def setUp(self): self.dbtable = commen.PutsqlName("dbtable_") self.sqllist = "SELECT * FROM " + self.dbtable self.ruler_name = commen.PutsqlName("dm_") LOG.info("规则名称:%s" % self.ruler_name) LOG.info("SQL语句:%s" % self.sqllist) self.sensql = SensitiveSql( self.ruler_name, GlobalConfig.db_type_['dm'], dbservice.select_dbservice_byname(gp.run_db['dm'])) self.sensitiveway = SensitiveWay()
def setUp(self): self.dbtable = commen.PutsqlName("dbtable_") sql_execute.db2_create_table('db2', self.dbtable) self.sqllist = "SELECT * FROM " + self.dbtable self.ruler_name = commen.PutsqlName("db2_") LOG.info("规则名称:%s" % self.ruler_name) LOG.info("SQL语句:%s" % self.sqllist) self.sensql = SensitiveSql( self.ruler_name, GlobalConfig.db_type_['DB2'], dbservice.select_dbservice_byname(gp.run_db["db2"])) self.sensitiveway = SensitiveWay()
def setUp(self): self.sqllist = commen.PutsqlNum() self.ruler_name = commen.PutsqlName("db2_") LOG.info("规则名称:%s" % self.ruler_name) LOG.info("SQL语句:%s" % self.sqllist) self.sensql = SensitiveSql(self.ruler_name, GlobalConfig.db_type_['DB2'], dbservice.select_dbservice_byname(gp.run_db["db2"])) self.sensitiveway = SensitiveWay()
def test_sqlinject_sqlserver_simulate(self): '''sql注入特征库sqlserver模拟模式''' sql = 'select * from %s group by id having 1=1' % (commen.PutsqlName('users')) DBService_Case.update_runmode(dbname=sqlserver_dict['objName'], runmode=db_dict['updatedbserver']['runmode']['模拟']) time.sleep(10) LOG.info('sqlserver切换模式模拟。。。') sql_execute.exec_select(dbtype='sqlserver', sql=sql) sqlinject.check_sql(rulename='[SQL注入]HAVING数字型永真注入', sql=sql, risk_level=param['风险级别']['高'], res_behavior=param['响应行为']['模拟阻断'])
def test_sqlinject_oracle_simulate(self): '''sql注入特征库oracle模拟模式''' sql = 'select * from * where %s=1 or 1=1' % (commen.PutsqlName('password')) DBService_Case.update_runmode(dbname=oracle_dict['objName'], runmode=db_dict['updatedbserver']['runmode']['模拟']) time.sleep(10) LOG.info('oracle切换模式模拟。。。') sql_execute.exec_select(dbtype='oracle', sql=sql) sqlinject.check_sql(rulename='[SQL注入]基于布尔值的数字OR盲注', sql=sql, risk_level=param['风险级别']['高'], res_behavior=param['响应行为']['模拟阻断'])
def test_sqlinject_db2_simulate(self): '''sql注入特征库db2模拟模式''' sql='select * from %s where username="******" or 1=1'%(commen.PutsqlName('user_role_privs')) DBService_Case.update_runmode(dbname=db2_dict['objName'], runmode=db_dict['updatedbserver']['runmode']['模拟']) time.sleep(10) LOG.info('db2切换模式模拟。。。') sql_execute.exec_select(dbtype='db2', sql=sql) sqlinject.check_sql(rulename='[SQL注入]基于布尔值的数字OR盲注', sql=sql, risk_level=param['风险级别']['高'], res_behavior=param['响应行为']['模拟阻断'])
def test_sqlinject_mysql_simulate(self): '''sql注入特征库mysql模拟模式''' sel_sql = commen.PutsqlName('users') sql = 'select * from ' + sel_sql + ' where user="******" union select aaa from bbb #' DBService_Case.update_runmode(dbname=mysql_dict['objName'], runmode=db_dict['updatedbserver']['runmode']['模拟']) time.sleep(10) LOG.info('mysql切换模式模拟。。。') sql_execute.exec_select(dbtype='mysql', sql=sql) sqlinject.check_sql(rulename='[SQL注入]SELECT FROM LIMIT 注入', sql=sel_sql, risk_level=param['风险级别']['高'], res_behavior=param['响应行为']['模拟阻断'])
def test_sqlinject_gbase_learn(self): '''sql注入特征库gbase学习模式''' key = commen.PutsqlName('user_role_privs') sql = 'select * from %s where username="******" or 1=1' % (key) DBService_Case.update_runmode(dbname=gbase_dict['objName'], runmode=db_dict['updatedbserver']['runmode']['学习']) time.sleep(10) LOG.info('gbase切换模式学习。。。') sql_execute.exec_select(dbtype='gbase_s83', sql=sql) sqlinject.check_sql(rulename='[SQL注入]基于布尔值的数字OR盲注', sql=key, risk_level=param['风险级别']['高'], res_behavior=param['响应行为']['模拟阻断'])
def test_virtual_oracle_simulate(self): '''漏洞特征库oracle模拟模式''' key = commen.PutsqlName('DUAL') sql = "SELECT XDB.DBMS_XMLSCHEMA.GENERATESCHEMA ('a', 'ABCD' || chr(212)||chr(100)||chr(201)||chr(01)chr(32)||'echo ARE YOU SURE? >c:\\Unbreakable.txt') FROM %s" % ( key) DBService_Case.update_runmode( dbname=oracle_dict['objName'], runmode=db_dict['updatedbserver']['runmode']['模拟']) time.sleep(15) LOG.info('oracle切换模式模拟。。。') sql_execute.exec_select(dbtype='oracle', sql=sql) sqlinject.check_sql(rulename='[漏洞风险]ORACLE DBMS绕过登录访问控制漏洞', sql=key, risk_level=param['风险级别']['极高'], res_behavior=param['响应行为']['模拟阻断'])
def setUp(self): self.table_name = commen.PutsqlName('TABLE') self.sql = 'SELECT * FROM ' + self.table_name self.name = commen.PutsqlName('')
def setUp(self): self.name = commen.PutsqlName('')