def __init__(self, base_dir, db_name, loop=None):
self.emulator_enabled = TannerConfig.get_section('EMULATOR_ENABLED')
self.emulators = {
'rfi':
rfi.RfiEmulator(base_dir, loop)
if self.emulator_enabled['rfi'] else None,
'lfi':
lfi.LfiEmulator() if self.emulator_enabled['lfi'] else None,
'xss':
xss.XssEmulator() if self.emulator_enabled['xss'] else None,
'sqli':
sqli.SqliEmulator(db_name, base_dir)
if self.emulator_enabled['sqli'] else None,
'cmd_exec':
cmd_exec.CmdExecEmulator()
if self.emulator_enabled['cmd_exec'] else None,
'php_code_injection':
php_code_injection.PHPCodeInjection(loop)
if self.emulator_enabled['php_code_injection'] else None,
'crlf':
crlf.CRLFEmulator() if self.emulator_enabled['crlf'] else None
}
self.get_emulators = [
'sqli', 'rfi', 'lfi', 'xss', 'php_code_injection', 'cmd_exec',
'crlf'
]
self.post_emulators = [
'sqli', 'rfi', 'lfi', 'xss', 'php_code_injection', 'cmd_exec',
'crlf'
]
self.cookie_emulators = ['sqli']
def __init__(self, base_dir, db_name):
self.emulators = {
'rfi': rfi.RfiEmulator(base_dir),
'lfi': lfi.LfiEmulator(base_dir),
'xss': xss.XssEmulator(),
'sqli': sqli.SqliEmulator(db_name, base_dir)
}
def setUp(self):
self.loop = asyncio.new_event_loop()
asyncio.set_event_loop(None)
query_map = {
'users': [{
'name': 'id',
'type': 'INTEGER'
}, {
'name': 'login',
'type': 'text'
}, {
'name': 'email',
'type': 'text'
}, {
'name': 'username',
'type': 'text'
}, {
'name': 'password',
'type': 'text'
}, {
'name': 'pass',
'type': 'text'
}, {
'name': 'log',
'type': 'text'
}],
'comments': [{
'name': 'comment',
'type': 'text'
}]
}
self.handler = sqli.SqliEmulator('test_db', '/tmp/')
self.handler.query_map = query_map
def __init__(self, base_dir, db_name, loop=None):
self.emulators = {
'rfi': rfi.RfiEmulator(base_dir, loop) if TannerConfig.get('EMULATOR_ENABLED', 'rfi') else None,
'lfi': lfi.LfiEmulator() if TannerConfig.get('EMULATOR_ENABLED', 'lfi') else None,
'xss': xss.XssEmulator() if TannerConfig.get('EMULATOR_ENABLED', 'xss') else None,
'sqli': sqli.SqliEmulator(db_name, base_dir) if TannerConfig.get('EMULATOR_ENABLED', 'sqli') else None,
'cmd_exec': cmd_exec.CmdExecEmulator() if TannerConfig.get('EMULATOR_ENABLED', 'cmd_exec') else None
}
self.get_emulators = ['sqli', 'rfi', 'lfi', 'xss', 'cmd_exec']
self.post_emulators = ['sqli', 'rfi', 'lfi', 'xss', 'cmd_exec']
self.cookie_emulators = ['sqli']
def setUp(self):
filename = '/tmp/db/test.db'
os.makedirs(os.path.dirname(filename), exist_ok=True)
open('/tmp/db/test.db', 'a').close()
query_map = {
'users':
['id', 'login', 'email', 'username', 'password', 'pass', 'log'],
'comments': ['comment']
}
self.handler = sqli.SqliEmulator('test.db', '/tmp/')
self.handler.query_map = query_map
def setUp(self):
self.loop = asyncio.new_event_loop()
asyncio.set_event_loop(None)
query_map = {
'users': [{
'name': 'id',
'type': 'INTEGER'
}, {
'name': 'login',
'type': 'text'
}, {
'name': 'email',
'type': 'text'
}, {
'name': 'username',
'type': 'text'
}, {
'name': 'password',
'type': 'text'
}, {
'name': 'pass',
'type': 'text'
}, {
'name': 'log',
'type': 'text'
}],
'comments': [{
'name': 'comment',
'type': 'text'
}]
}
self.handler = sqli.SqliEmulator('test_db', '/tmp/')
self.filename = '/tmp/db/test_db'
os.makedirs(os.path.dirname(self.filename), exist_ok=True)
open('/tmp/db/test_db', 'a').close()
self.handler.query_map = query_map
self.sess = mock.Mock()
self.sess.sess_uuid.hex = 'd877339ec415484987b279469167af3d'
def setUp(self):
self.loop = asyncio.new_event_loop()
asyncio.set_event_loop(None)
query_map = {
"users": [
{"name": "id", "type": "INTEGER"},
{"name": "login", "type": "text"},
{"name": "email", "type": "text"},
{"name": "username", "type": "text"},
{"name": "password", "type": "text"},
{"name": "pass", "type": "text"},
{"name": "log", "type": "text"},
],
"comments": [{"name": "comment", "type": "text"}],
}
self.handler = sqli.SqliEmulator("test_db", "/tmp/")
self.filename = "/tmp/db/test_db"
os.makedirs(os.path.dirname(self.filename), exist_ok=True)
open("/tmp/db/test_db", "a").close()
self.handler.query_map = query_map
self.sess = mock.Mock()
self.sess.sess_uuid.hex = "d877339ec415484987b279469167af3d"
def __init__(self, base_dir, db_name, loop=None):
self.emulator_enabled = {
'rfi': TannerConfig.get('EMULATOR_ENABLED', 'rfi'),
'sqli': TannerConfig.get('EMULATOR_ENABLED', 'sqli'),
'lfi': TannerConfig.get('EMULATOR_ENABLED', 'lfi'),
'xss': TannerConfig.get('EMULATOR_ENABLED', 'xss'),
'cmd_exec': TannerConfig.get('EMULATOR_ENABLED', 'cmd_exec'),
'php_code_injection': TannerConfig.get('EMULATOR_ENABLED', 'php_code_injection'),
'php_object_injection': TannerConfig.get('EMULATOR_ENABLED', 'php_object_injection'),
'crlf': TannerConfig.get('EMULATOR_ENABLED', 'crlf'),
'xxe_injection': TannerConfig.get('EMULATOR_ENABLED', 'xxe_injection'),
'template_injection': TannerConfig.get('EMULATOR_ENABLED', 'template_injection')
}
self.emulators = {
'rfi': rfi.RfiEmulator(base_dir, loop=loop, allow_insecure=TannerConfig.get("RFI", 'allow_insecure'))
if self.emulator_enabled['rfi'] else None,
'lfi': lfi.LfiEmulator() if self.emulator_enabled['lfi'] else None,
'xss': xss.XssEmulator() if self.emulator_enabled['xss'] else None,
'sqli': sqli.SqliEmulator(db_name, base_dir) if self.emulator_enabled['sqli'] else None,
'cmd_exec': cmd_exec.CmdExecEmulator() if self.emulator_enabled['cmd_exec'] else None,
'php_code_injection': php_code_injection.PHPCodeInjection(loop) if self.emulator_enabled[
'php_code_injection'] else None,
'php_object_injection': php_object_injection.PHPObjectInjection(loop) if self.emulator_enabled[
'php_object_injection'] else None,
'crlf': crlf.CRLFEmulator() if self.emulator_enabled['crlf'] else None,
'xxe_injection': xxe_injection.XXEInjection(loop) if self.emulator_enabled['xxe_injection'] else None,
'template_injection': template_injection.TemplateInjection(loop) if
self.emulator_enabled['template_injection'] else None
}
self.get_emulators = ['sqli', 'rfi', 'lfi', 'xss', 'php_code_injection', 'php_object_injection',
'cmd_exec', 'crlf', 'xxe_injection', 'template_injection']
self.post_emulators = ['sqli', 'rfi', 'lfi', 'xss', 'php_code_injection', 'php_object_injection',
'cmd_exec', 'crlf', 'xxe_injection', 'template_injection']
self.cookie_emulators = ['sqli', 'php_object_injection']
def __init__(self, base_dir, db_name, loop=None):
self.emulator_enabled = {
"rfi":
TannerConfig.get("EMULATOR_ENABLED", "rfi"),
"sqli":
TannerConfig.get("EMULATOR_ENABLED", "sqli"),
"lfi":
TannerConfig.get("EMULATOR_ENABLED", "lfi"),
"xss":
TannerConfig.get("EMULATOR_ENABLED", "xss"),
"cmd_exec":
TannerConfig.get("EMULATOR_ENABLED", "cmd_exec"),
"php_code_injection":
TannerConfig.get("EMULATOR_ENABLED", "php_code_injection"),
"php_object_injection":
TannerConfig.get("EMULATOR_ENABLED", "php_object_injection"),
"crlf":
TannerConfig.get("EMULATOR_ENABLED", "crlf"),
"xxe_injection":
TannerConfig.get("EMULATOR_ENABLED", "xxe_injection"),
"template_injection":
TannerConfig.get("EMULATOR_ENABLED", "template_injection"),
}
self.emulators = {
"rfi":
rfi.RfiEmulator(base_dir,
loop=loop,
allow_insecure=TannerConfig.get(
"RFI", "allow_insecure"))
if self.emulator_enabled["rfi"] else None,
"lfi":
lfi.LfiEmulator() if self.emulator_enabled["lfi"] else None,
"xss":
xss.XssEmulator() if self.emulator_enabled["xss"] else None,
"sqli":
sqli.SqliEmulator(db_name, base_dir)
if self.emulator_enabled["sqli"] else None,
"cmd_exec":
cmd_exec.CmdExecEmulator()
if self.emulator_enabled["cmd_exec"] else None,
"php_code_injection":
php_code_injection.PHPCodeInjection(loop)
if self.emulator_enabled["php_code_injection"] else None,
"php_object_injection":
php_object_injection.PHPObjectInjection(loop)
if self.emulator_enabled["php_object_injection"] else None,
"crlf":
crlf.CRLFEmulator() if self.emulator_enabled["crlf"] else None,
"xxe_injection":
xxe_injection.XXEInjection(loop)
if self.emulator_enabled["xxe_injection"] else None,
"template_injection":
template_injection.TemplateInjection(loop)
if self.emulator_enabled["template_injection"] else None,
}
self.get_emulators = [
"sqli",
"rfi",
"lfi",
"xss",
"php_code_injection",
"php_object_injection",
"cmd_exec",
"crlf",
"xxe_injection",
"template_injection",
]
self.post_emulators = [
"sqli",
"rfi",
"lfi",
"xss",
"php_code_injection",
"php_object_injection",
"cmd_exec",
"crlf",
"xxe_injection",
"template_injection",
]
self.cookie_emulators = ["sqli", "php_object_injection"]
