diff --git a/.gitignore b/.gitignore
index bf1d2cf..fcb4224 100644
--- a/.gitignore
+++ b/.gitignore
@@ -28,3 +28,5 @@ nbdist/
/logs/
/work/
/uploadFiles/
+/.scannerwork/
+
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/controller/AbstractController.java b/src/main/java/org/t246osslab/easybuggy4sb/controller/AbstractController.java
index b2791c1..f25b5b4 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/controller/AbstractController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/controller/AbstractController.java
@@ -2,6 +2,7 @@
import java.util.Locale;
+import org.owasp.esapi.ESAPI;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -36,4 +37,26 @@ protected void setViewAndCommonObjects(ModelAndView mav, Locale locale, String v
log.warn("viewName is null");
}
}
+
+ /**
+ * Encode data for use in HTML using HTML entity encoding
+ * Note that this method just call ESAPI.encoder().encodeForHTML(String).
+ *
+ * @param input the text to encode for HTML
+ * @return input encoded for HTML
+ */
+ protected String encodeForHTML(String input) {
+ return ESAPI.encoder().encodeForHTML(input);
+ }
+
+ /**
+ * Encode data for use in LDAP queries.
+ * Note that this method just call ESAPI.encoder().encodeForLDAP((String).
+ *
+ * @param input the text to encode for LDAP
+ * @return input encoded for use in LDAP
+ */
+ protected String encodeForLDAP(String input) {
+ return ESAPI.encoder().encodeForLDAP(input);
+ }
}
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/controller/DefaultLoginController.java b/src/main/java/org/t246osslab/easybuggy4sb/controller/DefaultLoginController.java
index 7f36bdb..4a1adbe 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/controller/DefaultLoginController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/controller/DefaultLoginController.java
@@ -73,17 +73,7 @@ public ModelAndView doPost(ModelAndView mav, HttpServletRequest req, HttpServlet
res.sendRedirect("/login");
} else if (authUser(userid, password)) {
/* if authentication succeeded, then reset account lock */
- User admin = userLoginHistory.get(userid);
- if (admin == null) {
- User newAdmin = new User();
- newAdmin.setUserId(userid);
- admin = userLoginHistory.putIfAbsent(userid, newAdmin);
- if (admin == null) {
- admin = newAdmin;
- }
- }
- admin.setLoginFailedCount(0);
- admin.setLastLoginFailedTime(null);
+ resetAccountLock(userid);
session.setAttribute("authNMsg", "authenticated");
session.setAttribute("userid", userid);
@@ -97,25 +87,39 @@ public ModelAndView doPost(ModelAndView mav, HttpServletRequest req, HttpServlet
}
} else {
/* account lock count +1 */
- if (userid != null) {
- User admin = userLoginHistory.get(userid);
- if (admin == null) {
- User newAdmin = new User();
- newAdmin.setUserId(userid);
- admin = userLoginHistory.putIfAbsent(userid, newAdmin);
- if (admin == null) {
- admin = newAdmin;
- }
- }
- admin.setLoginFailedCount(admin.getLoginFailedCount() + 1);
- admin.setLastLoginFailedTime(new Date());
- }
+ incrementAccountLockNum(userid);
+
session.setAttribute("authNMsg", "msg.authentication.fail");
return doGet(mav, req, res, locale);
}
return null;
}
+ protected void incrementAccountLockNum(String userid) {
+ User admin = getUser(userid);
+ admin.setLoginFailedCount(admin.getLoginFailedCount() + 1);
+ admin.setLastLoginFailedTime(new Date());
+ }
+
+ protected void resetAccountLock(String userid) {
+ User admin = getUser(userid);
+ admin.setLoginFailedCount(0);
+ admin.setLastLoginFailedTime(null);
+ }
+
+ protected User getUser(String userid) {
+ User admin = userLoginHistory.get(userid);
+ if (admin == null) {
+ User newAdmin = new User();
+ newAdmin.setUserId(userid);
+ admin = userLoginHistory.putIfAbsent(userid, newAdmin);
+ if (admin == null) {
+ admin = newAdmin;
+ }
+ }
+ return admin;
+ }
+
protected boolean isAccountLocked(String userid) {
if (userid == null) {
return false;
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/controller/IndexController.java b/src/main/java/org/t246osslab/easybuggy4sb/controller/IndexController.java
index a07558f..0785496 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/controller/IndexController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/controller/IndexController.java
@@ -10,15 +10,16 @@
@Controller
public class IndexController extends AbstractController {
- boolean isFirstLoad = true;
+
+ private boolean isFirstLoad = true;
@RequestMapping(value = "/")
public ModelAndView init(HttpSession ses, ModelAndView mav, Locale locale) {
ses.removeAttribute("dlpinit");
setViewAndCommonObjects(mav, locale, "index");
mav.addObject("title", "EasyBuggy Boot");
- String permName = null;
- String lblPerm = null;
+ String permName;
+ String lblPerm;
if (System.getProperty("java.version").startsWith("1.7")) {
permName = "PermGen space";
lblPerm = msg.getMessage("label.permgen.space", null, locale);
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/core/utils/MultiPartFileUtils.java b/src/main/java/org/t246osslab/easybuggy4sb/core/utils/MultiPartFileUtils.java
new file mode 100644
index 0000000..36dc2c5
--- /dev/null
+++ b/src/main/java/org/t246osslab/easybuggy4sb/core/utils/MultiPartFileUtils.java
@@ -0,0 +1,49 @@
+package org.t246osslab.easybuggy4sb.core.utils;
+
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.web.multipart.MultipartFile;
+
+/**
+ * Utility class to handle multi part files.
+ */
+public final class MultiPartFileUtils {
+
+ private static final Logger log = LoggerFactory.getLogger(MultiPartFileUtils.class);
+
+ // squid:S1118: Utility classes should not have public constructors
+ private MultiPartFileUtils() {
+ throw new IllegalAccessError("Utility class");
+ }
+
+ /**
+ * Write uploaded file to the given path.
+ *
+ * @param savePath Path to save an uploaded file.
+ * @param filePart A part or form item that was received within a multipart/form-data POST request.
+ * @param fileName The uploaded file name.
+ */
+ public static boolean writeFile(String savePath, MultipartFile filePart, String fileName) throws IOException {
+ boolean isConverted = false;
+ try (OutputStream out = new FileOutputStream(savePath + File.separator + fileName);
+ InputStream in = filePart.getInputStream()) {
+ int read;
+ final byte[] bytes = new byte[1024];
+ while ((read = in.read(bytes)) != -1) {
+ out.write(bytes, 0, read);
+ }
+ } catch (FileNotFoundException e) {
+ // Ignore because file already exists
+ log.debug("Exception occurs: ", e);
+ isConverted = true;
+ }
+ return isConverted;
+ }
+}
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/errors/AssertionErrorController.java b/src/main/java/org/t246osslab/easybuggy4sb/errors/AssertionErrorController.java
index 716917c..85a6cf7 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/errors/AssertionErrorController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/errors/AssertionErrorController.java
@@ -8,6 +8,6 @@ public class AssertionErrorController {
@RequestMapping(value = "/asserr")
public void process() {
- assert 1 >= 2 : "Invalid!";
+ assert false : "Invalid!";
}
}
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/performance/SlowRegularExpressionController.java b/src/main/java/org/t246osslab/easybuggy4sb/performance/SlowRegularExpressionController.java
index f1f3ace..45737dc 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/performance/SlowRegularExpressionController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/performance/SlowRegularExpressionController.java
@@ -18,7 +18,7 @@ public class SlowRegularExpressionController extends AbstractController {
@RequestMapping(value = "/slowre")
public ModelAndView process(@RequestParam(value = "word", required = false) String word, ModelAndView mav,
Locale locale) {
- String message = null;
+ String message;
setViewAndCommonObjects(mav, locale, "slowregex");
if (!StringUtils.isBlank(word)) {
if (isMatched(word)) {
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/performance/StringPlusOperationController.java b/src/main/java/org/t246osslab/easybuggy4sb/performance/StringPlusOperationController.java
index 2defd2a..c95d817 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/performance/StringPlusOperationController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/performance/StringPlusOperationController.java
@@ -5,7 +5,6 @@
import java.util.Locale;
import org.apache.commons.lang3.math.NumberUtils;
-import org.owasp.esapi.ESAPI;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
@@ -66,8 +65,8 @@ private StringBuilder createMainContent(String[] characters, ModelAndView mav, L
}
html.append(msg.getMessage("label.execution.result", null, locale));
html.append("
");
- // message.append(ESAPI.encoder().encodeForHTML(builder.toString()));
- html.append(ESAPI.encoder().encodeForHTML(s));
+ // message.append(encodeForHTML(builder.toString()));
+ html.append(encodeForHTML(s));
} else {
html.append(msg.getMessage("msg.enter.positive.number", null, locale));
}
@@ -78,15 +77,15 @@ private void appendCheckBox(String[] characters, Locale locale, StringBuilder me
String label) {
message.append("" + msg.getMessage(label, null, locale) + "
");
message.append("");
- for (int i = 0; i < allCharacters.length; i++) {
+ for (String allCharacter : allCharacters) {
message.append("");
} else {
message.append("\">");
}
- message.append(allCharacters[i]);
+ message.append(allCharacter);
message.append(" ");
}
message.append("
");
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/troubles/DBConnectionLeakController.java b/src/main/java/org/t246osslab/easybuggy4sb/troubles/DBConnectionLeakController.java
index c0f038a..0186547 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/troubles/DBConnectionLeakController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/troubles/DBConnectionLeakController.java
@@ -54,9 +54,9 @@ public ModelAndView process(ModelAndView mav, Locale locale) {
private List selectUsers() throws SQLException {
List users = new ArrayList<>();
- Connection conn = null;
- Statement stmt = null;
- ResultSet rs = null;
+ Connection conn;
+ Statement stmt;
+ ResultSet rs;
conn = jdbcTemplate.getDataSource().getConnection();
stmt = conn.createStatement();
rs = stmt.executeQuery("select id, name, phone, mail from users where ispublic = 'true'");
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/troubles/EndlessWaitingController.java b/src/main/java/org/t246osslab/easybuggy4sb/troubles/EndlessWaitingController.java
index 1fb2a54..290a0db 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/troubles/EndlessWaitingController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/troubles/EndlessWaitingController.java
@@ -60,8 +60,8 @@ public ModelAndView process(@RequestParam(value = "count", required = false) Str
private File createBatchFile(int count, String tmpdir) {
String osName = System.getProperty("os.name").toLowerCase();
- String batFileName = null;
- String firstLine = null;
+ String batFileName;
+ String firstLine;
if (osName.toLowerCase().startsWith("windows")) {
batFileName = "test.bat";
firstLine = "@echo off";
@@ -70,7 +70,7 @@ private File createBatchFile(int count, String tmpdir) {
firstLine = "#!/bin/sh";
}
- File batFile = null;
+ File batFile;
try {
batFile = new File(tmpdir, batFileName);
} catch (Exception e) {
@@ -78,7 +78,7 @@ private File createBatchFile(int count, String tmpdir) {
return null;
}
try (FileWriter fileWriter = new FileWriter(batFile);
- BufferedWriter buffwriter = new BufferedWriter(fileWriter);) {
+ BufferedWriter buffwriter = new BufferedWriter(fileWriter)) {
if (!batFile.setExecutable(true)) {
log.debug("batFile.setExecutable(true) returns false.");
}
@@ -112,7 +112,7 @@ private String printInputStream(InputStream is) throws IOException {
if (line == null) {
break;
}
- sb.append(line + "
");
+ sb.append(line).append("
");
}
}
return sb.toString();
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/troubles/FileDescriptorLeakController.java b/src/main/java/org/t246osslab/easybuggy4sb/troubles/FileDescriptorLeakController.java
index ce8511c..305c841 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/troubles/FileDescriptorLeakController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/troubles/FileDescriptorLeakController.java
@@ -24,8 +24,7 @@ public class FileDescriptorLeakController extends AbstractController {
private long count = 0;
@RequestMapping(value = "/filedescriptorleak")
- public ModelAndView process(@RequestParam(value = "pingurl", required = false) String pingURL,
- HttpServletRequest req, ModelAndView mav, Locale locale) {
+ public ModelAndView process(HttpServletRequest req, ModelAndView mav, Locale locale) {
setViewAndCommonObjects(mav, locale, "filedescriptorleak");
try {
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/troubles/JVMCrashByEAVController.java b/src/main/java/org/t246osslab/easybuggy4sb/troubles/JVMCrashByEAVController.java
index 5ab6cb6..b65ec08 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/troubles/JVMCrashByEAVController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/troubles/JVMCrashByEAVController.java
@@ -14,7 +14,7 @@
public class JVMCrashByEAVController {
@RequestMapping(value = "/jvmcrasheav")
- public void process(HttpServletRequest req, HttpServletResponse res) {
+ public void process() {
try {
getUnsafe().getByte(0);
} catch (Exception e) {
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/troubles/MojibakeController.java b/src/main/java/org/t246osslab/easybuggy4sb/troubles/MojibakeController.java
index 32c5a99..404a014 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/troubles/MojibakeController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/troubles/MojibakeController.java
@@ -2,11 +2,8 @@
import java.util.Locale;
-import javax.servlet.http.HttpServletRequest;
-
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.text.WordUtils;
-import org.owasp.esapi.ESAPI;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
@@ -18,13 +15,13 @@ public class MojibakeController extends AbstractController {
@RequestMapping(value = "/mojibake")
public ModelAndView process(@RequestParam(value = "string", required = false) String string, ModelAndView mav,
- HttpServletRequest req, Locale locale) {
+ Locale locale) {
setViewAndCommonObjects(mav, locale, "mojibake");
if (!StringUtils.isBlank(string)) {
// Capitalize the given string
String capitalizedName = WordUtils.capitalize(string);
mav.addObject("msg", msg.getMessage("label.capitalized.string", null, locale) + " : "
- + ESAPI.encoder().encodeForHTML(capitalizedName));
+ + encodeForHTML(capitalizedName));
} else {
mav.addObject("msg", msg.getMessage("msg.enter.string", null, locale));
}
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/troubles/NetworkSocketLeakController.java b/src/main/java/org/t246osslab/easybuggy4sb/troubles/NetworkSocketLeakController.java
index d1a2680..07c965f 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/troubles/NetworkSocketLeakController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/troubles/NetworkSocketLeakController.java
@@ -17,8 +17,8 @@ public class NetworkSocketLeakController extends AbstractController {
@RequestMapping(value = "/netsocketleak")
public ModelAndView process(ModelAndView mav, HttpServletRequest req, Locale locale) {
setViewAndCommonObjects(mav, locale, "netsocketleak");
- HttpURLConnection connection = null;
- URL url = null;
+ HttpURLConnection connection;
+ URL url;
String pingURL = req.getParameter("pingurl");
try {
if (pingURL == null) {
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/CSRFController.java b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/CSRFController.java
index 9d2ffed..146f434 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/CSRFController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/CSRFController.java
@@ -11,7 +11,6 @@
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
-import org.owasp.esapi.ESAPI;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.stereotype.Controller;
@@ -48,7 +47,7 @@ protected ModelAndView doPost(ModelAndView mav, HttpServletRequest req, HttpServ
ModificationItem item = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,
new BasicAttribute("userPassword", password));
ldapTemplate.modifyAttributes(
- "uid=" + ESAPI.encoder().encodeForLDAP(userid.trim()) + ",ou=people,dc=t246osslab,dc=org",
+ "uid=" + encodeForLDAP(userid.trim()) + ",ou=people,dc=t246osslab,dc=org",
new ModificationItem[] { item });
} catch (Exception e) {
log.error("Exception occurs: ", e);
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/ClickJackingController.java b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/ClickJackingController.java
index 647f258..6c3421a 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/ClickJackingController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/ClickJackingController.java
@@ -13,7 +13,6 @@
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
-import org.owasp.esapi.ESAPI;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.stereotype.Controller;
@@ -55,7 +54,7 @@ protected ModelAndView doPost(ModelAndView mav, HttpServletRequest req, HttpServ
ModificationItem item = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,
new BasicAttribute("mail", mail));
ldapTemplate.modifyAttributes(
- "uid=" + ESAPI.encoder().encodeForLDAP(userid.trim()) + ",ou=people,dc=t246osslab,dc=org",
+ "uid=" + encodeForLDAP(userid.trim()) + ",ou=people,dc=t246osslab,dc=org",
new ModificationItem[] { item });
mav.addObject("mail", mail);
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/MailHeaderInjectionController.java b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/MailHeaderInjectionController.java
index 79d141a..a215563 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/MailHeaderInjectionController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/MailHeaderInjectionController.java
@@ -13,7 +13,6 @@
import javax.mail.internet.MimeMessage;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.Part;
import org.apache.commons.lang.StringUtils;
@@ -49,7 +48,7 @@ public class MailHeaderInjectionController extends AbstractController {
private JavaMailSender javaMailSender;
@RequestMapping(value = "/mailheaderijct", method = RequestMethod.GET)
- public ModelAndView doGet(ModelAndView mav, HttpServletRequest req, HttpServletResponse res, Locale locale) {
+ public ModelAndView doGet(ModelAndView mav, Locale locale) {
setViewAndCommonObjects(mav, locale, "mailheaderinjection");
if (isReadyToSendEmail()) {
mav.addObject("isReady", "yes");
@@ -60,7 +59,7 @@ public ModelAndView doGet(ModelAndView mav, HttpServletRequest req, HttpServletR
}
@RequestMapping(value = "/mailheaderijct", method = RequestMethod.POST)
- public ModelAndView doPost(ModelAndView mav, HttpServletRequest req, HttpServletResponse res, Locale locale)
+ public ModelAndView doPost(ModelAndView mav, HttpServletRequest req, Locale locale)
throws IOException, ServletException {
setViewAndCommonObjects(mav, locale, "mailheaderinjection");
@@ -72,7 +71,7 @@ public ModelAndView doPost(ModelAndView mav, HttpServletRequest req, HttpServlet
String content = req.getParameter("content");
if (StringUtils.isBlank(subject) || StringUtils.isBlank(content)) {
mav.addObject("errmsg", msg.getMessage("msg.mail.is.empty", null, locale));
- return doGet(mav, req, res, locale);
+ return doGet(mav, locale);
}
StringBuilder sb = new StringBuilder();
sb.append(msg.getMessage("label.name", null, locale)).append(": ").append(name).append("
");
@@ -88,7 +87,7 @@ public ModelAndView doPost(ModelAndView mav, HttpServletRequest req, HttpServlet
} finally {
deleteUploadFiles(uploadedFiles);
}
- return doGet(mav, req, res, locale);
+ return doGet(mav, locale);
}
private boolean isReadyToSendEmail() {
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/OpenRedirectController.java b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/OpenRedirectController.java
index 05a8fe7..30a3e43 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/OpenRedirectController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/OpenRedirectController.java
@@ -1,7 +1,6 @@
package org.t246osslab.easybuggy4sb.vulnerabilities;
import java.io.IOException;
-import java.util.Date;
import java.util.Locale;
import javax.servlet.http.HttpServletRequest;
@@ -13,7 +12,6 @@
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
import org.t246osslab.easybuggy4sb.controller.DefaultLoginController;
-import org.t246osslab.easybuggy4sb.core.model.User;
@Controller
public class OpenRedirectController extends DefaultLoginController {
@@ -45,17 +43,7 @@ public ModelAndView doPost(ModelAndView mav, HttpServletRequest req, HttpServlet
res.sendRedirect("/openredirect/login" + loginQueryString);
} else if (authUser(userid, password)) {
/* if authentication succeeded, then reset account lock */
- User admin = userLoginHistory.get(userid);
- if (admin == null) {
- User newAdmin = new User();
- newAdmin.setUserId(userid);
- admin = userLoginHistory.putIfAbsent(userid, newAdmin);
- if (admin == null) {
- admin = newAdmin;
- }
- }
- admin.setLoginFailedCount(0);
- admin.setLastLoginFailedTime(null);
+ resetAccountLock(userid);
session.setAttribute("authNMsg", "authenticated");
session.setAttribute("userid", userid);
@@ -74,19 +62,7 @@ public ModelAndView doPost(ModelAndView mav, HttpServletRequest req, HttpServlet
}
} else {
/* account lock count +1 */
- if (userid != null) {
- User admin = userLoginHistory.get(userid);
- if (admin == null) {
- User newAdmin = new User();
- newAdmin.setUserId(userid);
- admin = userLoginHistory.putIfAbsent(userid, newAdmin);
- if (admin == null) {
- admin = newAdmin;
- }
- }
- admin.setLoginFailedCount(admin.getLoginFailedCount() + 1);
- admin.setLastLoginFailedTime(new Date());
- }
+ incrementAccountLockNum(userid);
session.setAttribute("authNMsg", "msg.authentication.fail");
res.sendRedirect("/openredirect/login" + loginQueryString);
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/UnintendedFileDisclosureController.java b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/UnintendedFileDisclosureController.java
index cbbb7eb..08927c7 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/UnintendedFileDisclosureController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/UnintendedFileDisclosureController.java
@@ -4,7 +4,6 @@
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
import org.t246osslab.easybuggy4sb.controller.AbstractController;
@@ -12,14 +11,13 @@
public class UnintendedFileDisclosureController extends AbstractController {
@RequestMapping(value = "/clientinfo")
- public ModelAndView process(ModelAndView mav, Locale locale) {
+ public ModelAndView clientinfo(ModelAndView mav, Locale locale) {
setViewAndCommonObjects(mav, locale, "clientinfo");
return mav;
}
@RequestMapping(value = "/serverinfo")
- public ModelAndView process(@RequestParam(value = "string", required = false) String string, ModelAndView mav,
- Locale locale) {
+ public ModelAndView serverinfo(ModelAndView mav, Locale locale) {
setViewAndCommonObjects(mav, locale, "serverinfo");
mav.addObject("properties", System.getProperties());
return mav;
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/UnrestrictedExtensionUploadController.java b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/UnrestrictedExtensionUploadController.java
index 6707b2c..69c55cf 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/UnrestrictedExtensionUploadController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/UnrestrictedExtensionUploadController.java
@@ -2,16 +2,11 @@
import java.awt.image.BufferedImage;
import java.io.File;
-import java.io.FileNotFoundException;
-import java.io.FileOutputStream;
import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
import java.util.Locale;
import javax.imageio.ImageIO;
import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.springframework.stereotype.Controller;
@@ -21,6 +16,7 @@
import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.servlet.ModelAndView;
import org.t246osslab.easybuggy4sb.controller.AbstractController;
+import org.t246osslab.easybuggy4sb.core.utils.MultiPartFileUtils;
@Controller
public class UnrestrictedExtensionUploadController extends AbstractController {
@@ -29,7 +25,7 @@ public class UnrestrictedExtensionUploadController extends AbstractController {
private static final String SAVE_DIR = "uploadFiles";
@RequestMapping(value = "/ureupload", method = RequestMethod.GET)
- public ModelAndView doGet(ModelAndView mav, HttpServletRequest req, HttpServletResponse res, Locale locale) {
+ public ModelAndView doGet(ModelAndView mav, HttpServletRequest req, Locale locale) {
setViewAndCommonObjects(mav, locale, "unrestrictedextupload");
if (req.getAttribute("errorMessage") != null) {
mav.addObject("errmsg", req.getAttribute("errorMessage"));
@@ -38,10 +34,10 @@ public ModelAndView doGet(ModelAndView mav, HttpServletRequest req, HttpServletR
}
@RequestMapping(value = "/ureupload", headers=("content-type=multipart/*"), method = RequestMethod.POST)
- public ModelAndView doPost(@RequestParam("file") MultipartFile file, ModelAndView mav, HttpServletRequest req, HttpServletResponse res, Locale locale) throws IOException {
+ public ModelAndView doPost(@RequestParam("file") MultipartFile file, ModelAndView mav, HttpServletRequest req, Locale locale) throws IOException {
if (req.getAttribute("errorMessage") != null) {
- return doGet(mav, req, res, locale);
+ return doGet(mav, req, locale);
}
setViewAndCommonObjects(mav, locale, "unrestrictedextupload");
@@ -58,9 +54,9 @@ public ModelAndView doPost(@RequestParam("file") MultipartFile file, ModelAndVie
String fileName = file.getOriginalFilename();
if (StringUtils.isBlank(fileName)) {
- return doGet(mav, req, res, locale);
+ return doGet(mav, req, locale);
}
- boolean isConverted = writeFile(savePath, file, fileName);
+ boolean isConverted = MultiPartFileUtils.writeFile(savePath, file, fileName);
if (!isConverted) {
isConverted = convert2GrayScale(new File(savePath + File.separator + fileName).getAbsolutePath());
@@ -76,22 +72,6 @@ public ModelAndView doPost(@RequestParam("file") MultipartFile file, ModelAndVie
return mav;
}
- private boolean writeFile(String savePath, MultipartFile filePart, String fileName) throws IOException {
- boolean isConverted = false;
- try (OutputStream out = new FileOutputStream(savePath + File.separator + fileName);
- InputStream in = filePart.getInputStream();) {
- int read = 0;
- final byte[] bytes = new byte[1024];
- while ((read = in.read(bytes)) != -1) {
- out.write(bytes, 0, read);
- }
- } catch (FileNotFoundException e) {
- // Ignore because file already exists
- isConverted = true;
- }
- return isConverted;
- }
-
// Convert color image into gray scale image.
private boolean convert2GrayScale(String fileName) throws IOException {
boolean isConverted = false;
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/UnrestrictedSizeUploadController.java b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/UnrestrictedSizeUploadController.java
index 418b670..aa7f0c9 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/UnrestrictedSizeUploadController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/UnrestrictedSizeUploadController.java
@@ -3,17 +3,12 @@
import java.awt.image.BufferedImage;
import java.awt.image.WritableRaster;
import java.io.File;
-import java.io.FileNotFoundException;
-import java.io.FileOutputStream;
import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
import java.util.Arrays;
import java.util.Locale;
import javax.imageio.ImageIO;
import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.FilenameUtils;
import org.apache.commons.lang.StringUtils;
@@ -24,6 +19,7 @@
import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.servlet.ModelAndView;
import org.t246osslab.easybuggy4sb.controller.AbstractController;
+import org.t246osslab.easybuggy4sb.core.utils.MultiPartFileUtils;
@Controller
public class UnrestrictedSizeUploadController extends AbstractController {
@@ -32,13 +28,13 @@ public class UnrestrictedSizeUploadController extends AbstractController {
private static final String SAVE_DIR = "uploadFiles";
@RequestMapping(value = "/ursupload", method = RequestMethod.GET)
- public ModelAndView doGet(ModelAndView mav, HttpServletRequest req, HttpServletResponse res, Locale locale) {
+ public ModelAndView doGet(ModelAndView mav, Locale locale) {
setViewAndCommonObjects(mav, locale, "unrestrictedsizeupload");
return mav;
}
@RequestMapping(value = "/ursupload", headers=("content-type=multipart/*"), method = RequestMethod.POST)
- public ModelAndView doPost(@RequestParam("file") MultipartFile file, ModelAndView mav, HttpServletRequest req, HttpServletResponse res, Locale locale) throws IOException {
+ public ModelAndView doPost(@RequestParam("file") MultipartFile file, ModelAndView mav, HttpServletRequest req, Locale locale) throws IOException {
setViewAndCommonObjects(mav, locale, "unrestrictedsizeupload");
// Get absolute path of the web application
@@ -53,12 +49,12 @@ public ModelAndView doPost(@RequestParam("file") MultipartFile file, ModelAndVie
String fileName = file.getOriginalFilename();
if (StringUtils.isBlank(fileName)) {
- return doGet(mav, req, res, locale);
+ return doGet(mav, locale);
} else if (!isImageFile(fileName)) {
mav.addObject("errmsg", msg.getMessage("msg.not.image.file", null, locale));
- return doGet(mav, req, res, locale);
+ return doGet(mav, locale);
}
- boolean isConverted = writeFile(savePath, file, fileName);
+ boolean isConverted = MultiPartFileUtils.writeFile(savePath, file, fileName);
if (!isConverted) {
isConverted = reverseColor(new File(savePath + File.separator + fileName).getAbsolutePath());
@@ -74,22 +70,6 @@ public ModelAndView doPost(@RequestParam("file") MultipartFile file, ModelAndVie
return mav;
}
- private boolean writeFile(String savePath, MultipartFile filePart, String fileName) throws IOException {
- boolean isConverted = false;
- try (OutputStream out = new FileOutputStream(savePath + File.separator + fileName);
- InputStream in = filePart.getInputStream();) {
- int read = 0;
- final byte[] bytes = new byte[1024];
- while ((read = in.read(bytes)) != -1) {
- out.write(bytes, 0, read);
- }
- } catch (FileNotFoundException e) {
- // Ignore because file already exists
- isConverted = true;
- }
- return isConverted;
- }
-
private boolean isImageFile(String fileName) {
return Arrays.asList("png", "gif", "jpg", "jpeg", "tif", "tiff", "bmp").contains(
FilenameUtils.getExtension(fileName));
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/VerboseErrorMessageController.java b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/VerboseErrorMessageController.java
index b56d930..83efd84 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/VerboseErrorMessageController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/VerboseErrorMessageController.java
@@ -1,7 +1,6 @@
package org.t246osslab.easybuggy4sb.vulnerabilities;
import java.io.IOException;
-import java.util.Date;
import java.util.Locale;
import javax.servlet.http.HttpServletRequest;
@@ -49,17 +48,7 @@ public ModelAndView doPost(ModelAndView mav, HttpServletRequest req, HttpServlet
return doGet(mav, req, res, locale);
} else if (authUser(userid, password)) {
/* if authentication succeeded, then reset account lock */
- User admin = userLoginHistory.get(userid);
- if (admin == null) {
- User newAdmin = new User();
- newAdmin.setUserId(userid);
- admin = userLoginHistory.putIfAbsent(userid, newAdmin);
- if (admin == null) {
- admin = newAdmin;
- }
- }
- admin.setLoginFailedCount(0);
- admin.setLastLoginFailedTime(null);
+ resetAccountLock(userid);
session.setAttribute("authNMsg", "authenticated");
session.setAttribute("userid", userid);
@@ -73,19 +62,7 @@ public ModelAndView doPost(ModelAndView mav, HttpServletRequest req, HttpServlet
}
} else {
/* account lock count +1 */
- if (userid != null) {
- User admin = userLoginHistory.get(userid);
- if (admin == null) {
- User newAdmin = new User();
- newAdmin.setUserId(userid);
- admin = userLoginHistory.putIfAbsent(userid, newAdmin);
- if (admin == null) {
- admin = newAdmin;
- }
- }
- admin.setLoginFailedCount(admin.getLoginFailedCount() + 1);
- admin.setLastLoginFailedTime(new Date());
- }
+ incrementAccountLockNum(userid);
session.setAttribute("authNMsg", "msg.password.not.match");
return doGet(mav, req, res, locale);
diff --git a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/XEEandXXEController.java b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/XEEandXXEController.java
index c6dd0ea..ea24856 100644
--- a/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/XEEandXXEController.java
+++ b/src/main/java/org/t246osslab/easybuggy4sb/vulnerabilities/XEEandXXEController.java
@@ -1,16 +1,11 @@
package org.t246osslab.easybuggy4sb.vulnerabilities;
import java.io.File;
-import java.io.FileNotFoundException;
-import java.io.FileOutputStream;
import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Locale;
import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
import javax.xml.XMLConstants;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.parsers.SAXParser;
@@ -32,6 +27,7 @@
import org.springframework.web.servlet.ModelAndView;
import org.t246osslab.easybuggy4sb.controller.AbstractController;
import org.t246osslab.easybuggy4sb.core.model.User;
+import org.t246osslab.easybuggy4sb.core.utils.MultiPartFileUtils;
import org.xml.sax.Attributes;
import org.xml.sax.SAXException;
import org.xml.sax.helpers.DefaultHandler;
@@ -46,7 +42,7 @@ public class XEEandXXEController extends AbstractController {
JdbcTemplate jdbcTemplate;
@RequestMapping(value = { "/xee", "/xxe" }, method = RequestMethod.GET)
- public ModelAndView doGet(ModelAndView mav, HttpServletRequest req, HttpServletResponse res, Locale locale)
+ public ModelAndView doGet(ModelAndView mav, HttpServletRequest req, Locale locale)
throws IOException {
Resource resource = new ClassPathResource("/xml/sample_users.xml");
@@ -70,10 +66,10 @@ public ModelAndView doGet(ModelAndView mav, HttpServletRequest req, HttpServletR
@RequestMapping(value = { "/xee", "/xxe" }, headers=("content-type=multipart/*"), method = RequestMethod.POST)
public ModelAndView doPost(@RequestParam("file") MultipartFile file, ModelAndView mav, HttpServletRequest req,
- HttpServletResponse res, Locale locale) throws IOException {
+ Locale locale) throws IOException {
if (req.getAttribute("errorMessage") != null) {
- return doGet(mav, req, res, locale);
+ return doGet(mav, req, locale);
}
// Get absolute path of the web application
@@ -88,12 +84,12 @@ public ModelAndView doPost(@RequestParam("file") MultipartFile file, ModelAndVie
String fileName = file.getOriginalFilename();
if (StringUtils.isBlank(fileName)) {
- return doGet(mav, req, res, locale);
+ return doGet(mav, req, locale);
} else if (!fileName.endsWith(".xml")) {
mav.addObject("errmsg", msg.getMessage("msg.not.xml.file", null, locale));
- return doGet(mav, req, res, locale);
+ return doGet(mav, req, locale);
}
- boolean isRegistered = writeFile(savePath, file, fileName);
+ boolean isRegistered = MultiPartFileUtils.writeFile(savePath, file, fileName);
CustomHandler customHandler = new CustomHandler();
customHandler.setLocale(locale);
@@ -133,26 +129,13 @@ public ModelAndView doPost(@RequestParam("file") MultipartFile file, ModelAndVie
}
setViewAndCommonObjects(mav, locale, "xxe");
}
- mav.addObject("resultList", customHandler.getResult());
+ if (customHandler.getResult() != null && customHandler.getResult().size() > 0) {
+ mav.addObject("resultList", customHandler.getResult());
+ mav.addObject("note", null);
+ }
return mav;
}
- private boolean writeFile(String savePath, MultipartFile filePart, String fileName) throws IOException {
- boolean isRegistered = false;
- try (OutputStream out = new FileOutputStream(savePath + File.separator + fileName);
- InputStream in = filePart.getInputStream()) {
- int read = 0;
- final byte[] bytes = new byte[1024];
- while ((read = in.read(bytes)) != -1) {
- out.write(bytes, 0, read);
- }
- } catch (FileNotFoundException e) {
- // Ignore because file already exists
- isRegistered = true;
- }
- return isRegistered;
- }
-
public class CustomHandler extends DefaultHandler {
ArrayList