|
1
|
1 |
|
from time import strftime, localtime |
|
2
|
|
|
|
|
3
|
1 |
|
from spike.model import db |
|
4
|
|
|
|
|
5
|
1 |
|
from nxapi import rules |
|
|
|
|
|
|
6
|
|
|
|
|
7
|
|
|
|
|
8
|
1 |
|
class NaxsiRules(db.Model): |
|
9
|
1 |
|
__bind_key__ = 'rules' |
|
10
|
1 |
|
__tablename__ = 'naxsi_rules' |
|
11
|
|
|
|
|
12
|
1 |
|
id = db.Column(db.Integer, primary_key=True) |
|
13
|
1 |
|
msg = db.Column(db.String(), nullable=False) |
|
14
|
1 |
|
detection = db.Column(db.String(1024), nullable=False) |
|
15
|
1 |
|
mz = db.Column(db.String(1024), nullable=False) |
|
16
|
1 |
|
score = db.Column(db.String(1024), nullable=False) |
|
17
|
1 |
|
sid = db.Column(db.Integer, nullable=False, unique=True) |
|
18
|
1 |
|
ruleset = db.Column(db.String(1024), nullable=False) |
|
19
|
1 |
|
rmks = db.Column(db.Text, nullable=True, server_default="") |
|
20
|
1 |
|
active = db.Column(db.Integer, nullable=False, server_default="1") |
|
21
|
1 |
|
negative = db.Column(db.Integer, nullable=False, server_default='0') |
|
22
|
1 |
|
timestamp = db.Column(db.Integer, nullable=False) |
|
23
|
|
|
|
|
24
|
1 |
|
mr_kw = ["MainRule", "BasicRule", "main_rule", "basic_rule"] |
|
25
|
1 |
|
static_mz = {"$ARGS_VAR", "$BODY_VAR", "$URL", "$HEADERS_VAR"} |
|
26
|
1 |
|
full_zones = {"ARGS", "BODY", "URL", "HEADERS", "FILE_EXT", "RAW_BODY"} |
|
27
|
1 |
|
rx_mz = {"$ARGS_VAR_X", "$BODY_VAR_X", "$URL_X", "$HEADERS_VAR_X"} |
|
28
|
1 |
|
sub_mz = list(static_mz) + list(full_zones) + list(rx_mz) |
|
29
|
|
|
|
|
30
|
1 |
|
def __init__(self, msg="", detection="str:a", mz="ARGS", score="$None:0", sid='42000', ruleset="", rmks="", |
|
31
|
|
|
active=0, negative=False, timestamp=0): |
|
32
|
1 |
|
self.msg = msg |
|
33
|
1 |
|
self.detection = detection |
|
34
|
1 |
|
self.mz = mz |
|
35
|
1 |
|
self.score = score |
|
36
|
1 |
|
self.sid = sid |
|
37
|
1 |
|
self.ruleset = ruleset |
|
38
|
1 |
|
self.rmks = rmks |
|
39
|
1 |
|
self.active = active |
|
40
|
1 |
|
self.negative = negative |
|
41
|
1 |
|
self.timestamp = timestamp |
|
42
|
1 |
|
self.warnings = [] |
|
43
|
1 |
|
self.errors = [] |
|
44
|
|
|
|
|
45
|
1 |
|
def from_dict(self, d): |
|
|
|
|
|
|
46
|
1 |
|
for key, value in d.items(): |
|
47
|
1 |
|
if key == 'mz' and isinstance(value, list): |
|
48
|
|
|
value = '|'.join(value) |
|
49
|
1 |
|
setattr(self, key, value) |
|
50
|
1 |
|
return self |
|
51
|
|
|
|
|
52
|
1 |
|
def fullstr(self): |
|
53
|
1 |
|
rdate = strftime("%F - %H:%M", localtime(float(str(self.timestamp)))) |
|
54
|
1 |
|
rmks = "# ".join(self.rmks.strip().split("\n")) |
|
55
|
1 |
|
return "#\n# sid: {0} | date: {1}\n#\n# {2}\n#\n{3}".format(self.sid, rdate, rmks, str(self)) |
|
56
|
|
|
|
|
57
|
1 |
|
def __str__(self): |
|
58
|
1 |
|
return rules.short_str(self.__dict__) |
|
59
|
|
|
|
|
60
|
1 |
|
def explain(self): |
|
61
|
1 |
|
return rules.explain(self.__dict__) |
|
62
|
|
|
|
|
63
|
1 |
|
def validate(self): |
|
64
|
1 |
|
return rules.validate(self.__dict__) |
|
65
|
|
|
|
|
66
|
1 |
|
def parse_rule(self, full_str): |
|
|
|
|
|
|
67
|
|
|
return rules.parse_rule(full_str) |
|
68
|
|
|
|
nbs-system /
spike
Loading history...
This can be caused by one of the following:
1. Missing Dependencies
This error could indicate a configuration issue of Pylint. Make sure that your libraries are available by adding the necessary commands.
2. Missing __init__.py files
This error could also result from missing
__init__.pyfiles in your module folders. Make sure that you place one file in each sub-folder.