Make pylint happy

Marven11 · Mar 15, 2024 · 5a02a20 · 5a02a20
1 parent 33a5674
commit 5a02a20
Show file tree

Hide file tree

Showing 7 changed files with 78 additions and 26 deletions.
diff --git a/fenjing/cli.py b/fenjing/cli.py
@@ -102,7 +102,7 @@ def do_submit_cmdexec(
     full_payload_gen_like: Union[FullPayloadGen, EvalArgsModePayloadGen],
 ) -> str:
     """使用FullPayloadGen生成shell命令payload, 然后使用submitter发送至对应服务器, 返回回显
-    如果cmd以%>开头，则将其作为fenjing内部命令解析
+    如果cmd以@开头，则将其作为fenjing内部命令解析
 
     内部命令如下：
     - get-config: 获得当前的config
@@ -111,7 +111,8 @@ def do_submit_cmdexec(
     Args:
         cmd (str): payload对应的命令
         submitter (Submitter): 实际发送请求的submitter
-        full_payload_gen_like (Union[FullPayloadGen, EvalArgsModePayloadGen]): 生成payload的FullPayloadGen
+        full_payload_gen_like (Union[FullPayloadGen, EvalArgsModePayloadGen]):
+            生成payload的FullPayloadGen
 
     Returns:
         str: 回显
@@ -471,6 +472,7 @@ def do_crack_eval_args(
 
 def add_options(options):
     """应用列表中的click option装饰器"""
+
     def decorator(f):
         for option in options:
             f = option(f)
@@ -487,7 +489,12 @@ def main():
 @main.command()
 @add_options(common_options_http)
 @add_options(common_options_cli)
-@click.option("--action", "-a", default=None, help="参数的提交路径，如果和URL中的路径不同则需要填入")
+@click.option(
+    "--action",
+    "-a",
+    default=None,
+    help="参数的提交路径，如果和URL中的路径不同则需要填入",
+)
 @click.option("--method", "-m", default="POST", help="参数的提交方式，默认为POST")
 @click.option("--inputs", "-i", required=True, help="所有参数，以逗号分隔")
 @click.option(

diff --git a/fenjing/config_payload.py b/fenjing/config_payload.py
@@ -2,7 +2,7 @@
 
 """
 
-from typing import Callable, Dict, Union
+from typing import Dict, Union
 
 from .const import CONFIG, WafFunc
 from .full_payload_gen import FullPayloadGen

diff --git a/fenjing/const.py b/fenjing/const.py
@@ -253,5 +253,5 @@ class AutoFix500Code(Enum):
     [65296, 65297, 65298, 65299, 65300, 65301, 65302, 65303, 65304, 65305],
 ]
 
-with open(CURRENT_FOLDER / "char_pattern.json") as f:
+with open(CURRENT_FOLDER / "char_pattern.json", encoding="utf-8") as f:
     CHAR_PATTERNS: Dict[str, Dict[str, str]] = json.load(f)
diff --git a/fenjing/context_vars.py b/fenjing/context_vars.py
@@ -9,6 +9,7 @@
 import re
 from .const import WafFunc, PythonEnvironment, SET_STMT_PATTERNS
 from .options import Options
+
 logger = logging.getLogger("context_vars")
 
 # 所有的上下文payload, 存储格式为: {payload: {变量名：变量值}}
@@ -44,7 +45,6 @@
         "ssbb": 556,
         "zzeb": 223,
     },
-
 }
 
 context_payloads_stmts_py3 = {
@@ -61,17 +61,14 @@
 context_payloads_exprs = {
     "lipsum()|urlencode|first": "%",
     "lipsum|escape|batch(22)|first|last": "_",
-
     "dict(x=x)|length": 1,
     "dict(x=x)|count": 1,
     "dict(a=x,b=x,c=x)|length": 3,
     "dict(a=x,b=x,c=x)|count": 3,
     "dict(aaaaa=x)|first|length": 5,
     "dict(aaaaa=x)|first|count": 5,
-
     "lipsum.__doc__|length": 43,
     "namespace.__doc__|length": 126,
-
     "joiner|urlencode|wordcount": 7,
     "namespace|escape|count": 46,
     "cycler|escape|urlencode|count": 65,
@@ -117,7 +114,16 @@
     "9": "q",
 }
 
-def digit_to_similiar_alpha(s: str):
+
+def digit_to_similiar_alpha(s: str) -> str:
+    """将字符串中的数字转换为形状类似的字母
+
+    Args:
+        s (str): 需要转换的字符串
+
+    Returns:
+        str: 转化结果
+    """
     for d, c in digit_looks_similiar.items():
         s = s.replace(d, c)
     return s
@@ -252,7 +258,6 @@ def add_payload(
         if check_waf and not self.waf(payload):
             return False
         if any(self.is_variable_exists(v) for v in variables):
-            # raise RuntimeError(f"Variables {[self.is_variable_exists(v) for v in variables]} exists!")
             return False
         if depends_on is not None:
             if not all(self.is_variable_exists(v) for v in depends_on):
@@ -265,7 +270,18 @@ def add_payload(
         self.context_payloads[payload] = variables
         return True
 
-    def get_payload(self, used_context: Context):
+    def get_payload(self, used_context: Context) -> str:
+        """根据使用了的变量生成对应的payload
+
+        Args:
+            used_context (Context): 使用了的变量
+
+        Raises:
+            RuntimeError: 输入变量依赖了不存在的变量
+
+        Returns:
+            str: 包含对应变量的payload
+        """
         if not self.prepared:
             self.do_prepare()
         answer = ""
@@ -296,6 +312,11 @@ def get_payload(self, used_context: Context):
         return answer
 
     def get_context(self) -> Context:
+        """输出当前包含的变量
+
+        Returns:
+            Context: 所有包含的payload
+        """
         return {
             var_name: var_value
             for _, d in self.context_payloads.items()
@@ -304,6 +325,15 @@ def get_context(self) -> Context:
 
 
 def get_context_vars_manager(waf: WafFunc, options: Options) -> ContextVariableManager:
+    """根据waf函数和对应选项生成ContextVariableManager
+
+    Args:
+        waf (WafFunc): 对应的waf函数
+        options (Options): 对应的选项
+
+    Returns:
+        ContextVariableManager: 生成的实例
+    """
     context_payloads = context_payloads_stmts.copy()
     if options.python_version == PythonEnvironment.PYTHON3:
         context_payloads.update(context_payloads_stmts_py3)

diff --git a/fenjing/cracker.py b/fenjing/cracker.py
@@ -2,11 +2,12 @@
 
 """
 
+import functools
 import logging
 import random
-import time
-import functools
 import re
+import sys
+import time
 
 from collections import namedtuple
 from string import ascii_lowercase
@@ -34,10 +35,8 @@
 from .options import Options
 
 
-import sys
-
 if sys.version_info >= (3, 8):
-    from typing import Union, Callable, Dict, Tuple, Literal
+    from typing import Union, Callable, Dict, Tuple
 else:
     from typing_extensions import Union, Callable, Dict, Tuple, Literal
 logger = logging.getLogger("cracker")
@@ -70,10 +69,13 @@ def guess_python_version(url: str, requester: HTTPRequester) -> PythonEnvironmen
 
 
 class EvalArgsModePayloadGen:
+    """在EvalArgs模式下的payload生成器"""
+
     def __init__(self, will_print):
         self.will_print = will_print
 
     def generate(self, gen_type, *args):
+        """生成EvalArgs模式下的payload"""
         if gen_type == OS_POPEN_READ:
             return f"__import__('os').popen({repr(args[0])}).read()", self.will_print
         elif gen_type == EVAL:
@@ -84,7 +86,8 @@ def generate(self, gen_type, *args):
             return f"eval({repr(req[1])})", self.will_print
         elif gen_type == CONFIG:
             return (
-                "[v.config for v in sys.modules['__main__'].__dict__.values() if isinstance(v, sys.modules['flask'].Flask)][0]",
+                "[v.config for v in sys.modules['__main__'].__dict__.values()"
+                + " if isinstance(v, sys.modules['flask'].Flask)][0]",
                 self.will_print,
             )
         return None, None
@@ -185,6 +188,12 @@ def has_respond(self) -> bool:
     def crack_with_waf(
         self, waf_func, waf_expr_func=None
     ) -> Union[Tuple[FullPayloadGen, bool, str, TargetAndSubTargets], None]:
+        """实际进行Crack的函数
+
+        Returns:
+            Union[Tuple[FullPayloadGen, bool, str, TargetAndSubTargets], None]:
+                攻击结果
+        """
         full_payload_gen = FullPayloadGen(
             waf_func,
             callback=None,
@@ -198,7 +207,13 @@ def crack_with_waf(
         test_result = self.test_payload(payload, will_print)
         return full_payload_gen, will_print, test_result, tree
 
-    def log_with_result(self, will_print, test_result):
+    def log_with_result(self, will_print: bool, test_result: str):
+        """根据攻击结果打印log
+
+        Args:
+            will_print (bool): payload是否会产生回显
+            test_result (str): 攻击结果
+        """
         if will_print:
             if test_result == "SUCCESS":
                 logger.info(
@@ -227,7 +242,9 @@ def log_with_result(self, will_print, test_result):
                     + "You can try generating payloads anyway.",
                 )
 
-    def expr_waf_not500(self, tree, outer_pattern, context_vars: ContextVariableManager):
+    def expr_waf_not500(
+        self, tree, outer_pattern, context_vars: ContextVariableManager
+    ):
         def is_expr_bad(expr):
             payload = context_vars.get_payload(
                 context_vars.get_context()
@@ -262,6 +279,9 @@ def crack(self) -> Union[FullPayloadGen, None]:
         if not result:
             return None
         full_payload_gen, will_print, test_result, tree = result
+        assert (
+            full_payload_gen.context_vars is not None
+        ), "when generated successfully, this should not be none"
         self.log_with_result(will_print, test_result)
         if (
             test_result == "FAIL_500"

diff --git a/fenjing/options.py b/fenjing/options.py
@@ -6,12 +6,6 @@
     ReplacedKeywordStrategy,
     AutoFix500Code,
 )
-import sys
-
-if sys.version_info >= (3, 8):
-    from typing import Literal
-else:
-    from typing_extensions import Literal
 
 
 @dataclass

diff --git a/fenjing/submitter.py b/fenjing/submitter.py
@@ -121,6 +121,7 @@ def submit(self, payload: str) -> Union[HTTPResponse, None]:
 
 
 class TCPSubmitter(BaseSubmitter):
+    """根据模板从TCP发送HTTP1.1请求的类"""
     def __init__(
         self,
         requester: TCPRequester,