Update framewalk

Author: s4dhulabs

core/_dbops_/db/vmnf.db

@@ -44,7 +44,7 @@ def abduct_items(**vfres):
         }
 
         print(f"\t ⠞⠓⠊⠎ Abducting {cl(siddhi.lower(), 'red', attrs=['bold'])}: {cl(brief,'white')} ...")
-        sleep(0.15)
+        sleep(0.1)
 
     for k,v in vfres.items():
         print("\033c", end="")

core/vmnf_sessions_utils.py

@@ -166,6 +166,7 @@ def args(self):
         vmnf_shared_parser.add_argument("--target-exceptions", action="store", dest='target_exceptions',default=False)
         vmnf_shared_parser.add_argument("--skip-exception", action="store", dest='skip_exception',default=False)
         vmnf_shared_parser.add_argument("--skip-exceptions", action="store", dest='skip_exceptions',default=False)
+        vmnf_shared_parser.add_argument("--exception-count", action="store", type=int, dest='exception_count',default=False)
         # -------------------------------------------------------------------------------
         # > Connection setting - [ proxy options ] 
         # -------------------------------------------------------------------------------

core/vmnf_shared_args.py

@@ -67,7 +67,7 @@ def load_siddhis(self):
 
         for s in os.scandir(f'{os.getcwd()}/siddhis/'):
             print(f"\tLoading {s.name}...")
-            sleep(0.1)
+            #sleep(0.1)
 
             if (s.is_dir() and not s.name.startswith('_')):
                 plugin_docs = f"{s.path}/{s.name}.yaml"

core/vmnf_smng.py

@@ -583,6 +583,8 @@ def record(self):
             scan_template['has_issues'] = True
 
             try:
+                self.handler['framework'] = 'Django'
+                self.handler['framework_version'] = self.handler['django_version']
                 cves,cves_table = prana(**self.handler).get_cves_for_version()
             # TypeError: cannot unpack non-iterable bool object
             except TypeError:
@@ -701,4 +703,3 @@ def closed(self,reason):
         self.record()
         reactor.stop()
         os._exit(os.EX_OK)
-

siddhis/d4m8/engines/_d4m8_engine.py

@@ -3,7 +3,6 @@
 #   \/imana 2016
 #   [|-ramewørk
 #
-#
 # Author: s4dhu
 # Email: <s4dhul4bs[at]prontonmail[dot]ch
 # Git: @s4dhulabs
@@ -17,230 +16,176 @@
 
 from .base import BaseDetector
 
-
 class SanicDetector(BaseDetector):
-    """Sanic-specific detection methods"""
+    """Sanic-specific detection methods (improved for specificity)"""
 
     FRAMEWORK = "Sanic"
 
-    # Common Sanic paths to check
     COMMON_PATHS = [
         '/api/status',
-        '/about',
         '/error',
+        '/about',
         '/health',
         '/metrics',
         '/docs',
         '/openapi.json',
         '/api/docs',
     ]
 
-    # Sanic error patterns
     ERROR_PATTERNS = [
-        # Pattern, Description, Confidence
-        (r'⚠️ \d+ — [^=]+', 'Sanic error page format', 25),
-        (r'Traceback of \w+_test_app', 'Sanic test app traceback', 30),
-        (r'Exception: [^=]+ while handling path', 'Sanic exception handling', 25),
-        (r'File /usr/local/lib/python3\.9/site-packages/sanic/app\.py', 'Sanic app.py reference', 35),
-        (r'==============================', 'Sanic error separator', 15),
+        (r'SanicException', 'SanicException in error page', 30),
+        (r'sanic_test_app', 'Sanic test app traceback', 30),
+        (r'Sanic\s+\d+\.\d+\.\d+', 'Sanic version in error', 20),
+        (r'sanic/app\.py', 'Sanic app.py in traceback', 25),
+        (r'sanic.server', 'Sanic server in traceback', 20),
         (r'Exception: Test error for framework detection', 'Sanic test error', 20),
+        (r'(?i)sanic', 'Sanic reference in error', 10),
     ]
 
-    # Sanic content patterns
     CONTENT_PATTERNS = [
-        # Pattern, Description, Confidence
         (r'Hello from Sanic!', 'Sanic greeting in content', 20),
         (r'<title>Sanic Test App</title>', 'Sanic test app title', 25),
         (r'<h1>Hello from Sanic!</h1>', 'Sanic heading in content', 20),
-        (r'This is a minimal Sanic application', 'Sanic app description', 15),
-        (r'<a href="/api/status">API Status</a>', 'Sanic API status link', 10),
-        (r'<a href="/about">About</a>', 'Sanic about link', 10),
+        (r'Sanic Framework Detection Test', 'Sanic detection test string', 20),
+        (r'Sanic is a Python 3.7\+ web server', 'Sanic description', 15),
+        (r'(?i)sanic', 'Sanic reference in HTML', 10),
     ]
 
-    # Sanic header patterns (though Sanic doesn't have many unique headers)
     HEADER_PATTERNS = [
-        # Header name, Pattern, Description, Confidence
-        ('content-type', r'text/plain; charset=utf-8', 'Sanic plain text response', 5),
-        ('Allow', r'GET', 'Sanic GET method allowance', 3),
+        ('server', r'uvicorn', 'Uvicorn server header (common for Sanic)', 5),
+        ('content-type', r'application/json', 'JSON API response', 3),
     ]
 
-    # Sanic API response patterns
     API_PATTERNS = [
-        # Pattern, Description, Confidence
-        (r'"status": "running"', 'Sanic API status response', 20),
-        (r'"framework": "sanic"', 'Sanic framework identification', 25),
-        (r'"version": "\d+\.\d+\.\d+"', 'Sanic version in API', 15),
+        (r'"framework": ?"sanic"', 'Sanic framework in API response', 30),
+        (r'"status": ?"running"', 'Status running in API response', 10),
+        (r'"version": ?"[0-9.]+"', 'Version in API response', 10),
     ]
 
     def detect(self) -> None:
-        """Run Sanic detection methods"""
-        self._check_headers()
-        self._check_content_patterns()
-        self._check_error_patterns()
-        self._check_api_endpoints()
-        self._check_common_paths()
+        evidence = set()
+        evidence_types = set()
+        # Check error page for Sanic-specific patterns
+        if self._check_error_patterns(evidence, evidence_types):
+            pass
+        # Check API status endpoint for Sanic-specific JSON
+        if self._check_api_status(evidence, evidence_types):
+            pass
+        # Check main page and about for Sanic content
+        if self._check_content_patterns(evidence, evidence_types):
+            pass
+        # Check headers for Uvicorn and JSON
+        if self._check_headers(evidence, evidence_types):
+            pass
+        # Check common paths for 200 OK (low confidence)
+        self._check_common_paths(evidence, evidence_types)
+        # Assign confidence based on evidence
+        self._score_evidence(evidence, evidence_types)
         self.detect_version()
-        
-    def _add_score(self, 
-                  points: int, 
-                  evidence_type: str, 
-                  detail: str, 
-                  raw_data: Optional[Dict[str, Any]] = None) -> None:
-        """Add score for Sanic"""
+    
+    def _add_score(self, points: int, evidence_type: str, detail: str, raw_data: Optional[Dict[str, Any]] = None) -> None:
         self.result_manager.add_score(self.FRAMEWORK, points, evidence_type, detail, raw_data)
-        
-    def _add_version_hint(self, 
-                         version: str, 
-                         confidence: int, 
-                         evidence: str) -> None:
-        """Add version hint for Sanic"""
+    
+    def _add_version_hint(self, version: str, confidence: int, evidence: str) -> None:
         self.result_manager.add_version_hint(self.FRAMEWORK, version, confidence, evidence)
-        
-    def _add_component(self, 
-                      component: str, 
-                      evidence: str) -> None:
-        """Add component for Sanic"""
+    
+    def _add_component(self, component: str, evidence: str) -> None:
         self.result_manager.add_component(self.FRAMEWORK, component, evidence)
-        
-    def _check_headers(self) -> None:
-        """Check for Sanic-specific headers"""
+    
+    def _check_headers(self, evidence, evidence_types) -> bool:
         response = self.request_manager.make_request()
         if not response:
-            return
-            
+            return False
         headers = response.headers
-        
-        # Check header patterns
+        found = False
         for header_name, pattern, description, confidence in self.HEADER_PATTERNS:
             if header_name in headers:
                 header_value = headers[header_name]
                 if re.search(pattern, header_value, re.IGNORECASE):
-                    self._add_score(
-                        confidence, 
-                        'Header', 
-                        f"{description}: {header_name}: {header_value}"
-                    )
-                    
-        # Check for 405 Method Not Allowed (common in Sanic for HEAD requests)
-        if response.status_code == 405:
-            self._add_score(
-                10, 
-                'Header', 
-                f"405 Method Not Allowed response (common in Sanic)"
-            )
-                
-    def _check_content_patterns(self) -> None:
-        """Check for Sanic content patterns"""
+                    evidence.add(f"Header: {description}")
+                    evidence_types.add('header')
+                    found = True
+        return found
+    
+    def _check_content_patterns(self, evidence, evidence_types) -> bool:
         response = self.request_manager.make_request()
         if not response:
-            return
-            
-        # Check content patterns
+            return False
+        found = False
         for pattern, description, confidence in self.CONTENT_PATTERNS:
             if re.search(pattern, response.text, re.IGNORECASE):
-                self._add_score(
-                    confidence, 
-                    'Content', 
-                    f"{description}: {pattern}"
-                )
-                
-    def _check_error_patterns(self) -> None:
-        """Check for Sanic error patterns"""
+                evidence.add(f"Content: {description}")
+                evidence_types.add('content')
+                found = True
+        return found
+    
+    def _check_error_patterns(self, evidence, evidence_types) -> bool:
         base_url = self.request_manager.target_url.rstrip('/')
         error_url = urljoin(base_url, '/error')
-        
         response = self.request_manager.make_request(error_url)
         if not response:
-            return
-            
-        # Check error patterns in response text
+            return False
+        found = False
         for pattern, description, confidence in self.ERROR_PATTERNS:
             if re.search(pattern, response.text, re.IGNORECASE):
-                self._add_score(
-                    confidence, 
-                    'Error', 
-                    f"{description}: {pattern}"
-                )
-                
-    def _check_api_endpoints(self) -> None:
-        """Check for Sanic API endpoints"""
+                evidence.add(f"Error: {description}")
+                evidence_types.add('error')
+                found = True
+        return found
+    
+    def _check_api_status(self, evidence, evidence_types) -> bool:
         base_url = self.request_manager.target_url.rstrip('/')
         api_url = urljoin(base_url, '/api/status')
-        
         response = self.request_manager.make_request(api_url)
         if not response:
-            return
-            
-        # Check API response patterns
+            return False
+        found = False
         for pattern, description, confidence in self.API_PATTERNS:
             if re.search(pattern, response.text, re.IGNORECASE):
-                self._add_score(
-                    confidence, 
-                    'API', 
-                    f"{description}: {pattern}"
-                )
-                
-        # Check for JSON response
+                evidence.add(f"API: {description}")
+                evidence_types.add('api')
+                found = True
         if response.headers.get('content-type', '').startswith('application/json'):
-            self._add_score(
-                15, 
-                'API', 
-                "JSON API response detected"
-            )
-            
-    def _check_common_paths(self) -> None:
-        """Check for Sanic-specific paths"""
+            evidence.add("API: JSON API response detected")
+            evidence_types.add('api')
+            found = True
+        return found
+    
+    def _check_common_paths(self, evidence, evidence_types):
         base_url = self.request_manager.target_url.rstrip('/')
-        
         for path in self.COMMON_PATHS:
             url = urljoin(base_url, path)
             response = self.request_manager.make_request(url)
-            
-            if response:
-                # Check for successful responses
-                if response.status_code == 200:
-                    self._add_score(
-                        10, 
-                        'Endpoint', 
-                        f"{path} returns 200 OK"
-                    )
-                    
-                # Check for 405 responses (common in Sanic)
-                elif response.status_code == 405:
-                    self._add_score(
-                        8, 
-                        'Endpoint', 
-                        f"{path} returns 405 Method Not Allowed (Sanic behavior)"
-                    )
-                    
+            if response and response.status_code == 200:
+                # Only add as low confidence evidence
+                evidence.add(f"Endpoint: {path} returns 200 OK")
+                evidence_types.add('endpoint')
+    
+    def _score_evidence(self, evidence, evidence_types):
+        # High confidence: at least 2 unique types of strong evidence
+        strong_types = {'error', 'api', 'content'}
+        strong_evidence = strong_types.intersection(evidence_types)
+        if len(strong_evidence) >= 2:
+            self._add_score(90, 'Composite', f"Sanic detected by: {sorted(strong_evidence)} | {sorted(evidence)}")
+        elif 'error' in evidence_types and 'api' in evidence_types:
+            self._add_score(70, 'Composite', f"Sanic error and API evidence: {sorted(evidence)}")
+        elif 'error' in evidence_types:
+            self._add_score(30, 'Error', f"Sanic error evidence: {sorted(evidence)}")
+        elif 'api' in evidence_types:
+            self._add_score(30, 'API', f"Sanic API evidence: {sorted(evidence)}")
+        elif 'content' in evidence_types:
+            self._add_score(20, 'Content', f"Sanic content evidence: {sorted(evidence)}")
+        elif 'header' in evidence_types:
+            self._add_score(10, 'Header', f"Sanic header evidence: {sorted(evidence)}")
+        elif 'endpoint' in evidence_types:
+            self._add_score(5, 'Endpoint', f"Sanic endpoint evidence: {sorted(evidence)}")
+    
     def detect_version(self) -> None:
-        """Attempt to detect Sanic version"""
-        # Check error page for version hints
         base_url = self.request_manager.target_url.rstrip('/')
-        error_url = urljoin(base_url, '/error')
-        
-        response = self.request_manager.make_request(error_url)
-        if not response:
-            return
-            
-        # Look for version in error traceback
-        version_match = re.search(r'sanic/app\.py', response.text)
-        if version_match:
-            self._add_version_hint(
-                "Unknown", 
-                50, 
-                "Sanic app.py referenced in error traceback"
-            )
-            
-        # Check API endpoint for version
         api_url = urljoin(base_url, '/api/status')
-        api_response = self.request_manager.make_request(api_url)
-        if api_response:
-            version_match = re.search(r'"version": "(\d+\.\d+\.\d+)"', api_response.text)
+        response = self.request_manager.make_request(api_url)
+        if response:
+            version_match = re.search(r'"version": ?"([0-9.]+)"', response.text)
             if version_match:
                 version = version_match.group(1)
-                self._add_version_hint(
-                    version, 
-                    80, 
-                    f"Sanic version detected in API response: {version}"
-                ) 
+                self._add_version_hint(version, 80, f"Sanic version detected in API response: {version}")