update the config template and add the emulator option to base

mushorg · Aug 22, 2020 · f01c7f5 · f01c7f5
1 parent 3fe44eb
commit f01c7f5
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 5 deletions.
diff --git a/tanner/data/config.yaml b/tanner/data/config.yaml
@@ -40,7 +40,8 @@ EMULATOR_ENABLED:
   lfi: True 
   xss: True
   cmd_exec: True
-  php_code_injection: True 
+  php_code_injection: True
+  twig_template_injection: True
   php_object_injection: True
   crlf: True
   xxe_injection: True

diff --git a/tanner/emulators/base.py b/tanner/emulators/base.py
@@ -6,7 +6,7 @@
 from tanner import __version__ as tanner_version
 from tanner.config import TannerConfig
 from tanner.emulators import lfi, rfi, sqli, xss, cmd_exec, php_code_injection, php_object_injection, crlf, \
-    xxe_injection, template_injection  # noqa
+    xxe_injection, template_injection, twig_template_injection  # noqa
 from tanner.utils import patterns
 
 
@@ -22,7 +22,8 @@ def __init__(self, base_dir, db_name, loop=None):
             'php_object_injection': TannerConfig.get('EMULATOR_ENABLED', 'php_object_injection'),
             'crlf': TannerConfig.get('EMULATOR_ENABLED', 'crlf'),
             'xxe_injection': TannerConfig.get('EMULATOR_ENABLED', 'xxe_injection'),
-            'template_injection': TannerConfig.get('EMULATOR_ENABLED', 'template_injection')
+            'template_injection': TannerConfig.get('EMULATOR_ENABLED', 'template_injection'),
+            'twig_template_injection': TannerConfig.get('EMULATOR_ENABLED', 'twig_template_injection')
             }
 
         self.emulators = {
@@ -39,7 +40,9 @@ def __init__(self, base_dir, db_name, loop=None):
             'crlf': crlf.CRLFEmulator() if self.emulator_enabled['crlf'] else None,
             'xxe_injection': xxe_injection.XXEInjection(loop) if self.emulator_enabled['xxe_injection'] else None,
             'template_injection': template_injection.TemplateInjection(loop) if
-            self.emulator_enabled['template_injection'] else None
+            self.emulator_enabled['template_injection'] else None,
+            'twig_template_injection': twig_template_injection.TwigTemplateInjection(loop) if
+            self.emulator_enabled['twig_template_injection'] else None
         }
 
         self.get_emulators = ['sqli', 'rfi', 'lfi', 'xss', 'php_code_injection', 'php_object_injection',

diff --git a/tanner/emulators/twig_template_injection.py b/tanner/emulators/twig_template_injection.py
@@ -6,7 +6,7 @@
 from tanner.utils import patterns
 
 
-class PHPObjectInjection:
+class TwigTemplateInjection:
     def __init__(self, loop=None):
         self._loop = loop if loop is not None else asyncio.get_event_loop()
         self.logger = logging.getLogger("tanner.twig_template_injection")