403Webshell
Server IP : 66.29.132.122  /  Your IP : 3.141.201.29
Web Server : LiteSpeed
System : Linux business142.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
User : admazpex ( 531)
PHP Version : 7.2.34
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /opt/cloudlinux/venv/lib64/python3.11/site-packages/dodgy/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /opt/cloudlinux/venv/lib64/python3.11/site-packages/dodgy/checks.py
import codecs
import gzip
import re
from functools import partial

STRING_VALS = (
    (
        "aws_secret_key",
        "Amazon Web Services secret key",
        (
            re.compile(r'(\'|")[A-Za-z0-9\\\+]{40}(\'|")'),
            re.compile(r"(\b|_)AWS(\b|_)", re.IGNORECASE),
        ),
        all,
    ),
)

LINE_VALS = (
    (
        "diff",
        "Possible SCM diff in code",
        (re.compile(r"^<<<<<<< .*$"), re.compile(r"^>>>>>>> .*$")),
    ),
    (
        "ssh_rsa_private_key",
        "Possible SSH private key",
        re.compile(r"^-{5}(BEGIN|END)\s+RSA\s+PRIVATE\s+KEY-{5}$"),
    ),
    (
        "ssh_rsa_public_key",
        "Possible SSH public key",
        re.compile(r"^ssh-rsa\s+AAAA[0-9A-Za-z+/]+[=]{0,3}\s*([^@]+@[^@]+)?$"),
    ),
)

VAR_NAMES = (
    (
        "password",
        "Possible hardcoded password",
        re.compile(
            r'(\b|[A-Z0-9_]*_)PASSWORD(_[A-Z0-9_]*|\b)\s*=\s(\'|")[^\'"]+(\'|")'
        ),
    ),
    (
        "secret",
        "Possible hardcoded secret key",
        re.compile(r'(\b|[A-Z0-9_]*_)SECRET(_[A-Z0-9_]*|\b)\s*=\s(\'|")[^\'"]+(\'|")'),
    ),
)


def check_line(line, check_list):
    messages = []

    for tup in check_list:
        if len(tup) == 3:
            key, msg, regexps = tup
            cond = any
        else:
            key, msg, regexps, cond = tup

        if not isinstance(regexps, (list, tuple)):
            regexps = [regexps]
        if cond([regexp.search(line) for regexp in regexps]):
            messages.append((key, msg))

    return messages


def check_file(filepath):
    if filepath.endswith(".gz"):
        # this file looks like it is using gzip compression
        fopen = partial(gzip.open, mode="rt")
    else:
        # otherwise treat as standard text file
        fopen = partial(codecs.open, mode="r")
    with fopen(filepath, encoding="utf-8") as to_check:
        return check_file_contents(to_check.read())


def check_file_contents(file_contents):
    messages = []

    for line_number0, line in enumerate(file_contents.split("\n")):
        for check_list in (STRING_VALS, LINE_VALS, VAR_NAMES):
            messages += [
                (line_number0 + 1, key, msg)
                for key, msg in check_line(line, check_list)
            ]

    return messages

Youez - 2016 - github.com/yon3zu
LinuXploit