mate.poi.analysis.CommandInjection module

class mate.poi.analysis.CommandInjection.CommandInjection

Bases: mate.poi.poi_types.Analysis

This analysis looks for potential command injection sites.

This analysis looks for constants which contain SQL keywords, and functions in the printf family which take those constant strings as arguments.

run(session: Session, graph: db.Graph, _inputs: Dict[str, Any]) → Iterable[POIGraphsPair]

Parameters

• session (Session) –

• graph (db.Graph) –

• _inputs (Dict[str, Any]) –

Return type

Iterable[POIGraphsPair]

class mate.poi.analysis.CommandInjection.CommandInjectionPOI(*, insight: str, source: str = None, sink: str = None, salient_functions: List[mate_common.models.analyses.SalientFunction] = [], keyword_string: str, keyword_string_id: str, suspicious_callsite_ids: List[str])

Bases: mate_common.models.analyses.POI

This POI represents a possible command injection site.

It consists of a string which uses a known SQL keyword, and the uuid of a callsite to a printf- like function which uses that string. The uuids are relative to the graph which was provided when the analysis ran.

Parameters

• insight (str) –

• source (Optional[str]) –

• sink (Optional[str]) –

• salient_functions (List[mate_common.models.analyses.SalientFunction]) –

• keyword_string (str) –

• keyword_string_id (str) –

• suspicious_callsite_ids (List[str]) –

Return type

None

keyword_string: str

keyword_string_id: str

suspicious_callsite_ids: List[str]

mate.poi.analysis.CommandInjection.find_command_injection_sites(session: Session, cpg: db.Graph) → Iterable[POIGraphsPair]

Parameters

• session (Session) –

• cpg (db.Graph) –

Return type

Iterable[POIGraphsPair]