List of usage examples for java.util.regex Pattern DOTALL
int DOTALL
To view the source code for java.util.regex Pattern DOTALL.
Click Source Link
From source file:org.eclipse.swt.snippets.SnippetExplorer.java
/** * Tries to extract a snippet description from the snippet source. * <p>// ww w .ja v a 2 s.com * If description has multiple lines the delimiter is always in UNIX-style (\n). * </p> * * @param snippetSrc the snippet source code * @return the extracted snippet description. If none found returns * <code>null</code> or in some cases an empty string. */ private static String extractSnippetDescription(String snippetSrc) { if (snippetSrc == null) { return null; } // Usually the second block comment contains a description of the snippet // therefore this method returns the first block comment not containing the // usual copyright keywords. // Note: currently only real block comments are considered. A bunch of line // comments forming a block (like that comment you're reading right now) are // ignored. final Pattern blockCommentPattern = Pattern.compile("/\\*\\*?(.*?)\\*/", Pattern.DOTALL); final Matcher blockCommentMatcher = blockCommentPattern.matcher(snippetSrc); while (blockCommentMatcher.find()) { String comment = blockCommentMatcher.group(1); if (comment.contains("Copyright (c)") || comment.contains("https://www.eclipse.org/legal/epl-2.0/")) { continue; } // normalize line breaks comment = comment.replaceAll("\r\n?", "\n"); // remove '*' at line start and trim lines comment = comment.replaceAll("[ \t]*\n[ \\t]*\\*+[ \\t]*", "\n"); // trim start and end comment = comment.trim(); return comment; } return null; }
From source file:com.afis.jx.ckfinder.connector.utils.FileUtils.java
/** * Detect HTML in the first KB to prevent against potential security issue with IE/Safari/Opera file type auto detection bug. Returns * true if file contain insecure HTML code at the beginning. * * @param item file upload item// ww w . jav a 2s . c o m * @return true if detected. * @throws IOException when io error occurs. */ public static boolean detectHtml(final FileItem item) throws IOException { byte[] buff = new byte[MAX_BUFFER_SIZE]; InputStream is = null; try { is = item.getInputStream(); is.read(buff, 0, MAX_BUFFER_SIZE); String content = new String(buff); content = content.toLowerCase().trim(); if (Pattern .compile("<!DOCTYPE\\W+X?HTML.+", Pattern.CASE_INSENSITIVE | Pattern.DOTALL | Pattern.MULTILINE) .matcher(content).matches()) { return true; } String[] tags = { "<body", "<head", "<html", "<img", "<pre", "<script", "<table", "<title" }; for (String tag : tags) { if (content.indexOf(tag) != -1) { return true; } } if (Pattern .compile("type\\s*=\\s*[\'\"]?\\s*(?:\\w*/)?(?:ecma|java)", Pattern.CASE_INSENSITIVE | Pattern.DOTALL | Pattern.MULTILINE) .matcher(content).find()) { return true; } if (Pattern .compile("(?:href|src|data)\\s*=\\s*[\'\"]?\\s*(?:ecma|java)script:", Pattern.CASE_INSENSITIVE | Pattern.DOTALL | Pattern.MULTILINE) .matcher(content).find()) { return true; } if (Pattern .compile("url\\s*\\(\\s*[\'\"]?\\s*(?:ecma|java)script:", Pattern.CASE_INSENSITIVE | Pattern.DOTALL | Pattern.MULTILINE) .matcher(content).find()) { return true; } } catch (IOException e) { throw e; } finally { if (is != null) { is.close(); } } return false; }
From source file:com.amalto.core.server.DefaultItem.java
/** * Get the possible value for the business Element Path, optionally filtered by a condition * * @param dataClusterPOJOPK The data cluster where to run the query * @param businessElementPath The business element path. Must be of the form * <code>ConceptName/[optional sub elements]/element</code> * @param whereItem The optional condition * @param spellThreshold The condition spell checking threshold. A negative value de-activates spell * @param orderBy The full path of the item user to order * @param direction One of {@link com.amalto.xmlserver.interfaces.IXmlServerSLWrapper#ORDER_ASCENDING} or * {@link com.amalto.xmlserver.interfaces.IXmlServerSLWrapper#ORDER_DESCENDING} * @return The list of values//w w w. j av a 2 s.co m * @throws com.amalto.core.util.XtentisException In case of error in MDM code. */ @Override public ArrayList<String> getFullPathValues(DataClusterPOJOPK dataClusterPOJOPK, String businessElementPath, IWhereItem whereItem, int spellThreshold, String orderBy, String direction) throws XtentisException { ArrayList<String> res = new ArrayList<String>(); try { // find the conceptName String conceptName = ItemPOJO.getConceptFromPath(businessElementPath); if (conceptName == null) { String err = "Unable to recover the concept from business Element path '" + businessElementPath + "'"; LOGGER.error(err); throw new XtentisException(err); } ArrayList<String> col = xPathsSearch(dataClusterPOJOPK, null, new ArrayList<String>(Arrays.asList(businessElementPath)), whereItem, spellThreshold, orderBy, direction, 0, -1, false); Pattern p = Pattern.compile("<.*>(.*?)</.*>", Pattern.DOTALL); for (String li : col) { Matcher m = p.matcher(li); if (m.matches()) { res.add(StringEscapeUtils.unescapeXml(m.group(1))); } else { throw new XtentisException( "Result values were not understood for business element: " + conceptName); } } return res; } catch (XtentisException e) { throw (e); } catch (Exception e) { String err = "Unable to get values for the Business Element \"" + businessElementPath + "\""; LOGGER.error(err, e); throw new XtentisException(err, e); } }
From source file:org.kuali.rice.krad.util.KRADUtils.java
/** * Strips out common patterns used in cross side scripting. * * @param value string to strip patterns from * @return cleaned string//w w w. ja va2s. c om */ public static String stripXSSPatterns(String value) { if (value == null) { return null; } // Avoid null characters value = value.replaceAll("", ""); // Avoid anything between script tags Pattern scriptPattern = Pattern.compile("<script>(.*?)</script>", Pattern.CASE_INSENSITIVE); value = scriptPattern.matcher(value).replaceAll(""); // Avoid anything in a src='...' type of expression scriptPattern = Pattern.compile("src[\r\n]*=[\r\n]*\\\'(.*?)\\\'", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL); value = scriptPattern.matcher(value).replaceAll(""); scriptPattern = Pattern.compile("src[\r\n]*=[\r\n]*\\\"(.*?)\\\"", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL); value = scriptPattern.matcher(value).replaceAll(""); // Remove any lonesome </script> tag scriptPattern = Pattern.compile("</script>", Pattern.CASE_INSENSITIVE); value = scriptPattern.matcher(value).replaceAll(""); // Remove any lonesome <script ...> tag scriptPattern = Pattern.compile("<script(.*?)>", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL); value = scriptPattern.matcher(value).replaceAll(""); // Avoid eval(...) expressions scriptPattern = Pattern.compile("eval\\((.*?)\\)", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL); value = scriptPattern.matcher(value).replaceAll(""); // Avoid expression(...) expressions scriptPattern = Pattern.compile("expression\\((.*?)\\)", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL); value = scriptPattern.matcher(value).replaceAll(""); // Avoid javascript:... expressions scriptPattern = Pattern.compile("javascript:", Pattern.CASE_INSENSITIVE); value = scriptPattern.matcher(value).replaceAll(""); // Avoid vbscript:... expressions scriptPattern = Pattern.compile("vbscript:", Pattern.CASE_INSENSITIVE); value = scriptPattern.matcher(value).replaceAll(""); // Avoid onload= expressions scriptPattern = Pattern.compile("onload(.*?)=", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL); value = scriptPattern.matcher(value).replaceAll(""); return value; }
From source file:org.eclipse.birt.report.engine.emitter.docx.writer.BasicComponent.java
public String validHtmlText(String foreignText) { Pattern pattern = Pattern.compile(validHtml, Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL); Matcher matcher = pattern.matcher(foreignText); if (matcher.matches()) { return foreignText; } else/*from ww w .j a va 2s . c o m*/ return "<html>" + foreignText + "</html>"; }
From source file:org.tinymediamanager.scraper.ofdb.OfdbMetadataProvider.java
@Override public List<MediaTrailer> getTrailers(MediaScrapeOptions options) throws Exception { LOGGER.debug("getTrailers() " + options.toString()); List<MediaTrailer> trailers = new ArrayList<>(); if (!MetadataUtil.isValidImdbId(options.getImdbId())) { LOGGER.debug("IMDB id not found"); return trailers; }//from w ww .ja v a 2s .c om /* * function getTrailerData(ci) { switch (ci) { case 'http://de.clip-1.filmtrailer.com/9507_31566_a_1.flv?log_var=72|491100001 -1|-' : return * '<b>Trailer 1</b><br><i>(small)</i><br><br>» 160px<br><br>Download:<br>» <a href= * "http://de.clip-1.filmtrailer.com/9507_31566_a_1.wmv?log_var=72|491100001-1|-" >wmv</a><br>'; case * 'http://de.clip-1.filmtrailer.com/9507_31566_a_2.flv?log_var=72|491100001 -1|-' : return '<b>Trailer 1</b><br><i>(medium)</i><br><br>» * 240px<br><br>Download:<br>» <a href= "http://de.clip-1.filmtrailer.com/9507_31566_a_2.wmv?log_var=72|491100001-1|-" >wmv</a><br>'; case * 'http://de.clip-1.filmtrailer.com/9507_31566_a_3.flv?log_var=72|491100001 -1|-' : return '<b>Trailer 1</b><br><i>(large)</i><br><br>» * 320px<br><br>Download:<br>» <a href= "http://de.clip-1.filmtrailer.com/9507_31566_a_3.wmv?log_var=72|491100001-1|-" >wmv</a><br>» * <a href= "http://de.clip-1.filmtrailer.com/9507_31566_a_3.mp4?log_var=72|491100001-1|-" >mp4</a><br>» <a href= * "http://de.clip-1.filmtrailer.com/9507_31566_a_3.webm?log_var=72|491100001-1|-" >webm</a><br>'; case * 'http://de.clip-1.filmtrailer.com/9507_31566_a_4.flv?log_var=72|491100001 -1|-' : return '<b>Trailer 1</b><br><i>(xlarge)</i><br><br>» * 400px<br><br>Download:<br>» <a href= "http://de.clip-1.filmtrailer.com/9507_31566_a_4.wmv?log_var=72|491100001-1|-" >wmv</a><br>» * <a href= "http://de.clip-1.filmtrailer.com/9507_31566_a_4.mp4?log_var=72|491100001-1|-" >mp4</a><br>» <a href= * "http://de.clip-1.filmtrailer.com/9507_31566_a_4.webm?log_var=72|491100001-1|-" >webm</a><br>'; case * 'http://de.clip-1.filmtrailer.com/9507_31566_a_5.flv?log_var=72|491100001 -1|-' : return '<b>Trailer 1</b><br><i>(xxlarge)</i><br><br>» * 640px<br><br>Download:<br>» <a href= "http://de.clip-1.filmtrailer.com/9507_31566_a_5.wmv?log_var=72|491100001-1|-" >wmv</a><br>» * <a href= "http://de.clip-1.filmtrailer.com/9507_31566_a_5.mp4?log_var=72|491100001-1|-" >mp4</a><br>» <a href= * "http://de.clip-1.filmtrailer.com/9507_31566_a_5.webm?log_var=72|491100001-1|-" >webm</a><br>'; case * 'http://de.clip-1.filmtrailer.com/9507_39003_a_1.flv?log_var=72|491100001 -1|-' : return '<b>Trailer 2</b><br><i>(small)</i><br><br>» * 160px<br><br>Download:<br>» <a href= "http://de.clip-1.filmtrailer.com/9507_39003_a_1.wmv?log_var=72|491100001-1|-" >wmv</a><br>'; case * 'http://de.clip-1.filmtrailer.com/9507_39003_a_2.flv?log_var=72|491100001 -1|-' : return '<b>Trailer 2</b><br><i>(medium)</i><br><br>» * 240px<br><br>Download:<br>» <a href= "http://de.clip-1.filmtrailer.com/9507_39003_a_2.wmv?log_var=72|491100001-1|-" >wmv</a><br>'; case * 'http://de.clip-1.filmtrailer.com/9507_39003_a_3.flv?log_var=72|491100001 -1|-' : return '<b>Trailer 2</b><br><i>(large)</i><br><br>» * 320px<br><br>Download:<br>» <a href= "http://de.clip-1.filmtrailer.com/9507_39003_a_3.wmv?log_var=72|491100001-1|-" >wmv</a><br>» * <a href= "http://de.clip-1.filmtrailer.com/9507_39003_a_3.mp4?log_var=72|491100001-1|-" >mp4</a><br>» <a href= * "http://de.clip-1.filmtrailer.com/9507_39003_a_3.webm?log_var=72|491100001-1|-" >webm</a><br>'; case * 'http://de.clip-1.filmtrailer.com/9507_39003_a_4.flv?log_var=72|491100001 -1|-' : return '<b>Trailer 2</b><br><i>(xlarge)</i><br><br>» * 400px<br><br>Download:<br>» <a href= "http://de.clip-1.filmtrailer.com/9507_39003_a_4.wmv?log_var=72|491100001-1|-" >wmv</a><br>» * <a href= "http://de.clip-1.filmtrailer.com/9507_39003_a_4.mp4?log_var=72|491100001-1|-" >mp4</a><br>» <a href= * "http://de.clip-1.filmtrailer.com/9507_39003_a_4.webm?log_var=72|491100001-1|-" >webm</a><br>'; case * 'http://de.clip-1.filmtrailer.com/9507_39003_a_5.flv?log_var=72|491100001 -1|-' : return '<b>Trailer 2</b><br><i>(xxlarge)</i><br><br>» * 640px<br><br>Download:<br>» <a href= "http://de.clip-1.filmtrailer.com/9507_39003_a_5.wmv?log_var=72|491100001-1|-" >wmv</a><br>» * <a href= "http://de.clip-1.filmtrailer.com/9507_39003_a_5.mp4?log_var=72|491100001-1|-" >mp4</a><br>» <a href= * "http://de.clip-1.filmtrailer.com/9507_39003_a_5.webm?log_var=72|491100001-1|-" >webm</a><br>'; } } */ Url url = null; String searchString = BASE_URL + "/view.php?page=suchergebnis&Kat=IMDb&SText=" + options.getImdbId(); try { // search with IMDB url = new Url(searchString); InputStream in = url.getInputStream(); Document doc = Jsoup.parse(in, "UTF-8", ""); in.close(); Elements filme = doc.getElementsByAttributeValueMatching("href", "film\\/\\d+,"); if (filme == null || filme.isEmpty()) { LOGGER.debug("found no search results"); return trailers; } LOGGER.debug("found " + filme.size() + " search results"); // hopefully // only one LOGGER.debug("get (trailer) details page"); url = new Url(BASE_URL + "/" + StrgUtils.substr(filme.first().toString(), "href=\\\"(.*?)\\\"")); in = url.getInputStream(); doc = Jsoup.parse(in, "UTF-8", ""); in.close(); // OLD STYLE // <b>Trailer 1</b><br><i>(xxlarge)</i><br><br>» 640px<br><br>Download:<br>» <a href= // "http://de.clip-1.filmtrailer.com/9507_31566_a_5.wmv?log_var=72|491100001-1|-" >wmv</a><br>» <a href= // "http://de.clip-1.filmtrailer.com/9507_31566_a_5.mp4?log_var=72|491100001-1|-" >mp4</a><br>» <a href= // "http://de.clip-1.filmtrailer.com/9507_31566_a_5.webm?log_var=72|491100001-1|-" >webm</a><br> Pattern regex = Pattern.compile("return '(.*?)';"); Matcher m = regex.matcher(doc.toString()); while (m.find()) { String s = m.group(1); String tname = StrgUtils.substr(s, "<b>(.*?)</b>"); String tpix = StrgUtils.substr(s, "raquo; (.*?)x<br>"); // String tqual = StrgUtils.substr(s, "<i>\\((.*?)\\)</i>"); // url + format Pattern lr = Pattern.compile("<a href=\"(.*?)\">(.*?)</a>"); Matcher lm = lr.matcher(s); while (lm.find()) { String turl = lm.group(1); // String tformat = lm.group(2); MediaTrailer trailer = new MediaTrailer(); trailer.setName(tname); // trailer.setQuality(tpix + " (" + tformat + ")"); trailer.setQuality(tpix); trailer.setProvider("filmtrailer"); trailer.setUrl(turl); LOGGER.debug(trailer.toString()); trailers.add(trailer); } } // NEW STYLE (additional!) // <div class="clips" id="clips2" style="display: none;"> // <img src="images/flag_de.gif" align="left" vspace="3" width="18" height="12"> // <img src="images/trailer_6.gif" align="top" vspace="1" width="16" height="16" alt="freigegeben ab 6 Jahren"> // <i>Trailer 1:</i> // <a href="http://de.clip-1.filmtrailer.com/2845_6584_a_1.flv?log_var=67|491100001-1|-"> small </a> // <a href="http://de.clip-1.filmtrailer.com/2845_6584_a_2.flv?log_var=67|491100001-1|-"> medium </a> // <a href="http://de.clip-1.filmtrailer.com/2845_6584_a_3.flv?log_var=67|491100001-1|-"> large </a> // <a href="http://de.clip-1.filmtrailer.com/2845_6584_a_4.flv?log_var=67|491100001-1|-"> xlarge </a> // <a href="http://de.clip-1.filmtrailer.com/2845_6584_a_5.flv?log_var=67|491100001-1|-"> xxlarge </a> // <br> // <img src="images/flag_de.gif" align="left" vspace="3" width="18" height="12"> // <img src="images/trailer_6.gif" align="top" vspace="1" width="16" height="16" alt="freigegeben ab 6 Jahren"> // <i>Trailer 2:</i> // <a href="http://de.clip-1.filmtrailer.com/2845_8244_a_1.flv?log_var=67|491100001-1|-"> small </a> // <a href="http://de.clip-1.filmtrailer.com/2845_8244_a_2.flv?log_var=67|491100001-1|-"> medium </a> // <a href="http://de.clip-1.filmtrailer.com/2845_8244_a_3.flv?log_var=67|491100001-1|-"> large </a> // <a href="http://de.clip-1.filmtrailer.com/2845_8244_a_4.flv?log_var=67|491100001-1|-"> xlarge </a> // <a href="http://de.clip-1.filmtrailer.com/2845_8244_a_5.flv?log_var=67|491100001-1|-"> xxlarge </a> // <br> // <img src="images/flag_de.gif" align="left" vspace="3" width="18" height="12"> // <img src="images/trailer_6.gif" align="top" vspace="1" width="16" height="16" alt="freigegeben ab 6 Jahren"> // <i>Trailer 3:</i> // <a href="http://de.clip-1.filmtrailer.com/2845_14749_a_1.flv?log_var=67|491100001-1|-"> small </a> // <a href="http://de.clip-1.filmtrailer.com/2845_14749_a_2.flv?log_var=67|491100001-1|-"> medium </a> // <a href="http://de.clip-1.filmtrailer.com/2845_14749_a_3.flv?log_var=67|491100001-1|-"> large </a> // <a href="http://de.clip-1.filmtrailer.com/2845_14749_a_4.flv?log_var=67|491100001-1|-"> xlarge </a> // <a href="http://de.clip-1.filmtrailer.com/2845_14749_a_5.flv?log_var=67|491100001-1|-"> xxlarge </a> // <br> // <br> // </div> // new style size // 1 = 160 x 90 = small // 2 = 240 x 136 = medium // 3 = 320 x 180 = large // 4 = 400 x 226 = xlarge // 5 = 640 x 360 = xxlarge ; regex = Pattern.compile("<i>(.*?)</i>(.*?)<br>", Pattern.DOTALL); // get them as single trailer line m = regex.matcher(doc.getElementsByClass("clips").html()); while (m.find()) { // LOGGER.info(doc.getElementsByClass("clips").html()); // parse each line with 5 qualities String tname = m.group(1).trim(); tname = tname.replaceFirst(":$", ""); // replace ending colon String urls = m.group(2); // url + format Pattern lr = Pattern.compile("<a href=\"(.*?)\">(.*?)</a>"); Matcher lm = lr.matcher(urls); while (lm.find()) { String turl = lm.group(1); String tpix = ""; String tformat = lm.group(2).replaceAll(" ", "").trim(); switch (tformat) { case "small": tpix = "90p"; break; case "medium": tpix = "136p"; break; case "large": tpix = "180p"; break; case "xlarge": tpix = "226p"; break; case "xxlarge": tpix = "360p"; break; default: break; } MediaTrailer trailer = new MediaTrailer(); trailer.setName(tname); // trailer.setQuality(tpix + " (" + tformat + ")"); trailer.setQuality(tpix); trailer.setProvider("filmtrailer"); trailer.setUrl(turl); LOGGER.debug(trailer.toString()); trailers.add(trailer); } } } catch (Exception e) { if (url != null) { LOGGER.error("Error parsing {}", url.toString()); } else { LOGGER.error("Error parsing {}", searchString); } throw e; } return trailers; }
From source file:org.zaproxy.zap.extension.sqliplugin.SQLInjectionPlugin.java
/** * Scans for SQL Injection vulnerabilities according to SQLMap payload definitions. Current * implemented tests are: Boolean-Based, Error-Based, Union-query, OrderBy-query, Stacked-Query * and Time-based. This plugin only test for the existence of a SQLi according to these * injection methods and exploit it generating less effects as possible. All revealed * vulnerabilities are then without false positives, and the detected payload could be used for * further attacks. After this detection we suggest to use exploiting tools like SQLmap itself * or SQLNinja, Havij, etc. for this vulnerability usage and control. * * @param msg a request only copy of the original message (the response isn't copied) * @param parameter the parameter name that need to be exploited * @param value the original parameter value *//* ww w . jav a 2 s . c om*/ @Override public void scan(HttpMessage msg, String parameter, String value) { // First of all get the SQLi payloads list // using the embedded configuration file SQLiPayloadManager manager = SQLiPayloadManager.getInstance(); // Internal engine variable definition HttpMessage origMsg; HttpMessage tempMsg; String currentPrefix; String currentSuffix; String currentComment; String payloadValue; String reqPayload; String cmpPayload; String content; String title; boolean injectable; int injectableTechniques = 0; // Maybe could be a good idea to sort tests // according to the behavior and the heaviness // TODO: define a compare logic and sort it according to that for (SQLiTest test : manager.getTests()) { title = test.getTitle(); // unionExtended = false; // If it's a union based query test // first prepare all the needed elements if (test.getStype() == SQLiPayloadManager.TECHNIQUE_UNION) { // Set the string that need to be used // for the union query construction // ---------------------------------------------------- if (title.contains("[CHAR]")) { if (unionChar == null) { if (log.isDebugEnabled()) { log.debug("skipping test '" + title + "' because the user didn't provide a custom charset"); } continue; } else { title = title.replace("[CHAR]", unionChar); if (StringUtils.isNumeric(unionChar)) { uChars = unionChar; } else { // maybe the user set apics inside the chars string uChars = "'" + StringUtils.strip(unionChar, "'") + "'"; } } } else { // Set union chars to the one specified // inside the global payload definition uChars = test.getRequest().getChars(); } // Check if there's a random element to be set // ---------------------------------------------------- if (title.contains("[RANDNUM]") || title.contains("(NULL)")) { title = title.replace("[RANDNUM]", "random number"); } // Set the union column range according to the specific // payload definition (custom based or constrained) // ---------------------------------------------------- if (test.getRequest().getColumns().equals("[COLSTART]-[COLSTOP]")) { if (unionCols == null) { if (log.isDebugEnabled()) { log.debug( "skipping test '" + title + "' because the user didn't provide a column range"); } continue; } else { setUnionRange(unionCols); title = title.replace("[COLSTART]", Integer.toString(uColsStart)); title = title.replace("[COLSTOP]", Integer.toString(uColsStop)); } } else { // Set column range (the range set on the payload definition // take precedence respect to the one set by the user) setUnionRange(test.getRequest().getColumns()); } /* // Seems useless (double the starting and ending column number value) match = re.search(r"(\d+)-(\d+)", test.request.columns) if injection.data and match: lower, upper = int(match.group(1)), int(match.group(2)) for _ in (lower, upper): if _ > 1: unionExtended = True test.request.columns = re.sub(r"\b%d\b" % _, str(2 * _), test.request.columns) title = re.sub(r"\b%d\b" % _, str(2 * _), title) test.title = re.sub(r"\b%d\b" % _, str(2 * _), test.title) */ } // Skip test if the user's wants to test only // for a specific technique if ((techniques != null) && !techniques.contains(test.getStype())) { if (log.isDebugEnabled()) { StringBuilder message = new StringBuilder(); message.append("skipping test '"); message.append(title); message.append("' because the user specified to test only for "); for (int i : techniques) { message.append(" & "); message.append(SQLiPayloadManager.SQLI_TECHNIQUES.get(i)); } message.append(" techniques"); log.debug(message); } continue; } // Skip test if it is the same SQL injection type already // identified by another test if ((injectableTechniques & (1 << test.getStype())) != 0) { if (log.isDebugEnabled()) { log.debug("skipping test '" + title + "' because the payload for " + SQLiPayloadManager.SQLI_TECHNIQUES.get(test.getStype()) + " has already been identified"); } continue; } // Skip test if the risk is higher than the provided (or default) value // Parse test's <risk> if (test.getRisk() > risk) { if (log.isDebugEnabled()) { log.debug("skipping test '" + title + "' because the risk (" + test.getRisk() + ") is higher than the provided (" + risk + ")"); } continue; } // Skip test if the level is higher than the provided (or default) value // Parse test's <level> if (test.getLevel() > level) { if (log.isDebugEnabled()) { log.debug("skipping test '" + title + "' because the level (" + test.getLevel() + ") is higher than the provided (" + level + ")"); } continue; } // Skip DBMS-specific test if it does not match either the // previously identified or the user's provided DBMS (either // from program switch or from parsed error message(s)) // ------------------------------------------------------------ // Initially set the current Tech value to null currentDbms = null; if ((test.getDetails() != null) && !(test.getDetails().getDbms().isEmpty())) { // If the global techset hasn't been populated this // mean that all technologies should be scanned... if (getTechSet() == null) { currentDbms = test.getDetails().getDbms().get(0); } else { // Check if DBMS scope has been restricted // using the Tech tab inside the scanner // -------------------------- for (DBMSHelper dbms : test.getDetails().getDbms()) { if (getTechSet().includes(dbms.getTech())) { // Force back-end DBMS according to the current // test value for proper payload unescaping currentDbms = dbms; break; } } } // Skip this test if the specific Dbms is not include // inside the list of the allowed one if (currentDbms == null) { if (log.isDebugEnabled()) { log.debug("skipping test '" + title + "' because the db is not included in the Technology list"); } continue; } /* Check if the KB knows what's the current DB * I escaped it because there's no user interaction and * all tests should be performed... to be verified if * there should exists a specific configuration for this * if len(Backend.getErrorParsedDBMSes()) > 0 and not intersect(dbms, Backend.getErrorParsedDBMSes()) and kb.skipOthersDbms is None: msg = "parsed error message(s) showed that the " msg += "back-end DBMS could be %s. " % Format.getErrorParsedDBMSes() msg += "Do you want to skip test payloads specific for other DBMSes? [Y/n]" if readInput(msg, default="Y") in ("y", "Y"): kb.skipOthersDbms = Backend.getErrorParsedDBMSes() else: kb.skipOthersDbms = [] if kb.skipOthersDbms and not intersect(dbms, kb.skipOthersDbms): debugMsg = "skipping test '%s' because " % title debugMsg += "the parsed error message(s) showed " debugMsg += "that the back-end DBMS could be " debugMsg += "%s" % Format.getErrorParsedDBMSes() logger.debug(debugMsg) continue */ } // Skip test if the user provided custom character if ((unionChar != null) && (title.contains("random number") || title.contains("(NULL)"))) { if (log.isDebugEnabled()) { log.debug("skipping test '" + title + "' because the user provided a specific character, " + unionChar); } continue; } // This check is suitable to the current configuration // Start logging the current execution (only in debugging) if (log.isDebugEnabled()) { log.debug("testing '" + title + "'"); } // Parse test's <request> currentComment = (manager.getBoundaries().size() > 1) ? test.getRequest().getComment() : null; // Start iterating through applicable boundaries for (SQLiBoundary boundary : manager.getBoundaries()) { // First set to false the injectable param injectable = false; // Skip boundary if the level is higher than the provided (or // default) value // Parse boundary's <level> if (boundary.getLevel() > level) { continue; } // Skip boundary if it does not match against test's <clause> // Parse test's <clause> and boundary's <clause> if (!test.matchClause(boundary)) { continue; } // Skip boundary if it does not match against test's <where> // Parse test's <where> and boundary's <where> if (!test.matchWhere(boundary)) { continue; } // Parse boundary's <prefix>, <suffix> // Options --prefix/--suffix have a higher priority (if set by user) currentPrefix = (prefix == null) ? boundary.getPrefix() : prefix; currentSuffix = (suffix == null) ? boundary.getSuffix() : suffix; currentComment = (suffix == null) ? currentComment : null; // For each test's <where> for (int where : test.getWhere()) { // Get the complete original message // including previously retrieved content // that could be considered trusted also after // other plugins execution thanks to the removal // of reflective values from the content... // But if we decide to rerun sendAndReceive() // each plugin execution, then we have to work // with message copies and use getNewMsg() origMsg = getBaseMsg(); // Threat the parameter original value according to the // test's <where> tag switch (where) { case SQLiPayloadManager.WHERE_ORIGINAL: payloadValue = value; break; case SQLiPayloadManager.WHERE_NEGATIVE: // Use different page template than the original // one as we are changing parameters value, which // will likely result in a different content if (invalidLogical) { payloadValue = value + " AND " + SQLiPayloadManager.randomInt() + "=" + SQLiPayloadManager.randomInt(); } else if (invalidBignum) { payloadValue = SQLiPayloadManager.randomInt(6) + "." + SQLiPayloadManager.randomInt(1); } else { payloadValue = "-" + SQLiPayloadManager.randomInt(); } // Launch again a simple payload with the changed value // then take it as the original one for boolean base checkings origMsg = sendPayload(parameter, payloadValue, true); if (origMsg == null) { // Probably a Circular Exception occurred // exit the plugin return; } break; case SQLiPayloadManager.WHERE_REPLACE: payloadValue = ""; break; default: // Act as original value need to be set payloadValue = value; } // Hint from ZAP TestSQLInjection active plugin: // Since the previous checks are attempting SQL injection, // and may have actually succeeded in modifying the database (ask me how I // know?!) // then we cannot rely on the database contents being the same as when the // original // query was last run (could be hours ago) // so re-run the query again now at this point. // Here is the best place to do it... // sendAndReceive(origMsg); // Forge request payload by prepending with boundary's // prefix and appending the boundary's suffix to the // test's ' <payload><comment> ' string reqPayload = prepareCleanPayload(test.getRequest().getPayload(), payloadValue); reqPayload = preparePrefix(reqPayload, currentPrefix, where, test); reqPayload = prepareSuffix(reqPayload, currentComment, currentSuffix, where); // Now prefix the parameter value reqPayload = payloadValue + reqPayload; // Perform the test's request and check whether or not the // payload was successful // Parse test's <response> if (test.getResponse() != null) { // prepare string diff matcher // cleaned by reflective values // and according to the replacement // logic set by the plugin content = origMsg.getResponseBody().toString(); content = SQLiPayloadManager.removeReflectiveValues(content, payloadValue); responseMatcher.setOriginalResponse(content); responseMatcher.setLogic(where); // ----------------------------------------------- // Check 1: Boolean-based blind SQL injection // ----------------------------------------------- // use diffs ratio between true/false page content // results against the original page or extract // elements to check differences into // ----------------------------------------------- if (test.getResponse().getComparison() != null) { // Generate payload used for comparison cmpPayload = prepareCleanPayload(test.getResponse().getComparison(), payloadValue); // Forge response payload by prepending with // boundary's prefix and appending the boundary's // suffix to the test's ' <payload><comment> ' // string cmpPayload = preparePrefix(cmpPayload, currentPrefix, where, test); cmpPayload = prepareSuffix(cmpPayload, currentComment, currentSuffix, where); // Now prefix the parameter value cmpPayload = payloadValue + cmpPayload; // Send False payload // Useful to set first matchRatio on // the False response content tempMsg = sendPayload(parameter, cmpPayload, true); if (tempMsg == null) { // Probably a Circular Exception occurred // exit the plugin return; } content = tempMsg.getResponseBody().toString(); content = SQLiPayloadManager.removeReflectiveValues(content, cmpPayload); responseMatcher.setInjectedResponse(content); // set initial matchRatio responseMatcher.isComparable(); // Perform the test's True request tempMsg = sendPayload(parameter, reqPayload, true); if (tempMsg == null) { // Probably a Circular Exception occurred // exit the plugin return; } content = tempMsg.getResponseBody().toString(); content = SQLiPayloadManager.removeReflectiveValues(content, reqPayload); responseMatcher.setInjectedResponse(content); // Check if the TRUE response is equal or // at less strongly comparable respect to // the Original response value if (responseMatcher.isComparable()) { // Perform again the test's False request tempMsg = sendPayload(parameter, cmpPayload, true); if (tempMsg == null) { // Probably a Circular Exception occurred // exit the plugin return; } content = tempMsg.getResponseBody().toString(); content = SQLiPayloadManager.removeReflectiveValues(content, cmpPayload); responseMatcher.setInjectedResponse(content); // Now check if the FALSE response is // completely different from the // Original response according to the // responseMatcher ratio criteria if (!responseMatcher.isComparable()) { // We Found IT! // Now create the alert message String info = Constant.messages.getString( ALERT_MESSAGE_PREFIX + "info.booleanbased", reqPayload, cmpPayload); // Do logging if (log.isDebugEnabled()) { log.debug("[BOOLEAN-BASED Injection Found] " + title + " with payload [" + reqPayload + "] on parameter '" + parameter + "'"); } // Alert the vulnerability to the main core raiseAlert(title, parameter, reqPayload, info, tempMsg); // Close the boundary/where iteration injectable = true; } /* if not injectable and not any((conf.string, conf.notString, conf.regexp)) and kb.pageStable: trueSet = set(extractTextTagContent(truePage)) falseSet = set(extractTextTagContent(falsePage)) candidates = filter(None, (_.strip() if _.strip() in (kb.pageTemplate or "") and _.strip() not in falsePage else None for _ in (trueSet - falseSet))) if candidates: conf.string = random.sample(candidates, 1)[0] infoMsg = "%s parameter '%s' seems to be '%s' injectable (with --string=\"%s\")" % (place, parameter, title, repr(conf.string).lstrip('u').strip("'")) logger.info(infoMsg) */ } // ----------------------------------------------- // Check 2: Error-based SQL injection // ----------------------------------------------- // try error based check sending a specific payload // and verifying if it should return back inside // the response content // ----------------------------------------------- } else if (test.getResponse().getGrep() != null) { // Perform the test's request and grep the response // body for the test's <grep> regular expression tempMsg = sendPayload(parameter, reqPayload, true); if (tempMsg == null) { // Probably a Circular Exception occurred // exit the plugin return; } // Get the payload that need to be checked // inside the response content String checkString = prepareCleanPayload(test.getResponse().getGrep(), payloadValue); Pattern checkPattern = Pattern.compile(checkString, Pattern.DOTALL | Pattern.CASE_INSENSITIVE); String output = null; // Remove reflective values to avoid false positives content = tempMsg.getResponseBody().toString(); content = SQLiPayloadManager.removeReflectiveValues(content, reqPayload); // Find the checkString inside page and headers Matcher matcher = checkPattern.matcher(content); if (matcher.find()) { output = matcher.group("result"); } else { matcher = checkPattern.matcher(tempMsg.getResponseHeader().toString()); if (matcher.find()) { output = matcher.group("result"); } } // Useless because we follow redirects!!! // -- // extractRegexResult(check, threadData.lastRedirectMsg[1] \ // if threadData.lastRedirectMsg and threadData.lastRedirectMsg[0] == \ // threadData.lastRequestUID else None, re.DOTALL | re.IGNORECASE) // Verify if the response extracted content // contains the evaluated expression // (which should be the value "1") if ((output != null) && output.equals("1")) { // We Found IT! // Now create the alert message String info = Constant.messages.getString(ALERT_MESSAGE_PREFIX + "info.errorbased", currentDbms.getName(), checkString); // Do logging if (log.isDebugEnabled()) { log.debug("[ERROR-BASED Injection Found] " + title + " with payload [" + reqPayload + "] on parameter '" + parameter + "'"); } raiseAlert(title, parameter, reqPayload, info, tempMsg); // Close the boundary/where iteration injectable = true; } // ----------------------------------------------- // Check 3: Time-based Blind or Stacked Queries // ----------------------------------------------- // Check for the sleep() execution according to // a collection of MIN_TIME_RESPONSES requestTime // It uses deviations and average for the real // delay checking. // 99.9999999997440% of all non time-based SQL injection affected // response times should be inside +-7*stdev([normal response times]) // Math reference: http://www.answers.com/topic/standard-deviation // ----------------------------------------------- } else if (test.getResponse().getTime() != null) { // First check if we have enough sample for the test if (responseTimes.size() < MIN_TIME_RESPONSES) { // We need some dummy requests to have a correct // deviation model for this page log.warn("Time-based comparison needs larger statistical model: " + "making a few dummy requests"); do { tempMsg = sendPayload(null, null, true); if (tempMsg == null) { // Probably a Circular Exception occurred // exit the plugin return; } } while (responseTimes.size() < MIN_TIME_RESPONSES); } // OK now we can get the deviation of the // request computation time for this page double lowerLimit = timeSec * 1000; double deviation = getResponseTimeDeviation(); // Minimum response time that can be even considered as delayed // MIN_VALID_DELAYED_RESPONSE = 0.5secs // lowerLimit = Math.max(MIN_VALID_DELAYED_RESPONSE, lowerLimit); // Get the maximum value to avoid false positives related // to slow pages that can take an average time // worse than the timeSec waiting period if (deviation >= 0) { lowerLimit = Math.max(lowerLimit, getResponseTimeAverage() + TIME_STDEV_COEFF * deviation); } // Perform the test's request reqPayload = setDelayValue(reqPayload); tempMsg = sendPayload(parameter, reqPayload, false); if (tempMsg == null) { // Probably a Circular Exception occurred // exit the plugin return; } // Check if enough time has passed if (lastResponseTime >= lowerLimit) { // Confirm again test's results tempMsg = sendPayload(parameter, reqPayload, false); if (tempMsg == null) { // Probably a Circular Exception occurred // exit the plugin return; } // Check if enough time has passed if (lastResponseTime >= lowerLimit) { // We Found IT! // Now create the alert message String info = Constant.messages.getString( ALERT_MESSAGE_PREFIX + "info.timebased", reqPayload, lastResponseTime, payloadValue, getResponseTimeAverage()); // Do logging if (log.isDebugEnabled()) { log.debug("[TIME-BASED Injection Found] " + title + " with payload [" + reqPayload + "] on parameter '" + parameter + "'"); } raiseAlert(title, parameter, reqPayload, info, tempMsg); // Close the boundary/where iteration injectable = true; } } // ----------------------------------------------- // Check 4: UNION preparePrefix SQL injection // ----------------------------------------------- // Test for UNION injection and set the sample // payload as well as the vector. // NOTE: vector is set to a tuple with 6 elements, // used afterwards by Agent.forgeUnionQuery() // method to forge the UNION preparePrefix payload // ----------------------------------------------- } else if (test.getResponse().isUnion()) { /* if not Backend.getIdentifiedDbms(): warnMsg = "using unescaped version of the test " warnMsg += "because of zero knowledge of the " warnMsg += "back-end DBMS. You can try to " warnMsg += "explicitly set it using option '--dbms'" singleTimeWarnMessage(warnMsg) if unionExtended: infoMsg = "automatically extending ranges " infoMsg += "for UNION query injection technique tests as " infoMsg += "there is at least one other potential " infoMsg += "injection technique found" singleTimeLogMessage(infoMsg) */ // Test for UNION query SQL injection // use a specific engine containing // all specific query constructors SQLiUnionEngine engine = new SQLiUnionEngine(this); engine.setTest(test); engine.setUnionChars(uChars); engine.setUnionColsStart(uColsStart); engine.setUnionColsStop(uColsStop); engine.setPrefix(currentPrefix); engine.setSuffix(currentSuffix); engine.setComment(currentComment); engine.setDbms(currentDbms); engine.setParamName(parameter); engine.setParamValue(payloadValue); // Use the engine to search for // Union-based and OrderBy-based SQli if (engine.isUnionPayloadExploitable()) { // We Found IT! // Now create the alert message String info = Constant.messages.getString(ALERT_MESSAGE_PREFIX + "info.unionbased", currentDbms.getName(), engine.getExploitColumnsCount()); // Do logging if (log.isDebugEnabled()) { log.debug("[UNION-BASED Injection Found] " + title + " with payload [" + reqPayload + "] on parameter '" + parameter + "'"); } // Alert the vulnerability to the main core raiseAlert(title, parameter, engine.getExploitPayload(), info, engine.getExploitMessage()); // Close the boundary/where iteration injectable = true; } } } // If the injection test was successful feed the injection // object with the test's details // if injection: // injection = checkFalsePositives(injection) // if injection: // checkSuhoshinPatch(injection) // There is no need to perform this test for other // <where> tags if (injectable) { break; } // Check if the scan has been stopped // if yes dispose resources and exit if (isStop()) { // Dispose all resources // Exit the plugin return; } } // If injectable skip other boundary checks if (injectable) { injectableTechniques |= 1 << test.getStype(); break; } } } // check if the parameter is not injectable if (injectableTechniques == 0 && log.isDebugEnabled()) { log.debug("Parameter '" + parameter + "' is not injectable"); } }
From source file:org.craftercms.profile.services.ProfileServiceIT.java
@Test public void testResetAndChangePassword() throws Exception { GreenMail mailServer = new GreenMail(ServerSetupTest.SMTP); mailServer.start();/*from w w w .j a v a 2 s. c o m*/ Profile profile = profileService.createProfile(DEFAULT_TENANT, AVASQUEZ_USERNAME, AVASQUEZ_PASSWORD1, AVASQUEZ_EMAIL1, true, AVASQUEZ_ROLES1, null, VERIFICATION_URL); try { profile = profileService.resetPassword(profile.getId().toString(), RESET_PASSWORD_URL); assertNotNull(profile); // Wait a few seconds so that the email can be sent Thread.sleep(3000); String email = GreenMailUtil.getBody(mailServer.getReceivedMessages()[0]); assertNotNull(email); Pattern emailPattern = Pattern.compile(VERIFICATION_EMAIL_REGEX, Pattern.DOTALL); Matcher emailMatcher = emailPattern.matcher(email); assertTrue(emailMatcher.matches()); String resetTokenId = emailMatcher.group(1); Profile profileAfterPswdReset = profileService.changePassword(resetTokenId, AVASQUEZ_PASSWORD2); assertNotNull(profileAfterPswdReset); assertEquals(profile.getId(), profileAfterPswdReset.getId()); assertNull(profileAfterPswdReset.getPassword()); } finally { profileService.deleteProfile(profile.getId().toString()); mailServer.stop(); } }
From source file:org.wso2.connector.integration.test.base.ConnectorIntegrationTestBase.java
/** * Load a request from a file, provided by a filename. * //w ww . j a va2s. c o m * @param requestFileName The name of the file to load the request from. * @param parametersMap Map of parameters to replace within the parametrized values of the request. * @return String contents of the file. * @throws IOException Thrown on inability to read from the file. */ private String loadRequestFromFile(String requestFileName, Map<String, String> parametersMap) throws IOException { String requestFilePath; String requestData; requestFilePath = pathToRequestsDirectory + requestFileName; requestData = getFileContent(requestFilePath); Properties prop = (Properties) connectorProperties.clone(); if (parametersMap != null) { prop.putAll(parametersMap); } Matcher matcher = Pattern.compile("%s\\(([A-Za-z0-9]*)\\)", Pattern.DOTALL).matcher(requestData); while (matcher.find()) { String key = matcher.group(1); requestData = requestData.replaceAll("%s\\(" + key + "\\)", Matcher.quoteReplacement(prop.getProperty(key))); } return requestData; }
From source file:org.wso2.carbon.connector.integration.test.amazonsdb.AmazonSimpleDBConnectorIntegrationTest.java
private String loadRequestFromFile(String requestFileName) throws IOException { String requestFilePath;//from ww w . j a v a2 s . c om String requestData; requestFilePath = requestFileName; requestData = getFileContent(requestFilePath); Properties prop = (Properties) connectorProperties.clone(); Matcher matcher = Pattern.compile("%s\\(([A-Za-z0-9]*)\\)", Pattern.DOTALL).matcher(requestData); while (matcher.find()) { String key = matcher.group(1); requestData = requestData.replaceAll("%s\\(" + key + "\\)", prop.getProperty(key)); } return requestData; }