Rust bindings for libinjection

Last update: Sep 24, 2022

Overview

libinjection-rs

Rust bindings for libinjection.

How to use

Add libinjection to dependencies of Cargo.toml:

libinjection = "0.2"

Import crate:

extern crate libinjection;

use libinjection::{sqli, xss};

Examples

SQLi Detection:

let (is_sqli, fingerprint) = sqli("' OR '1'='1' --").unwrap();
assert!(is_sqli);
assert_eq!("s&sos", fingerprint);

Fingerprints: Please refer to fingerprints.txt.

XSS Detection:

let is_xss = xss("<script type='text/javascript'>alert('xss');</script>").unwrap();
assert!(is_xss);

Comments

Panicked at 'called Option::unwrap() on a None value'

Hi,

The error happens when compiling this code.

I tried this code

$ src/main.rs

extern crate libinjection;
use std::str;
use libinjection::{xss};

fn main() {

    let _b = "OVJtAFc=";
    let bytes = base64::decode(_b).unwrap();
    let _ok = str::from_utf8(&bytes).unwrap();
    let _is_ok = xss(_ok).unwrap();
    println!("{}", _is_ok); 

}

$ Cargo.toml                                                                                                                                                      1 ⨯
[package]
name = "new"
version = "0.1.0"
edition = "2021"

# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[dependencies]
libinjection = "0.2"
base64 = "0.13.0"

Meta

rustc --version --verbose:

rustc 1.58.1 (db9d1b20b 2022-01-20)
binary: rustc
commit-hash: db9d1b20bba1968c1ec1fc49616d4742c1725b4b
commit-date: 2022-01-20
host: x86_64-unknown-linux-gnu
release: 1.58.1
LLVM version: 13.0.0

Backtrace

# cargo run
   Compiling new v0.1.0 (/home/kali/new)
    Finished dev [unoptimized + debuginfo] target(s) in 0.46s
     Running `target/debug/new`
thread 'main' panicked at 'called `Option::unwrap()` on a `None` value', src/main.rs:11:27
stack backtrace:
   0:     0x563858ee94dc - std::backtrace_rs::backtrace::libunwind::trace::h09f7e4e089375279
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/../../backtrace/src/backtrace/libunwind.rs:93:5
   1:     0x563858ee94dc - std::backtrace_rs::backtrace::trace_unsynchronized::h1ec96f1c7087094e
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/../../backtrace/src/backtrace/mod.rs:66:5
   2:     0x563858ee94dc - std::sys_common::backtrace::_print_fmt::h317b71fc9a5cf964
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:67:5
   3:     0x563858ee94dc - <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt::he3555b48e7dfe7f0
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:46:22
   4:     0x563858f0372c - core::fmt::write::h513b07ca38f4fb1b
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/core/src/fmt/mod.rs:1149:17
   5:     0x563858ee6c65 - std::io::Write::write_fmt::haf8c932b52111354
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/io/mod.rs:1697:15
   6:     0x563858eeac30 - std::sys_common::backtrace::_print::h195c38364780a303
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:49:5
   7:     0x563858eeac30 - std::sys_common::backtrace::print::hc09dfdea923b6730
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:36:9
   8:     0x563858eeac30 - std::panicking::default_hook::{{closure}}::hb2e38ec0d91046a3
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:211:50
   9:     0x563858eea7e5 - std::panicking::default_hook::h60284635b0ad54a8
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:228:9
  10:     0x563858eeb2e4 - std::panicking::rust_panic_with_hook::ha677a669fb275654
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:606:17
  11:     0x563858eead92 - std::panicking::begin_panic_handler::{{closure}}::h976246fb95d93c31
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:500:13
  12:     0x563858ee9984 - std::sys_common::backtrace::__rust_end_short_backtrace::h38077ee5b7b9f99a
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:139:18
  13:     0x563858eead29 - rust_begin_unwind
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:498:5
  14:     0x563858ec3da1 - core::panicking::panic_fmt::h35f3a62252ba0fd2
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/core/src/panicking.rs:107:14
  15:     0x563858ec3ced - core::panicking::panic::h86fc01e270142a61
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/core/src/panicking.rs:48:5
  16:     0x563858eccb3e - core::option::Option<T>::unwrap::hd8f9d23cad4cf60f
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/core/src/option.rs:746:21
  17:     0x563858ecc921 - new::main::h21ff5125dd81b9ee
                               at /home/kali/Desktop/source_code_fuzzing_course/Chapter06/arvancloud_libinjection/new/src/main.rs:11:18
  18:     0x563858ecd02b - core::ops::function::FnOnce::call_once::h0c7e75edaedfd0f5
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/core/src/ops/function.rs:227:5
  19:     0x563858eccc5e - std::sys_common::backtrace::__rust_begin_short_backtrace::hc3ffef76f0ea0d5c
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:123:18
  20:     0x563858ecca71 - std::rt::lang_start::{{closure}}::h1086c611fdc767a2
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/rt.rs:145:18
  21:     0x563858ee916b - core::ops::function::impls::<impl core::ops::function::FnOnce<A> for &F>::call_once::h7e688d7cdfeb7e00
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/core/src/ops/function.rs:259:13
  22:     0x563858ee916b - std::panicking::try::do_call::h4be824d2350b44c9
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:406:40
  23:     0x563858ee916b - std::panicking::try::h0a6fc7affbe5088d
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:370:19
  24:     0x563858ee916b - std::panic::catch_unwind::h22c320f732ec805e
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panic.rs:133:14
  25:     0x563858ee916b - std::rt::lang_start_internal::{{closure}}::hd38309c108fe679d
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/rt.rs:128:48
  26:     0x563858ee916b - std::panicking::try::do_call::h8fcaf501f097a28e
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:406:40
  27:     0x563858ee916b - std::panicking::try::h20e906825f98acc1
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:370:19
  28:     0x563858ee916b - std::panic::catch_unwind::h8c5234dc632124ef
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panic.rs:133:14
  29:     0x563858ee916b - std::rt::lang_start_internal::hc4dd8cd3ec4518c2
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/rt.rs:128:20
  30:     0x563858ecca40 - std::rt::lang_start::hd2a340c49054275a
                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/rt.rs:144:17
  31:     0x563858ecca0c - main
  32:     0x7f4443e217ed - __libc_start_main
  33:     0x563858ec44ca - _start
  34:                0x0 - <unknown>

Thanks, Ramin,

opened by raminfp 0

Change bindings to build from newer libinjection fork

The current version of libinjection is built from client9/libinjection which was last updated on Mar 12, 2018.

There is a newer fork libinjection/libinjection which, at the time of writing, has a few changes and bug fixes, with the latest commit being 14 days ago.

opened by veeshi 1

build error on mac os

When I try to build on my machine (macOS 10.14.6, rustc 1.40.0-nightly).

I get an unable to clone libinjection error. I've included a trace below, but wondering if there are any special steps I need to take to get it to build locally? Thanks!

 ✘  ~/code/libinjection-rs   master  cargo build
   Compiling libinjection v0.1.1 (/Users/me/code/libinjection-rs)
error: failed to run custom build command for `libinjection v0.1.1 (/Users/me/code/libinjection-rs)`

Caused by:
  process didn't exit successfully: `/Users/me/code/libinjection-rs/target/debug/build/libinjection-e6642227de8a378d/build-script-build` (exit code: 101)
--- stderr
thread 'main' panicked at 'unable to clone libinjection', build.rs:54:9
stack backtrace:
   0: backtrace::backtrace::libunwind::trace
             at /Users/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.40/src/backtrace/libunwind.rs:88
   1: backtrace::backtrace::trace_unsynchronized
             at /Users/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.40/src/backtrace/mod.rs:66
   2: std::sys_common::backtrace::_print_fmt
             at src/libstd/sys_common/backtrace.rs:77
   3: <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt
             at src/libstd/sys_common/backtrace.rs:61
   4: core::fmt::write
             at src/libcore/fmt/mod.rs:1028
   5: std::io::Write::write_fmt
             at src/libstd/io/mod.rs:1412
   6: std::sys_common::backtrace::_print
             at src/libstd/sys_common/backtrace.rs:65
   7: std::sys_common::backtrace::print
             at src/libstd/sys_common/backtrace.rs:50
   8: std::panicking::default_hook::{{closure}}
             at src/libstd/panicking.rs:188
   9: std::panicking::default_hook
             at src/libstd/panicking.rs:205
  10: std::panicking::rust_panic_with_hook
             at src/libstd/panicking.rs:464
  11: std::panicking::begin_panic
             at /rustc/38048763e885a3ee139abf39d59a530b16484150/src/libstd/panicking.rs:400
  12: build_script_build::main
             at ./build.rs:54

opened by jspeis 0

[SECURITY] Possible DOM Base XSS

Hi,

Methods for bypass libinjection-rs of DOM base XSS

1- javascript:alert(eval("2*3"));

Senario

PoC : http://example.com/?returnURL=javascript:alert(1);

          var redirectUrl = getUrlParameter('returnURL');
          window.parent.location.href = redirectUrl;

2- a tag when user click button and trigger alert :).

	 <a href="javascript:alert(1);"> click me </a>

3- title value

     `<img id="testz" title="javascript:alert(1)">`

        <script>
         document.location.href=window.testz.title;
        </script>

Real example :

DOM XSS

source image : https://twitter.com/Milad_Bahari/status/990539191544156160

Source

[dependencies]
json = "0.11.13"
libinjection = "0.1"

#[macro_use]
extern crate json;
extern crate libinjection;

use libinjection::{xss};


fn main() {
    let data = object!{
        "foo" => "javascript:alert(1);",
    };

    let is_xss = xss("javascript:alert(1);").unwrap();
    let is_xss_2 = xss(&data.dump()).unwrap();
    let is_xss_3 = xss("<img id='testz' title='javascript:alert(1)'>").unwrap();
    
    println!("{}", data); 
    println!("{}", is_xss); // false
    println!("{}", is_xss_2); // false
    println!("{}", is_xss_3); // false

}

Thanks, Ramin - kernel security engineering Best regards,

opened by raminfp 1

[SECURITY] Undetectable Time-Base Injection
Hi,

libinection-rs unable to detect time base sql inection,

1 - Payload 1'=sleep(10)='1

let (is_sqli, fingerprint) = sqli("1'=sleep(10)='1").unwrap(); assert!(is_sqli); // false assert_eq!("s&sos", fingerprint);

2- Payloads used to determine database version '=IF(MID(VERSION(),1,1)=1,SLEEP(10),0)='1

let (is_sqli, fingerprint) = sqli("'=IF(MID(VERSION(),1,1)=1,SLEEP(10),0)='1").unwrap(); assert!(is_sqli); // false assert_eq!("s&sos", fingerprint);

Thanks, Ramin - kernel security engineering Best regards,
opened by raminfp 1

Owner

ArvanCloud

GitHub https://crates.io/crates/libinjection

Rust bindings for VirusTotal/Yara

yara-rust Bindings for the Yara library from VirusTotal. More documentation can be found on the Yara's documentation. Example The implementation is in

43 Dec 17, 2022

Rust bindings for the unicorn CPU emulator

unicorn-rs THIS PACKAGE IS DEPRECATED AND NO LONGER MAINTAINED. Rust bindings are now included with unicorn and will be maintained there from now on.

129 Oct 10, 2022

Bindings to the macOS Security.framework

macOS/iOS Security framework for Rust Documentation Bindings to the Apple's Security.framework. Allows use of TLS and Keychain from Rust. License Lice

172 Jan 2, 2023

Detects usage of unsafe Rust in a Rust crate and its dependencies.

cargo-geiger ☢️ Looking for maintainer: https://github.com/rust-secure-code/cargo-geiger/issues/210 A program that lists statistics related to the usa

1.1k Jan 4, 2023

Rust-verification-tools - RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.

Rust verification tools This is a collection of tools/libraries to support both static and dynamic verification of Rust programs. We see static verifi