Failed to save the file to the "xx" directory.

Failed to save the file to the "ll" directory.

Failed to save the file to the "mm" directory.

Failed to save the file to the "wp" directory.

403WebShell
403Webshell
Server IP : 66.29.132.124  /  Your IP : 18.223.241.235
Web Server : LiteSpeed
System : Linux business141.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
User : wavevlvu ( 1524)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /proc/self/root/opt/cloudlinux/venv/lib/python3.11/site-packages/dodgy/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /proc/self/root/opt/cloudlinux/venv/lib/python3.11/site-packages/dodgy/checks.py
import codecs
import gzip
import re
from functools import partial

STRING_VALS = (
    (
        "aws_secret_key",
        "Amazon Web Services secret key",
        (
            re.compile(r'(\'|")[A-Za-z0-9\\\+]{40}(\'|")'),
            re.compile(r"(\b|_)AWS(\b|_)", re.IGNORECASE),
        ),
        all,
    ),
)

LINE_VALS = (
    (
        "diff",
        "Possible SCM diff in code",
        (re.compile(r"^<<<<<<< .*$"), re.compile(r"^>>>>>>> .*$")),
    ),
    (
        "ssh_rsa_private_key",
        "Possible SSH private key",
        re.compile(r"^-{5}(BEGIN|END)\s+RSA\s+PRIVATE\s+KEY-{5}$"),
    ),
    (
        "ssh_rsa_public_key",
        "Possible SSH public key",
        re.compile(r"^ssh-rsa\s+AAAA[0-9A-Za-z+/]+[=]{0,3}\s*([^@]+@[^@]+)?$"),
    ),
)

VAR_NAMES = (
    (
        "password",
        "Possible hardcoded password",
        re.compile(
            r'(\b|[A-Z0-9_]*_)PASSWORD(_[A-Z0-9_]*|\b)\s*=\s(\'|")[^\'"]+(\'|")'
        ),
    ),
    (
        "secret",
        "Possible hardcoded secret key",
        re.compile(r'(\b|[A-Z0-9_]*_)SECRET(_[A-Z0-9_]*|\b)\s*=\s(\'|")[^\'"]+(\'|")'),
    ),
)


def check_line(line, check_list):
    messages = []

    for tup in check_list:
        if len(tup) == 3:
            key, msg, regexps = tup
            cond = any
        else:
            key, msg, regexps, cond = tup

        if not isinstance(regexps, (list, tuple)):
            regexps = [regexps]
        if cond([regexp.search(line) for regexp in regexps]):
            messages.append((key, msg))

    return messages


def check_file(filepath):
    if filepath.endswith(".gz"):
        # this file looks like it is using gzip compression
        fopen = partial(gzip.open, mode="rt")
    else:
        # otherwise treat as standard text file
        fopen = partial(codecs.open, mode="r")
    with fopen(filepath, encoding="utf-8") as to_check:
        return check_file_contents(to_check.read())


def check_file_contents(file_contents):
    messages = []

    for line_number0, line in enumerate(file_contents.split("\n")):
        for check_list in (STRING_VALS, LINE_VALS, VAR_NAMES):
            messages += [
                (line_number0 + 1, key, msg)
                for key, msg in check_line(line, check_list)
            ]

    return messages

Youez - 2016 - github.com/yon3zu
LinuXploit