Skip to content

Commit

Permalink
UI changes for Command Injection
Browse files Browse the repository at this point in the history
  • Loading branch information
@preetkaran20
preetkaran20 committed Aug 1, 2020
1 parent bced3c5 commit 5de1c2b
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 21 deletions.
28 changes: 17 additions & 11 deletions src/main/java/org/sasanlabs/service/vulnerability/commandInjection/CommandInjection.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,11 +79,12 @@ public ResponseBean<GenericVulnerabilityResponseBean<String>> getVulnerablePaylo

@AttackVector(
vulnerabilityExposed = VulnerabilitySubType.COMMAND_INJECTION,
description = "COMMAND_INJECTION_URL_PARAM_DIRECTLY_EXECUTED_IF_SEMICOLON_SPACE_LOGICAL_AND_NOT_PRESENT")
description =
"COMMAND_INJECTION_URL_PARAM_DIRECTLY_EXECUTED_IF_SEMICOLON_SPACE_LOGICAL_AND_NOT_PRESENT")
@VulnerabilityLevel(
value = LevelEnum.LEVEL_2,
descriptionLabel = "COMMAND_INJECTION_URL_CONTAINING_IPADDRESS",
htmlTemplate = "LEVEL_1/CI_Level1",
htmlTemplate = "LEVEL_1/CI_Level1",
parameterName = IP_ADDRESS,
sampleValues = {"localhost"})
public ResponseBean<GenericVulnerabilityResponseBean<String>> getVulnerablePayloadLevel2(
Expand All @@ -103,11 +104,12 @@ public ResponseBean<GenericVulnerabilityResponseBean<String>> getVulnerablePaylo
// Case Insensitive
@AttackVector(
vulnerabilityExposed = VulnerabilitySubType.COMMAND_INJECTION,
description = "COMMAND_INJECTION_URL_PARAM_DIRECTLY_EXECUTED_IF_SEMICOLON_SPACE_LOGICAL_AND_%26_%3B_NOT_PRESENT")
description =
"COMMAND_INJECTION_URL_PARAM_DIRECTLY_EXECUTED_IF_SEMICOLON_SPACE_LOGICAL_AND_%26_%3B_NOT_PRESENT")
@VulnerabilityLevel(
value = LevelEnum.LEVEL_3,
descriptionLabel = "COMMAND_INJECTION_URL_CONTAINING_IPADDRESS",
htmlTemplate = "LEVEL_1/CI_Level1",
htmlTemplate = "LEVEL_1/CI_Level1",
parameterName = IP_ADDRESS,
sampleValues = {"localhost"})
public ResponseBean<GenericVulnerabilityResponseBean<String>> getVulnerablePayloadLevel3(
Expand All @@ -130,11 +132,12 @@ public ResponseBean<GenericVulnerabilityResponseBean<String>> getVulnerablePaylo
// http://localhost:9090/vulnerable/CommandInjectionVulnerability/LEVEL_3?ipaddress=192.168.0.1%20%7c%20cat%20/etc/passwd
@AttackVector(
vulnerabilityExposed = VulnerabilitySubType.COMMAND_INJECTION,
description = "COMMAND_INJECTION_URL_PARAM_DIRECTLY_EXECUTED_IF_SEMICOLON_SPACE_LOGICAL_AND_%26_%3B_CASE_INSENSITIVE_NOT_PRESENT")
description =
"COMMAND_INJECTION_URL_PARAM_DIRECTLY_EXECUTED_IF_SEMICOLON_SPACE_LOGICAL_AND_%26_%3B_CASE_INSENSITIVE_NOT_PRESENT")
@VulnerabilityLevel(
value = LevelEnum.LEVEL_4,
descriptionLabel = "COMMAND_INJECTION_URL_CONTAINING_IPADDRESS",
htmlTemplate = "LEVEL_1/CI_Level1",
htmlTemplate = "LEVEL_1/CI_Level1",
parameterName = IP_ADDRESS,
sampleValues = {"localhost"})
public ResponseBean<GenericVulnerabilityResponseBean<String>> getVulnerablePayloadLevel4(
Expand All @@ -155,11 +158,12 @@ public ResponseBean<GenericVulnerabilityResponseBean<String>> getVulnerablePaylo

@AttackVector(
vulnerabilityExposed = VulnerabilitySubType.COMMAND_INJECTION,
description = "COMMAND_INJECTION_URL_PARAM_DIRECTLY_EXECUTED_IF_SEMICOLON_SPACE_LOGICAL_AND_%26_%3B_%7C_CASE_INSENSITIVE_NOT_PRESENT")
description =
"COMMAND_INJECTION_URL_PARAM_DIRECTLY_EXECUTED_IF_SEMICOLON_SPACE_LOGICAL_AND_%26_%3B_%7C_CASE_INSENSITIVE_NOT_PRESENT")
@VulnerabilityLevel(
value = LevelEnum.LEVEL_5,
descriptionLabel = "COMMAND_INJECTION_URL_CONTAINING_IPADDRESS",
htmlTemplate = "LEVEL_1/CI_Level1",
htmlTemplate = "LEVEL_1/CI_Level1",
parameterName = IP_ADDRESS,
sampleValues = {"localhost"})
public ResponseBean<GenericVulnerabilityResponseBean<String>> getVulnerablePayloadLevel5(
Expand All @@ -182,7 +186,7 @@ public ResponseBean<GenericVulnerabilityResponseBean<String>> getVulnerablePaylo
@VulnerabilityLevel(
value = LevelEnum.LEVEL_6,
descriptionLabel = "COMMAND_INJECTION_URL_CONTAINING_IPADDRESS",
htmlTemplate = "LEVEL_1/CI_Level1",
htmlTemplate = "LEVEL_1/CI_Level1",
parameterName = IP_ADDRESS,
sampleValues = {"localhost"})
public ResponseBean<GenericVulnerabilityResponseBean<String>> getVulnerablePayloadLevel6(
Expand All @@ -195,8 +199,10 @@ public ResponseBean<GenericVulnerabilityResponseBean<String>> getVulnerablePaylo
() ->
ipAddress != null
&& (IP_ADDRESS_PATTERN
.matcher(ipAddress)
.matches() || ipAddress.contentEquals("localhost")))
.matcher(ipAddress)
.matches()
|| ipAddress.contentEquals(
"localhost")))
.toString(),
true));
}
Expand Down
18 changes: 8 additions & 10 deletions src/main/resources/static/templates/CommandInjection/LEVEL_1/CI_Level1.js
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,12 @@
function addingEventListenerToPingButton() {
document
.getElementById("pingBtn")
.addEventListener("click", function() {
let url = getUrlForVulnerabilityLevel();
doGetAjaxCall(
pingUtilityCallback,
url + "?ipaddress=" + document.getElementById("ipaddress").value,
true
);
});
document.getElementById("pingBtn").addEventListener("click", function() {
let url = getUrlForVulnerabilityLevel();
doGetAjaxCall(
pingUtilityCallback,
url + "?ipaddress=" + document.getElementById("ipaddress").value,
true
);
});
}
addingEventListenerToPingButton();

Expand Down

0 comments on commit 5de1c2b

Please sign in to comment.