Skip to content

Commit 830fcd1

Browse files
committed
sinks: run idor checks [wip]
1 parent aea99d7 commit 830fcd1

6 files changed

Lines changed: 31 additions & 0 deletions

File tree

aikido_zen/sinks/asyncpg.py

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
from aikido_zen.helpers.get_argument import get_argument
77
from aikido_zen.helpers.register_call import register_call
88
from aikido_zen.sinks import patch_function, before, on_import
9+
from aikido_zen.vulnerabilities.idor.check_idor import run_idor_check
910

1011

1112
@before
@@ -17,6 +18,10 @@ def _execute(func, instance, args, kwargs):
1718

1819
vulns.run_vulnerability_scan(kind="sql_injection", op=op, args=(query, "postgres"))
1920

21+
# asyncpg uses variadic positional args for params: execute(query, *args)
22+
query_params = args[1:] if len(args) > 1 else None
23+
run_idor_check(query, "postgres", query_params)
24+
2025

2126
@on_import("asyncpg.connection", "asyncpg", version_requirement="0.27.0")
2227
def patch(m):

aikido_zen/sinks/clickhouse_driver.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22
from aikido_zen.helpers.register_call import register_call
33
from aikido_zen.sinks import before, on_import, patch_function
44
from aikido_zen.vulnerabilities import run_vulnerability_scan
5+
from aikido_zen.vulnerabilities.idor.check_idor import run_idor_check
56

67

78
@before
@@ -13,6 +14,9 @@ def _execute(func, instance, args, kwargs):
1314

1415
run_vulnerability_scan("sql_injection", op, args=(query, "clickhouse"))
1516

17+
query_params = get_argument(args, kwargs, 1, "params")
18+
run_idor_check(query, "clickhouse", query_params)
19+
1620

1721
@on_import("clickhouse_driver", package="clickhouse_driver")
1822
def patch(m):

aikido_zen/sinks/mysqlclient.py

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
import aikido_zen.vulnerabilities as vulns
77
from aikido_zen.helpers.register_call import register_call
88
from aikido_zen.sinks import patch_function, on_import, before
9+
from aikido_zen.vulnerabilities.idor.check_idor import run_idor_check
910

1011

1112
@before
@@ -20,6 +21,9 @@ def _execute(func, instance, args, kwargs):
2021
kind="sql_injection", op="MySQLdb.Cursor.execute", args=(query, "mysql")
2122
)
2223

24+
query_params = get_argument(args, kwargs, 1, "args")
25+
run_idor_check(query, "mysql", query_params)
26+
2327

2428
@before
2529
def _executemany(func, instance, args, kwargs):
@@ -30,6 +34,9 @@ def _executemany(func, instance, args, kwargs):
3034
kind="sql_injection", op="MySQLdb.Cursor.executemany", args=(query, "mysql")
3135
)
3236

37+
query_params = get_argument(args, kwargs, 1, "args")
38+
run_idor_check(query, "mysql", query_params)
39+
3340

3441
@on_import("MySQLdb.cursors", "mysqlclient", version_requirement="1.5.0")
3542
def patch(m):

aikido_zen/sinks/psycopg.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
from aikido_zen.helpers.get_argument import get_argument
77
from aikido_zen.helpers.register_call import register_call
88
from aikido_zen.sinks import patch_function, on_import, before
9+
from aikido_zen.vulnerabilities.idor.check_idor import run_idor_check
910

1011

1112
@before
@@ -25,6 +26,9 @@ def _execute(func, instance, args, kwargs):
2526
op = f"psycopg.{instance.__class__.__name__}.{func.__name__}"
2627
vulns.run_vulnerability_scan(kind="sql_injection", op=op, args=(query, "postgres"))
2728

29+
query_params = get_argument(args, kwargs, 1, "params")
30+
run_idor_check(query, "postgres", query_params)
31+
2832

2933
@on_import("psycopg.cursor", "psycopg", version_requirement="3.1.0")
3034
def patch(m):

aikido_zen/sinks/psycopg2.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@
77
from aikido_zen.helpers.get_argument import get_argument
88
from aikido_zen.helpers.register_call import register_call
99
from aikido_zen.sinks import on_import, before, patch_function, after
10+
from aikido_zen.vulnerabilities.idor.check_idor import run_idor_check
1011

1112

1213
@after
@@ -42,6 +43,9 @@ def psycopg2_patch(func, instance, args, kwargs):
4243

4344
vulns.run_vulnerability_scan(kind="sql_injection", op=op, args=(query, "postgres"))
4445

46+
query_params = get_argument(args, kwargs, 1, "vars")
47+
run_idor_check(query, "postgres", query_params)
48+
4549

4650
@on_import("psycopg2")
4751
def patch(m):

aikido_zen/sinks/pymysql.py

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
from aikido_zen.helpers.get_argument import get_argument
77
from aikido_zen.helpers.register_call import register_call
88
from aikido_zen.sinks import patch_function, on_import, before
9+
from aikido_zen.vulnerabilities.idor.check_idor import run_idor_check
910

1011

1112
@before
@@ -20,6 +21,9 @@ def _execute(func, instance, args, kwargs):
2021
kind="sql_injection", op="pymysql.Cursor.execute", args=(query, "mysql")
2122
)
2223

24+
query_params = get_argument(args, kwargs, 1, "args")
25+
run_idor_check(query, "mysql", query_params)
26+
2327

2428
@before
2529
def _executemany(func, instance, args, kwargs):
@@ -30,6 +34,9 @@ def _executemany(func, instance, args, kwargs):
3034
kind="sql_injection", op="pymysql.Cursor.executemany", args=(query, "mysql")
3135
)
3236

37+
query_params = get_argument(args, kwargs, 1, "args")
38+
run_idor_check(query, "mysql", query_params)
39+
3340

3441
@on_import("pymysql.cursors", "pymysql", version_requirement="0.9.0")
3542
def patch(m):

0 commit comments

Comments
 (0)