{ "info": { "author": "George Argyros, Ioannis Stais", "author_email": "ioannis.stais@gmail.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 3 - Alpha", "Environment :: Console", "Programming Language :: Python", "Programming Language :: Python :: 2", "Programming Language :: Python :: 2.7" ], "description": "# LightBulb\nLightBulb is an open source python framework for auditing web application firewalls and filters.\n\n

\n\n

\n\n## Synopsis\n\nThe framework consists of two main algorithms:\n\n* **GOFA**: An active learning algorithm that infers symbolic representations of automata in the standard membership/equivalence query model.\n \n Active learning algorithms permits the analysis of filter and sanitizer programs remotely, i.e. given only the ability to query the targeted program and observe the output.\n\n* **SFADiff**: A black-box differential testing algorithm based on Symbolic Finite Automata (SFA) learning\n\n Finding differences between programs with similar functionality is an important security problem as such differences can be used for fingerprinting or creating evasion attacks against security software like Web Application Firewalls (WAFs) which are designed to detect malicious inputs to web applications.\n\n## Motivation\n\nWeb Applications Firewalls (WAFs) are fundamental building blocks of modern application security. For example, the PCI standard for organizations handling credit card transactions dictates that any application facing the internet should be either protected by a WAF or successfully pass a code review process. Nevertheless, despite their popularity and importance, auditing web application firewalls remains a challenging and complex task. Finding attacks that bypass the firewall usually requires expert domain knowledge for a specific vulnerability class. Thus, penetration testers not armed with this knowledge are left with publicly available lists of attack strings, like the XSS Cheat Sheet, which are usually insufficient for thoroughly evaluating the security of a WAF product.\n\n## BlackHat Europe 2016 Presentation\n\nIn this presentation we introduce a novel, efficient, approach for bypassing WAFs using automata learning algorithms. We show that automata learning algorithms can be used to obtain useful models of WAFs. Given such a model, we show how to construct, either manually or automatically, a grammar describing the set of possible attacks which are then tested against the obtained model for the firewall. Moreover, if our system fails to find an attack, a regular expression model of the firewall is generated for further analysis. Using this technique we found over 10 previously unknown vulnerabilities in popular WAFs such as Mod-Security, PHPIDS and Expose allowing us to mount SQL Injection and XSS attacks bypassing the firewalls. Finally, we present LightBulb, an open source python framework for auditing web applications firewalls using the techniques described above. In the release we include the set of grammars used to find the vulnerabilities presented.\n\n[![BHEU16 Presentation](http://image.slidesharecdn.com/anotherbrick-161109104820/85/another-brick-off-the-wall-deconstructing-web-application-firewalls-using-automata-learning-1-320.jpg)](http://www.slideshare.net/einstais/another-brick-off-the-wall-deconstructing-web-application-firewalls-using-automata-learning)\n\n## Commands Usage\n\nMain interface commands:\n \n Command | Description \n ------------- | ------------------------------------- \n core | Shows available core modules \n utils | Shows available query handlers \n info \\ | Prints module information \n library | Enters library \n modules | Shows available application modules \n use \\ | Enters module \n start \\ \\ | Initiate algorithm\n help | Prints help \n status | Checks and installs required packages \n complete | Prints bash completion command \n\nModule commands:\n \n Command | Description \n ------------- | ------------------------------------- \n back | Go back to main menu \n info | Prints current module information \n library | Enters library \n options | Shows available options\n define \\ \\ | Set an option value\n start | Initiate algoritm \n complete | Prints bash completion command \n\nLibrary commands:\n\n Command | Description \n ------------- | ------------------------------------- \n back | Go back to main menu \n info \\ | Prints requested module information (folder must be located in lightbulb/data/)\n cat \\ | Prints requested module (folder must be located in lightbulb/data/)\n modules \\ | Shows available library modules in the requested folder (folder must be located in lightbulb/data/)\n search \\ | Searches available library modules using comma separated keywords\n complete | Prints bash completion command \n\n## Installation\n\n### Prepare your system\n\nFirst you have to verify that your system supports flex, python dev, pip and build utilities:\n\nFor apt platforms (ubuntu, debian...):\n```bash\t\n sudo apt-get install flex\n\tsudo apt-get install python-pip\n\tsudo apt-get install python-dev\n\tsudo apt-get install build-essential\n```\n\n(Optional for apt) If you want to add support for MySQL testing: \n```bash\t\n sudo apt-get install libmysqlclient-dev\n```\n\nFor yum platforms (centos, redhat, fedora...) with already installed the extra packages repo (epel-release):\n```bash\n\tsudo yum install -y python-pip\n\tsudo yum install -y python-devel\n\tsudo yum install -y wget\n\tsudo yum groupinstall -y 'Development Tools'\n```\n\n(Optional for yum) If you want to add support for MySQL testing: \n```bash\n\tsudo yum install -y mysql-devel \n\tsudo yum install -y MySQL-python\n```\n\n### Install Lightbulb\n\nIn order to use the application without complete package installation:\n\n```bash\ngit clone https://github.com/lightbulb-framework/lightbulb-framework\ncd lightbulb-framework\nmake\nlightbulb status\n```\n\nIn order to perform complete package installation. You can also install it from pip repository. This requires first to install the latest setuptools version:\n\n```bash\npip install setuptools --upgrade\npip install lightbulb-framework\nlightbulb status\n```\n\nIf you want to use virtualenv:\n\n```bash\npip install virtualenv\nvirtualenv env\nsource env/bin/activate\npip install lightbulb-framework\nlightbulb status\n```\n\nThe \"lightbulb status\" command will guide you to install MySQLdb and OpenFst support. If you use virtualenv in linux, the \"sudo\" command will be required only for the installation of libmysqlclient-dev package.\n\nIt should be noted that the \"lightbulb status\" command is not necessary if you are going to use the Burp Extension. The reason is that this command installs the \"openfst\" and \"mysql\" bindings and the extension by default is using Jython, which does not support C bindings. It is recommended to use the command only if you want to change the Burp extension configuration from the settings and enable the native support.\n\nIt is also possible to use a docker instance:\n\n```bash\ndocker pull lightbulb/lightbulb-framework\n```\n\n[![LightBulb Installation on Debian Linux](https://j.gifs.com/O75xWL.gif)](https://www.youtube.com/watch?v=jjw32Jc744g)\n\n\n## Install Burp Extension \n\nIf you wish to use the new GUI, you can use the extension for the [Burp Suite](https://portswigger.net/burp/). First you have to setup a working environment with Burp Proxy and Jython\n\n* Download the latest Jython from [here](http://www.jython.org/downloads.html)\n* Find your local python packages installation folder*\n* Configure Burp Extender to use these values, as shown below*\n\n\n\n* Select the new LightBulb module (\"BurpExtension.py\") and set the extension type to be \"Python\"\n\n\n\n*You can ignore this step, and install the standalone version which contains all the required python packages included. You can download it [here](https://github.com/lightbulb-framework/lightbulb-framework/files/2079793/lightbulb-framework.zip)\n\n## Examples\n\nCheck out the [Wiki page](https://github.com/lightbulb-framework/lightbulb-framework/wiki) for usage examples.\n\n## Contributors\n\n* George Argyros\n* Ioannis Stais\n* Suman Jana\n* Angelos D. Keromytis\n* Aggelos Kiayias\n\n## References\n\n* *G. Argyros, I. Stais, S. Jana, A. D. Keromytis, and A. Kiayias. 2016. SFADiff: Automated Evasion Attacks and Fingerprinting Using Black-box Differential Automata Learning. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16). ACM, New York, NY, USA, 1690-1701. doi: 10.1145/2976749.2978383*\n* *G. Argyros, I. Stais, A. Kiayias and A. D. Keromytis, \"Back in Black: Towards Formal, Black Box Analysis of Sanitizers and Filters,\" 2016 IEEE Symposium on Security and Privacy (SP), San Jose, CA, 2016, pp. 91-109. doi: 10.1109/SP.2016.14*\n\n## Acknowledgements\n\nThis research was partly supported by ERC project CODAMODA, #259152.\n\n## License\n\nMIT License as described in LICENSE file\n", "description_content_type": "", "docs_url": null, "download_url": "https://github.com/lightbulb-framework/lightbulb-framework/tarball/master", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/lightbulb-framework/lightbulb-framework", "keywords": "", "license": "", "maintainer": "", "maintainer_email": "", "name": "lightbulb-framework", "package_url": "https://pypi.org/project/lightbulb-framework/", "platform": "Any", "project_url": "https://pypi.org/project/lightbulb-framework/", "project_urls": { "Download": "https://github.com/lightbulb-framework/lightbulb-framework/tarball/master", "Homepage": "https://github.com/lightbulb-framework/lightbulb-framework" }, "release_url": "https://pypi.org/project/lightbulb-framework/0.0.18/", "requires_dist": null, "requires_python": "", "summary": "Tools for auditing WAFS", "version": "0.0.18" }, "last_serial": 3938950, "releases": { "0.0.1": [ { "comment_text": "", "digests": { "md5": "e53c5a602086c3d5acc4bdef4e14643a", "sha256": "91adf2b8be076cbb32554da7e02fa7e5386eeb4f257033283bf9c7a1814d1301" }, "downloads": -1, "filename": "lightbulb-framework-0.0.1.tar.gz", "has_sig": false, "md5_digest": "e53c5a602086c3d5acc4bdef4e14643a", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 218794, "upload_time": "2016-11-03T18:37:31", "url": "https://files.pythonhosted.org/packages/b6/ad/072b0d5699f31abdf58228cb4e621bae4ece9d2cd0ae3c5eb99fe35076f9/lightbulb-framework-0.0.1.tar.gz" } ], "0.0.10": [ { "comment_text": "", "digests": { "md5": "f1f789c130769071c3e76b53184db0ff", "sha256": "7c6551cd994134026040c7ea3e798a488aa7b6f0254709f7e4bbc44298cc96fd" }, "downloads": -1, "filename": "lightbulb-framework-0.0.10.tar.gz", "has_sig": false, "md5_digest": "f1f789c130769071c3e76b53184db0ff", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 332450, "upload_time": "2016-11-13T18:42:10", "url": "https://files.pythonhosted.org/packages/5b/cf/5619f4d39336410c254c8996d2a7994f721b39bcc547cc58c90d25ba5370/lightbulb-framework-0.0.10.tar.gz" } ], "0.0.11": [ { "comment_text": "", "digests": { "md5": "bcbbfef1b6344aa055521354c8502de9", "sha256": "7d80683b8ab2a3d9313f25b93d8ea23164a1d54d0ac5fcb4fa998510a0e03b44" }, "downloads": -1, "filename": "lightbulb-framework-0.0.11.tar.gz", "has_sig": false, "md5_digest": "bcbbfef1b6344aa055521354c8502de9", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 176442, "upload_time": "2016-11-13T18:52:43", "url": "https://files.pythonhosted.org/packages/42/3e/9c2c38616818ec510200ee6574a29611eb3f7ffdf96ed880be91b2b0e937/lightbulb-framework-0.0.11.tar.gz" } ], "0.0.12": [ { "comment_text": "", "digests": { "md5": "014b52d52ec627b3a86360fa465bfb1d", "sha256": "bf91e75d4e2eccd739efe2758925f0b9a9d6c5238e37e596d1cc9dd416d41906" }, "downloads": -1, "filename": "lightbulb-framework-0.0.12.tar.gz", "has_sig": false, "md5_digest": "014b52d52ec627b3a86360fa465bfb1d", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 176500, "upload_time": "2016-11-13T19:16:54", "url": "https://files.pythonhosted.org/packages/cb/91/cc5be1381694a26a52c7ee1da921c2b57a8e874217c546c49306b65d68e1/lightbulb-framework-0.0.12.tar.gz" } ], "0.0.13": [ { "comment_text": "", "digests": { "md5": "6c7064797b58ea537cd7b7df5eb659f0", "sha256": "affc5ccf5a7df824019e029fa94f6fff296dfb400b0ad8196020b3979da01a9d" }, "downloads": -1, "filename": "lightbulb-framework-0.0.13.tar.gz", "has_sig": false, "md5_digest": "6c7064797b58ea537cd7b7df5eb659f0", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 177832, "upload_time": "2016-11-19T13:34:37", "url": "https://files.pythonhosted.org/packages/56/bc/3d6c186c43301b899ae26d21dc9d5688aefbd9077213ce922a1230516546/lightbulb-framework-0.0.13.tar.gz" } ], "0.0.14": [ { "comment_text": "", "digests": { "md5": "a988edc3cc04d006884ff3ebc22518f0", "sha256": "4eeeb4a020f5d04e910ccda9650ff5a1ad90bf3edcbddb4a2bca5be6f57a9719" }, "downloads": -1, "filename": "lightbulb-framework-0.0.14.tar.gz", "has_sig": false, "md5_digest": "a988edc3cc04d006884ff3ebc22518f0", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 180902, "upload_time": "2017-02-14T07:19:30", "url": "https://files.pythonhosted.org/packages/47/8e/56271add03ecfabda15a0118f71a9b8f9c0913d6790f8d3887933beeaf68/lightbulb-framework-0.0.14.tar.gz" } ], "0.0.15": [ { "comment_text": "", "digests": { "md5": "1c58f042c5e92ed7655a39e44c849691", "sha256": "fb455e01a82dcc76280b2dcf653972ac44092c6503285d519ba2f74edd160936" }, "downloads": -1, "filename": "lightbulb-framework-0.0.15.tar.gz", "has_sig": false, "md5_digest": "1c58f042c5e92ed7655a39e44c849691", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 185923, "upload_time": "2017-06-10T08:56:27", "url": "https://files.pythonhosted.org/packages/d0/06/fe97d60c2a931b9cdec124f96f92195bcb2a3aa282933aedefb1be30a361/lightbulb-framework-0.0.15.tar.gz" } ], "0.0.16": [ { "comment_text": "", "digests": { "md5": "bcd4b81d455d6b00b69fada1a18797d1", "sha256": "0f0c7014d477047a2204f8f7daba1272691856059eda1d7bb1aed8b6315a74e5" }, "downloads": -1, "filename": "lightbulb-framework-0.0.16.tar.gz", "has_sig": false, "md5_digest": "bcd4b81d455d6b00b69fada1a18797d1", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 185940, "upload_time": "2017-06-10T10:38:27", "url": "https://files.pythonhosted.org/packages/3c/a4/df8e256e8a8c8b29f28c2096d50dc84bcf4c711b38b0bf3685c707ca4067/lightbulb-framework-0.0.16.tar.gz" } ], "0.0.17": [ { "comment_text": "", "digests": { "md5": "225dd1e65dec7e5715caf200a95f95d0", "sha256": "86ea0f33efbd3cf31573ec48d5e886ae45d3f6df81b965dbec6da3332cc174b9" }, "downloads": -1, "filename": "lightbulb-framework-0.0.17.tar.gz", "has_sig": false, "md5_digest": "225dd1e65dec7e5715caf200a95f95d0", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 229342, "upload_time": "2017-07-22T13:11:33", "url": "https://files.pythonhosted.org/packages/f0/bd/4ed0020415ea728effcea280ccc652eba15f8735c821f4ff2c1318bf7197/lightbulb-framework-0.0.17.tar.gz" } ], "0.0.18": [ { "comment_text": "", "digests": { "md5": "c23686b4bb5297ca9a025eb9dc95c8aa", "sha256": "1cdb5163cf8936bfc43496e978e6de51f3dfa35a1265184bc64d2a0882782104" }, "downloads": -1, "filename": "lightbulb-framework-0.0.18.tar.gz", "has_sig": false, "md5_digest": "c23686b4bb5297ca9a025eb9dc95c8aa", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 244626, "upload_time": "2018-06-07T09:28:56", "url": "https://files.pythonhosted.org/packages/ed/64/f491d9c624282c60d0a9d457d51a7966a1435ebc808ce86310b67d6a0bec/lightbulb-framework-0.0.18.tar.gz" } ], "0.0.2": [ { "comment_text": "", "digests": { "md5": "5e067bec8eb5497af5df1e4a3e990472", "sha256": "d46f63f1921fcf7a1d9034b0eafa0fd92db3566cac221a64b8077e20cdfc9808" }, "downloads": -1, "filename": "lightbulb-framework-0.0.2.tar.gz", "has_sig": false, "md5_digest": "5e067bec8eb5497af5df1e4a3e990472", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 217587, "upload_time": "2016-11-08T18:36:54", "url": "https://files.pythonhosted.org/packages/91/2e/2e8dd7348179957408c1e07ce3bf9e2b2d3068f6c9eadd2cc8d44af9e9e0/lightbulb-framework-0.0.2.tar.gz" } ], "0.0.3": [ { "comment_text": "", "digests": { "md5": "cec8fb35dd49e3a525d96350f0abf736", "sha256": "954331be9e0ec20b195ec4651fca32cbbfbc1eb875be17859a31286a3214dc79" }, "downloads": -1, "filename": "lightbulb-framework-0.0.3.tar.gz", "has_sig": false, "md5_digest": "cec8fb35dd49e3a525d96350f0abf736", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 217648, "upload_time": "2016-11-08T23:14:43", "url": "https://files.pythonhosted.org/packages/66/75/054f75e5faac405b464e44c4da9b0e160e5ab08e33282fcbe29a16fbaa9a/lightbulb-framework-0.0.3.tar.gz" } ], "0.0.4": [ { "comment_text": "", "digests": { "md5": "ad0aa0a22e34f2f31176b89b237d5af1", "sha256": "b619979374e9ab3472c6603445dbced0aa59bf65ebcfd02ed5e5b5a6bdbc1a49" }, "downloads": -1, "filename": "lightbulb-framework-0.0.4.tar.gz", "has_sig": false, "md5_digest": "ad0aa0a22e34f2f31176b89b237d5af1", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 217691, "upload_time": "2016-11-08T23:38:21", "url": "https://files.pythonhosted.org/packages/54/bb/5301cec49fb3ce6a7581a8f4ed6dbe37e264019628ac52eb3cd14bae1e14/lightbulb-framework-0.0.4.tar.gz" } ], "0.0.5": [ { "comment_text": "", "digests": { "md5": "926eebde00a1464e4f96b28096f4ec63", "sha256": "1f196be1d89706d15ad7eff601d4e95432be856d671b0cc69359acd0a9783970" }, "downloads": -1, "filename": "lightbulb-framework-0.0.5.tar.gz", "has_sig": false, "md5_digest": "926eebde00a1464e4f96b28096f4ec63", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 217669, "upload_time": "2016-11-10T16:22:41", "url": "https://files.pythonhosted.org/packages/07/8e/c2cea4ef9f30fbdc3f50375229a5d341269949cc809fe3fd725d42786c52/lightbulb-framework-0.0.5.tar.gz" } ], "0.0.6": [ { "comment_text": "", "digests": { "md5": "dacd5272eeb6a539fcaeb8faa5a24791", "sha256": "faff8fcc2e403053da6672f1882d5bbd82cc616d492a237fb655a470c5628f8d" }, "downloads": -1, "filename": "lightbulb-framework-0.0.6.tar.gz", "has_sig": false, "md5_digest": "dacd5272eeb6a539fcaeb8faa5a24791", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 220905, "upload_time": "2016-11-12T13:05:45", "url": "https://files.pythonhosted.org/packages/8b/27/9f8027e3bca4f8c0de486b95a01ed3b950ae1483b939b9e72072c998a500/lightbulb-framework-0.0.6.tar.gz" } ], "0.0.7": [ { "comment_text": "", "digests": { "md5": "4893b9d76500b3a492bfb67368194051", "sha256": "ebed92e8e537da5a1a7dc4547c0189775f139b6a0a6272fa7eefb7cc2f6e461f" }, "downloads": -1, "filename": "lightbulb-framework-0.0.7.tar.gz", "has_sig": false, "md5_digest": "4893b9d76500b3a492bfb67368194051", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 221333, "upload_time": "2016-11-13T12:24:39", "url": "https://files.pythonhosted.org/packages/40/b5/49a01665a9d3b5584b320b0968f7d1a6a9f3b5a790cffafd63098affed6b/lightbulb-framework-0.0.7.tar.gz" } ], "0.0.8": [ { "comment_text": "", "digests": { "md5": "4785d7ecdb3c40b085730d62fc923091", "sha256": "07cfcafd3930909988975915fc44c78b7a2f48dd4d8dd470729eac323b8443f1" }, "downloads": -1, "filename": "lightbulb-framework-0.0.8.tar.gz", "has_sig": false, "md5_digest": "4785d7ecdb3c40b085730d62fc923091", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 221868, "upload_time": "2016-11-13T12:52:04", "url": "https://files.pythonhosted.org/packages/3d/2f/ee5f12340f5c22d505bdbfeb7dae148ef528b82e5884ef1f204cff463f57/lightbulb-framework-0.0.8.tar.gz" } ], "0.0.9": [ { "comment_text": "", "digests": { "md5": "d8d5801551cb3c6897206f8bc12f2175", "sha256": "66f36a7ceb5419dc71eb8436d35948483202e04ef73fdc896bdb11ea74b4e3ae" }, "downloads": -1, "filename": "lightbulb-framework-0.0.9.tar.gz", "has_sig": false, "md5_digest": "d8d5801551cb3c6897206f8bc12f2175", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 222029, "upload_time": "2016-11-13T18:28:35", "url": "https://files.pythonhosted.org/packages/db/0b/4b685479a811462bcbfa4f7659bc45a9c4649b35544cef521f9775d3586d/lightbulb-framework-0.0.9.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "c23686b4bb5297ca9a025eb9dc95c8aa", "sha256": "1cdb5163cf8936bfc43496e978e6de51f3dfa35a1265184bc64d2a0882782104" }, "downloads": -1, "filename": "lightbulb-framework-0.0.18.tar.gz", "has_sig": false, "md5_digest": "c23686b4bb5297ca9a025eb9dc95c8aa", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 244626, "upload_time": "2018-06-07T09:28:56", "url": "https://files.pythonhosted.org/packages/ed/64/f491d9c624282c60d0a9d457d51a7966a1435ebc808ce86310b67d6a0bec/lightbulb-framework-0.0.18.tar.gz" } ] }