-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathanalyzer.py
More file actions
46 lines (40 loc) · 1.18 KB
/
analyzer.py
File metadata and controls
46 lines (40 loc) · 1.18 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
import re
# Liste bekannter Fehler-Muster
ERROR_PATTERNS = [
r"SQL syntax.*MySQL",
r"Warning.*mysql_",
r"Unclosed quotation mark after the character string",
r"quoted string not properly terminated",
r"Microsoft OLE DB Provider for ODBC Drivers",
r"ORA-\d+", # Oracle
r"PostgreSQL.*ERROR",
r"PG::SyntaxError",
r"Stack trace",
r"Exception.* at ",
r"System\.Web\.HttpUnhandledException",
r"InvalidArgumentException",
r"Undefined variable",
r"Undefined index",
r"Fatal error",
r"Parse error",
r"Internal Server Error",
r"you have an error in your sql syntax",
r"unexpected token",
r"TypeError",
r"ReferenceError",
r"Segmentation fault",
]
def analyze(response, payload):
"""
Analysiert die HTTP-Response.
Gibt True zurück, wenn verdächtige Fehlermuster gefunden werden.
"""
if not response:
return False
body = response.text
# Alle Patterns durchlaufen
for pattern in ERROR_PATTERNS:
if re.search(pattern, body, re.IGNORECASE):
print(f"[!] Possible vuln detected: pattern '{pattern}' in response!")
return True
return False