GuardianUnivalle-Benito-Yucra 0.1.5__py3-none-any.whl → 0.1.7__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of GuardianUnivalle-Benito-Yucra might be problematic. Click here for more details.
- GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py +49 -6
- {guardianunivalle_benito_yucra-0.1.5.dist-info → guardianunivalle_benito_yucra-0.1.7.dist-info}/METADATA +1 -1
- {guardianunivalle_benito_yucra-0.1.5.dist-info → guardianunivalle_benito_yucra-0.1.7.dist-info}/RECORD +6 -6
- {guardianunivalle_benito_yucra-0.1.5.dist-info → guardianunivalle_benito_yucra-0.1.7.dist-info}/WHEEL +0 -0
- {guardianunivalle_benito_yucra-0.1.5.dist-info → guardianunivalle_benito_yucra-0.1.7.dist-info}/licenses/LICENSE +0 -0
- {guardianunivalle_benito_yucra-0.1.5.dist-info → guardianunivalle_benito_yucra-0.1.7.dist-info}/top_level.txt +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
# middleware_sql_defense.py
|
|
2
1
|
import re
|
|
3
2
|
import json
|
|
3
|
+
import time
|
|
4
4
|
from typing import Tuple
|
|
5
5
|
from django.http import JsonResponse
|
|
6
6
|
from django.utils.deprecation import MiddlewareMixin
|
|
@@ -11,11 +11,14 @@ PATTERNS = [
|
|
|
11
11
|
re.compile(r"\bunion\b\s+(all\s+)?\bselect\b", re.I),
|
|
12
12
|
"Intento de UNION SELECT detectado",
|
|
13
13
|
),
|
|
14
|
-
(re.compile(r"or\s+\d+\s*=\s*\d+", re.I), "Intento de OR 1=1 detectado"),
|
|
15
14
|
(
|
|
16
|
-
re.compile(r"\
|
|
15
|
+
re.compile(r"\bselect\b.*\bfrom\b.*\bwhere\b.*\b(or|and)\b.*=", re.I),
|
|
17
16
|
"Intento de SELECT con OR/AND detectado",
|
|
18
17
|
),
|
|
18
|
+
(
|
|
19
|
+
re.compile(r"\b(or|and)\s+\d+\s*=\s*\d+", re.I),
|
|
20
|
+
"Intento de OR/AND 1=1 detectado",
|
|
21
|
+
),
|
|
19
22
|
(
|
|
20
23
|
re.compile(r"\b(drop|truncate|delete|insert|update)\b", re.I),
|
|
21
24
|
"Intento de manipulación de tabla detectado",
|
|
@@ -24,12 +27,17 @@ PATTERNS = [
|
|
|
24
27
|
re.compile(r"(--|#|;)", re.I),
|
|
25
28
|
"Comentario o terminador de sentencia sospechoso detectado",
|
|
26
29
|
),
|
|
30
|
+
(re.compile(r"exec\s*\(", re.I), "Intento de ejecución de procedimiento detectado"),
|
|
27
31
|
]
|
|
28
32
|
|
|
33
|
+
# ---------- Bloqueo temporal por IP ----------
|
|
34
|
+
TEMP_BLOCK = {} # {ip: timestamp}
|
|
35
|
+
BLOCK_DURATION = 30 # segundos
|
|
36
|
+
|
|
29
37
|
|
|
30
38
|
# ---------- Helpers ----------
|
|
31
39
|
def extract_payload_text(request) -> str:
|
|
32
|
-
"""Extrae
|
|
40
|
+
"""Extrae todo el contenido que podría contener inyecciones"""
|
|
33
41
|
parts = []
|
|
34
42
|
# Query params
|
|
35
43
|
if request.META.get("QUERY_STRING"):
|
|
@@ -59,16 +67,51 @@ def detect_sqli_text(text: str) -> Tuple[bool, list]:
|
|
|
59
67
|
return (len(matches) > 0, matches)
|
|
60
68
|
|
|
61
69
|
|
|
70
|
+
def get_client_ip(request):
|
|
71
|
+
"""Obtiene la IP del cliente"""
|
|
72
|
+
x_forwarded_for = request.META.get("HTTP_X_FORWARDED_FOR")
|
|
73
|
+
if x_forwarded_for:
|
|
74
|
+
ip = x_forwarded_for.split(",")[0]
|
|
75
|
+
else:
|
|
76
|
+
ip = request.META.get("REMOTE_ADDR")
|
|
77
|
+
return ip
|
|
78
|
+
|
|
79
|
+
|
|
62
80
|
# ---------- Middleware ----------
|
|
63
|
-
class
|
|
81
|
+
class SQLIDefenseStrongMiddleware(MiddlewareMixin):
|
|
64
82
|
def process_request(self, request):
|
|
83
|
+
client_ip = get_client_ip(request)
|
|
84
|
+
|
|
85
|
+
# Revisa si la IP está temporalmente bloqueada
|
|
86
|
+
if client_ip in TEMP_BLOCK:
|
|
87
|
+
if time.time() - TEMP_BLOCK[client_ip] < BLOCK_DURATION:
|
|
88
|
+
return JsonResponse(
|
|
89
|
+
{
|
|
90
|
+
"detail": "Acceso temporalmente bloqueado por actividad sospechosa",
|
|
91
|
+
"alerts": ["IP bloqueada temporalmente"],
|
|
92
|
+
},
|
|
93
|
+
status=403,
|
|
94
|
+
)
|
|
95
|
+
else:
|
|
96
|
+
del TEMP_BLOCK[client_ip]
|
|
97
|
+
|
|
65
98
|
text = extract_payload_text(request)
|
|
66
99
|
if not text:
|
|
67
100
|
return None
|
|
68
101
|
|
|
69
102
|
flagged, matches = detect_sqli_text(text)
|
|
70
103
|
if flagged:
|
|
71
|
-
#
|
|
104
|
+
# Bloquea temporalmente la IP
|
|
105
|
+
TEMP_BLOCK[client_ip] = time.time()
|
|
106
|
+
# <-- Aquí puedes agregar la impresión o el log -->
|
|
107
|
+
print("IP detectada:", client_ip)
|
|
108
|
+
# O usando logging
|
|
109
|
+
import logging
|
|
110
|
+
|
|
111
|
+
logger = logging.getLogger(__name__)
|
|
112
|
+
logger.warning(
|
|
113
|
+
f"Intento de ataque detectado desde IP: {client_ip}, detalles: {matches}"
|
|
114
|
+
)
|
|
72
115
|
return JsonResponse(
|
|
73
116
|
{
|
|
74
117
|
"detail": "Request bloqueado: posible intento de inyección SQL detectado",
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: GuardianUnivalle-Benito-Yucra
|
|
3
|
-
Version: 0.1.
|
|
3
|
+
Version: 0.1.7
|
|
4
4
|
Summary: Middleware y detectores de seguridad (SQLi, XSS, CSRF, DoS, Keylogger) para Django/Flask
|
|
5
5
|
Author-email: Andres Benito Calle Yucra <benitoandrescalle035@gmail.com>
|
|
6
6
|
License: MIT
|
|
@@ -7,14 +7,14 @@ GuardianUnivalle_Benito_Yucra/criptografia/kdf.py,sha256=_sbepEY1qHEKga0ExrX2WRg
|
|
|
7
7
|
GuardianUnivalle_Benito_Yucra/detectores/detector_csrf.py,sha256=EAYfLkHuxGC5rXSu4mZJ4yZDCbwBpTX8xZWGKz7i5wA,692
|
|
8
8
|
GuardianUnivalle_Benito_Yucra/detectores/detector_dos.py,sha256=lMWmCw6nccCEnek53nVjpoBCeiBqLdrSXxqRuI7VP2I,696
|
|
9
9
|
GuardianUnivalle_Benito_Yucra/detectores/detector_keylogger.py,sha256=rEDG-Q_R56OsG2ypfHVBK7erolYjdvATnAxB3yvPXts,729
|
|
10
|
-
GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py,sha256=
|
|
10
|
+
GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py,sha256=A2zbd43LTxdYw31UsLdvpD4b7KTd-NHqo7cerRrpD-w,4067
|
|
11
11
|
GuardianUnivalle_Benito_Yucra/detectores/detector_xss.py,sha256=66V_xuxNOZEwluvWOT4-6pk5MJ3zWE1IwcVkBl7MZSg,719
|
|
12
12
|
GuardianUnivalle_Benito_Yucra/middleware_web/middleware_web.py,sha256=23pLLYqliUoMrIC6ZEwz3hKXeDjWfHSm9vYPWGmDDik,495
|
|
13
13
|
GuardianUnivalle_Benito_Yucra/mitigacion/limitador_peticion.py,sha256=ipMOebYhql-6mSyHs0ddYXOcXq9w8P_IXLlpiIqGncw,246
|
|
14
14
|
GuardianUnivalle_Benito_Yucra/mitigacion/lista_bloqueo.py,sha256=6AYWII4mrmwCLHCvGTyoBxR4Oasr4raSHpFbVjqn7d8,193
|
|
15
15
|
GuardianUnivalle_Benito_Yucra/puntuacion/puntuacion_amenaza.py,sha256=Wx5XfcII4oweLvZsTBEJ7kUc9pMpP5-36RfI5C5KJXo,561
|
|
16
|
-
guardianunivalle_benito_yucra-0.1.
|
|
17
|
-
guardianunivalle_benito_yucra-0.1.
|
|
18
|
-
guardianunivalle_benito_yucra-0.1.
|
|
19
|
-
guardianunivalle_benito_yucra-0.1.
|
|
20
|
-
guardianunivalle_benito_yucra-0.1.
|
|
16
|
+
guardianunivalle_benito_yucra-0.1.7.dist-info/licenses/LICENSE,sha256=5e4IdL542v1E8Ft0A24GZjrxZeTsVK7XrS3mZEUhPtM,37
|
|
17
|
+
guardianunivalle_benito_yucra-0.1.7.dist-info/METADATA,sha256=nHB-xrwVo5baOB8OlzIOTTs343O_hwIMO68M3tFC5yA,1892
|
|
18
|
+
guardianunivalle_benito_yucra-0.1.7.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
|
|
19
|
+
guardianunivalle_benito_yucra-0.1.7.dist-info/top_level.txt,sha256=HTWfZM64WAV_QYr5cnXnLuabQt92dvlxqlR3pCwpbDQ,30
|
|
20
|
+
guardianunivalle_benito_yucra-0.1.7.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|