swisskyrepo
/
Vulny-Code-Static-Analysis
mirror of https://github.com/swisskyrepo/Vulny-Code-Static-Analysis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bugfix - "POST and POST" now detected as 2 vulns

pull/3/head
Swissky 2017-05-28 20:58:07 +02:00
parent d8b39c37db
commit 012581e641
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
indicators.py
View File

@ -2,7 +2,7 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# /!\ Detection Format (.*)function($vuln)(.*) matched by payload[0]+regex_indicators # /!\ Detection Format (.*)function($vuln)(.*) matched by payload[0]+regex_indicators
regex_indicators = '\((.*?)(\$_GET\[.*\]|\$_FILES\[.*\]|\$_POST\[.*\]|\$_REQUEST\[.*\]|\$_COOKIES\[.*\]|\$_SESSION\[.*\]|\$(?!this|e-)[a-zA-Z0-9_]*)(.*?)\)' regex_indicators = '\((.*?)(\$_GET\[.*?\]|\$_FILES\[.*?\]|\$_POST\[.*?\]|\$_REQUEST\[.*?\]|\$_COOKIES\[.*?\]|\$_SESSION\[.*?\]|\$(?!this|e-)[a-zA-Z0-9_]*)(.*?)\)'
# Function_Name:String, Vulnerability_Name:String, Protection_Function:Array # Function_Name:String, Vulnerability_Name:String, Protection_Function:Array
payloads = [ payloads = [