예제 #1
0
class Payload(db.Model):
    """
    Payload model contains the following parameters:

    payload = payload used in xss injection testing.
    url = url where payload is submitted to
    method = method of request to faciliate xss testing
    paramater = parameter which contains the payload
    notes = notes

    Payload provides primary key to Capture, which stores
    a xss capture.
    """
    __tablename__ = 'payloads'

    id = db.Column(db.Integer, primary_key=True)
    payload = db.Column(db.String(500))
    url = db.Column(db.String(500))
    method = db.Column(db.String(12))
    parameter = db.Column(db.String(50))
    notes = db.Column(db.String(200))
    assessment = db.Column(db.Integer, db.ForeignKey('assessments.id'))

    # When payloads are deleted, cascade the delete and remove associated captures
    captures = db.relationship("Capture",
                               cascade="all,delete",
                               backref="payloads")

    def as_dict(self):
        """
        Return JSON API object
        """

        # Replace $1 template with configured hostname
        payload = self.payload.replace(
            "$1", "//{}/x?u={}".format(app.config['HOSTNAME'], str(self.id)))

        payload_dict = {
            "id": self.id,
            "assessments": [i.as_dict() for i in self.assessments],
            "payload": payload,
            "url": self.url,
            "method": self.method,
            "parameter": self.parameter,
            "notes": self.notes
        }

        return payload_dict

    def show_assessment_ids(self):
        """
        Print payload assessments as a list of assessment ids.
        """
        return [i.id for i in self.assessments]

    def show_assessment_names(self):
        """
        Print payload assessments as a string of assessment names.
        """
        return ','.join([i.name for i in self.assessments])
예제 #2
0
class Puppyscript(db.Model):
    """
    Puppyscript model contains the following parameters:

    name = name of javascript file.
    code = code that will be executed when a sleepy puppy payload is executed
    notes = notes

    Puppyscript is many to many with payload.
    """
    __tablename__ = 'puppyscript'

    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(500), nullable=False)
    code = db.Column(db.Text(), nullable=False)
    notes = db.Column(db.String(500))
    payloads = db.relationship("Payload",
                               backref='puppyscript',
                               secondary=taxonomy)

    def show_puppyscript_ids(self):
        """
        Print puppyscripts as a list of Puppyscript ids.
        """
        return [i.id for i in self.Puppyscripts]

    def show_puppyscript_names(self):
        """
        Print puppyscripts as a string of Puppyscript ids.
        """
        return ','.join([i.name for i in self.Puppyscripts])

    def as_dict(self, payload=1, assessment=1):
        """
        Return Assessment model as JSON object

        If you need to expose additional variables to your Puppyscript
        templates, this is the place to do it.
        """

        js_dict = {}
        js_dict['name'] = self.name
        js_dict['code'] = render_template_string(
            self.code,
            hostname=app.config['CALLBACK_HOSTNAME'],
            callback_protocol=app.config.get('CALLBACK_PROTOCOL', 'https'),
            payload=payload,
            assessment=assessment)
        return js_dict

    def __repr__(self):
        return str(self.name)
예제 #3
0
class Assessment(db.Model):
    """
    Assessemt model contains the following parameters:

    name = name of the assessment you are working on.
    payloads = payloads assocaited with the assessment

    """

    __tablename__ = 'assessments'

    id = db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(500))
    payloads = db.relationship("Payload", secondary=assessment_associations, backref="assessments")

    def as_dict(self):
        """Return Assessment model as JSON object"""
        return {c.name: getattr(self, c.name) for c in self.__table__.columns}

    def __repr__(self):
        return str(self.name)