-3

我正在尝试运行以下 perl 脚本,但它显示错误。所需的文件是我将它们放在脚本文件的同一目录中。

#! /usr/bin/perl

@attackFileList=("_perParamDefaut_URLs.txt", "_perParam_URLs.txt", "_Cartesian_URLs.txt", "_Random_URLs.txt");
@legitFileList=("_Legit_URLs.txt");

$app=$ARGV[0];

print "Testing $app\n";
$startTime=time();
$attackCaught=$notCaught=$syntaxError=$other=$total=$error=$redirect=$success=0;
for $fileEnding (@attackFileList) {
    $fileName="$app$fileEnding";
    open(inputFile, "D:\\$app/$fileName") || die "Could not open $fileName\n";
    while ($line=<inputFile>) {
        chomp $line;
        @wget = split / /, $line;

        if ($wget[1] ne "--post-data") {
                        $wget[1] =~ s/"/\\"/g;
                $wget[1] =~ s/`/\\`/g;
                $wget[1] =~ s/_nosessions/_current/;
                $wget[1] =~ s/endeavor.cc.gt.atl.ga.us/localhost:8080/;
                $wget[1] =~ s/^\\"(.*)\\"$/"\1"/;
                $command=$wget[0]." -O - "."\"".$wget[1]."\"";
        } else {
                $wget[2] =~ s/"/\\"/g;
                $wget[2] =~ s/`/\\`/g;
                $wget[3] =~ s/_nosessions/_current/;
                $wget[3] =~ s/endeavor.cc.gt.atl.ga.us/localhost:8080/;
            $wget[2] =~ s/^\\"(.*)\\"$/"\1"/;
            $command=$wget[0]." -O - ".join(" ", $wget[1], $wget[2], $wget[3]);
        }

        $output=`$command 2>&1`;
        $retValue=$?>>8;
        if (($retValue == 0)||($output=~/302 Moved Temporarily/)) {
            if ($output=~/amnesia\.SQLIAException/) {
                    $attackCaught++;
                #print errorLog "PolicyViolationException:\n \t$wget[3]\n\t$wget[2]\n\t$command\n\n";
                } elsif ($output=~/amnesia\.UndetectedSQLIA/) {
                    $notCaught++;
                print errorLog "UndetectedSQLIA:\n \t$wget[3]\n\t$wget[2]\n\t$command\n\n";
                } elsif ($output=~/lexer\.SQLLexerException/) {
                    $syntaxError++;
                #print errorLog "SyntaxError:\n \t$wget[3]\n\t$wget[2]\n\t$command\n\n";
                } else {
                if ($output=~/302 Moved Temporarily/) {
                    $redirect++;
                }
                    $other++;
            }
            $success++;
        } else {
            $error++;
        }
        $total++;
        if (($total % 100) == 0) {print "$total, ";}
    }
    close(inputFile);
}
print "\n";
$endTime=time();

$elapsedTime=$endTime-$startTime;

print "**Testing Results: Attack**\n";
print "Total: $total\n";
print "\tValid URL requests: $success\n";
print "\t\tSQLIA detected: $attackCaught\n";
print "\t\tUndetected: $notCaught\n";
print "\t\tSyntax Errors: $syntaxError\n";
print "\t\tOther: $other\n";
print "\t\t\tRedirects: $redirect\n";
print "\tError URL requests: $error\n";
$omitted=$total-$error-$success;
print "\tOmitted: $omitted\n";
print "\nTime: $elapsedTime seconds\n";

open (outFile, ">>Effective.results") || die "Could not open Effective.results\n";
print outFile "$app-attk\t$total\t$success\t$attackCaught\t$notCaught\t$syntaxError\t$other\t$error\t$omitted\n";
close(outFile);

$startTime=time();
$attackCaught=$notCaught=$syntaxError=$other=$total=$error=$redirect=$success=0;
foreach $fileEnding (@legitFileList) {
    $fileName="$app$fileEnding";
    open(inputFile, "$app/$fileName") || die "Could not open $fileName\n";
    while ($line=<inputFile>) {
        chomp $line;
        @wget = split / /, $line;

        if ($wget[1] ne "--post-data") {
            $wget[1] =~ s/"/\\"/g;
                $wget[1] =~ s/`/\\`/g;
            $wget[1] =~ s/_nosessions/_current/;
            $wget[1] =~ s/endeavor.cc.gt.atl.ga.us/localhost:8080/;
            $wget[1] =~ s/^\\"(.*)\\"$/"\1"/;
                    $command=$wget[0]." -O - "."\"".$wget[1]."\"";
        } else {
            $wget[2] =~ s/"/\\"/g;
                        $wget[2] =~ s/`/\\`/g;
            $wget[3] =~ s/_nosessions/_current/;
            $wget[3] =~ s/endeavor.cc.gt.atl.ga.us/localhost:8080/;
            $wget[2] =~ s/^\\"(.*)\\"$/"\1"/;
            $command=$wget[0]." -O - ".join(" ", $wget[1], $wget[2], $wget[3]);
        }

        $output=`$command 2>&1`;
        $retValue=$?>>8;
        if (($retValue == 0)||($output=~/302 Moved Temporarily/)) {
            if ($output=~/amnesia\.SQLIAException/) {
                    $attackCaught++;
                print errorLog "SQLIAException:\n\t$wget[3]\n\t$wget[2]\n\t$command\n\n";
                } elsif ($output=~/amnesia\.UndetectedSQLIA/) {
                    $notCaught++;
                print errorLog "UndetectedSQLIA:\n \t$wget[3]\n\t$wget[2]\n\t$command\n\n";
                } elsif ($output=~/lexer\.SQLLexerException/) {
                    $syntaxError++;
                print errorLog "SyntaxError:\n \t$wget[3]\n\t$wget[2]\n\t$command\n\n";
                } else {
                if ($output=~/302 Moved Temporarily/) {
                    $redirect++;
                }
                    $other++;
            }
            $success++;
        } else {
            $error++;
        }

        $total++;
        if (($total % 100) == 0) {print "$total, ";}
    }
    close(inputFile);

}
print "\n";
$endTime=time();
close(errorLog);
$elapsedTime=$endTime-$startTime;

print "**Testing Results: Legit**\n";
print "Total: $total\n";
print "\tValid URL requests: $success\n";
print "\t\tSQLIA detected: $attackCaught\n";
print "\t\tUndetected: $notCaught\n";
print "\t\tSyntax Errors: $syntaxError\n";
print "\t\tOther: $other\n";
print "\t\t\tRedirects: $redirect\n";
print "\tError URL requests: $error\n";
$omitted=$total-$error-$success;
print "\tOmitted: $omitted\n";
print "\nTime: $elapsedTime seconds\n";

open (outFile, ">>Effective.results") || die "Could not open Effective.results\n";
print outFile "$app-legit\t$total\t$success\t$attackCaught\t$notCaught\t$syntaxError\t$other\t$error\t$omitted\n";
close(outFile);

调用:perl script.bat 门户

结果:无法打开文件 portal_perParamDefault_URLs.txt

4

2 回答 2

3

你的编码很糟糕,但我建议你的问题的答案可能是你的意思是_perParamDefault_URLs你在哪里_perParamDefaut_URLs

在要求其他人抽出时间来帮助您之前,请有礼貌地正确格式化您的代码,以便它可读,添加use strictuse warnings您的程序顶部,并使用my接近它们的第一个使用点声明您的所有变量。

您还应该使用词法文件句柄,即 的三参数形式open,并将$!变量添加到 die 字符串的内容中。样板调用open应该看起来像

open my $fh, '<', $filename or die "Unable to open '$filename': $!";
于 2012-08-13T10:59:46.977 回答
1

Windows 路径可以用斜杠而不是反斜杠来处理,或者更好地使用File::Spec它来处理它,如:

my $full_path = File::Spec->catpath( "D", $app, $fileName )
open( inputFile, $full_path) or die $!;
于 2012-08-13T09:39:02.493 回答