-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfinalCode_1
85 lines (72 loc) · 2.08 KB
/
finalCode_1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
import pandas as pd
import re
def detect_sql_injection(info):
# List of common SQL injection commands and patterns
sql_injection_commands = [
"SELECT",
"UNION",
"INSERT",
"UPDATE",
"DELETE",
"DROP",
"EXEC",
"TRUNCATE",
"OR 1=1",
"OR '1'='1'",
"--",
";--",
"/*",
"*/",
"@@",
"CHAR",
"WAITFOR",
"BENCHMARK"
]
info_upper = info.upper()
for command in sql_injection_commands:
if command.upper() in info_upper:
return True
new_pattern = r"id=\d*'"
if re.search(new_pattern, info, re.IGNORECASE):
return True
return False
def extract_uri(info):
# Extract URI path and parameters
match = re.search(r'(GET|POST) (.+?) (HTTP|HTTPS)/[0-9.]+', info, re.IGNORECASE)
if match:
return match.group(2)
return None
def main():
# Load the CSV file
file_path = input().strip()
data = pd.read_csv(file_path)
sql_injection_attempts = []
for index, row in data.iterrows():
if detect_sql_injection(row['Info']):
uri = extract_uri(row['Info'])
if uri:
sql_injection_attempts.append((row['Time'], row['Source'], uri))
if sql_injection_attempts:
# Sort attempts by time
sql_injection_attempts.sort()
attacker_ip = sql_injection_attempts[0][1]
first_payload = sql_injection_attempts[0][2]
last_payload = sql_injection_attempts[-1][2]
total_attempts = len(sql_injection_attempts)
payloads_with_colon =0
for attempt in sql_injection_attempts:
if '0x3a' in attempt[2]:
payloads_with_colon+=1
print(f"1A: {attacker_ip}")
print(f"2A: {total_attempts}")
print(f"3A: {first_payload}")
print(f"4A: {last_payload}")
print(f"5A: {payloads_with_colon}")
else:
print("1A: NULL")
print("2A: 0")
print("3A: NULL")
print("4A: NULL")
print("5A: 0")
if __name__ == "__main__":
main()