-
-
Save komang4130/d0516194e22a77882f845fd4324f07a6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import re | |
import os | |
def parse(func,content,csrf_func_array,unwanted_func_array): | |
s = content.split(func)[1].split("/**")[0] | |
score = 0 | |
for u_f in unwanted_func_array: | |
if u_f in func: #It mean they are the function that we dont want to check. Because they will call to another parent function or something like that later. | |
score+= 1 | |
for csrf_f in csrf_func_array: | |
if csrf_f in s: #It mean there is no csrf func check | |
score+= 1 | |
return score # 0 mean they r function we want to check | |
def check_csrf(dirss): | |
total = 0 | |
for root, dirs, files in os.walk(dirss): | |
for file in files: | |
#print file | |
if "administrator" in root: | |
if "components" in root: | |
if "controllers" in root: | |
score = 0 | |
if file.endswith(".php"): | |
content = open(root + "\\" + file,'r').read() | |
s = re.compile("public function (.*)") | |
k = s.findall(content) | |
for i in k: | |
if parse(i,content,csrf_check_array,unwanted_func_string) == 0: | |
total +=1 | |
print("\n\n" + "="*30) | |
print("In %s" % root) | |
print("File %s" % file) | |
print("function: %s" % i) | |
print("="*30 + "\n\n") | |
print("Total affected : %d" % total) | |
_dir = "D:\\xampp\\htdocs\\joomla3921" #Your joomla path | |
csrf_check_array = {"checkToken","_csrfProtection"} | |
unwanted_func_string = {"__construct", "__destruct", "getModel(","display(","save(","edit(","cancel(","checkin(","add(","reload(","saveorder","removeroot()","publish()","ajax_upload()"} | |
check_csrf(_dir) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment