def _interesting_word(self, comment, request, response): """ Find interesting words in HTML comments """ lower_comment = comment.lower() for word in self._multi_in.query(lower_comment): # These next two lines fix a false positive which appears when # audit.ssi sends a payload to a site which has XSS, and # grep.html_comments sees that comment and reports it. if request.sent(comment): continue desc = ('A comment with the string "%s" was found in: "%s".' ' This could be interesting.') desc %= (word, response.get_url()) i = Info.from_fr('Interesting HTML comment', desc, response.id, self.get_name(), request) i.add_to_highlight(word) i[HTMLCommentHidesHTMLInfoSet.ITAG] = comment self.kb_append_uniq_group(self, 'interesting_comments', i, group_klass=HTMLCommentHidesHTMLInfoSet)
def _interesting_word(self, comment, request, response): """ Find interesting words in HTML comments """ lower_comment = comment.lower() for word in self._multi_in.query(lower_comment): if (word, response.get_url()) in self._already_reported: continue # These next two lines fix a false positive which appears when # audit.ssi sends a payload to a site which has XSS, and # grep.html_comments sees that comment and reports it. if request.sent(comment): continue self._already_reported.add((word, response.get_url())) desc = ('A comment with the string "%s" was found in: "%s".' ' This could be interesting.') desc %= (word, response.get_url()) i = Info.from_fr('Interesting HTML comment', desc, response.id, self.get_name(), request) i.add_to_highlight(word) kb.kb.append(self, 'interesting_comments', i) om.out.information(i.get_desc())
def _html_in_comment(self, comment, request, response): """ Find HTML code in HTML comments """ html_in_comment = self.HTML_RE.search(comment) if html_in_comment is None: return if (comment, response.get_url()) in self._already_reported: return # There is HTML code in the comment. comment = comment.strip() comment = comment.replace('\n', '') comment = comment.replace('\r', '') comment = comment[:40] desc = ('A comment with the string "%s" was found in: "%s".' ' This could be interesting.') desc %= (comment, response.get_url()) i = Info.from_fr('HTML comment contains HTML code', desc, response.id, self.get_name(), request) i.set_uri(response.get_uri()) i.add_to_highlight(html_in_comment.group(0)) kb.kb.append(self, 'html_comment_hides_html', i) om.out.information(i.get_desc()) self._already_reported.add((comment, response.get_url()))
def _interesting_word(self, comment, request, response): """ Find interesting words in HTML comments """ comment = comment.lower() for word in self._multi_in.query(comment): if (word, response.get_url()) not in self._already_reported_interesting: desc = 'A comment with the string "%s" was found in: "%s".'\ ' This could be interesting.' desc = desc % (word, response.get_url()) i = Info.from_fr('Interesting HTML comment', desc, response.id, self.get_name(), request) i.add_to_highlight(word) kb.kb.append(self, 'interesting_comments', i) om.out.information(i.get_desc()) self._already_reported_interesting.add((word, response.get_url()))
def _html_in_comment(self, comment, request, response): """ Find HTML code in HTML comments """ # # Check if HTML code is present in this comment # html_in_comment = self.HTML_RE.search(comment) if html_in_comment is None: return # # Remove false positives # for false_positive_string in self.HTML_FALSE_POSITIVES: if false_positive_string in comment: return # # There is HTML code in the comment, report it # comment = comment.strip() comment = comment.replace('\n', '') comment = comment.replace('\r', '') comment = comment[:40] desc = ('A comment containing HTML code "%s" was found in: "%s".' ' This could be interesting.') desc %= (comment, response.get_url()) i = Info.from_fr('HTML comment contains HTML code', desc, response.id, self.get_name(), request) i.set_uri(response.get_uri()) i.add_to_highlight(html_in_comment.group(0)) i[HTMLCommentHidesHTMLInfoSet.ITAG] = comment self.kb_append_uniq_group(self, 'html_comment_hides_html', i, group_klass=HTMLCommentHidesHTMLInfoSet)