Esempi in Python per get_current_route, esempi in Python per App.core.parse.parseroute.get_current_route

Esempio n. 1

0

Mostra file

File: initialize.py Progetto: WebLogicVulnerability/E-C

def _initialize():
    print 'initialize......'
    PATH = get_current_route()
    print 'path initialize success'
    trace_path = PATH + 'trace.txt'
    print trace_path
    if os.path.exists(trace_path):
        pass
    else:
        print 'trace file seems don\'t exists,please check'
        exit
    print 'trying to generate graph......'
    generate_graph(trace_path)
    print 'graph generated'
    check_dot_file()
    try_workflow()
    print 'workflow can be exe rightly'

Esempio n. 2

0

Mostra file

File: web_client.py Progetto: WebLogicVulnerability/E-C

 def session1():
     print 'session1'
     analyze_workflow(get_current_route() + "Graph.dot")
     num = 0
     cj = cookielib.CookieJar()
     opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
     urllib2.install_opener(opener)
     while (len(param_list) > num):
         if (param_list[num] == ""):  #get
             get(url_list[num].__str__(), opener)
         else:  #post
             print 'url is ', url_list[num].__str__()
             get_post_data(param_list[num])
         num = num + 1
     cook = cj._cookies
     print 'session1 end'
     #thread.exit_thread()
     print 'session1 end2'
     return cook.get('211.87.234.16').get('/').get('PHPSESSID')

Esempio n. 3

0

Mostra file

File: web_client.py Progetto: WebLogicVulnerability/E-C

def auto_visiter():
    data = {}
    analyze_workflow(get_current_route() + "\Graph4.dot")
    num = 0
    cj = cookielib.CookieJar()
    opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
    urllib2.install_opener(opener)
    response = urllib2.urlopen("http://211.87.234.178")
    #
    #     cook=cj._cookies
    #     #cookie structure ([domain[, path[, name]]])
    #     cook.get('211.87.234.178').get('/').get('PHPSESSID')
    #     print  cook.get('211.87.234.178').get('/').get('PHPSESSID').value
    #
    #
    #
    #     #{'/': {'PHPSESSID': Cookie(version=0, name='PHPSESSID', value='5lr7heudd9r3o4b1af3spjsv93', port=None, port_specified=False, domain='211.87.234.178', domain_specified=False, domain_initial_dot=False, path='/', path_specified=True, secure=False, expires=None, discard=True, comment=None, comment_url=None, rest={'HttpOnly': None}, rfc2109=False)}}
    #
    #     print 'cook',cook
    #
    #
    test_string = "string"
    #按照图文件的顺序访问再访问一遍
    while (len(param_list) > num):
        if (param_list[num] == ""):  #get
            response = get(url_list[num].__str__(), opener)
            print "get_url", url_list[num]
            if response.__class__ == test_string.__class__:
                print response
            else:
                print response.read()
        else:  #post
            data = get_post_data(param_list[num])
            print "data", data
            print "post_url", url_list[num]
            response = post(url_list[num].__str__(), data, opener)

            if response.__class__ == test_string.__class__:
                print response
            else:
                print response.read()
        num = num + 1

Esempio n. 4

0

Mostra file

File: web_client.py Progetto: WebLogicVulnerability/E-C

    def session2(session):
        print 'session2'
        analyze_workflow(get_current_route() + "Graph.dot")
        num = 0
        cj = cookielib.CookieJar()
        opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
        urllib2.install_opener(opener)
        urllib2.urlopen("http://211.87.234.16")

        cook = cj._cookies
        #cookie structure ([domain[, path[, name]]])
        cook.get('211.87.234.178').get('/').get('PHPSESSID').value = session
        print 'session2 cook', cook
        while (len(param_list) > num):
            if (param_list[num] == ""):  #get
                print url_list[num].__str__()
                get(url_list[num].__str__(), opener)
            else:  #post
                print 'url is ', url_list[num].__str__()
                get_post_data(param_list[num])

            num = num + 1
        print 'session2 end'

Esempio n. 5

0

Mostra file

File: initialize.py Progetto: WebLogicVulnerability/E-C

def try_workflow():
    print 'try workflow'
    analyze_workflow(get_current_route() + 'Graph.dot')
    check_the_workflow()
    judge()

Esempio n. 6

0

Mostra file

File: initialize.py Progetto: WebLogicVulnerability/E-C

def check_dot_file():
    graph = open(get_current_route() + "Graph.dot", 'r')
    data = graph.readline()
    if len(data) == 0:
        print 'dot file seems be empty,please rerunning the workflow'

Esempio n. 7

0

Mostra file

File: graph_generator.py Progetto: WebLogicVulnerability/E-C

def generate_graph(trace_path):   
    nodes=[]
    node={} 
    shop=open(trace_path,"r")
    line = shop.readline()

    while line:
    
        if 'GET' in line or 'Host' in line or 'POST' in line or '$_$' in line:
            if 'GET ' in line :
                temp=line.split()
                if node:  
                    nodes.append(node)
                    node={}
                node['GET_or_POST']='g'
                node["URL"]=temp[1]
            if 'POST ' in line: 
                temp_post=line.split()
    
                if node:  
                    nodes.append(node)#
                    node={}#
                        
                node['GET_or_POST']='p'
                node["URL"]=temp_post[1]
                node["pd"]='Y'
            if 'Host:' in line :
                s=line.rstrip()+node["URL"]
                node["URL"]=s[5:]
    
            if  node['GET_or_POST']=='p':  
                node['post_data']=''
            if "$_$" in line:
                    #print 'post_data_line',line
                    node['post_data']=line
        else: 
            pass
                    
        line=shop.readline()
        aheadline=line
    
    if node['GET_or_POST']!='null':
        nodes.append(node)
    
    shop.close()
    
    a=0
    for nodes_num in range(0,len(nodes)):
        for order in range(0,nodes_num):
            if "Referer" in nodes[nodes_num] and "URL" in nodes[order] and nodes[order]["URL"] == nodes[nodes_num]["Referer"]:
                if "sons" in  nodes[order]:
                    nodes[order]["sons"].append(nodes_num)
                else:
                    nodes[order]["sons"]=[nodes_num]
    graph=open(get_current_route()+"Graph.dot",'w')
    
    graph.write("digraph shili1{\n")
    i=0
    for nodes_num in range(0,len(nodes)): 
        graph.write("p")
        graph.write(str(nodes_num))
        graph.write(" -> ")
        graph.write("p")
        graph.write(str(nodes_num+1))
        
        if nodes[nodes_num]["GET_or_POST"]=='p':
            graph.write(' [style="dashed",label="')
        else:   
            graph.write(' [label="')
    
        if "URL" in nodes[nodes_num]:
            graph.write(nodes[nodes_num]["URL"])
    
        if nodes[nodes_num]["GET_or_POST"]=='p':
            graph.write('"];'+'//')
            graph.write(nodes[nodes_num]["post_data"])
            #print 'post data',nodes[nodes_num]["post_data"]
        
        else:
            graph.write('"];')
        
        graph.write('\n')
        #print 'nodesnumner' ,nodes_num,nodes[nodes_num]["URL"]
    graph.write("}")
    #print 'done'
    
    graph.close()

Esempio n. 8

0

Mostra file

def generate_graph(trace_path):
    nodes = []
    node = {}
    shop = open(trace_path, "r")
    line = shop.readline()

    while line:

        if 'GET' in line or 'Host' in line or 'POST' in line or '$_$' in line:
            if 'GET ' in line:
                temp = line.split()
                if node:
                    nodes.append(node)
                    node = {}
                node['GET_or_POST'] = 'g'
                node["URL"] = temp[1]
            if 'POST ' in line:
                temp_post = line.split()

                if node:
                    nodes.append(node)  #
                    node = {}  #

                node['GET_or_POST'] = 'p'
                node["URL"] = temp_post[1]
                node["pd"] = 'Y'
            if 'Host:' in line:
                s = line.rstrip() + node["URL"]
                node["URL"] = s[5:]

            if node['GET_or_POST'] == 'p':
                node['post_data'] = ''
            if "$_$" in line:
                #print 'post_data_line',line
                node['post_data'] = line
        else:
            pass

        line = shop.readline()
        aheadline = line

    if node['GET_or_POST'] != 'null':
        nodes.append(node)

    shop.close()

    a = 0
    for nodes_num in range(0, len(nodes)):
        for order in range(0, nodes_num):
            if "Referer" in nodes[nodes_num] and "URL" in nodes[
                    order] and nodes[order]["URL"] == nodes[nodes_num][
                        "Referer"]:
                if "sons" in nodes[order]:
                    nodes[order]["sons"].append(nodes_num)
                else:
                    nodes[order]["sons"] = [nodes_num]
    graph = open(get_current_route() + "Graph.dot", 'w')

    graph.write("digraph shili1{\n")
    i = 0
    for nodes_num in range(0, len(nodes)):
        graph.write("p")
        graph.write(str(nodes_num))
        graph.write(" -> ")
        graph.write("p")
        graph.write(str(nodes_num + 1))

        if nodes[nodes_num]["GET_or_POST"] == 'p':
            graph.write(' [style="dashed",label="')
        else:
            graph.write(' [label="')

        if "URL" in nodes[nodes_num]:
            graph.write(nodes[nodes_num]["URL"])

        if nodes[nodes_num]["GET_or_POST"] == 'p':
            graph.write('"];' + '//')
            graph.write(nodes[nodes_num]["post_data"])
            #print 'post data',nodes[nodes_num]["post_data"]

        else:
            graph.write('"];')

        graph.write('\n')
        #print 'nodesnumner' ,nodes_num,nodes[nodes_num]["URL"]
    graph.write("}")
    #print 'done'

    graph.close()