Provide a script for upload validation

The Python script is using vld (https://derickrethans.nl/projects.html#vld) to check for malicious opcodes.
author: jvoisin 2018-02-12 13:55:33 +0100
committer: GitHub 2018-02-12 13:55:33 +0100
commit: 696ebc4ae68f4c7c2b803c917de365b98621b3a8 (patch)
tree: 5c6cef740fa19926a1f824e3c71bbec1ee5c1eda /scripts/upload_validation.py
parent: 0c65426b8a5c369a43a34b92aec84834e3ab246b (diff)
1 files changed, 38 insertions, 0 deletions
diff --git a/scripts/upload_validation.py b/scripts/upload_validation.py
new file mode 100755
index 0000000..fb1e05f
--- /dev/null
+++ b/scripts/upload_validation.py
@@ -0,0 +1,38 @@
+#!/usr/bin/python
+import sys
+import subprocess
+WHITELIST = ('ECHO', 'RETURN', 'PHP', 'NOP')
+def check(filename):
+    try:
+        output = subprocess.check_output(["php",
+            "-d", "vld.active=1",
+            "-d", "vld.execute=0",
+            "-d", "extension=vld.so",
+            "-d", "vld.format=1",
+            "-d", "vld.col_sep=@",
+            "-d", "log_errors=0",
+            filename],
+            stderr=subprocess.STDOUT)
+    except subprocess.CalledProcessError as e:
+        print("Error: %s" % e)
+        return 2
+    for line in output.splitlines()[8:]:
+        sp = line.split('@')
+        if len(sp) < 5:
+            continue
+        opcode = sp[4]  # ,line, #, EIO, op, fetch, ext, return, operands
+        if opcode not in WHITELIST:
+            print("Upload_validation: Found an opcode: %s" % opcode)
+            return 1
+    return 0
+if __name__ == '__main__':
+    if len(sys.argv) != 2:
+        print('Usage: %0 file_to_test.php', sys.argv[0])
+    else:
+        sys.exit(check(sys.argv[1]))
author	jvoisin	2018-02-12 13:55:33 +0100
committer	GitHub	2018-02-12 13:55:33 +0100
commit	696ebc4ae68f4c7c2b803c917de365b98621b3a8 (patch)
tree	5c6cef740fa19926a1f824e3c71bbec1ee5c1eda /scripts/upload_validation.py
parent	0c65426b8a5c369a43a34b92aec84834e3ab246b (diff)

diff --git a/scripts/upload_validation.py b/scripts/upload_validation.py new file mode 100755 index 0000000..fb1e05f --- /dev/null +++ b/scripts/upload_validation.py
@@ -0,0 +1,38 @@
	1	#!/usr/bin/python
	2
	3	import sys
	4	import subprocess
	5
	6	WHITELIST = ('ECHO', 'RETURN', 'PHP', 'NOP')
	7
	8	def check(filename):
	9	try:
	10	output = subprocess.check_output(["php",
	11	"-d", "vld.active=1",
	12	"-d", "vld.execute=0",
	13	"-d", "extension=vld.so",
	14	"-d", "vld.format=1",
	15	"-d", "vld.col_sep=@",
	16	"-d", "log_errors=0",
	17	filename],
	18	stderr=subprocess.STDOUT)
	19	except subprocess.CalledProcessError as e:
	20	print("Error: %s" % e)
	21	return 2
	22
	23	for line in output.splitlines()[8:]:
	24	sp = line.split('@')
	25	if len(sp) < 5:
	26	continue
	27	opcode = sp[4] # ,line, #, EIO, op, fetch, ext, return, operands
	28	if opcode not in WHITELIST:
	29	print("Upload_validation: Found an opcode: %s" % opcode)
	30	return 1
	31	return 0
	32
	33
	34	if __name__ == '__main__':
	35	if len(sys.argv) != 2:
	36	print('Usage: %0 file_to_test.php', sys.argv[0])
	37	else:
	38	sys.exit(check(sys.argv[1]))