Permalink
Browse files

Change default DB and update documentation (#140)

* Change default database

* Update SQLI related documentation

* fix tests
  • Loading branch information...
rnehra01 authored and afeena committed May 19, 2017
1 parent d79e1b6 commit 7acfbc0792646a49be6f5330754b6cccabdcd3a1
Showing with 14 additions and 5 deletions.
  1. +6 −2 docs/source/config.rst
  2. +5 −0 docs/source/emulators.rst
  3. +1 −1 tanner/config.py
  4. +2 −2 tanner/tests/test_config.py
View
@@ -24,7 +24,11 @@ There are 8 different sections :
:root_dir: The root directory for emulators that need data storing such as SQLI and LFI. Data will be stored in this directory
* **SQLI**
:db_name: THe name of database used in SQLI emulator
:type: Supports two types MySQL/SQLITE
:db_name: The name of database used in SQLI emulator
:host: This will be used for MySQL to get the host address
:user: This is the MySQL user which perform DB queries
:password: The password corresponding to the above user
* **LOGGER**
:log_file: Location of tanner log file
@@ -47,7 +51,7 @@ If no file is specified, following json will be used as default:
'TANNER': {'host': '0.0.0.0', 'port': 8090},
'REDIS': {'host': 'localhost', 'port': 6379, 'poolsize': 80, 'timeout': 1},
'EMULATORS': {'root_dir': '/opt/tanner'},
'SQLI': {'db_name': 'tanner.db'},
'SQLI': {'type':'SQLITE', 'db_name': 'tanner_db', 'host':'localhost', 'user':'root', 'password':'user_pass'},
'LOGGER': {'log_file': '/opt/tanner/tanner.log'},
'MONGO': {'enabled': 'False', 'URI': 'mongodb://localhost'},
'LOCALLOG': {'enabled': 'False', 'PATH': '/tmp/tanner_report.json'}
@@ -81,6 +81,11 @@ It emulates `SQL injection`_ vulnerability. This attack is detected by ``libinje
The emulator copies the original database (see :doc:`db_setup` for more info about db) to a dummy database for every attacker.
It uses UUID of the session for the attacker's db name. Every query is executed on the attacker's db.
The emulator returns the result of the execution and the page where SNARE should show the result.
It supports two types of DBs.
* **SQLITE**
To enable it, set SQLI type to SQLITE in config
* **MySQL**
To enable it, set SQLI type to MySQL in config and set other necessary fields - Host, User and Password
.. _RFI: https://en.wikipedia.org/wiki/File_inclusion_vulnerability#Remote_File_Inclusion
View
@@ -10,7 +10,7 @@
'TANNER': {'host': '0.0.0.0', 'port': 8090},
'REDIS': {'host': 'localhost', 'port': 6379, 'poolsize': 80, 'timeout': 1},
'EMULATORS': {'root_dir': '/opt/tanner'},
'SQLI': {'type':'MySQL', 'db_name': 'tanner_db', 'host':'localhost', 'user':'root', 'password':'user_pass'},
'SQLI': {'type':'SQLITE', 'db_name': 'tanner_db', 'host':'localhost', 'user':'root', 'password':'user_pass'},
'LOGGER': {'log_debug': '/opt/tanner/tanner.log', 'log_err': '/opt/tanner/tanner.err'},
'MONGO': {'enabled': 'False', 'URI': 'mongodb://localhost'},
'LOCALLOG': {'enabled': 'False', 'PATH': '/tmp/tanner_report.json'},
@@ -15,7 +15,7 @@ def setUp(self):
'TANNER': {'host': '0.0.0.0', 'port': '9000'},
'REDIS': {'host': 'localhost', 'port': '1337', 'poolsize': '40', 'timeout': '5'},
'EMULATORS': {'root_dir': '/tmp/user_tanner'},
'SQLI': {'type':'MySQL', 'db_name': 'user_tanner_db', 'host':'localhost', 'user':'user_name', 'password':'user_pass'},
'SQLI': {'type':'SQLITE', 'db_name': 'user_tanner_db', 'host':'localhost', 'user':'user_name', 'password':'user_pass'},
'LOGGER': {'log_debug': '/opt/tanner/tanner.log', 'log_err': '/opt/tanner/tanner.err'},
'MONGO': {'enabled': 'False', 'URI': 'mongodb://localhost'},
'LOCALLOG': {'enabled': 'False', 'PATH': '/tmp/user_tanner_report.json'}
@@ -59,7 +59,7 @@ def test_get_when_file_dont_exists(self):
'TANNER': {'host': '0.0.0.0', 'port': 8090},
'REDIS': {'host': 'localhost', 'port': 6379, 'poolsize': 80, 'timeout': 1},
'EMULATORS': {'root_dir': '/opt/tanner'},
'SQLI': {'type':'MySQL', 'db_name': 'tanner_db', 'host':'localhost', 'user':'root', 'password':'user_pass'},
'SQLI': {'type':'SQLITE', 'db_name': 'tanner_db', 'host':'localhost', 'user':'root', 'password':'user_pass'},
'LOGGER': {'log_file': '/opt/tanner/tanner.log'},
'MONGO': {'enabled': 'False', 'URI': 'mongodb://localhost'},
'LOCALLOG': {'enabled': 'False', 'PATH': '/tmp/tanner_report.json'}

0 comments on commit 7acfbc0

Please sign in to comment.