我试图运行以下perl脚本,但它显示错误。我将所需的文件放在脚本文件的同一目录中。
#! /usr/bin/perl
@attackFileList=("_perParamDefaut_URLs.txt", "_perParam_URLs.txt", "_Cartesian_URLs.txt", "_Random_URLs.txt");
@legitFileList=("_Legit_URLs.txt");
$app=$ARGV[0];
print "Testing $app\n";
$startTime=time();
$attackCaught=$notCaught=$syntaxError=$other=$total=$error=$redirect=$success=0;
for $fileEnding (@attackFileList) {
$fileName="$app$fileEnding";
open(inputFile, "D:\\$app/$fileName") || die "Could not open $fileName\n";
while ($line=<inputFile>) {
chomp $line;
@wget = split / /, $line;
if ($wget[1] ne "--post-data") {
$wget[1] =~ s/"/\\"/g;
$wget[1] =~ s/`/\\`/g;
$wget[1] =~ s/_nosessions/_current/;
$wget[1] =~ s/endeavor.cc.gt.atl.ga.us/localhost:8080/;
$wget[1] =~ s/^\\"(.*)\\"$/"\1"/;
$command=$wget[0]." -O - "."\"".$wget[1]."\"";
} else {
$wget[2] =~ s/"/\\"/g;
$wget[2] =~ s/`/\\`/g;
$wget[3] =~ s/_nosessions/_current/;
$wget[3] =~ s/endeavor.cc.gt.atl.ga.us/localhost:8080/;
$wget[2] =~ s/^\\"(.*)\\"$/"\1"/;
$command=$wget[0]." -O - ".join(" ", $wget[1], $wget[2], $wget[3]);
}
$output=`$command 2>&1`;
$retValue=$?>>8;
if (($retValue == 0)||($output=~/302 Moved Temporarily/)) {
if ($output=~/amnesia\.SQLIAException/) {
$attackCaught++;
#print errorLog "PolicyViolationException:\n \t$wget[3]\n\t$wget[2]\n\t$command\n\n";
} elsif ($output=~/amnesia\.UndetectedSQLIA/) {
$notCaught++;
print errorLog "UndetectedSQLIA:\n \t$wget[3]\n\t$wget[2]\n\t$command\n\n";
} elsif ($output=~/lexer\.SQLLexerException/) {
$syntaxError++;
#print errorLog "SyntaxError:\n \t$wget[3]\n\t$wget[2]\n\t$command\n\n";
} else {
if ($output=~/302 Moved Temporarily/) {
$redirect++;
}
$other++;
}
$success++;
} else {
$error++;
}
$total++;
if (($total % 100) == 0) {print "$total, ";}
}
close(inputFile);
}
print "\n";
$endTime=time();
$elapsedTime=$endTime-$startTime;
print "**Testing Results: Attack**\n";
print "Total: $total\n";
print "\tValid URL requests: $success\n";
print "\t\tSQLIA detected: $attackCaught\n";
print "\t\tUndetected: $notCaught\n";
print "\t\tSyntax Errors: $syntaxError\n";
print "\t\tOther: $other\n";
print "\t\t\tRedirects: $redirect\n";
print "\tError URL requests: $error\n";
$omitted=$total-$error-$success;
print "\tOmitted: $omitted\n";
print "\nTime: $elapsedTime seconds\n";
open (outFile, ">>Effective.results") || die "Could not open Effective.results\n";
print outFile "$app-attk\t$total\t$success\t$attackCaught\t$notCaught\t$syntaxError\t$other\t$error\t$omitted\n";
close(outFile);
$startTime=time();
$attackCaught=$notCaught=$syntaxError=$other=$total=$error=$redirect=$success=0;
foreach $fileEnding (@legitFileList) {
$fileName="$app$fileEnding";
open(inputFile, "$app/$fileName") || die "Could not open $fileName\n";
while ($line=<inputFile>) {
chomp $line;
@wget = split / /, $line;
if ($wget[1] ne "--post-data") {
$wget[1] =~ s/"/\\"/g;
$wget[1] =~ s/`/\\`/g;
$wget[1] =~ s/_nosessions/_current/;
$wget[1] =~ s/endeavor.cc.gt.atl.ga.us/localhost:8080/;
$wget[1] =~ s/^\\"(.*)\\"$/"\1"/;
$command=$wget[0]." -O - "."\"".$wget[1]."\"";
} else {
$wget[2] =~ s/"/\\"/g;
$wget[2] =~ s/`/\\`/g;
$wget[3] =~ s/_nosessions/_current/;
$wget[3] =~ s/endeavor.cc.gt.atl.ga.us/localhost:8080/;
$wget[2] =~ s/^\\"(.*)\\"$/"\1"/;
$command=$wget[0]." -O - ".join(" ", $wget[1], $wget[2], $wget[3]);
}
$output=`$command 2>&1`;
$retValue=$?>>8;
if (($retValue == 0)||($output=~/302 Moved Temporarily/)) {
if ($output=~/amnesia\.SQLIAException/) {
$attackCaught++;
print errorLog "SQLIAException:\n\t$wget[3]\n\t$wget[2]\n\t$command\n\n";
} elsif ($output=~/amnesia\.UndetectedSQLIA/) {
$notCaught++;
print errorLog "UndetectedSQLIA:\n \t$wget[3]\n\t$wget[2]\n\t$command\n\n";
} elsif ($output=~/lexer\.SQLLexerException/) {
$syntaxError++;
print errorLog "SyntaxError:\n \t$wget[3]\n\t$wget[2]\n\t$command\n\n";
} else {
if ($output=~/302 Moved Temporarily/) {
$redirect++;
}
$other++;
}
$success++;
} else {
$error++;
}
$total++;
if (($total % 100) == 0) {print "$total, ";}
}
close(inputFile);
}
print "\n";
$endTime=time();
close(errorLog);
$elapsedTime=$endTime-$startTime;
print "**Testing Results: Legit**\n";
print "Total: $total\n";
print "\tValid URL requests: $success\n";
print "\t\tSQLIA detected: $attackCaught\n";
print "\t\tUndetected: $notCaught\n";
print "\t\tSyntax Errors: $syntaxError\n";
print "\t\tOther: $other\n";
print "\t\t\tRedirects: $redirect\n";
print "\tError URL requests: $error\n";
$omitted=$total-$error-$success;
print "\tOmitted: $omitted\n";
print "\nTime: $elapsedTime seconds\n";
open (outFile, ">>Effective.results") || die "Could not open Effective.results\n";
print outFile "$app-legit\t$total\t$success\t$attackCaught\t$notCaught\t$syntaxError\t$other\t$error\t$omitted\n";
close(outFile);
呼叫: perl script.bat门户网站
结果: 无法打开文件portal_perParamDefault_URLs.txt
答案 0 :(得分:3)
您的编码很糟糕,但我建议您的问题的答案可能是_perParamDefault_URLs您_perParamDefaut_URLs的所在地?
在要求其他人花时间帮助您之前,请务必保持足够的格式以正确格式化您的代码,使其可读,将use strict和use warnings添加到您的程序顶部并声明所有内容使用my接近其第一个使用点的变量。
您还应该使用词法文件句柄,open的三参数形式,并将$!变量添加到您的die字符串的内容中。对open的样板调用应该类似于
open my $fh, '<', $filename or die "Unable to open '$filename': $!";
答案 1 :(得分:1)
可以使用斜杠代替反斜杠来处理Windows路径,或者更好地使用File::Spec来处理它,如:
my $full_path = File::Spec->catpath( "D", $app, $fileName )
open( inputFile, $full_path) or die $!;