indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Check for bad cookies

main
bashrc 2026-04-05 17:18:25 +01:00
parent 516b1cf911
commit 9ed7f28ba6
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
httpheaders.py
View File

@ -275,8 +275,17 @@ def contains_suspicious_headers(headers: {}) -> bool:
'think-lang' in headers or \ 'think-lang' in headers or \
'Think-lang' in headers: 'Think-lang' in headers:
return True return True
headers_str = str(headers) headers_str = str(headers)
sus_strings = ('../../', '.php/', 'index.php', 'passwd=', 'PHPSESSID') sus_strings = ('../../', '.php/', 'index.php', 'passwd=', 'PHPSESSID')
if string_contains(headers_str, sus_strings): if string_contains(headers_str, sus_strings):
return True return True
# check for bad cookies
if 'Cookie:' in headers_str:
cookie_str = headers_str.split('Cookie:')[1]
if '=' in cookie_str:
cookie_name = cookie_str.split('=')[0].strip()
if cookie_name != 'epicyon':
return True
return False return False