Compare commits
10 Commits
a74f2abad9
...
37aa096db9
| Author | SHA1 | Date | |
|---|---|---|---|
|
37aa096db9 | ||
|
|
9a7819ba4c | ||
|
|
ac5c94781f | ||
|
|
8a94744d16 | ||
|
|
e1a683b652 | ||
|
|
798cfdf578 | ||
|
|
04c752cc7a | ||
|
|
de2a95c3cb | ||
|
|
21468a437a | ||
|
|
d2e3c88947 |
@@ -1,8 +0,0 @@
|
||||
{
|
||||
"generalSettings": {
|
||||
"shouldScanRepo": true
|
||||
},
|
||||
"checkRunSettings": {
|
||||
"vulnerableCheckRunConclusionLevel": "failure"
|
||||
}
|
||||
}
|
||||
26
bolt.py
26
bolt.py
@@ -13,6 +13,10 @@ banner()
|
||||
|
||||
try:
|
||||
import concurrent.futures
|
||||
from pathlib import Path
|
||||
except:
|
||||
print ('%s Bolt is not compatible with python 2. Please run it with python 3.' % bad)
|
||||
|
||||
try:
|
||||
from fuzzywuzzy import fuzz, process
|
||||
except:
|
||||
@@ -21,8 +25,6 @@ try:
|
||||
os.system('pip3 install fuzzywuzzy')
|
||||
print ('%s fuzzywuzzy has been installed, please restart Bolt.' % info)
|
||||
quit()
|
||||
except:
|
||||
print ('%s Bolt is not compatible with python 2. Please run it with python 3.' % bad)
|
||||
|
||||
import argparse
|
||||
import json
|
||||
@@ -110,8 +112,10 @@ if len(uniqueTokens) < len(allTokens):
|
||||
print ('%s Potential Replay Attack condition found' % good)
|
||||
print ('%s Verifying and looking for the cause' % run)
|
||||
replay = False
|
||||
for url, token in tokenDatabase:
|
||||
for url2, token2 in tokenDatabase:
|
||||
for each in tokenDatabase:
|
||||
url, token = next(iter(each.keys())), next(iter(each.values()))
|
||||
for each2 in tokenDatabase:
|
||||
url2, token2 = next(iter(each2.keys())), next(iter(each2.values()))
|
||||
if token == token2 and url != url2:
|
||||
print ('%s The same token was used on %s%s%s and %s%s%s' %
|
||||
(good, green, url, end, green, url2, end))
|
||||
@@ -119,7 +123,8 @@ if len(uniqueTokens) < len(allTokens):
|
||||
if not replay:
|
||||
print ('%s Further investigation shows that it was a false positive.')
|
||||
|
||||
with open('./db/hashes.json') as f:
|
||||
p = Path(__file__).parent.joinpath('db/hashes.json')
|
||||
with p.open('r') as f:
|
||||
hashPatterns = json.load(f)
|
||||
|
||||
if not allTokens:
|
||||
@@ -203,7 +208,7 @@ def extractForms(url):
|
||||
inputs = each['inputs']
|
||||
for inp in inputs:
|
||||
value = inp['value']
|
||||
if value and match(r'^[\w\-_]+$', value):
|
||||
if value and re.match(r'^[\w\-_]+$', value):
|
||||
if strength(value) > 10:
|
||||
simTokens.append(value)
|
||||
|
||||
@@ -233,9 +238,10 @@ print (' %s Phase: Testing %s[%s5/6%s]%s' %
|
||||
(lightning, green, end, green, end))
|
||||
|
||||
parsed = ''
|
||||
print ('%s Finding a suitable form for further testing. It may take a while.' % run)
|
||||
for url, forms in allForms[0].items():
|
||||
found = False
|
||||
print ('%s Finding a suitable form for further testing. It may take a while.' % run)
|
||||
for form_dict in allForms:
|
||||
for url, forms in form_dict.items():
|
||||
parsed = datanize(forms, tolerate=True)
|
||||
if parsed:
|
||||
found = True
|
||||
@@ -244,9 +250,7 @@ for url, forms in allForms[0].items():
|
||||
break
|
||||
|
||||
if not parsed:
|
||||
candidate = list(random.choice(tokenDatabase).keys())[0]
|
||||
parsed = datanize(candidate, headers, tolerate=True)
|
||||
print (parsed)
|
||||
quit('%s No suitable form found for testing.' % bad)
|
||||
|
||||
origGET = parsed[0]
|
||||
origUrl = parsed[1]
|
||||
|
||||
@@ -2,3 +2,4 @@ numpy
|
||||
scipy
|
||||
requests
|
||||
fuzzywuzzy
|
||||
python-Levenshtein
|
||||
|
||||
Reference in New Issue
Block a user