Skip to content

Instantly share code, notes, and snippets.

@s0md3v
Last active April 21, 2019 10:59
Embed
What would you like to do?
Scan a directory for exploitable regular expressions
#!/usr/bin/env python3
import os, re, sys, glob, math, warnings
end = '\033[0m'
red = '\033[91m'
green = '\033[92m'
info = '\033[93m[!]\033[0m'
good = '\033[92m[+]\033[0m'
line = red + ('-' * 100) + end
warnings.filterwarnings("ignore")
values = set()
variablePattern = re.compile(r'''(?m)(['"`]|\'\'\'|""")([.\s\S]*?)(?<!\\)\1''')
def reader(path):
with open(path, 'r') as f:
result = [line for line in f]
return ''.join(result)
def isRegex(string):
try:
re.compile(variable)
if re.search(r'\{\d+,\d+\}|\*|\+', string):
return True
except re.error:
return False
files = []
path = os.getcwd()
for (dirpath, dirnames, filenames) in os.walk(path):
result = [dirpath + '/' + file for file in filenames]
files.extend(result)
for file in files:
if '.git' not in file and '__pycache__' not in file:
content = reader(file)
matches = re.finditer(variablePattern, content)
if matches:
for match in matches:
variable = match.group(2)
if variable.startswith('/'):
variable = variable.lstrip('/')
if variable.endswith('\\'):
variable = variable.rstrip('\\')
if '(?i:' in variable:
variable = variable.replace('(?i:', '(')
if isRegex(variable):
if re.search(r'(\{\d+,\d+\}|\*|\+)\)(\{\d+,\d+\}|\*|\+)', variable):
print (red + '+ VULNERABILITY DETECTED' + end)
print (' %s-%s File%s %s' % (green, dgreen, end, file))
print (' %s-%s Regex%s %s' % (green, dgreen, end, variable))
print ()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment