Permalink
Browse files

Some small changes (#198)

* add phpox address in config

* return tanner verion to snare

* fix typo
  • Loading branch information...
rnehra01 authored and afeena committed Aug 28, 2017
1 parent 3dde5e7 commit 00d0bede873bedcd832737ab49539ecfeaecb92d
View
@@ -21,6 +21,10 @@ There are 8 different sections :
:Host: The host at which Tanner API is running
:Port: The port at which Tanner API is running
* **PHPOX**
:Host: The host at which PHPOX is running
:Port: The port at which PHPOX is running
* **REDIS**
:Host: The host address at which redis is running
@@ -32,7 +36,7 @@ There are 8 different sections :
:root_dir: The root directory for emulators that need data storing such as SQLI and LFI. Data will be stored in this directory
:emulator_enabled: This tells which emulators are enabled.
* **SQLI**
:db_name: THe name of database used in SQLI emulator
:type: Supports two types MySQL/SQLITE
:db_name: The name of database used in SQLI emulator
@@ -64,6 +68,7 @@ If no file is specified, following json will be used as default:
'TANNER': {'host': '0.0.0.0', 'port': 8090},
'WEB': {'host': '0.0.0.0', 'port': 8091},
'API': {'host': '0.0.0.0', 'port': 8092},
'PHPOX': {'host': '0.0.0.0', 'port': 8088},
'REDIS': {'host': 'localhost', 'port': 6379, 'poolsize': 80, 'timeout': 1},
'EMULATORS': {'root_dir': '/opt/tanner',
'emulator_enabled': {'sqli': True, 'rfi': True, 'lfi': True, 'xss': True, 'cmd_exec': True}
View
@@ -0,0 +1 @@
__version__ = '0.4.0'
View
@@ -10,6 +10,7 @@
'TANNER': {'host': '0.0.0.0', 'port': 8090},
'WEB': {'host': '0.0.0.0', 'port': 8091},
'API': {'host': '0.0.0.0', 'port': 8092},
'PHPOX': {'host': '0.0.0.0', 'port': 8088},
'REDIS': {'host': 'localhost', 'port': 6379, 'poolsize': 80, 'timeout': 1},
'EMULATORS': {'root_dir': '/opt/tanner',
'emulator_enabled': {'sqli': True, 'rfi': True, 'lfi': True, 'xss': True, 'php_code_injection': True, 'cmd_exec': True, 'crlf':True}
View
@@ -4,6 +4,7 @@
import urllib.parse
import yarl
from tanner import __version__ as tanner_version
from tanner.config import TannerConfig
from tanner.emulators import lfi, rfi, sqli, xss, cmd_exec, php_code_injection, crlf
from tanner.utils import patterns
@@ -127,7 +128,7 @@ def set_injectable_page(session):
detection['payload']['page'] = injectable_page
else:
detection['type'] = 3
detection['version'] = tanner_version
return detection
async def handle(self, data, session):
@@ -2,19 +2,23 @@
import asyncio
import logging
from tanner import config
from tanner.utils import patterns
class PHPCodeInjection:
def __init__(self, loop=None):
self._loop = loop if loop is not None else asyncio.get_event_loop()
self.logger = logging.getLogger('tanner.php_code_injecton')
async def get_injection_result(self, code):
async def get_injection_result(self, code):
code_injection_result = None
code = '<?php eval(\'$a = {code}\'); ?>'.format(code=code)
phpox_address = 'http://{host}:{port}'.format(host=config.TannerConfig.get('PHPOX', 'host'),
port=config.TannerConfig.get('PHPOX', 'port')
)
try:
async with aiohttp.ClientSession(loop=self._loop) as session:
async with session.post('http://127.0.0.1:8088/', data=code) as resp:
async with session.post(phpox_address, data=code) as resp:
code_injection_result = await resp.json()
except aiohttp.ClientError as client_error:
self.logger.error('Error during connection to php sandbox %s', client_error)
@@ -31,5 +35,5 @@ def scan(self, value):
async def handle(self, attack_params, session=None):
result = await self.get_injection_result(attack_params[0]['value'])
if not result or 'stdout' not in result:
return dict(status_code=504)
return dict(status_code=504)
return dict(value=result['stdout'], page=False)
View
@@ -10,6 +10,7 @@
import aiohttp
import yarl
from tanner import config
from tanner.utils import patterns
@@ -76,9 +77,12 @@ def download_file_ftp(self, url):
return rfi_result
with open(os.path.join(self.script_dir, file_name), 'br') as script:
script_data = script.read()
phpox_address = 'http://{host}:{port}'.format(host=config.TannerConfig.get('PHPOX', 'host'),
port=config.TannerConfig.get('PHPOX', 'port')
)
try:
async with aiohttp.ClientSession(loop=self._loop) as session:
async with session.post('http://127.0.0.1:8088/', data=script_data) as resp:
async with session.post(phpox_address, data=script_data) as resp:
rfi_result = await resp.json()
except aiohttp.ClientError as client_error:
self.logger.error('Error during connection to php sandbox %s', client_error)
@@ -14,6 +14,7 @@ def setUp(self):
'TANNER': {'host': '0.0.0.0', 'port': '9000'},
'WEB': {'host': '0.0.0.0', 'port': '9001'},
'WEB': {'host': '0.0.0.0', 'port': '9002'},
'PHPOX': {'host': '0.0.0.0', 'port': '9078'},
'REDIS': {'host': 'localhost', 'port': '1337', 'poolsize': '40', 'timeout': '5'},
'EMULATORS': {'root_dir': '/tmp/user_tanner'},
'SQLI': {'type':'SQLITE', 'db_name': 'user_tanner_db', 'host':'localhost', 'user':'user_name', 'password':'user_pass'},
@@ -61,6 +62,7 @@ def test_get_when_file_dont_exists(self):
'TANNER': {'host': '0.0.0.0', 'port': 8090},
'WEB': {'host': '0.0.0.0', 'port': 8091},
'API': {'host': '0.0.0.0', 'port': 8092},
'PHPOX': {'host': '0.0.0.0', 'port': 8088},
'REDIS': {'host': 'localhost', 'port': 6379, 'poolsize': 80, 'timeout': 1},
'EMULATORS': {'root_dir': '/opt/tanner'},
'SQLI': {'type':'SQLITE', 'db_name': 'tanner_db', 'host':'localhost', 'user':'root', 'password':'user_pass'},

0 comments on commit 00d0bed

Please sign in to comment.