#!/usr/bin/env python2 # -*-coding:UTF-8 -* """ Template for new modules """ import time import sys import string import datetime import redis import os import urllib2 import re from pubsublogger import publisher from Helper import Process from packages import Paste from pyfaup.faup import Faup # Config Var regex_injection = [] word_injection = [] # Classic atome injection regex_injection1 = "([[AND |OR ]+[\'|\"]?[0-9a-zA-Z]+[\'|\"]?=[\'|\"]?[0-9a-zA-Z]+[\'|\"]?])" regex_injection.append(regex_injection1) # Time-based attack regex_injection2 = ["SLEEP\([0-9]+", "BENCHMARK\([0-9]+", "WAIT FOR DELAY ", "WAITFOR DELAY"] regex_injection2 = re.compile('|'.join(regex_injection2)) regex_injection.append(regex_injection2) # Interesting keyword word_injection1 = [" IF ", " ELSE ", " CASE ", " WHEN ", " END ", " UNION ", "SELECT ", " FROM ", " ORDER BY ", " WHERE ", " DELETE ", " DROP ", " UPDATE ", " EXEC "] word_injection.append(word_injection1) # Comment word_injection2 = ["--", "#", "/*"] word_injection.append(word_injection2) # Database special keywords word_injection3 = ["@@version", "POW(", "BITAND(", "SQUARE("] word_injection.append(word_injection3) # Html keywords word_injection4 = ["