klezVirus/csvi-check.py

## csvi-check.py
import csv
import sys
import os
import argparse

def check(args):
    csv_injection = ["=", "@", "+", "-"]
    end = "\n  [-] Finished!"
    novuln = " No Vulnerability found."

    found = False

    # Checking file existence
    if not os.path.isfile(args.file):
        print("[-] CSV file not found")
        sys.exit(1)

    # Checking file extension
    f, ext = os.path.splitext(args.file)
    if not ext == ".csv":
        print("  [-] Do not seem a valid CSV file")
        if not args.ignore_erros:
            sys.exit(1)

    try:
        with open(args.file, newline='') as csvfile:
            reader = csv.reader(csvfile, delimiter=args.delimiter, quotechar=args.quote_char)
            for row in reader:
                for col in row:
                    if len(col) == 0:
                        continue
                    elif col[0] in csv_injection:
                        print("  [+] CSV Injection Found!")
                        print(f"    [>] Injection: {col}")
                        found = True

            print(end if found else end + novuln)
    except:
        print("  [-] Error parsing the file")
        print(f"   [>] Exception: {e}")


def getargs():
    parser = argparse.ArgumentParser(description='EffortCalculator: A deterministic way to scope SCR projects')
    parser.add_argument(
        '-d', '--delimiter', required=False, type=str, default=",", help='CSV column separator character')
    parser.add_argument(
        '-q', '--quote-char', required=False, type=str, default='"', help='CSV quote character')
    parser.add_argument(
        '-f', '--ignore-errors', required=False, action='store_true', default=False, help='Ignore errors')
    parser.add_argument(
        'file', help='CSV File to analyze')
    return parser.parse_args()

def print_header():
    msg = """
       ____________    ______     ________              __
      / ____/ ___/ |  / /  _/    / ____/ /_  ___  _____/ /_____  _____
     / /    \__ \| | / // /_____/ /   / __ \/ _ \/ ___/ //_/ _ \/ ___/
    / /___ ___/ /| |/ // /_____/ /___/ / / /  __/ /__/ ,< /  __/ /
    \____//____/ |___/___/     \____/_/ /_/\___/\___/_/|_|\___/_/ d3adc0de
  -------------------------------------------------------------------------
"""
    print(msg)


def main():
    print_header()
    args = getargs()
    check(args)


if __name__ == '__main__':
    main()
	import csv
	import sys
	import os
	import argparse

	def check(args):
	csv_injection = ["=", "@", "+", "-"]
	end = "\n [-] Finished!"
	novuln = " No Vulnerability found."

	found = False

	# Checking file existence
	if not os.path.isfile(args.file):
	print("[-] CSV file not found")
	sys.exit(1)

	# Checking file extension
	f, ext = os.path.splitext(args.file)
	if not ext == ".csv":
	print(" [-] Do not seem a valid CSV file")
	if not args.ignore_erros:
	sys.exit(1)

	try:
	with open(args.file, newline='') as csvfile:
	reader = csv.reader(csvfile, delimiter=args.delimiter, quotechar=args.quote_char)
	for row in reader:
	for col in row:
	if len(col) == 0:
	continue
	elif col[0] in csv_injection:
	print(" [+] CSV Injection Found!")
	print(f" [>] Injection: {col}")
	found = True

	print(end if found else end + novuln)
	except:
	print(" [-] Error parsing the file")
	print(f" [>] Exception: {e}")


	def getargs():
	parser = argparse.ArgumentParser(description='EffortCalculator: A deterministic way to scope SCR projects')
	parser.add_argument(
	'-d', '--delimiter', required=False, type=str, default=",", help='CSV column separator character')
	parser.add_argument(
	'-q', '--quote-char', required=False, type=str, default='"', help='CSV quote character')
	parser.add_argument(
	'-f', '--ignore-errors', required=False, action='store_true', default=False, help='Ignore errors')
	parser.add_argument(
	'file', help='CSV File to analyze')
	return parser.parse_args()

	def print_header():
	msg = """
	____________ ______ ________ __
	/ ____/ ___/ \| / / _/ / ____/ /_ ___ _____/ /_____ _____
	/ / \__ \\| \| / // /_____/ / / __ \/ _ \/ ___/ //_/ _ \/ ___/
	/ /___ ___/ /\| \|/ // /_____/ /___/ / / / __/ /__/ ,< / __/ /
	\____//____/ \|___/___/ \____/_/ /_/\___/\___/_/\|_\|\___/_/ d3adc0de
	-------------------------------------------------------------------------
	"""
	print(msg)


	def main():
	print_header()
	args = getargs()
	check(args)


	if __name__ == '__main__':
	main()