Remove shell injection detection algo (#76)

* Remove shell injection detection algo Let's add back when it's 100% * Fix assertion in wasm smoke test * Add dialect
AikidoSec · Feb 7, 2025 · 72bf79b · 72bf79b
1 parent 02fea7b
commit 72bf79b
Show file tree

Hide file tree

Showing 12 changed files with 8 additions and 987 deletions.
diff --git a/README.md b/README.md
@@ -14,13 +14,16 @@ import ctypes
 zen_internals = ctypes.CDLL("target/release/libzen_internals.so")
 
 if __name__ == "__main__":
-    command = "whoami | shell".encode("utf-8")
-    userinput = "whoami".encode("utf-8")
-    result = zen_internals.detect_shell_injection(command, userinput)
+    query = "SELECT * FROM users WHERE id = '' OR 1=1 -- '".encode("utf-8")
+    userinput = "' OR 1=1 -- ".encode("utf-8")
+    dialect = 9 # MySQL dialect
+    result = zen_internals.detect_sql_injection(command, userinput, dialect)
     print("Result", bool(result))
 ```
 
-## Node.js bindings
+See [list of dialects](https://github.com/AikidoSec/zen-internals/blob/main/src/sql_injection/helpers/select_dialect_based_on_enum.rs#L18)
+
+## Node.js bindings (using WASM)
 
 ### Install
 

diff --git a/smoketests/wasm.js b/smoketests/wasm.js
@@ -3,7 +3,7 @@ const { equal } = require("node:assert");
 
 equal(internals.wasm_detect_sql_injection("SELECT * FROM users WHERE id = '' OR 1=1 -- '", "' OR 1=1 -- ", 0), true);
 
-equal(internals.wasm_detect_shell_injection("SELECT * FROM users WHERE id = 'hello world'", 'hello world'), false);
+equal(internals.wasm_detect_sql_injection("SELECT * FROM users WHERE id = 'hello world'", 'hello world'), false);
 
 equal(internals.wasm_detect_js_injection("const test = 'Hello World!'; //';", "Hello World!'; //", 0), true);
 

diff --git a/src/ffi_bindings/mod.rs b/src/ffi_bindings/mod.rs
@@ -1,38 +1,10 @@
 use crate::js_injection::detect_js_injection::detect_js_injection_str;
-use crate::shell_injection::detect_shell_injection::detect_shell_injection_stringified;
 use crate::sql_injection::detect_sql_injection::detect_sql_injection_str;
 use std::ffi::CStr;
 use std::os::raw::{c_char, c_int};
 use std::panic;
 use std::str;
 
-#[no_mangle]
-pub extern "C" fn detect_shell_injection(
-    command: *const c_char,
-    userinput: *const c_char,
-) -> c_int {
-    // Returns an integer value, representing a boolean (1 = true, 0 = false, 2 = error)
-    return panic::catch_unwind(|| {
-        // Check if the pointers are null
-        if command.is_null() || userinput.is_null() {
-            return 2;
-        }
-
-        let command_bytes = unsafe { CStr::from_ptr(command).to_bytes() };
-        let userinput_bytes = unsafe { CStr::from_ptr(userinput).to_bytes() };
-
-        let command_str = str::from_utf8(command_bytes).unwrap();
-        let userinput_str = str::from_utf8(userinput_bytes).unwrap();
-
-        if detect_shell_injection_stringified(command_str, userinput_str) {
-            return 1;
-        }
-
-        return 0;
-    })
-    .unwrap_or(2);
-}
-
 #[no_mangle]
 pub extern "C" fn detect_sql_injection(
     query: *const c_char,

diff --git a/src/lib.rs b/src/lib.rs
@@ -4,7 +4,6 @@
  * - SQL Injection
  */
 mod helpers;
-mod shell_injection;
 
 // FFI Bindings
 pub mod ffi_bindings;

diff --git a/src/shell_injection/contains_shell_syntax.rs b/src/shell_injection/contains_shell_syntax.rs