Skip to content

Commit

Permalink
Cleanup
Browse files Browse the repository at this point in the history
  • Loading branch information
@000panther
000panther committed Sep 12, 2023
1 parent d3b8f30 commit d7ba0a5
Showing 1 changed file with 4 additions and 107 deletions.
111 changes: 4 additions & 107 deletions ...sasanlabs/service/vulnerability/sqlInjection/UnionBasedSQLInjectionVulnerabilityTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ void getCarInformationLevel1_ExpectParamInjected() throws IOException {
@Test
void getCarInformationLevel2_ExpectParamInjected() throws IOException {
// Act
Map<String, String> params = new HashMap();
final Map<String, String> params = new HashMap<>();
params.put("id", "1' UNION SELECT * FROM cars; --");
unionBasedSQLInjectionVulnerability.getCarInformationLevel2(params);

Expand All @@ -56,7 +56,7 @@ void getCarInformationLevel2_ExpectParamInjected() throws IOException {
@Test
void getCarInformationLevel3_ExpectParamEscaped() throws IOException {
// Act
Map<String, String> params = new HashMap();
final Map<String, String> params = new HashMap<>();
params.put("id", "1' UNION SELECT * FROM cars; --");
unionBasedSQLInjectionVulnerability.getCarInformationLevel3(params);

Expand All @@ -66,125 +66,22 @@ void getCarInformationLevel3_ExpectParamEscaped() throws IOException {
}

@Test
void getCarInformationLevel4_ExpectParamEscaped() throws IOException {
void getCarInformationLevel4_ExpecParamEscaped() throws IOException {
// Setup
template = Mockito.spy(new JdbcTemplate());
PreparedStatementSetter setter = (ps) -> {};
doReturn(null)
.when(template)
.query(anyString(), (PreparedStatementSetter) any(), (ResultSetExtractor<? extends Object>) any());

unionBasedSQLInjectionVulnerability = Mockito.spy(new UnionBasedSQLInjectionVulnerability(template));

// Act
Map<String, String> params = new HashMap();
final Map<String, String> params = new HashMap<>();
params.put("id", "1' UNION SELECT * FROM cars; --");
unionBasedSQLInjectionVulnerability.getCarInformationLevel4(params);

// Assert
verify(template).query(eq("select * from cars where id=?"), (PreparedStatementSetter) any(), (ResultSetExtractor<? extends Object>) any());

}

// private JdbcTemplate applicationJdbcTemplate;
//
// public UnionBasedSQLInjectionVulnerabilityTest(
// @Qualifier("applicationJdbcTemplate") JdbcTemplate applicationJdbcTemplate) {
// this.applicationJdbcTemplate = applicationJdbcTemplate;
// }
//
// @AttackVector(
// vulnerabilityExposed = VulnerabilityType.UNION_BASED_SQL_INJECTION,
// description = "UNION_SQL_INJECTION_URL_PARAM_APPENDED_DIRECTLY_TO_QUERY",
// payload = "UNION_BASED_SQL_INJECTION_PAYLOAD_LEVEL_1")
// @VulnerableAppRequestMapping(
// value = LevelConstants.LEVEL_1,
// htmlTemplate = "LEVEL_1/SQLInjection_Level1")
// public ResponseEntity<CarInformation> getCarInformationLevel1(
// @RequestParam Map<String, String> queryParams) {
// String id = queryParams.get("id");
// return applicationJdbcTemplate.query(
// "select * from cars where id=" + id,
// (rs) -> {
// CarInformation carInformation = new CarInformation();
// if (rs.next()) {
// carInformation.setId(rs.getInt(1));
// carInformation.setName(rs.getString(2));
// carInformation.setImagePath(rs.getString(3));
// }
// return new ResponseEntity<CarInformation>(carInformation, HttpStatus.OK);
// });
// }
//
// @AttackVector(
// vulnerabilityExposed = VulnerabilityType.UNION_BASED_SQL_INJECTION,
// description =
// "UNION_SQL_INJECTION_URL_PARAM_WRAPPED_WITH_SINGLE_QUOTE_APPENDED_TO_QUERY",
// payload = "UNION_BASED_SQL_INJECTION_PAYLOAD_LEVEL_2")
// @VulnerableAppRequestMapping(
// value = LevelConstants.LEVEL_2,
// htmlTemplate = "LEVEL_1/SQLInjection_Level1")
// public ResponseEntity<CarInformation> getCarInformationLevel2(
// @RequestParam Map<String, String> queryParams) {
// String id = queryParams.get("id");
// CarInformation carInformation = new CarInformation();
// return applicationJdbcTemplate.query(
// "select * from cars where id='" + id + "'",
// (rs) -> {
// if (rs.next()) {
// carInformation.setId(rs.getInt(1));
// carInformation.setName(rs.getString(2));
// carInformation.setImagePath(rs.getString(3));
// }
// return new ResponseEntity<CarInformation>(carInformation, HttpStatus.OK);
// });
// }
//
// @AttackVector(
// vulnerabilityExposed = VulnerabilityType.UNION_BASED_SQL_INJECTION,
// description =
// "UNION_SQL_INJECTION_URL_PARAM_REMOVES_SINGLE_QUOTE_WITH_SINGLE_QUOTE_APPENDED_TO_QUERY")
// @VulnerableAppRequestMapping(
// value = LevelConstants.LEVEL_3,
// variant = Variant.SECURE,
// htmlTemplate = "LEVEL_1/SQLInjection_Level1")
// public ResponseEntity<CarInformation> getCarInformationLevel3(
// @RequestParam Map<String, String> queryParams) {
// String id = queryParams.get("id").replaceAll("'", "");
// return applicationJdbcTemplate.query(
// "select * from cars where id='" + id + "'",
// (rs) -> {
// CarInformation carInformation = new CarInformation();
// if (rs.next()) {
// carInformation.setId(rs.getInt(1));
// carInformation.setName(rs.getString(2));
// carInformation.setImagePath(rs.getString(3));
// }
// return new ResponseEntity<CarInformation>(carInformation, HttpStatus.OK);
// });
// }
//
// @VulnerableAppRequestMapping(
// value = LevelConstants.LEVEL_4,
// variant = Variant.SECURE,
// htmlTemplate = "LEVEL_1/SQLInjection_Level1")
// public ResponseEntity<CarInformation> getCarInformationLevel4(
// @RequestParam Map<String, String> queryParams) {
// String id = queryParams.get("id");
//
// return applicationJdbcTemplate.query(
// "select * from cars where id=?",
// (prepareStatement) -> {
// prepareStatement.setString(1, id);
// },
// (rs) -> {
// CarInformation carInformation = new CarInformation();
// if (rs.next()) {
// carInformation.setId(rs.getInt(1));
// carInformation.setName(rs.getString(2));
// carInformation.setImagePath(rs.getString(3));
// }
// return new ResponseEntity<CarInformation>(carInformation, HttpStatus.OK);
// });
// }
}

0 comments on commit d7ba0a5

Please sign in to comment.