Skip to content

Commit fea1a5b

Browse files
author
owen-jones-diffblue
authored
Merge pull request diffblue#558 from diffblue/owen-jones-diffblue/vulnerable-components-lesson
SEC-598: Make vulnerable components lesson work
2 parents f7f8aa5 + ef098ee commit fea1a5b

File tree

2 files changed

+44
-1
lines changed

2 files changed

+44
-1
lines changed

benchmarks/GENUINE/WebGoat.sh

Lines changed: 20 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,8 @@ fi
88
# Two sets of lessons which work depending on which rules file to use
99
LESSONS_WHICH_WORK_SQL='SqlInjectionLesson5a SqlInjectionLesson5b SqlInjectionLesson6a SqlInjectionLesson12a SqlInjectionChallenge Assignment5 Assignment6 SimpleXXE BlindSendFileAssignment'
1010
LESSONS_WHICH_WORK_XSS='CrossSiteScriptingLesson5a'
11-
LESSONS_WHICH_DO_NOT_WORK='Assignment3 ContentTypeAssignment VulnerableComponentsLesson MissingFunctionACUsers'
11+
LESSONS_WHICH_WORK_IDES='VulnerableComponentsLesson'
12+
LESSONS_WHICH_DO_NOT_WORK='Assignment3 ContentTypeAssignment MissingFunctionACUsers'
1213

1314
# Stop script if a command does not succeed
1415
set -e
@@ -90,3 +91,21 @@ do
9091
mv ${OUTPUT_DIR}/WebGoat/${LESSON}/results/* ${OUTPUT_DIR}/WebGoat/results
9192
rm -rf ${OUTPUT_DIR}/WebGoat/${LESSON}
9293
done
94+
95+
for LESSON in $LESSONS_WHICH_WORK_IDES
96+
do
97+
python3 $SCRIPT_DIR/../../driver/run.py \
98+
-C $SCRIPT_DIR/WebGoatRulesIDES.json \
99+
-I $DEPLOY_DIR \
100+
-L $DEPLOY_DIR \
101+
-R $OUTPUT_DIR/WebGoat/${LESSON}/results \
102+
-T $OUTPUT_DIR/WebGoat/${LESSON}/temp \
103+
--name WebGoat \
104+
--use-models-library \
105+
--timeout 10000000 --verbosity 9 --rebuild \
106+
--do-not-use-precise-access-paths \
107+
--entry-point Main.$LESSON
108+
109+
mv ${OUTPUT_DIR}/WebGoat/${LESSON}/results/* ${OUTPUT_DIR}/WebGoat/results
110+
rm -rf ${OUTPUT_DIR}/WebGoat/${LESSON}
111+
done

benchmarks/GENUINE/WebGoatRulesIDES.json

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
{
2+
"namespace": "com.diffblue.security",
3+
"rules":
4+
[
5+
{
6+
"comment": "Incoming accountName is potentially dangerous.",
7+
"class": "Main",
8+
"method": "makeTainted:(Ljava/lang/String;)Ljava/lang/String;",
9+
"result": {
10+
"location": "returns",
11+
"taint": "Tainted XML string"
12+
}
13+
},
14+
{
15+
"comment": "A tainted XML string is insecurely deserialised.",
16+
"class": "com.thoughtworks.xstream.XStream",
17+
"method": "fromXML:(Ljava/lang/String;)Ljava/lang/Object;",
18+
"sinkTarget": {
19+
"location": "arg1",
20+
"taint": "Tainted XML string"
21+
}
22+
}
23+
]
24+
}

0 commit comments

Comments
 (0)