GuardianUnivalle-Benito-Yucra 0.1.27__tar.gz → 0.1.29__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of GuardianUnivalle-Benito-Yucra might be problematic. Click here for more details.
- guardianunivalle_benito_yucra-0.1.29/GuardianUnivalle_Benito_Yucra/detectores/detector_xss.py +139 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra.egg-info/PKG-INFO +1 -1
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/PKG-INFO +1 -1
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/pyproject.toml +1 -1
- guardianunivalle_benito_yucra-0.1.27/GuardianUnivalle_Benito_Yucra/detectores/detector_xss.py +0 -21
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra/__init__.py +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra/auditoria/registro_auditoria.py +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra/criptografia/cifrado_aead.py +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra/criptografia/intercambio_claves.py +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra/criptografia/kdf.py +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra/detectores/detector_csrf.py +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra/detectores/detector_dos.py +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra/detectores/detector_keylogger.py +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra/middleware_web/middleware_web.py +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra/mitigacion/limitador_peticion.py +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra/mitigacion/lista_bloqueo.py +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra/puntuacion/puntuacion_amenaza.py +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra/utilidades.py +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra.egg-info/SOURCES.txt +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra.egg-info/dependency_links.txt +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra.egg-info/requires.txt +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/GuardianUnivalle_Benito_Yucra.egg-info/top_level.txt +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/LICENSE +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/README.md +0 -0
- {guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/setup.cfg +0 -0
|
@@ -0,0 +1,139 @@
|
|
|
1
|
+
from __future__ import annotations
|
|
2
|
+
import json
|
|
3
|
+
import logging
|
|
4
|
+
import re
|
|
5
|
+
from typing import List, Tuple
|
|
6
|
+
from django.conf import settings
|
|
7
|
+
from django.utils.deprecation import MiddlewareMixin
|
|
8
|
+
|
|
9
|
+
# Logger
|
|
10
|
+
logger = logging.getLogger("xssdefense")
|
|
11
|
+
logger.setLevel(logging.INFO)
|
|
12
|
+
if not logger.handlers:
|
|
13
|
+
handler = logging.StreamHandler()
|
|
14
|
+
handler.setFormatter(logging.Formatter("%(asctime)s - %(levelname)s - %(message)s"))
|
|
15
|
+
logger.addHandler(handler)
|
|
16
|
+
|
|
17
|
+
# Intentar usar bleach si está disponible
|
|
18
|
+
try:
|
|
19
|
+
import bleach
|
|
20
|
+
|
|
21
|
+
_BLEACH_AVAILABLE = True
|
|
22
|
+
except Exception:
|
|
23
|
+
_BLEACH_AVAILABLE = False
|
|
24
|
+
|
|
25
|
+
# Patrones de detección XSS
|
|
26
|
+
XSS_PATTERNS: List[Tuple[re.Pattern, str]] = [
|
|
27
|
+
(re.compile(r"<\s*script\b", re.I), "Etiqueta <script>"),
|
|
28
|
+
(re.compile(r"on\w+\s*=", re.I), "Atributo evento (on*)"),
|
|
29
|
+
(re.compile(r"javascript:\s*", re.I), "URI javascript:"),
|
|
30
|
+
(re.compile(r"<\s*iframe\b", re.I), "Etiqueta <iframe>"),
|
|
31
|
+
(re.compile(r"<\s*embed\b", re.I), "Etiqueta <embed>"),
|
|
32
|
+
]
|
|
33
|
+
|
|
34
|
+
|
|
35
|
+
# Funciones auxiliares
|
|
36
|
+
def detect_xss_text(text: str) -> Tuple[bool, List[str]]:
|
|
37
|
+
matches: List[str] = []
|
|
38
|
+
if not text:
|
|
39
|
+
return False, matches
|
|
40
|
+
for patt, message in XSS_PATTERNS:
|
|
41
|
+
if patt.search(text):
|
|
42
|
+
matches.append(message)
|
|
43
|
+
return len(matches) > 0, matches
|
|
44
|
+
|
|
45
|
+
|
|
46
|
+
def sanitize_input_basic(text: str) -> str:
|
|
47
|
+
if text is None:
|
|
48
|
+
return text
|
|
49
|
+
if _BLEACH_AVAILABLE:
|
|
50
|
+
return bleach.clean(text, tags=[], attributes={}, protocols=[], strip=True)
|
|
51
|
+
replacements = [
|
|
52
|
+
("&", "&"),
|
|
53
|
+
("<", "<"),
|
|
54
|
+
(">", ">"),
|
|
55
|
+
('"', """),
|
|
56
|
+
("'", "'"),
|
|
57
|
+
("/", "/"),
|
|
58
|
+
]
|
|
59
|
+
result = text
|
|
60
|
+
for old, new in replacements:
|
|
61
|
+
result = result.replace(old, new)
|
|
62
|
+
return result
|
|
63
|
+
|
|
64
|
+
|
|
65
|
+
def extract_payload_text(request) -> str:
|
|
66
|
+
parts: List[str] = []
|
|
67
|
+
try:
|
|
68
|
+
ct = request.META.get("CONTENT_TYPE", "")
|
|
69
|
+
if "application/json" in ct:
|
|
70
|
+
parts.append(
|
|
71
|
+
json.dumps(
|
|
72
|
+
json.loads(request.body.decode("utf-8") or "{}"), ensure_ascii=False
|
|
73
|
+
)
|
|
74
|
+
)
|
|
75
|
+
else:
|
|
76
|
+
parts.append(request.body.decode("utf-8", errors="ignore"))
|
|
77
|
+
except Exception:
|
|
78
|
+
pass
|
|
79
|
+
qs = request.META.get("QUERY_STRING", "")
|
|
80
|
+
if qs:
|
|
81
|
+
parts.append(qs)
|
|
82
|
+
parts.append(request.META.get("HTTP_USER_AGENT", ""))
|
|
83
|
+
parts.append(request.META.get("HTTP_REFERER", ""))
|
|
84
|
+
return " ".join([p for p in parts if p])
|
|
85
|
+
|
|
86
|
+
|
|
87
|
+
# Middleware XSS
|
|
88
|
+
class XSSDefenseMiddleware(MiddlewareMixin):
|
|
89
|
+
"""
|
|
90
|
+
Middleware Django que detecta XSS en IPs no confiables.
|
|
91
|
+
Solo marca el ataque en request.sql_attack_info para que
|
|
92
|
+
AuditoriaMiddleware lo registre y bloquee.
|
|
93
|
+
"""
|
|
94
|
+
|
|
95
|
+
def process_request(self, request):
|
|
96
|
+
trusted_ips: List[str] = getattr(settings, "XSS_DEFENSE_TRUSTED_IPS", [])
|
|
97
|
+
ip = request.META.get("REMOTE_ADDR", "")
|
|
98
|
+
if ip in trusted_ips:
|
|
99
|
+
return None # IP confiable → no analizar
|
|
100
|
+
|
|
101
|
+
excluded_paths: List[str] = getattr(settings, "XSS_DEFENSE_EXCLUDED_PATHS", [])
|
|
102
|
+
if any(request.path.startswith(p) for p in excluded_paths):
|
|
103
|
+
return None
|
|
104
|
+
|
|
105
|
+
payload = extract_payload_text(request)
|
|
106
|
+
if not payload:
|
|
107
|
+
return None
|
|
108
|
+
|
|
109
|
+
flagged, matches = detect_xss_text(payload)
|
|
110
|
+
if not flagged:
|
|
111
|
+
return None
|
|
112
|
+
|
|
113
|
+
logger.warning(
|
|
114
|
+
"XSS detectado desde IP %s: %s ; payload truncated: %.200s",
|
|
115
|
+
ip,
|
|
116
|
+
matches,
|
|
117
|
+
payload,
|
|
118
|
+
)
|
|
119
|
+
|
|
120
|
+
# Solo marcamos el ataque, no bloqueamos aquí
|
|
121
|
+
request.sql_attack_info = {
|
|
122
|
+
"ip": ip,
|
|
123
|
+
"tipos": ["XSS"],
|
|
124
|
+
"descripcion": matches,
|
|
125
|
+
"payload": payload,
|
|
126
|
+
}
|
|
127
|
+
|
|
128
|
+
return None
|
|
129
|
+
|
|
130
|
+
|
|
131
|
+
"""
|
|
132
|
+
Algoritmos relacionados:
|
|
133
|
+
*Guardar entradas sospechosas con AES-GCM para confidencialidad y autenticidad.
|
|
134
|
+
Contribución a fórmula de amenaza S:
|
|
135
|
+
S_xss = w_xss * detecciones_xss
|
|
136
|
+
S_xss = 0.3 * 2
|
|
137
|
+
donde w_xss es peso asignado a XSS y detecciones_xss es la cantidad de patrones detectados.
|
|
138
|
+
|
|
139
|
+
"""
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: GuardianUnivalle-Benito-Yucra
|
|
3
|
-
Version: 0.1.
|
|
3
|
+
Version: 0.1.29
|
|
4
4
|
Summary: Middleware y detectores de seguridad (SQLi, XSS, CSRF, DoS, Keylogger) para Django/Flask
|
|
5
5
|
Author-email: Andres Benito Calle Yucra <benitoandrescalle035@gmail.com>
|
|
6
6
|
License: MIT
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: GuardianUnivalle-Benito-Yucra
|
|
3
|
-
Version: 0.1.
|
|
3
|
+
Version: 0.1.29
|
|
4
4
|
Summary: Middleware y detectores de seguridad (SQLi, XSS, CSRF, DoS, Keylogger) para Django/Flask
|
|
5
5
|
Author-email: Andres Benito Calle Yucra <benitoandrescalle035@gmail.com>
|
|
6
6
|
License: MIT
|
{guardianunivalle_benito_yucra-0.1.27 → guardianunivalle_benito_yucra-0.1.29}/pyproject.toml
RENAMED
|
@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
|
|
|
4
4
|
|
|
5
5
|
[project]
|
|
6
6
|
name = "GuardianUnivalle-Benito-Yucra" # usar mayúsculas consistente
|
|
7
|
-
version = "0.1.
|
|
7
|
+
version = "0.1.29"
|
|
8
8
|
description = "Middleware y detectores de seguridad (SQLi, XSS, CSRF, DoS, Keylogger) para Django/Flask"
|
|
9
9
|
authors = [
|
|
10
10
|
{ name = "Andres Benito Calle Yucra", email = "benitoandrescalle035@gmail.com" }
|
guardianunivalle_benito_yucra-0.1.27/GuardianUnivalle_Benito_Yucra/detectores/detector_xss.py
DELETED
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
import html
|
|
2
|
-
from ..auditoria.registro_auditoria import registrar_evento
|
|
3
|
-
|
|
4
|
-
def sanitizar_xss(entrada: str) -> str:
|
|
5
|
-
return html.escape(entrada)
|
|
6
|
-
|
|
7
|
-
def detectar_xss(entrada: str) -> bool:
|
|
8
|
-
patrones = ["<script", "javascript:", "onerror", "onload"]
|
|
9
|
-
if any(p in entrada.lower() for p in patrones):
|
|
10
|
-
registrar_evento("XSS", f"Ataque detectado: {entrada}")
|
|
11
|
-
return True
|
|
12
|
-
return False
|
|
13
|
-
"""
|
|
14
|
-
Algoritmos relacionados:
|
|
15
|
-
*Guardar entradas sospechosas con AES-GCM para confidencialidad y autenticidad.
|
|
16
|
-
Contribución a fórmula de amenaza S:
|
|
17
|
-
S_xss = w_xss * detecciones_xss
|
|
18
|
-
S_xss = 0.3 * 2
|
|
19
|
-
donde w_xss es peso asignado a XSS y detecciones_xss es la cantidad de patrones detectados.
|
|
20
|
-
|
|
21
|
-
"""
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|