GuardianUnivalle-Benito-Yucra 0.1.11__py3-none-any.whl → 0.1.12__py3-none-any.whl

GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py

@@ -1,65 +1,35 @@
 # detector_sql.py
 import re
 import json
-import time
 import logging
 from typing import Tuple
 from django.http import JsonResponse
 from django.utils.deprecation import MiddlewareMixin
-from django.conf import settings
-from django.core.signing import TimestampSigner, BadSignature, SignatureExpired
 
-# ---------- Configuración de logging ----------
 logger = logging.getLogger("sqlidefense")
 logger.setLevel(logging.INFO)
 if not logger.handlers:
-    handler = logging.StreamHandler()  # en prod usa FileHandler/RotatingFileHandler
+    handler = logging.StreamHandler()
     formatter = logging.Formatter("%(asctime)s - %(levelname)s - %(message)s")
     handler.setFormatter(formatter)
     logger.addHandler(handler)
 
 # ---------- Patrones de ataques SQL ----------
 PATTERNS = [
-    (
-        re.compile(r"\bunion\b\s+(all\s+)?\bselect\b", re.I),
-        "Intento de UNION SELECT detectado",
-    ),
+    (re.compile(r"\bunion\b\s+(all\s+)?\bselect\b", re.I), "UNION SELECT"),
     (
         re.compile(r"\bselect\b.*\bfrom\b.*\bwhere\b.*\b(or|and)\b.*=", re.I),
-        "Intento de SELECT con OR/AND detectado",
-    ),
-    (
-        re.compile(r"\b(or|and)\s+\d+\s*=\s*\d+", re.I),
-        "Intento de OR/AND 1=1 detectado",
+        "SELECT con OR/AND",
     ),
+    (re.compile(r"\b(or|and)\s+\d+\s*=\s*\d+", re.I), "OR/AND 1=1"),
     (
         re.compile(r"\b(drop|truncate|delete|insert|update)\b", re.I),
-        "Intento de manipulación de tabla detectado",
+        "Manipulación de tabla",
     ),
-    (
-        re.compile(r"(--|#|;)", re.I),
-        "Comentario o terminador de sentencia sospechoso detectado",
-    ),
-    (re.compile(r"exec\s*\(", re.I), "Intento de ejecución de procedimiento detectado"),
+    (re.compile(r"(--|#|;)", re.I), "Comentario o terminador sospechoso"),
+    (re.compile(r"exec\s*\(", re.I), "Ejecución de procedimiento"),
 ]
 
-# ---------- Bloqueo temporal por IP ----------
-TEMP_BLOCK = {}  # {ip: timestamp}
-BLOCK_DURATION = getattr(settings, "SQL_DEFENSE_BLOCK_TTL", 30)  # segundos
-
-# ---------- Excepciones y bypass ----------
-EXEMPT_PATHS = getattr(settings, "SQLI_EXEMPT_PATHS", ["/api/login/"])
-BYPASS_HEADER = "HTTP_X_SQLI_BYPASS"
-BYPASS_MAX_AGE = getattr(settings, "SQLI_BYPASS_MAX_AGE", 30)  # segundos (muy corto)
-
-# JWT support (optional)
-try:
-    from rest_framework_simplejwt.backends import TokenBackend
-
-    SIMPLEJWT_AVAILABLE = True
-except Exception:
-    SIMPLEJWT_AVAILABLE = False
-
 
 # ---------- Helpers ----------
 def extract_payload_text(request) -> str:
@@ -68,22 +38,15 @@ def extract_payload_text(request) -> str:
     try:
         if "application/json" in content_type:
             body_json = json.loads(request.body.decode("utf-8") or "{}")
-            # 🔒 quitar campos sensibles antes de loguear/analizar
-            for key in getattr(settings, "SQL_DEFENSE_SENSITIVE_KEYS", []):
-                if key in body_json:
-                    body_json[key] = "***"
             parts.append(json.dumps(body_json))
         else:
             parts.append(request.body.decode("utf-8", errors="ignore"))
     except Exception:
         pass
-
     if request.META.get("QUERY_STRING"):
         parts.append(request.META.get("QUERY_STRING"))
-
     parts.append(request.META.get("HTTP_USER_AGENT", ""))
     parts.append(request.META.get("HTTP_REFERER", ""))
-
     return " ".join([p for p in parts if p])
 
 
@@ -95,89 +58,18 @@ def detect_sqli_text(text: str) -> Tuple[bool, list]:
     return (len(matches) > 0, matches)
 
 
-def get_client_ip(request):
-    xff = request.META.get("HTTP_X_FORWARDED_FOR")
-    if xff:
-        return xff.split(",")[0].strip()
-    return request.META.get("REMOTE_ADDR", "0.0.0.0")
-
-
-def is_valid_jwt(request) -> bool:
-    if not SIMPLEJWT_AVAILABLE:
-        return False
-    auth = request.META.get("HTTP_AUTHORIZATION", "")
-    if not auth or not auth.startswith("Bearer "):
-        return False
-    token = auth.split(" ", 1)[1].strip()
-    try:
-        tb = TokenBackend(
-            algorithm=getattr(settings, "SIMPLE_JWT", {}).get("ALGORITHM", "HS256"),
-            signing_key=getattr(settings, "SIMPLE_JWT", {}).get(
-                "SIGNING_KEY", settings.SECRET_KEY
-            ),
-        )
-        tb.decode(token, verify=True)
-        return True
-    except Exception:
-        return False
-
-
-def is_valid_signed_bypass(request) -> bool:
-    signed = request.META.get(BYPASS_HEADER, "")
-    if not signed:
-        return False
-    signer = TimestampSigner(settings.SECRET_KEY)
-    try:
-        signer.unsign(signed, max_age=BYPASS_MAX_AGE)
-        return True
-    except SignatureExpired:
-        logger.info("Bypass token expirado")
-        return False
-    except BadSignature:
-        logger.info("Bypass token inválido")
-        return False
-
-
 # ---------- Middleware ----------
-class SQLIDefenseStrongMiddleware(MiddlewareMixin):
+class SQLIDefenseMiddleware(MiddlewareMixin):
     def process_request(self, request):
-        path = request.path or ""
-        client_ip = get_client_ip(request)
-
-        # 1) Rutas exentas
-        EXEMPT_PATHS = getattr(settings, "SQLI_EXEMPT_PATHS", [])
-        for p in EXEMPT_PATHS:
-            if path.startswith(p):
-                return None
-
-        # 2) IP bloqueada temporalmente
-        if client_ip in TEMP_BLOCK:
-            if time.time() - TEMP_BLOCK[client_ip] < BLOCK_DURATION:
-                logger.warning(f"IP bloqueada temporalmente: {client_ip}")
-                return JsonResponse(
-                    {"detail": "Acceso temporalmente bloqueado"}, status=403
-                )
-            else:
-                del TEMP_BLOCK[client_ip]
-
-        # 3) Extraer payload
         text = extract_payload_text(request)
         if not text:
             return None
 
-        # 4) Detectar SQLi
         flagged, matches = detect_sqli_text(text)
         if flagged:
-            TEMP_BLOCK[client_ip] = time.time()
-            logger.warning(
-                f"Intento de ataque detectado desde IP: {client_ip}, detalles: {matches}, payload: {text}"
-            )
+            logger.warning(f"Ataque detectado: {matches}, payload: {text}")
             return JsonResponse(
-                {
-                    "detail": "Request bloqueado: posible inyección SQL",
-                    "alerts": matches,
-                },
-                status=403,
+                {"mensaje": "Ataque detectado", "tipos": matches}, status=403
             )
 
         return None

{guardianunivalle_benito_yucra-0.1.11.dist-info → guardianunivalle_benito_yucra-0.1.12.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: GuardianUnivalle-Benito-Yucra
-Version: 0.1.11
+Version: 0.1.12
 Summary: Middleware y detectores de seguridad (SQLi, XSS, CSRF, DoS, Keylogger) para Django/Flask
 Author-email: Andres Benito Calle Yucra <benitoandrescalle035@gmail.com>
 License: MIT

{guardianunivalle_benito_yucra-0.1.11.dist-info → guardianunivalle_benito_yucra-0.1.12.dist-info}/RECORD

@@ -7,14 +7,14 @@ GuardianUnivalle_Benito_Yucra/criptografia/kdf.py,sha256=_sbepEY1qHEKga0ExrX2WRg
 GuardianUnivalle_Benito_Yucra/detectores/detector_csrf.py,sha256=EAYfLkHuxGC5rXSu4mZJ4yZDCbwBpTX8xZWGKz7i5wA,692
 GuardianUnivalle_Benito_Yucra/detectores/detector_dos.py,sha256=lMWmCw6nccCEnek53nVjpoBCeiBqLdrSXxqRuI7VP2I,696
 GuardianUnivalle_Benito_Yucra/detectores/detector_keylogger.py,sha256=rEDG-Q_R56OsG2ypfHVBK7erolYjdvATnAxB3yvPXts,729
-GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py,sha256=jyFZYi_VjEF6jvDuUmDOGo5D5IgTzDtprfyaAO-jypU,6095
+GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py,sha256=Sr2gGAKPgOA8FUwyrMDU2q7h91lY5KWs0Xwhm0B3RKg,2536
 GuardianUnivalle_Benito_Yucra/detectores/detector_xss.py,sha256=66V_xuxNOZEwluvWOT4-6pk5MJ3zWE1IwcVkBl7MZSg,719
 GuardianUnivalle_Benito_Yucra/middleware_web/middleware_web.py,sha256=23pLLYqliUoMrIC6ZEwz3hKXeDjWfHSm9vYPWGmDDik,495
 GuardianUnivalle_Benito_Yucra/mitigacion/limitador_peticion.py,sha256=ipMOebYhql-6mSyHs0ddYXOcXq9w8P_IXLlpiIqGncw,246
 GuardianUnivalle_Benito_Yucra/mitigacion/lista_bloqueo.py,sha256=6AYWII4mrmwCLHCvGTyoBxR4Oasr4raSHpFbVjqn7d8,193
 GuardianUnivalle_Benito_Yucra/puntuacion/puntuacion_amenaza.py,sha256=Wx5XfcII4oweLvZsTBEJ7kUc9pMpP5-36RfI5C5KJXo,561
-guardianunivalle_benito_yucra-0.1.11.dist-info/licenses/LICENSE,sha256=5e4IdL542v1E8Ft0A24GZjrxZeTsVK7XrS3mZEUhPtM,37
-guardianunivalle_benito_yucra-0.1.11.dist-info/METADATA,sha256=yvOtVZ2eIA8Ztxo2_FjVU97mGetiT8KEr1QQ1iDHExA,1893
-guardianunivalle_benito_yucra-0.1.11.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-guardianunivalle_benito_yucra-0.1.11.dist-info/top_level.txt,sha256=HTWfZM64WAV_QYr5cnXnLuabQt92dvlxqlR3pCwpbDQ,30
-guardianunivalle_benito_yucra-0.1.11.dist-info/RECORD,,
+guardianunivalle_benito_yucra-0.1.12.dist-info/licenses/LICENSE,sha256=5e4IdL542v1E8Ft0A24GZjrxZeTsVK7XrS3mZEUhPtM,37
+guardianunivalle_benito_yucra-0.1.12.dist-info/METADATA,sha256=wUUpR44XgfP7gLoBeBQoSxZ72f_gJuZ1EGDT6NJriRs,1893
+guardianunivalle_benito_yucra-0.1.12.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+guardianunivalle_benito_yucra-0.1.12.dist-info/top_level.txt,sha256=HTWfZM64WAV_QYr5cnXnLuabQt92dvlxqlR3pCwpbDQ,30
+guardianunivalle_benito_yucra-0.1.12.dist-info/RECORD,,