generation

package
v0.0.0-...-ded5ba8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 31, 2025 License: GPL-3.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ApplyVarsToDetectionMethods 

func ApplyVarsToDetectionMethods(methods []DetectionMethod, vars map[string]string) error

func ApplyVarsToTemplates 

func ApplyVarsToTemplates(data *PayloadGenerator, vars map[string]string) error

func ApplyVarsToText 

func ApplyVarsToText(text string, vars map[string]string) (string, error)

func GenerateVars 

func GenerateVars(variables []PayloadVariable, interactionsManager integrations.InteractionsManager) (map[string]string, integrations.InteractionDomain, error)

Types

type BrowserEventsDetectionMethod 

type BrowserEventsDetectionMethod struct {
	Event      string `yaml:"event"`
	Value      string `yaml:"value"`
	Confidence int    `yaml:"confidence,omitempty"`
}

type DetectionMethod 

type DetectionMethod struct {
	OOBInteraction    *OOBInteractionDetectionMethod    `yaml:"oob_interaction,omitempty"`
	ResponseCondition *ResponseConditionDetectionMethod `yaml:"response_condition,omitempty"`
	Reflection        *ReflectionDetectionMethod        `yaml:"reflection,omitempty"`
	BrowserEvents     *BrowserEventsDetectionMethod     `yaml:"browser_events,omitempty"`
	TimeBased         *TimeBasedDetectionMethod         `yaml:"time_based,omitempty"`
	ResponseCheck     *ResponseCheckDetectionMethod     `yaml:"response_check,omitempty"`
}

func (*DetectionMethod) GetMethod 

func (dm *DetectionMethod) GetMethod() interface{}

type InsertionMode 

type InsertionMode string
const (
	Append  InsertionMode = "append"
	Prepend InsertionMode = "prepend"
	Replace InsertionMode = "replace"
)

type LaunchCondition 

type LaunchCondition struct {
	Type              LaunchConditionType               `yaml:"type"`
	Value             string                            `yaml:"value,omitempty"`
	ResponseCondition *ResponseConditionLaunchCondition `yaml:"response_condition,omitempty"`
	ParameterNames    []string                          `yaml:"parameter_names,omitempty"`
}

type LaunchConditionType 

type LaunchConditionType string
const (
	Platform               LaunchConditionType = "platform"
	ScanMode               LaunchConditionType = "scan_mode"
	ParameterValueDataType LaunchConditionType = "parameter_value_data_type"
	ParameterName          LaunchConditionType = "insertion_point_name"
	ResponseCondition      LaunchConditionType = "response_condition"
)

type LaunchConditions 

type LaunchConditions struct {
	Operator   Operator          `yaml:"operator"`
	Conditions []LaunchCondition `yaml:"conditions"`
}

type OOBInteractionDetectionMethod 

type OOBInteractionDetectionMethod struct {
	OOBAddress string `yaml:"oob_address"`
	Confidence int    `yaml:"confidence,omitempty"`
}

type Operator 

type Operator string
var (
	Or  Operator = "or"
	And Operator = "and"
)

type Payload 

type Payload struct {
	IssueCode          string            `yaml:"issue_code"`
	Value              string            `yaml:"value"`
	Vars               []PayloadVariable `yaml:"vars,omitempty"`
	DetectionCondition Operator          `yaml:"detection_condition"`
	DetectionMethods   []DetectionMethod `yaml:"detection_methods"`
	Categories         []string          `yaml:"categories"`
	InteractionDomain  integrations.InteractionDomain
}

func (*Payload) Print 

func (payload *Payload) Print()

type PayloadGenerator 

type PayloadGenerator struct {
	ID                 string            `yaml:"id,omitempty"` // Since it's not used yet, allow it to be empty
	IssueCode          string            `yaml:"issue_code"`
	DetectionCondition Operator          `yaml:"detection_condition"`
	DetectionMethods   []DetectionMethod `yaml:"detection_methods"`
	Launch             LaunchConditions  `yaml:"launch,omitempty"`
	Vars               []PayloadVariable `yaml:"vars,omitempty"`
	Templates          []string          `yaml:"templates"`
	Categories         []string          `yaml:"categories"`
	Platforms          []string          `yaml:"platforms"`
}

func LoadGenerators 

func LoadGenerators(dir string) ([]*PayloadGenerator, error)

LoadGenerators loads all generators from the local and user directories

func LoadLocalGenerators 

func LoadLocalGenerators() ([]*PayloadGenerator, error)

LoadLocalGenerators loads all generators from the local directory

func LoadUserGenerators 

func LoadUserGenerators(dir string) ([]*PayloadGenerator, error)

LoadUserGenerators loads all generators from the user specified directory

func (*PayloadGenerator) BuildPayloads 

func (generator *PayloadGenerator) BuildPayloads(interactionsManager integrations.InteractionsManager) ([]Payload, error)

type PayloadVariable 

type PayloadVariable struct {
	Name  string `yaml:"name"`
	Value string `yaml:"value"`
}

type ReflectionDetectionMethod 

type ReflectionDetectionMethod struct {
	Value      string `yaml:"value,omitempty"`
	Confidence int    `yaml:"confidence,omitempty"`
}

type ResponseCheckDetectionMethod 

type ResponseCheckDetectionMethod struct {
	Check      ResponseConditionCheck `yaml:"check"`
	Confidence int                    `yaml:"confidence,omitempty"`
}

type ResponseConditionCheck 

type ResponseConditionCheck string
var (
	DatabaseErrorCondition ResponseConditionCheck = "database_error"
	XPathErrorCondition    ResponseConditionCheck = "xpath_error"
)

type ResponseConditionDetectionMethod 

type ResponseConditionDetectionMethod struct {
	Contains   string               `yaml:"contains,omitempty"`
	Part       ResponseContainsPart `yaml:"part,omitempty"`
	StatusCode int                  `yaml:"status_code,omitempty"`
	Confidence int                  `yaml:"confidence,omitempty"`
	// TODO: Add support for the issue override
	IssueOverride db.IssueCode `yaml:"issue_override,omitempty"`
}

type ResponseConditionLaunchCondition 

type ResponseConditionLaunchCondition struct {
	Contains   string               `yaml:"contains,omitempty"`
	Part       ResponseContainsPart `yaml:"part,omitempty"`
	StatusCode int                  `yaml:"status_code,omitempty"`
}

func (*ResponseConditionLaunchCondition) Check 

func (rc *ResponseConditionLaunchCondition) Check(history *db.History) bool

Check if the condition is met against a history item

func (*ResponseConditionLaunchCondition) CheckWebsocketMessage 

func (rc *ResponseConditionLaunchCondition) CheckWebsocketMessage(message *db.WebSocketMessage) bool

type ResponseContainsPart 

type ResponseContainsPart string
const (
	Body    ResponseContainsPart = "body"
	Headers ResponseContainsPart = "headers"
	Raw     ResponseContainsPart = "raw"
)

type TemplateRenderer 

type TemplateRenderer struct {
	// contains filtered or unexported fields
}

type TimeBasedDetectionMethod 

type TimeBasedDetectionMethod struct {
	Sleep      string `yaml:"sleep"`
	Confidence int    `yaml:"confidence,omitempty"`
}

func (*TimeBasedDetectionMethod) CheckIfResultDurationIsHigher 

func (t *TimeBasedDetectionMethod) CheckIfResultDurationIsHigher(resultDuration time.Duration) bool

func (*TimeBasedDetectionMethod) ParseSleepDuration 

func (t *TimeBasedDetectionMethod) ParseSleepDuration(sleep string) time.Duration

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.