strings),
)
self.diff_signals.register(time_diff(self))
if "TIME_DIFF_OVER" in self.diff_signals:
self.register_issue(
defect_type="user_defined_string_timing",
severity=syntribos.MEDIUM,
confidence=syntribos.MEDIUM,
description=(
"A response to one of the payload requests has "
"taken too long compared to the baseline "
"request. This could indicate a vulnerability "
"to time-based injection attacks using the user "
"provided strings."
),
)
def test_case(self):
self.run_default_checks()
self.test_signals.register(has_string(self))
if "FAILURE_KEYS_PRESENT" in self.test_signals:
failed_strings = self.test_signals.find(
slugs="FAILURE_KEYS_PRESENT")[0].data["failed_strings"]
self.register_issue(
defect_type="sql_strings",
severity=syntribos.MEDIUM,
confidence=syntribos.LOW,
description=("The string(s): '{0}', known to be commonly "
"returned after a successful SQL injection attack"
", have been found in the response. This could "
"indicate a vulnerability to SQL injection "
"attacks.").format(failed_strings))
self.diff_signals.register(time_diff(self))
if "TIME_DIFF_OVER" in self.diff_signals:
self.register_issue(
defect_type="sql_timing",
severity=syntribos.MEDIUM,
confidence=syntribos.MEDIUM,
description=(_("A response to one of our payload requests has "
"taken too long compared to the baseline "
"request. This could indicate a vulnerability "
"to time-based SQL injection attacks")))
def test_case(self):
self.run_default_checks()
self.test_signals.register(has_string(self))
if "FAILURE_KEYS_PRESENT" in self.test_signals:
failed_strings = self.test_signals.find(
slugs="FAILURE_KEYS_PRESENT")[0].data["failed_strings"]
self.register_issue(
defect_type="bof_strings",
severity=syntribos.MEDIUM,
confidence=syntribos.MEDIUM,
description=("The string(s): '{0}', known to be commonly "
"returned after a successful buffer overflow "
"attack, have been found in the response. This "
"could indicate a vulnerability to buffer "
"overflow attacks.").format(failed_strings))
self.diff_signals.register(time_diff(self))
if "TIME_DIFF_OVER" in self.diff_signals:
self.register_issue(
defect_type="bof_timing",
severity=syntribos.MEDIUM,
confidence=syntribos.LOW,
description=(_("The time it took to resolve a request with a "
"long string was too long compared to the "
"baseline request. This could indicate a "
"vulnerability to buffer overflow attacks")))
def test_case(self):
self.run_default_checks()
self.test_signals.register(has_string(self))
if "FAILURE_KEYS_PRESENT" in self.test_signals:
failed_strings = self.test_signals.find(
slugs="FAILURE_KEYS_PRESENT")[0].data["failed_strings"]
self.register_issue(
defect_type="user_defined_strings",
severity=syntribos.MEDIUM,
confidence=syntribos.LOW,
description=("The string(s): '{0}', is in the list of "
"possible vulnerable keys. This may "
"indicate a vulnerability to this form of "
"user defined attack.").format(failed_strings))
self.diff_signals.register(time_diff(self))
if "TIME_DIFF_OVER" in self.diff_signals:
self.register_issue(
defect_type="user_defined_string_timing",
severity=syntribos.MEDIUM,
confidence=syntribos.LOW,
description=(_("A response to one of the payload requests has "
"taken too long compared to the baseline "
"request. This could indicate a vulnerability "
"to time-based injection attacks using the user"
" provided strings.")))
def test_case(self):
self.run_default_checks()
self.test_signals.register(has_string(self))
if "FAILURE_KEYS_PRESENT" in self.test_signals:
failed_strings = self.test_signals.find(
slugs="FAILURE_KEYS_PRESENT")[0].data["failed_strings"]
self.register_issue(
defect_type="json_depth_limit_strings",
severity=syntribos.MEDIUM,
confidence=syntribos.HIGH,
description=(
"The string(s): '{0}', is known to be commonly "
"returned after a successful overflow of the json"
" parsers depth limit. This could possibly "
"result in a dos vulnerability.").format(failed_strings))
self.diff_signals.register(time_diff(self))
if "TIME_DIFF_OVER" in self.diff_signals:
self.register_issue(
defect_type="json_depth_timing",
severity=syntribos.MEDIUM,
confidence=syntribos.MEDIUM,
description=("The time it took to resolve a request "
"was too long compared to the "
"baseline request. This could indicate a "
"vulnerability to denial of service attacks."))
def test_case(self):
self.run_default_checks()
self.test_signals.register(has_string(self))
if "FAILURE_KEYS_PRESENT" in self.test_signals:
failed_strings = self.test_signals.find(
slugs="FAILURE_KEYS_PRESENT")[0].data["failed_strings"]
self.register_issue(
defect_type="xml_strings",
severity=syntribos.MEDIUM,
confidence=syntribos.LOW,
description=("The string(s): '{0}', known to be commonly "
"returned after a successful XML external entity "
"attack, have been found in the response. This "
"could indicate a vulnerability to XML external "
"entity attacks.").format(failed_strings))
self.diff_signals.register(time_diff(self))
if "TIME_DIFF_OVER" in self.diff_signals:
self.register_issue(
defect_type="xml_timing",
severity=syntribos.MEDIUM,
confidence=syntribos.LOW,
description=(
"The time it took to resolve a request with an "
"invalid URL in the DTD takes too long compared "
"to the baseline request. This could reflect a "
"vulnerability to an XML external entity attack."))
def test_case(self):
self.run_default_checks()
self.test_signals.register(has_string(self))
if "FAILURE_KEYS_PRESENT" in self.test_signals:
failed_strings = self.test_signals.find(
slugs="FAILURE_KEYS_PRESENT")[0].data["failed_strings"]
self.register_issue(
defect_type="bof_strings",
severity=syntribos.MEDIUM,
confidence=syntribos.LOW,
description=("The string(s): '{0}', known to be commonly "
"returned after a successful buffer overflow "
"attack, have been found in the response. This "
"could indicate a vulnerability to buffer "
"overflow attacks.").format(failed_strings))
self.diff_signals.register(time_diff(self))
if "TIME_DIFF_OVER" in self.diff_signals:
self.register_issue(
defect_type="bof_timing",
severity=syntribos.MEDIUM,
confidence=syntribos.MEDIUM,
description=(_("The time it took to resolve a request with a "
"long string was too long compared to the "
"baseline request. This could indicate a "
"vulnerability to buffer overflow attacks")))
def test_case(self):
self.run_default_checks()
self.failure_keys = self._get_strings()
self.test_signals.register(has_string(self))
if 'content-type' in self.init_req.headers:
content_type = self.init_req.headers['content-type']
if 'html' in content_type:
sev = syntribos.MEDIUM
else:
sev = syntribos.LOW
else:
sev = syntribos.LOW
if "FAILURE_KEYS_PRESENT" in self.test_signals:
failed_strings = self.test_signals.find(
slugs="FAILURE_KEYS_PRESENT")[0].data["failed_strings"]
self.register_issue(
defect_type="xss_strings",
severity=sev,
confidence=syntribos.LOW,
description=("The string(s): '{0}', known to be commonly "
"returned after a successful XSS "
"attack, have been found in the response. This "
"could indicate a vulnerability to XSS "
"attacks.").format(failed_strings))
def test_case(self):
self.run_default_checks()
self.test_signals.register(has_string(self))
if "FAILURE_KEYS_PRESENT" in self.test_signals:
failed_strings = self.test_signals.find(
slugs="FAILURE_KEYS_PRESENT")[0].data["failed_strings"]
self.register_issue(
defect_type="sql_strings",
severity=syntribos.MEDIUM,
confidence=syntribos.LOW,
description=("The string(s): '{0}', known to be commonly "
"returned after a successful SQL injection attack"
", have been found in the response. This could "
"indicate a vulnerability to SQL injection "
"attacks.").format(failed_strings))
self.diff_signals.register(time_diff(self))
if "TIME_DIFF_OVER" in self.diff_signals:
self.register_issue(
defect_type="sql_timing",
severity=syntribos.MEDIUM,
confidence=syntribos.MEDIUM,
description=("A response to one of our payload requests has "
"taken too long compared to the baseline "
"request. This could indicate a vulnerability "
"to time-based SQL injection attacks"))
def test_case(self):
self.run_default_checks()
self.test_signals.register(has_string(self))
if "FAILURE_KEYS_PRESENT" in self.test_signals:
failed_strings = self.test_signals.find(
slugs="FAILURE_KEYS_PRESENT")[0].data["failed_strings"]
self.register_issue(
defect_type="command_injection",
severity=syntribos.HIGH,
confidence=syntribos.MEDIUM,
description=("A string known to be commonly returned after a "
"successful command injection attack was "
"included in the response. This could indicate "
"a vulnerability to command injection "
"attacks.").format(failed_strings))
self.diff_signals.register(time_diff(self))
if "TIME_DIFF_OVER" in self.diff_signals:
self.register_issue(
defect_type="command_injection",
severity=syntribos.HIGH,
confidence=syntribos.MEDIUM,
description=(_("The time elapsed between the sending of "
"the request and the arrival of the res"
"ponse exceeds the expected amount of time, "
"suggesting a vulnerability to command "
"injection attacks.")))
def test_case(self):
self.run_default_checks()
self.test_signals.register(has_string(self))
if "FAILURE_KEYS_PRESENT" in self.test_signals:
failed_strings = self.test_signals.find(
slugs="FAILURE_KEYS_PRESENT")[0].data["failed_strings"]
self.register_issue(
defect_type="xml_strings",
severity=syntribos.MEDIUM,
confidence=syntribos.LOW,
description=("The string(s): '{0}', known to be commonly "
"returned after a successful XML external entity "
"attack, have been found in the response. This "
"could indicate a vulnerability to XML external "
"entity attacks.").format(failed_strings))
self.diff_signals.register(time_diff(self))
if "TIME_DIFF_OVER" in self.diff_signals:
self.register_issue(
defect_type="xml_timing",
severity=syntribos.MEDIUM,
confidence=syntribos.LOW,
description=("The time it took to resolve a request with an "
"invalid URL in the DTD takes too long compared "
"to the baseline request. This could reflect a "
"vulnerability to an XML external entity attack.")
)