Linux kali 5.10.0-kali9-amd64 #1 SMP Debian 5.10.46-4kali1 (2021-08-09) x86_64 GNU/Linux
Python
python -V
Python 3.9.7
Cobra
python kunlun.py
v2.6.3
Description
When running python3 kunlun.py console, there is an alert showing that rules in files and in the database are different.
And I never change the rule file.
It looks like in database double quotation marks " are escaped and the comparison process goes wrong.
[06:58:14] [INIT][Load Rules] Check Rule CVI_10001 Reflected XSS
[06:58:14] [INIT][Rule Check] CVI_10001 config match has changed:
[06:58:14] [INIT][Rule Check] match in Rule File is (echo\s?['"]?(.+?)?\$(.+?)?['"]?(.+?)?;)
[06:58:14] [INIT][Rule Check] match in Database is (echo\s?['\"]?(.+?)?\$(.+?)?['\"]?(.+?)?;)
[06:58:14] [INIT][Rule Check] whether load new match from Rule File(Y/N): <--------------------------- HERE!
N
[06:58:21] [INIT][Load Rules] Check Rule CVI_1007 RFI
[06:58:21] [INIT][Load Rules] Check Rule CVI_1013 URL Redirector Abuse
[06:58:21] [INIT][Load Rules] Check Rule CVI_1005 SQLI
LoRexxar
commented
2 years ago
System and Python Environment
uname -apython -Vpython kunlun.pyDescription
When running
python3 kunlun.py console, there is an alert showing that rules in files and in the database are different. And I never change the rule file.It looks like in database double quotation marks
"are escaped and the comparison process goes wrong.