Skip to content

Commit

Permalink
Add test for PathTraversal class
Browse files Browse the repository at this point in the history
  • Loading branch information
Richard Sirovic committed Nov 22, 2023
1 parent cd5f33b commit b5f8a61
Showing 1 changed file with 306 additions and 0 deletions.
306 changes: 306 additions & 0 deletions src/test/java/org/sasanlabs/service/vulnerability/pathTraversal/PathTraversalTest.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,306 @@
package org.sasanlabs.service.vulnerability.pathTraversal;

import org.junit.jupiter.api.Test;
import org.mockito.InjectMocks;
import org.sasanlabs.service.vulnerability.bean.GenericVulnerabilityResponseBean;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.http.RequestEntity;


import java.net.URI;
import java.net.URISyntaxException;
import java.util.HashMap;
import java.util.Map;

import static org.junit.jupiter.api.Assertions.*;


class PathTraversalVulnerabilityTest {
@InjectMocks
private PathTraversalVulnerability pathTraversalVulnerability = new PathTraversalVulnerability();
@Test
void testGetVulnerablePayloadLevel1WithNullFileName() {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", null);
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel1(queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
assertNotNull(response.getBody());
assertFalse(response.getBody().getIsValid());
assertNull(response.getBody().getContent());
}
@Test
void testGetVulnerablePayloadLevel1() {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", "UserInfo.json");
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel1(queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
}
@Test
void testGetVulnerablePayloadLevel2WithNullFileName() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", null);
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel2(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
assertNotNull(response.getBody());
assertFalse(response.getBody().getIsValid());
assertNull(response.getBody().getContent());
}
@Test
void testGetVulnerablePayloadLevel2() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", "UserInfo.json");
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel2(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
}
@Test
void testGetVulnerablePayloadLevel3WithNullFileName() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", null);
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel3(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
assertNotNull(response.getBody());
assertFalse(response.getBody().getIsValid());
assertNull(response.getBody().getContent());
}

@Test
void testGetVulnerablePayloadLevel3() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", "UserInfo.json");
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel3(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
}
@Test
void testGetVulnerablePayloadLevel4WithNullFileName() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", null);
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel4(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
assertNotNull(response.getBody());
assertFalse(response.getBody().getIsValid());
assertNull(response.getBody().getContent());
}
@Test
void testGetVulnerablePayloadLevel4() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", "UserInfo.json");
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel4(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
}
@Test
void testGetVulnerablePayloadLevel5WithNullFileName() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", null);
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel5(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
assertNotNull(response.getBody());
assertFalse(response.getBody().getIsValid());
assertNull(response.getBody().getContent());
}
@Test
void testGetVulnerablePayloadLevel5() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", "UserInfo.json");
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel5(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
}
@Test
void testGetVulnerablePayloadLevel6WithNullFileName() {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", null);
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel6(queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
assertNotNull(response.getBody());
assertFalse(response.getBody().getIsValid());
assertNull(response.getBody().getContent());
}
@Test
void testGetVulnerablePayloadLevel6() {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", "UserInfo.json");
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel6(queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
}
@Test
void testGetVulnerablePayloadLevel7WithNullFileName() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", null);
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel7(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
assertNotNull(response.getBody());
assertFalse(response.getBody().getIsValid());
assertNull(response.getBody().getContent());
}
@Test
void testGetVulnerablePayloadLevel7() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", "UserInfo.json");
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel7(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
}
@Test
void testGetVulnerablePayloadLevel8WithNullFileName() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", null);
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel8(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
assertNotNull(response.getBody());
assertFalse(response.getBody().getIsValid());
assertNull(response.getBody().getContent());
}
@Test
void testGetVulnerablePayloadLevel8() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", "UserInfo.json");
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel8(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
}
@Test
void testGetVulnerablePayloadLevel9WithNullFileName() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", null);
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel9(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
assertNotNull(response.getBody());
assertFalse(response.getBody().getIsValid());
assertNull(response.getBody().getContent());
}
@Test
void testGetVulnerablePayloadLevel9() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", "UserInfo.json");
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel9(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
}
@Test
void testGetVulnerablePayloadLevel10WithNullFileName() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", null);
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel10(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
assertNotNull(response.getBody());
assertFalse(response.getBody().getIsValid());
assertNull(response.getBody().getContent());
}
@Test
void testGetVulnerablePayloadLevel10() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", "UserInfo.json");
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel10(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
}
@Test
void testGetVulnerablePayloadLevel11WithNullFileName() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", null);
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel11(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
assertNotNull(response.getBody());
assertFalse(response.getBody().getIsValid());
assertNull(response.getBody().getContent());
}
@Test
void testGetVulnerablePayloadLevel11() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", "UserInfo.json");
RequestEntity<String> requestEntity =
new RequestEntity<>(
HttpMethod.GET, new URI("localhost"));
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel11(requestEntity,queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
}
@Test
void testGetVulnerablePayloadLevel12WithNullFileName() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", null);
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel12(queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
assertNotNull(response.getBody());
assertFalse(response.getBody().getIsValid());
assertNull(response.getBody().getContent());
}
@Test
void testGetVulnerablePayloadLevel12() throws URISyntaxException {
Map<String, String> queryParams = new HashMap<>();
queryParams.put("fileName", "UserInfo.json");
ResponseEntity<GenericVulnerabilityResponseBean<String>> response =
pathTraversalVulnerability.getVulnerablePayloadLevel12(queryParams);
assertEquals(HttpStatus.OK, response.getStatusCode());
}
}

0 comments on commit b5f8a61

Please sign in to comment.