Dhiyaneshwaran
GitHub
commit
f9b627cc5e
|
|
@ -4,7 +4,7 @@ info:
|
|||
name: Python Scanner
|
||||
author: majidmc2
|
||||
severity: info
|
||||
description: Indicators for dangerous Python functions
|
||||
description: Nuclei template to detect potentially dangerous Python functions in Python files. The template checks for functions that could lead to code injection, command injection, loading untrusted data, and SQL injection vulnerabilities.
|
||||
reference:
|
||||
- https://www.kevinlondon.com/2015/07/26/dangerous-python-functions.html
|
||||
- https://www.kevinlondon.com/2015/08/15/dangerous-python-functions-pt2.html
|
||||
|
|
@ -21,26 +21,36 @@ file:
|
|||
- 'exec'
|
||||
- 'eval'
|
||||
- '__import__'
|
||||
- 'execfile'
|
||||
|
||||
- type: regex
|
||||
name: command-injection
|
||||
regex:
|
||||
- 'subprocess.call\(.*shell=True.*\)'
|
||||
- 'os.system'
|
||||
- 'os.popen'
|
||||
- 'os.popen\d?'
|
||||
- 'subprocess.run'
|
||||
- 'commands.getoutput'
|
||||
|
||||
- type: regex
|
||||
name: untrusted-source
|
||||
regex:
|
||||
- 'pickle.loads'
|
||||
- 'cPickle.loads'
|
||||
- 'pickle\.loads'
|
||||
- 'c?Pickle\.loads?'
|
||||
- 'marshal\.loads'
|
||||
- 'pickle\.Unpickler'
|
||||
|
||||
- type: regex
|
||||
name: dangerous-yaml
|
||||
regex:
|
||||
- 'yaml.load'
|
||||
- 'yaml\.load'
|
||||
- 'yaml\.safe_load'
|
||||
|
||||
- type: regex
|
||||
name: sqli
|
||||
regex:
|
||||
- 'cursor.execute'
|
||||
- 'cursor\.execute'
|
||||
- 'sqlite3\.execute'
|
||||
- 'MySQLdb\.execute'
|
||||
- 'psycopg2\.execute'
|
||||
- 'cx_Oracle\.execute'
|
||||
|
|
|
|||
Loading…
Reference in New Issue