From 8b6e0c7dc5fedb64c62c171de3d4b29ae2f3054a Mon Sep 17 00:00:00 2001 From: Sravya1011 <64693313+Sravya1011@users.noreply.github.com> Date: Mon, 6 Mar 2023 17:08:15 +0530 Subject: [PATCH 1/8] Create istanbul.yml --- istanbul.yml | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 istanbul.yml diff --git a/istanbul.yml b/istanbul.yml new file mode 100644 index 0000000..5605afd --- /dev/null +++ b/istanbul.yml @@ -0,0 +1,7 @@ +# istanbul.yml +check-coverage: true +instrumentation: + root: ./src + extensions: ['.js'] + default-excludes: true + excludes: ['**/node_modules/**', '**/test/**'] From cc69670b38c5cd8ed7f1701ff225248121b3bda6 Mon Sep 17 00:00:00 2001 From: Sravya1011 <64693313+Sravya1011@users.noreply.github.com> Date: Mon, 6 Mar 2023 17:09:42 +0530 Subject: [PATCH 2/8] Update package.json --- package.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/package.json b/package.json index 5f1e8a5..c0e5beb 100644 --- a/package.json +++ b/package.json @@ -10,6 +10,9 @@ "start": "node .", "test": "mocha", "test:watch": "mocha --watch" + "test": "mocha", + "coverage": "istanbul cover ./node_modules/mocha/bin/_mocha -- ./test/*.js", + "report": "istanbul report" }, "repository": { "type": "git", From 96d3f5b4ac4777ec97e9b496e80ecf3927818c24 Mon Sep 17 00:00:00 2001 From: Sravya1011 <64693313+Sravya1011@users.noreply.github.com> Date: Mon, 6 Mar 2023 17:14:27 +0530 Subject: [PATCH 3/8] Update package.json --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index c0e5beb..06ae399 100644 --- a/package.json +++ b/package.json @@ -9,7 +9,7 @@ "prepush": "npm run test", "start": "node .", "test": "mocha", - "test:watch": "mocha --watch" + "test:watch": "mocha --watch", "test": "mocha", "coverage": "istanbul cover ./node_modules/mocha/bin/_mocha -- ./test/*.js", "report": "istanbul report" From 905e24969679a888ddd2b737e346e6198c063c18 Mon Sep 17 00:00:00 2001 From: Sravya1011 <64693313+Sravya1011@users.noreply.github.com> Date: Mon, 13 Mar 2023 17:28:24 +0530 Subject: [PATCH 4/8] Create test.txt --- test.txt | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 test.txt diff --git a/test.txt b/test.txt new file mode 100644 index 0000000..725c777 --- /dev/null +++ b/test.txt @@ -0,0 +1,8 @@ +const correctPassword = "mysecretpassword223@"; // define the correct password +const enteredPassword = prompt("Enter the password:"); // prompt the user for a password + +if (enteredPassword === correctPassword) { + console.log("Access granted!"); // if the passwords match, print "Access granted!" +} else { + console.log("Access denied!"); // if the passwords don't match, print "Access denied!" +} From 6b3cc37ad76c7da333ea33c4474ed22284e290bb Mon Sep 17 00:00:00 2001 From: Sravya1011 <64693313+Sravya1011@users.noreply.github.com> Date: Mon, 13 Mar 2023 19:18:42 +0530 Subject: [PATCH 5/8] Create vulnerability.txt --- vulnerability.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 vulnerability.txt diff --git a/vulnerability.txt b/vulnerability.txt new file mode 100644 index 0000000..8968097 --- /dev/null +++ b/vulnerability.txt @@ -0,0 +1,4 @@ +function getUserDetails(username) { + const query = "SELECT * FROM users WHERE username = '" + username + "'"; + return executeQuery(query); +} From 0c560f4028f7831986610137eccca8458f635f92 Mon Sep 17 00:00:00 2001 From: Sravya1011 <64693313+Sravya1011@users.noreply.github.com> Date: Mon, 13 Mar 2023 19:28:16 +0530 Subject: [PATCH 6/8] Update vulnerability.txt --- vulnerability.txt | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/vulnerability.txt b/vulnerability.txt index 8968097..07923d8 100644 --- a/vulnerability.txt +++ b/vulnerability.txt @@ -1,4 +1,9 @@ -function getUserDetails(username) { - const query = "SELECT * FROM users WHERE username = '" + username + "'"; - return executeQuery(query); +const secretKey = "mysecretkey"; + +function encryptData(data) { + // This function encrypts the input data using a hardcoded secret key + const cipher = crypto.createCipher('aes192', secretKey); + let encryptedData = cipher.update(data, 'utf8', 'hex'); + encryptedData += cipher.final('hex'); + return encryptedData; } From 08e761654cb008ae0cad9b613014c1483cd9eb20 Mon Sep 17 00:00:00 2001 From: Sravya1011 <64693313+Sravya1011@users.noreply.github.com> Date: Tue, 14 Mar 2023 13:24:19 +0530 Subject: [PATCH 7/8] Create test.js --- src/test.js | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 src/test.js diff --git a/src/test.js b/src/test.js new file mode 100644 index 0000000..820620f --- /dev/null +++ b/src/test.js @@ -0,0 +1,11 @@ +# have vulnerability code + +const secretKey = "mysecretkey"; + +function encryptData(data) { + // This function encrypts the input data using a hardcoded secret key + const cipher = crypto.createCipher('aes192', secretKey); + let encryptedData = cipher.update(data, 'utf8', 'hex'); + encryptedData += cipher.final('hex'); + return encryptedData; +} From 85ecab53b76e7c3fc66c1c5b9d39612105933876 Mon Sep 17 00:00:00 2001 From: Sravya1011 <64693313+Sravya1011@users.noreply.github.com> Date: Tue, 14 Mar 2023 16:17:09 +0530 Subject: [PATCH 8/8] Create test1.js --- test1.js | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 test1.js diff --git a/test1.js b/test1.js new file mode 100644 index 0000000..820620f --- /dev/null +++ b/test1.js @@ -0,0 +1,11 @@ +# have vulnerability code + +const secretKey = "mysecretkey"; + +function encryptData(data) { + // This function encrypts the input data using a hardcoded secret key + const cipher = crypto.createCipher('aes192', secretKey); + let encryptedData = cipher.update(data, 'utf8', 'hex'); + encryptedData += cipher.final('hex'); + return encryptedData; +}