Permalink
Browse files

CRLF Emulator (#186)

* add crlf pattern

* basic crlf emulator model

* basic crlf emulator model

* add crlf to base emulator
  • Loading branch information...
rnehra01 authored and afeena committed Aug 18, 2017
1 parent b3d5ec0 commit 4e3e4ae45e55589886531a1597e854add690c457
Showing with 28 additions and 6 deletions.
  1. +1 −1 tanner/config.py
  2. +6 −5 tanner/emulators/base.py
  3. +20 −0 tanner/emulators/crlf.py
  4. +1 −0 tanner/utils/patterns.py
View
@@ -12,7 +12,7 @@
'API': {'host': '0.0.0.0', 'port': 8092},
'REDIS': {'host': 'localhost', 'port': 6379, 'poolsize': 80, 'timeout': 1},
'EMULATORS': {'root_dir': '/opt/tanner',
'emulator_enabled': {'sqli': True, 'rfi': True, 'lfi': True, 'xss': True, 'php_code_injection': True, 'cmd_exec': True}
'emulator_enabled': {'sqli': True, 'rfi': True, 'lfi': True, 'xss': True, 'php_code_injection': True, 'cmd_exec': True, 'crlf':True}
},
'SQLI': {'type':'SQLITE', 'db_name': 'tanner_db', 'host':'localhost', 'user':'root', 'password':'user_pass'},
'DOCKER': {'host_image': 'busybox:latest'},
View
@@ -5,24 +5,25 @@
import yarl
from tanner.config import TannerConfig
from tanner.emulators import lfi, rfi, sqli, xss, cmd_exec, php_code_injection
from tanner.emulators import lfi, rfi, sqli, xss, cmd_exec, php_code_injection, crlf
from tanner.utils import patterns
class BaseHandler:
def __init__(self, base_dir, db_name, loop=None):
self.emulator_enabled = TannerConfig.get('EMULATORS', 'emulator_enabled')
self.emulators = {
'rfi': rfi.RfiEmulator(base_dir, loop) if self.emulator_enabled['rfi'] else None,
'lfi': lfi.LfiEmulator() if self.emulator_enabled['lfi'] else None,
'xss': xss.XssEmulator() if self.emulator_enabled['xss'] else None,
'sqli': sqli.SqliEmulator(db_name, base_dir) if self.emulator_enabled['sqli'] else None,
'cmd_exec': cmd_exec.CmdExecEmulator() if self.emulator_enabled['cmd_exec'] else None,
'php_code_injection': php_code_injection.PHPCodeInjection(loop) if self.emulator_enabled['php_code_injection'] else None
'php_code_injection': php_code_injection.PHPCodeInjection(loop) if self.emulator_enabled['php_code_injection'] else None,
'crlf' : crlf.CRLFEmulator() if self.emulator_enabled['crlf'] else None
}
self.get_emulators = ['sqli', 'rfi', 'lfi', 'xss', 'php_code_injection', 'cmd_exec' ]
self.post_emulators = ['sqli', 'rfi', 'lfi', 'xss', 'php_code_injection', 'cmd_exec']
self.get_emulators = ['sqli', 'rfi', 'lfi', 'xss', 'php_code_injection', 'cmd_exec', 'crlf']
self.post_emulators = ['sqli', 'rfi', 'lfi', 'xss', 'php_code_injection', 'cmd_exec', 'crlf']
self.cookie_emulators = ['sqli']
def extract_get_data(self, path):
View
@@ -0,0 +1,20 @@
import logging
import re
from tanner.utils import patterns
class CRLFEmulator:
def scan(self, value):
detection = None
if patterns.CRLF_ATTACK.match(value):
detection = dict(name='crlf', order=2)
return detection
def get_crlf_results(self, attack_params):
headers = {attack_params[0]['id']: attack_params[0]['value']}
return headers
async def handle(self, attack_params, session):
result = self.get_crlf_results(attack_params)
return dict(value='', page=True, headers=result)
View
@@ -8,6 +8,7 @@
XSS_ATTACK = re.compile('.*<(.|\n)*?>')
CMD_ATTACK = re.compile('.*(alias|cat|cd|cp|echo|exec|find|for|grep|ifconfig|ls|man|mkdir|netstat|ping|ps|pwd|uname|wget|touch|while).*')
PHP_CODE_INJECTION = re.compile('.*(;)*(echo|system|print|phpinfo)(\(.*\)).*')
CRLF_ATTACK = re.compile('.*(\r\n).*')
REMOTE_FILE_URL = re.compile('(.*(http(s){0,1}|ftp(s){0,1}):.*)')
WORD_PRESS_CONTENT = re.compile('\/wp-content\/.*')
HTML_TAGS = re.compile('.*<(.*)>.*')

0 comments on commit 4e3e4ae

Please sign in to comment.