From 20d05cc404a8f851ea42df6c0b0f481538345580 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Fri, 21 May 2010 15:03:40 +0000 Subject: [PATCH] way to handle re.I (ignore case) while using getCompiledRegex --- lib/utils/detection.py | 4 ++-- plugins/generic/misc.py | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/utils/detection.py b/lib/utils/detection.py index a207aed08..2fd14f691 100644 --- a/lib/utils/detection.py +++ b/lib/utils/detection.py @@ -51,7 +51,7 @@ def checkPayload(string): rules = [] for xmlrule in xmlrules.getElementsByTagName("filter"): try: - rule = xmlrule.getElementsByTagName('rule')[0].childNodes[0].nodeValue + rule = "(?i)%s" % xmlrule.getElementsByTagName('rule')[0].childNodes[0].nodeValue desc = __adjustGrammar(xmlrule.getElementsByTagName('description')[0].childNodes[0].nodeValue) rules.append((rule, desc)) except sre_constants.error: #some issues with some regex expressions in Python 2.5 @@ -59,5 +59,5 @@ def checkPayload(string): for rule, desc in rules: regObj = getCompiledRegex(rule) - if regObj.search(string, re.IGNORECASE): + if regObj.search(string): logger.warn("highly probable IDS/IPS detection: '%s'" % desc) diff --git a/plugins/generic/misc.py b/plugins/generic/misc.py index 9f0f92f50..cdbda7ee0 100644 --- a/plugins/generic/misc.py +++ b/plugins/generic/misc.py @@ -24,6 +24,7 @@ Franklin St, Fifth Floor, Boston, MA 02110-1301 USA import re +from lib.core.common import getCompiledRegex from lib.core.common import normalizePath from lib.core.common import ntToPosixSlashes from lib.core.common import posixToNtSlashes @@ -57,7 +58,7 @@ class Miscellaneous: else: conf.tmpPath = "/tmp" - if re.search("\A[\w]:[\/\\\\]+", conf.tmpPath, re.I): + if getCompiledRegex("(?i)\A[\w]:[\/\\\\]+").search(conf.tmpPath): kb.os = "Windows" conf.tmpPath = normalizePath(conf.tmpPath)