From 27e7a290bace5438e429cfbb960708c6c9b55d2c Mon Sep 17 00:00:00 2001 From: gyuu04 Date: Tue, 22 Jul 2025 16:02:45 +0900 Subject: [PATCH] =?UTF-8?q?=EC=A7=84=ED=96=89=EB=A5=A0=20=EC=98=A4?= =?UTF-8?q?=EB=A5=98=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- addon/open_redirect_check.py | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/addon/open_redirect_check.py b/addon/open_redirect_check.py index 202ca35..6f2684c 100644 --- a/addon/open_redirect_check.py +++ b/addon/open_redirect_check.py @@ -19,7 +19,6 @@ class RedirectRateLimiter: self.failure_count = 0 self.consecutive_failures = 0 self.blocked_until = 0 - self.pattern_index = 0 # 현재 테스트 중인 패턴 번호 self.should_abandon_target = False # 설정값 (전체 패턴 기준으로 최적화) @@ -36,7 +35,6 @@ class RedirectRateLimiter: self.failure_count = 0 self.consecutive_failures = 0 self.blocked_until = 0 - self.pattern_index = 0 self.should_abandon_target = False print("[RATE_LIMIT] 새로운 타겟을 위해 Rate Limiter 리셋됨") @@ -76,10 +74,6 @@ class RedirectRateLimiter: self.last_request = time.time() self.request_count += 1 - self.pattern_index += 1 - - if self.pattern_index % 5 == 0: - print(f"[PROGRESS] 📊 {self.pattern_index}/71 패턴 테스트 완료 ({(self.pattern_index/71)*100:.1f}%)") return True @@ -1381,7 +1375,7 @@ class OpenRedirectChecker: async def _test_oauth_redirect(self, url, parsed, query, test_type="UNKNOWN"): """OAuth 리다이렉트 취약점 테스트""" - + # 테스트 타입별로 중복 방지 endpoint_key = f"{test_type}:{parsed.netloc}{parsed.path}" @@ -1445,6 +1439,10 @@ class OpenRedirectChecker: for i, payload in enumerate(self.bypass_payloads, 1): print(f"[{i:2d}/{len(self.bypass_payloads)}] {payload.name}", end=" ... ") + if i % 10 == 0: + progress = (i / len(self.bypass_payloads)) * 100 + print(f"\n[PROGRESS] 📊 {i}/{len(self.bypass_payloads)} 패턴 테스트 완료 ({progress:.1f}%)") + result = await self._test_bypass_pattern( url, query, parsed, original_value, payload, param_name )