You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
21 lines
803 B
21 lines
803 B
from tools.ToolBase import ToolBase
|
|
|
|
class EchoTool(ToolBase):
|
|
def validate_instruction(self, instruction):
|
|
#指令过滤
|
|
timeout = 0
|
|
return instruction,timeout
|
|
|
|
def analyze_result(self, result,instruction,stderr,stdout):
|
|
#指令结果分析
|
|
if "GET / HTTP/1.1" in result and "X-Original-URL: /proc/self/environ" in result:
|
|
#通过构造 自定义HTTP请求头 尝试利用服务器配置漏洞,访问敏感文件
|
|
if "HTTP/1.1 200" in result and "PATH=" in result:
|
|
#result = "存在安全问题" #暂时保留结果
|
|
pass
|
|
else:
|
|
result ="不存在安全问题"
|
|
else:#未预处理的情况,暂时不返回LLM
|
|
result = ""
|
|
|
|
return result
|