📄 pyexec.py
字号:
## Copyright (c) 2005, John Mettraux, OpenWFE.org# All rights reserved.# # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met:# # . Redistributions of source code must retain the above copyright notice, this# list of conditions and the following disclaimer. # # . Redistributions in binary form must reproduce the above copyright notice, # this list of conditions and the following disclaimer in the documentation # and/or other materials provided with the distribution.# # . Neither the name of the "OpenWFE" nor the names of its contributors may be# used to endorse or promote products derived from this software without# specific prior written permission.# # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE.## $Id: pyexec.py 1931 2005-07-07 07:39:47Z jmettraux $#""" PyExec is an OpenWFE component that listens on a port for incoming workitems, locates their '__python_code__' field and executes the contained string. PyExec is dangerous, malicious workitems could contain unwanted code to be executed... $Id: pyexec.py 1931 2005-07-07 07:39:47Z jmettraux $"""from sys import exc_infofrom openwfe.socket import SocketListenerfrom openwfe.socket import SocketDispatcherfrom openwfe.socket import WorkitemConsumerfrom openwfe.engine import definitionsfrom openwfe.engine.participant import lookupParticipantMap#ENGINE_HOST = 'engineHost'#ENGINE_PORT = 'enginePort'REMOVE_FIELD = 'removeField'CODE_FIELD_NAME = 'codeFieldName'class PyExecConsumer (WorkitemConsumer): engineHost = 'localhost' enginePort = 7007 removeField = 0 codeFieldName = '__python_code__' def init (self, name, applicationContext, params): WorkitemConsumer.init(self, name, applicationContext, params) if params.has_key(CODE_FIELD_NAME): self.codeFieldName = params[CODE_FIELD_NAME] self.linfo("codeFieldName is set to '%s'" % self.codeFieldName) #if params.has_key(ENGINE_HOST): # self.engineHost = params[ENGINE_HOST] #self.linfo("engine host is set to '%s'" % self.engineHost) #if params.has_key(ENGINE_PORT): # self.enginePort = int(params[ENGINE_PORT]) #self.linfo("engine port is set to %i" % self.enginePort) sRemove = params.get(REMOVE_FIELD) if (sRemove != None): self.removeField = ("true" == sRemove.lower()) self.linfo("removeField is set to %i" % self.removeField) def use (self, workitem): aCode = workitem.getAttribute(self.codeFieldName) if aCode != None: code = str(aCode.value) self.ldebug("got >>>\n%s\n<<< to execute" % code) try: exec(code) except Exception: #(eClass, eObject, eTrace) = exc_info() print exc_info() if self.removeField: workitem.removeAttribute(self.codeFieldName) pmap = lookupParticipantMap(self.applicationContext) sd = pmap.get(workitem.lastExpressionId.engineId) sd.dispatch(workitem) #sd = SocketDispatcher(); #params = { 'host': self.engineHost, 'port': self.enginePort } #sd.init('%s::SocketDispatcher::%s:%i' % (self.__class__, self.engineHost, self.enginePort), self.applicationContext, params) #sd.dispatch(workitem)⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -