Skip to content

Commit

Permalink
Fix mod file false positives by reverting changes on mod_file.py and …
Browse files Browse the repository at this point in the history 
…fileHandlingPayloads.ini and add more specific payloads instead

Signed-off-by: bretfourbe <gwendal@cyberwatch.fr>
  • Loading branch information
@bretfourbe
bretfourbe committed Jun 21, 2024
1 parent 54c9095 commit df13e46
Show file tree
Hide file tree
Showing 2 changed files with 69 additions and 83 deletions.
4 changes: 1 addition & 3 deletions wapitiCore/attack/mod_file.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -198,9 +198,7 @@ async def attack(self, request: Request, response: Optional[Response] = None):
else:
file_warning = None
for i, rule in enumerate(payload_info.rules):
rules_words = rule.split()
all_words_present = all(word in response.content for word in rules_words)
if all_words_present:
if rule in response.content:
found_pattern = rule
vulnerable_method = payload_info.messages[i]
inclusion_succeed = True
Expand Down
148 changes: 68 additions & 80 deletions wapitiCore/data/attacks/fileHandlingPayloads.ini
View file
Original file line number Diff line number Diff line change
Expand Up @@ -414,103 +414,91 @@ payload = [FILE_NAME]::$DATA
rules = <?php
messages = Possible source code disclosure

[path_travers_owasp_benchmark]
payload = ../etc/passwd
rules = &#x2f;etc&#x2f;passwd &#x28;No such file or directory&#x29;
&#x2f;etc&#x2f;passwd' created
root:*:0:0
root:x:0:0
messages = Possible Path traversal vulnerability
Possible Path traversal vulnerability
Path traversal and Linux local file disclosure vulnerability
Path traversal and Linux local file disclosure vulnerability

[path_travers_owasp_benchmark_2]
payload = ../wapiti.txt
rules = ..&#x2f;wapiti.txt
messages = Possible Path traversal vulnerability

[path_travers_generic_1]
payload = ../etc/passwd
rules = etc passwd No such file or directory
Access to file etc passwd created file already exists
The beginning of file etc passwd
messages = Possible Linux local file disclosure vulnerability
Possible Linux local file disclosure vulnerability
Possible Linux local file disclosure vulnerability
rules = /etc/passwd (No such file or directory)
/etc/passwd' created
root:*:0:0
root:x:0:0
messages = Possible Path traversal vulnerability
Possible Path traversal vulnerability
Path traversal and Linux local file disclosure vulnerability
Path traversal and Linux local file disclosure vulnerability
[path_travers_generic_2]
payload = ../../etc/passwd
rules = etc passwd No such file or directory
Access to file etc passwd created file already exists
The beginning of file etc passwd
messages = Possible Linux local file disclosure vulnerability
Possible Linux local file disclosure vulnerability
Possible Linux local file disclosure vulnerability
rules = /etc/passwd (No such file or directory)
/etc/passwd' created
root:*:0:0
root:x:0:0
messages = Possible Path traversal vulnerability
Possible Path traversal vulnerability
Path traversal and Linux local file disclosure vulnerability
Path traversal and Linux local file disclosure vulnerability

[path_travers_generic_3]
payload = ../../../etc/passwd
rules = etc passwd No such file or directory
Access to file etc passwd created file already exists
The beginning of file etc passwd
messages = Possible Linux local file disclosure vulnerability
Possible Linux local file disclosure vulnerability
Possible Linux local file disclosure vulnerability
rules = /etc/passwd (No such file or directory)
/etc/passwd' created
root:*:0:0
root:x:0:0
messages = Possible Path traversal vulnerability
Possible Path traversal vulnerability
Path traversal and Linux local file disclosure vulnerability
Path traversal and Linux local file disclosure vulnerability
[path_travers_generic_4]
payload = ../../../../etc/passwd
rules = etc passwd No such file or directory
Access to file etc passwd created file already exists
The beginning of file etc passwd
messages = Possible Linux local file disclosure vulnerability
Possible Linux local file disclosure vulnerability
Possible Linux local file disclosure vulnerability
rules = /etc/passwd (No such file or directory)
/etc/passwd' created
root:*:0:0
root:x:0:0
messages = Possible Path traversal vulnerability
Possible Path traversal vulnerability
Path traversal and Linux local file disclosure vulnerability
Path traversal and Linux local file disclosure vulnerability

[path_travers_generic_5]
payload = ../../../../../etc/passwd
rules = etc passwd No such file or directory
Access to file etc passwd created file already exists
The beginning of file etc passwd
messages = Possible Linux local file disclosure vulnerability
Possible Linux local file disclosure vulnerability
Possible Linux local file disclosure vulnerability
rules = /etc/passwd (No such file or directory)
/etc/passwd' created
root:*:0:0
root:x:0:0
messages = Possible Path traversal vulnerability
Possible Path traversal vulnerability
Path traversal and Linux local file disclosure vulnerability
Path traversal and Linux local file disclosure vulnerability
[path_travers_generic_6]
payload = ../../../../../../etc/passwd
rules = etc passwd No such file or directory
Access to file etc passwd created file already exists
The beginning of file etc passwd
messages = Possible Linux local file disclosure vulnerability
Possible Linux local file disclosure vulnerability
Possible Linux local file disclosure vulnerability

[lfi_generic_1]
payload = ../wapiti.txt
rules = wapiti.txt created
wapiti.txt ready to write
messages = Possible local file inclusion
Possible local file inclusion

[lfi_generic_2]
payload = ../../wapiti.txt
rules = wapiti.txt created
wapiti.txt ready to write
messages = Possible local file inclusion
Possible local file inclusion

[lfi_generic_3]
payload = ../../../wapiti.txt
rules = wapiti.txt created
wapiti.txt ready to write
messages = Possible local file inclusion
Possible local file inclusion

[lfi_generic_4]
payload = ../../../../wapiti.txt
rules = wapiti.txt created
wapiti.txt ready to write
messages = Possible local file inclusion
Possible local file inclusion

[lfi_generic_5]
payload = ../../../../../wapiti.txt
rules = wapiti.txt created
wapiti.txt ready to write
messages = Possible local file inclusion
Possible local file inclusion

[lfi_generic_6]
payload = ../../../../../../wapiti.txt
rules = wapiti.txt created
wapiti.txt ready to write
messages = Possible local file inclusion
Possible local file inclusion
rules = /etc/passwd (No such file or directory)
/etc/passwd' created
root:*:0:0
root:x:0:0
messages = Possible Path traversal vulnerability
Possible Path traversal vulnerability
Path traversal and Linux local file disclosure vulnerability
Path traversal and Linux local file disclosure vulnerability

[path_travers_directory]
payload = ../../../../../../
rules = is a directory
messages = Possible Linux local file disclosure vulnerability
rules = (Is a directory)
&#x28;Is a directory&#x29;
messages = Possible Path traversal vulnerability
Possible Path traversal vulnerability

0 comments on commit df13e46

Please sign in to comment.