使用时如何检查python模块是否正在发送数据?
[英]How to check if a python module is sending my data when i use it?
问题描述
The title pretty much says it. 
标题几乎说明了这一点。
I need to make sure that while I am working with python modules there isn't any sort of malicious code in the module, specifacily the type that scrapes data from the machine runnign the code and sends it elsewhere? 我需要确保在使用python模块时,模块中没有任何类型的恶意代码,特别是从机器上抓取数据并将代码发送到其他地方的类型?
do i have a method of doing that with python? 我有使用python做到这一点的方法吗?
can i be certain this is done even when i am using modules like requests for sending and receiving HTTP GET\\POST requests? 我可以肯定,这是即使做了,当我使用像模块requests用于发送和接收HTTP GET \\ POST请求?
I mean is there a way to check this without reading every line of code in module? 我的意思是有一种方法可以在不读取模块中每一行代码的情况下进行检查吗?
2 个解决方案
解决方案1
1 2018-07-30 10:53:50
You question is not really connected to python it is more a security risk. 您质疑的是与python确实没有连接,这更是一种安全隐患。 Python is a dynamic language so checking if any module behaves correctly is near impossible. Python是一种动态语言,因此几乎不可能检查任何模块的行为。 However, what you can do it setup a virtual machine sandbox run your program with some fake data and check if guest machine tries to make some strange connections. 但是,您可以做什么来设置虚拟机沙箱,使用一些虚假数据运行程序,并检查来宾计算机是否尝试建立某些奇怪的连接。 You can than inspect where data is being send in what format and then trace it back to malicious code fragment in one of the modules. 然后,您可以检查以何种格式将数据发送到哪里,然后将其追溯到模块之一中的恶意代码片段。
EDIT 编辑
The only other option is if you are sure what method/function the malicious code will use. 唯一的其他选择是,如果您确定恶意代码将使用哪种方法/功能。 If it is for example the request library you could patch for example the post() method to check the destination or the package that is being send. 例如,如果是request库,则可以打补丁post()方法,以检查目标或正在发送的包。 However the malicious code could use its own implementation so you cannot be 100% sure. 但是,恶意代码可以使用其自己的实现,因此您不能百分百确定。
A link on how to patch post() method 有关如何修补post()方法的链接
How to unit test a POST method in python? 如何在python中对POST方法进行单元测试?
解决方案2
1 2018-07-30 11:05:05
It's better to have a global approach using tools like Wireshark for example that lets you sniff the packets sent/received by your machine. 最好使用诸如Wireshark之类的工具采用全局方法,以使您可以嗅探计算机发送/接收的数据包。
With that said, in python, you could overwrite some methods that you're suspicious about. 如此说来,在python中,您可以覆盖一些可疑的方法。 Here's the idea 这是主意
import requests
def write_to_logs(message):
print(message) # Or you could store in a log file
original_get = requests.get
def mocked_get(*args, **kwargs):
write_to_logs('get method triggered with args = {}, kwargs= {}'.format(args,kwargs))
original_get(*args, **kwargs)
requests.get = mocked_get
response = requests.get('http://google.com')
Output : 输出:
get method triggered with args = ('http://google.com',), kwargs= {}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.