import pexpect
import shlex
from tools.ToolBase import ToolBase
class PsqlTool(ToolBase):
def validate_instruction(self, instruction):
#指令过滤
timeout = 60
return instruction,timeout
def analyze_result(self, result,instruction,stderr,stdout):
#指令结果分析
return result
def do_worker_pexpect(self,str_instruction,timeout,ext_params):
try:
safe_command = shlex.quote(str_instruction)
cmd = f"bash -c {safe_command}"
exc_do = pexpect.spawn(cmd,timeout=timeout,encoding='utf-8')
index = exc_do.expect([
pexpect.TIMEOUT,
pexpect.EOF,
'Password for user postgres:',
'用户 postgres 的口令:'
])
#strout = exc_do.before.decode('utf-8', errors='replace')
strout = exc_do.before
if index == 0 or index ==1:
return strout
elif index ==2 or index==3:
strout += '用户 postgres 的口令:'
exc_do.sendline('') #输入空密码后不知道会有多少种情况,密码不对,密码对
index = exc_do.expect([pexpect.TIMEOUT,pexpect.EOF])
print(index)
strout += exc_do.before
return strout
except Exception as e:
return f"执行错误: {str(e)}"
def execute_instruction(self, instruction_old):
'''
执行指令:验证合法性 -> 执行 -> 分析结果
*****如果指令要做验证,只做白名单,所有逻辑不是全放开就是白名单*****
:param instruction_old:
:return:
bool:true-正常返回给大模型处理下一步,false-结果不返回给大模型,2--需要人工确认的指令
str:执行的指令
str:执行指令的结果-解析过滤后的结果--也是提交给LLM的结果
str:执行指令的结果-原结果
object:补充参数-封装一个对象: 0-不知是否攻击成功,1-明确存在漏洞,2-明确不存在漏洞
'''
ext_params = self.create_extparams()
# 第一步:验证指令合法性
instruction,timeout = self.validate_instruction(instruction_old)
if not instruction:
ext_params.is_user= True
return False,instruction_old,"该指令暂不执行!由用户确认是否要兼容支持","",ext_params #未
#过滤修改后的指令是否需要判重?同样指令再执行结果一致?待定---#?
# 第二步:执行指令
#output = self.do_worker_script(instruction, timeout, ext_params)
output = self.do_worker_pexpect(instruction,timeout,ext_params)
# 第三步:分析执行结果
if isinstance(output,bytes):#若是bytes则转成str
output = output.decode('utf-8', errors='ignore')
analysis = self.analyze_result(output,instruction,"","")
if not analysis: #analysis为“” 不提交LLM
ext_params.is_user = True
return False,instruction,analysis,output,ext_params
return True,instruction, analysis,output,ext_params