|
1
|
1 |
|
try: |
|
2
|
1 |
|
from urlparse import parse_qs |
|
3
|
|
|
except ImportError: # python3 |
|
4
|
|
|
from urllib.parse import parse_qs |
|
5
|
|
|
|
|
6
|
1 |
|
from flask import Blueprint, render_template, request, redirect, flash |
|
7
|
|
|
|
|
8
|
1 |
|
from spike.model.naxsi_rules import NaxsiRules |
|
9
|
1 |
|
from spike.model.naxsi_whitelist import NaxsiWhitelist |
|
10
|
|
|
|
|
11
|
1 |
|
sandbox = Blueprint('sandbox', __name__) |
|
12
|
|
|
|
|
13
|
|
|
|
|
14
|
1 |
|
@sandbox.route("/", methods=["GET"]) |
|
15
|
|
|
def index(): |
|
16
|
1 |
|
return render_template("misc/sandbox.html") |
|
17
|
|
|
|
|
18
|
|
|
|
|
19
|
1 |
|
@sandbox.route("/rule", methods=["POST"]) |
|
20
|
|
|
def rule(): |
|
21
|
1 |
|
_textual_rule = request.form.get("rule", '') |
|
22
|
1 |
|
if not _textual_rule: |
|
23
|
1 |
|
return render_template("misc/sandbox.html") |
|
24
|
|
|
|
|
25
|
1 |
|
_rule = NaxsiRules() |
|
26
|
1 |
|
_rule.parse_rule(_textual_rule) |
|
27
|
|
|
|
|
28
|
1 |
|
if 'visualise_rule' in request.form: |
|
29
|
1 |
|
if _rule.detection.startswith('rx:'): |
|
30
|
1 |
|
return redirect('https://regexper.com/#' + _rule.detection[3:]) |
|
31
|
1 |
|
elif 'explain_rule' in request.form: |
|
32
|
1 |
|
return render_template("misc/sandbox.html", rule_explaination=_rule.explain(), rule=_rule) |
|
33
|
|
|
|
|
34
|
|
|
if _rule.error: |
|
35
|
|
|
flash("ERROR: {0}".format(",".join(_rule.error))) |
|
36
|
|
|
if _rule.warnings: |
|
37
|
|
|
flash("WARNINGS: {0}".format(",".join(_rule.warnings)), 'warning') |
|
38
|
|
|
return render_template("misc/sandbox.html", rule=_rule) |
|
39
|
|
|
|
|
40
|
|
|
|
|
41
|
1 |
|
@sandbox.route("/explain_rule/", methods=["GET", "POST"]) |
|
|
|
|
|
|
42
|
|
|
def explain_rule(): |
|
43
|
1 |
|
rule_get = request.args.get('rule', '') |
|
44
|
1 |
|
rule_post = request.form.get("rule", '') |
|
45
|
1 |
|
if rule_get.isdigit(): # explain a rule by id |
|
46
|
1 |
|
_rule = NaxsiRules.query.filter(NaxsiRules.sid == rule_get).first() |
|
|
|
|
|
|
47
|
1 |
|
if _rule is None: |
|
48
|
1 |
|
flash('Not rule with id %s' % rule_get) |
|
49
|
1 |
|
return redirect("/sandbox/") |
|
50
|
1 |
|
elif rule_get is not '': |
|
51
|
1 |
|
flash('Please provide a numeric id') |
|
52
|
1 |
|
return redirect("/sandbox/") |
|
53
|
1 |
|
elif not rule_post: |
|
54
|
1 |
|
flash('Please provide a rule') |
|
55
|
1 |
|
return redirect("/sandbox/") |
|
56
|
|
|
else: |
|
57
|
1 |
|
_rule = NaxsiRules() |
|
58
|
1 |
|
_rule.parse_rule(rule_post) |
|
59
|
|
|
|
|
60
|
1 |
|
return render_template("misc/sandbox.html", rule_explaination=_rule.explain(), rule=_rule) |
|
61
|
|
|
|
|
62
|
|
|
|
|
63
|
1 |
|
@sandbox.route("/explain_whitelist/", methods=["GET", "POST"]) |
|
|
|
|
|
|
64
|
|
|
def explain_whitelist(): |
|
65
|
|
|
whitelist_get = request.args.get('whitelist', '') |
|
66
|
|
|
whitelist_post = request.form.get('whitelist', '') |
|
67
|
|
|
if whitelist_get.isdigit(): # explain a whitelist by id |
|
68
|
|
|
_wlist = NaxsiWhitelist.query.filter(NaxsiWhitelist.id == whitelist_get).first() |
|
|
|
|
|
|
69
|
|
|
if _wlist is None: |
|
70
|
|
|
flash('Not rule with id %s' % whitelist_get.id) |
|
71
|
|
|
return redirect("/sandbox/") |
|
72
|
|
|
elif whitelist_get is not '': |
|
73
|
|
|
flash('Please provide a numeric id') |
|
74
|
|
|
return redirect("/sandbox/") |
|
75
|
|
|
elif not whitelist_post: |
|
76
|
|
|
flash('Please provide a whitelist') |
|
77
|
|
|
return redirect("/sandbox/") |
|
78
|
|
|
else: |
|
79
|
|
|
_wlist = NaxsiWhitelist() |
|
80
|
|
|
_wlist.parse(whitelist_post) |
|
81
|
|
|
|
|
82
|
|
|
return render_template("misc/sandbox.html", whitelist_explaination=_wlist.explain(), whitelist=_wlist) |
|
83
|
|
|
|
|
84
|
|
|
|
|
85
|
1 |
|
@sandbox.route('/explain_nxlog/', methods=["POST"]) |
|
86
|
|
|
def explain_nxlog(): |
|
87
|
1 |
|
nxlog = request.form.get("nxlog", '') |
|
88
|
1 |
|
if not nxlog: |
|
89
|
1 |
|
return redirect("/sandbox/") |
|
90
|
|
|
|
|
91
|
1 |
|
start = nxlog.find("ip=") |
|
92
|
1 |
|
if start < 0: |
|
93
|
1 |
|
flash('{} is an invalid extlog, string "ip=" not found.'.format(nxlog)) |
|
94
|
1 |
|
return redirect("/sandbox/") |
|
95
|
|
|
|
|
96
|
1 |
|
end = nxlog.find(", ") |
|
97
|
1 |
|
if end < 0: |
|
98
|
1 |
|
flash('{} is an invalid extlog, string "," not found.'.format(nxlog)) |
|
99
|
1 |
|
return redirect("/sandbox/") |
|
100
|
|
|
|
|
101
|
|
|
# Flatten the dict, since parse_qs is a bit annoying |
|
102
|
1 |
|
nxdic = parse_qs(nxlog[start:end]) |
|
103
|
1 |
|
for key, value in nxdic.items(): |
|
104
|
1 |
|
nxdic[key] = value[0] |
|
105
|
|
|
|
|
106
|
1 |
|
explain = "Peer <strong>{}</strong> performed a request to <strong>{}</strong> on URI <strong>{}</strong> ".format( |
|
107
|
|
|
nxdic['ip'], nxdic['server'], nxdic['uri']) |
|
108
|
|
|
|
|
109
|
1 |
|
scores = list() |
|
110
|
1 |
|
cpt = 0 |
|
111
|
1 |
|
while "cscore{}".format(cpt) in nxdic: |
|
112
|
1 |
|
cscore = "cscore{}".format(cpt) |
|
113
|
1 |
|
score = "score{}".format(cpt) |
|
114
|
1 |
|
scores.append("that reached a <strong>{}</strong> score of <strong>{}</strong> ".format( |
|
115
|
|
|
nxdic[cscore], nxdic[score])) |
|
116
|
1 |
|
cpt += 1 |
|
117
|
1 |
|
explain += ' and '.join(scores) |
|
118
|
|
|
|
|
119
|
1 |
|
cpt = 0 |
|
120
|
1 |
|
named = list() |
|
121
|
1 |
|
while "id{}".format(cpt) in nxdic: |
|
122
|
1 |
|
_id = "id{}".format(cpt) |
|
123
|
1 |
|
_var_name = "var_name{}".format(cpt) |
|
124
|
1 |
|
_zone = "zone{}".format(cpt) |
|
125
|
1 |
|
if "var_name{}".format(cpt) in nxdic: |
|
126
|
1 |
|
named.append("id <strong>{}</strong> in var named <strong>{}</strong> of zone <strong>{}</strong>".format( |
|
127
|
|
|
nxdic[_id], nxdic[_var_name], nxdic[_zone])) |
|
128
|
|
|
else: |
|
129
|
|
|
named.append("id <strong>{}</strong> in zone <strong>{}</strong>".format(nxdic[_id], nxdic[_zone])) |
|
130
|
1 |
|
cpt += 1 |
|
131
|
1 |
|
explain += ' and '.join(named) |
|
132
|
|
|
|
|
133
|
|
|
return render_template("misc/sandbox.html", nxlog_explaination=explain, nxlog=nxlog) |
|
134
|
|
|
|
nbs-system /
spike
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.