mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-02-04 01:33:21 +08:00
56 lines
1.4 KiB
YAML
56 lines
1.4 KiB
YAML
id: python-scanner
|
|
|
|
info:
|
|
name: Python Scanner
|
|
author: majidmc2
|
|
severity: info
|
|
description: Indicators for dangerous Python functions
|
|
reference:
|
|
- https://www.kevinlondon.com/2015/07/26/dangerous-python-functions.html
|
|
- https://www.kevinlondon.com/2015/08/15/dangerous-python-functions-pt2.html
|
|
tags: python,file,sast
|
|
file:
|
|
- extensions:
|
|
- py
|
|
|
|
extractors:
|
|
- type: regex
|
|
name: code-injection
|
|
regex:
|
|
- 'exec'
|
|
- 'eval'
|
|
- '__import__'
|
|
- 'execfile'
|
|
|
|
- type: regex
|
|
name: command-injection
|
|
regex:
|
|
- 'subprocess.call\(.*shell=True.*\)'
|
|
- 'os.system'
|
|
- 'os.popen\d?'
|
|
- 'subprocess.run'
|
|
- 'commands.getoutput'
|
|
|
|
- type: regex
|
|
name: untrusted-source
|
|
regex:
|
|
- 'pickle\.loads'
|
|
- 'c?Pickle\.loads?'
|
|
- 'marshal\.loads'
|
|
- 'pickle\.Unpickler'
|
|
|
|
- type: regex
|
|
name: dangerous-yaml
|
|
regex:
|
|
- 'yaml\.load'
|
|
- 'yaml\.safe_load'
|
|
|
|
- type: regex
|
|
name: sqli
|
|
regex:
|
|
- 'cursor\.execute'
|
|
- 'sqlite3\.execute'
|
|
- 'MySQLdb\.execute'
|
|
- 'psycopg2\.execute'
|
|
- 'cx_Oracle\.execute'
|
|
# digest: 4b0a004830460221009cbdd4d5b9926d38768948ba272b6225a5e7379ae84943bf859d2636e52e8d6d022100eac79ec529e856b907be9cb1f586002ffa56ef72e0022364b5bb7f9c6dd79c8e:922c64590222798bb761d5b6d8e72950 |