diff --git a/.gitignore b/.gitignore index b23edcf..6029da8 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,5 @@ node_modules/ .env npm-debug.log yarn-error.log -test.md \ No newline at end of file +test.md +backend/target diff --git a/README.md b/README.md index 525c0c2..5ec3fd2 100644 --- a/README.md +++ b/README.md @@ -17,18 +17,19 @@ The CVEs covered under SCAGoat are primarily critical and high severity, which h In addition, there is one compromised package, that lacks a CVE, but is malicious by nature and cannot be detected with traditional SCA scanners. - | CVE | Package Name | Link | |----------------------------|-----------------|-------| | CVE-2023-42282 | IP | [https://nvd.nist.gov/vuln/detail/CVE-2023-42282](https://nvd.nist.gov/vuln/detail/CVE-2023-42282) | | CVE-2017-1000427 | Marked | [https://nvd.nist.gov/vuln/detail/CVE-2017-1000427](https://nvd.nist.gov/vuln/detail/CVE-2017-1000427) | | CVE-2017-16114 | Marked | [https://github.com/markedjs/marked/issues/926](https://github.com/markedjs/marked/issues/926) | | CVE-2021-44228 | log4j | [https://nvd.nist.gov/vuln/detail/CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228)| -| CVE-2020-9547 | Jackson-Binding | [https://nvd.nist.gov/vuln/detail/CVE-2020-9547](https://nvd.nist.gov/vuln/detail/CVE-2020-9547)| +| CVE-2020-9547 | jackson-databind | [https://nvd.nist.gov/vuln/detail/CVE-2020-9547](https://nvd.nist.gov/vuln/detail/CVE-2020-9547)| | CVE-2021-33623 | trim-newlines | [https://nvd.nist.gov/vuln/detail/CVE-2021-33623](https://nvd.nist.gov/vuln/detail/CVE-2021-33623)| +| CVE-2020-13935 | spring-websocket | [https://nvd.nist.gov/vuln/detail/CVE-2020-13935](https://nvd.nist.gov/vuln/detail/CVE-2020-13935)| | Malicious Package (No CVE) | xz-java | [https://central.sonatype.com/artifact/io.github.xz-java/xz-java](https://central.sonatype.com/artifact/io.github.xz-java/xz-java)| + ## Steps to run SCAGoat Step 1. Clone the application ```bash diff --git a/backend/pom.xml b/backend/pom.xml index 2b9a3c6..62a4c97 100644 --- a/backend/pom.xml +++ b/backend/pom.xml @@ -35,6 +35,10 @@ org.springframework.boot spring-boot-starter-data-rest + + org.springframework.boot + spring-boot-starter-websocket + diff --git a/backend/src/main/java/com/acme/foo/ChatMessageHandler.java b/backend/src/main/java/com/acme/foo/ChatMessageHandler.java new file mode 100644 index 0000000..0546097 --- /dev/null +++ b/backend/src/main/java/com/acme/foo/ChatMessageHandler.java @@ -0,0 +1,37 @@ +package com.acme.foo; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import org.springframework.web.socket.CloseStatus; +import org.springframework.web.socket.WebSocketMessage; +import org.springframework.web.socket.WebSocketSession; +import org.springframework.web.socket.handler.TextWebSocketHandler; + +public class ChatMessageHandler extends TextWebSocketHandler { + + List webSocketSessions = Collections.synchronizedList(new ArrayList<>()); + + @Override + public void afterConnectionEstablished(WebSocketSession session) throws Exception { + System.out.println("Connection established"); + super.afterConnectionEstablished(session); + webSocketSessions.add(session); + } + + @Override + public void afterConnectionClosed(WebSocketSession session, CloseStatus status) throws Exception { + super.afterConnectionClosed(session, status); + webSocketSessions.remove(session); + } + + @Override + public void handleMessage(WebSocketSession session, WebSocketMessage message) throws Exception { + System.out.println("Received " + message); + super.handleMessage(session, message); + for (WebSocketSession webSocketSession : webSocketSessions) { + webSocketSession.sendMessage(message); + } + } +} \ No newline at end of file diff --git a/backend/src/main/java/com/acme/foo/MainController.java b/backend/src/main/java/com/acme/foo/MainController.java index c3f1abc..2875a17 100755 --- a/backend/src/main/java/com/acme/foo/MainController.java +++ b/backend/src/main/java/com/acme/foo/MainController.java @@ -8,6 +8,9 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Configuration; +import org.springframework.web.socket.config.annotation.EnableWebSocket; +import org.springframework.web.socket.config.annotation.WebSocketConfigurer; +import org.springframework.web.socket.config.annotation.WebSocketHandlerRegistry; import com.fasterxml.jackson.databind.ObjectMapper; @@ -16,7 +19,13 @@ @EnableAutoConfiguration @SpringBootApplication @EnableCaching -public class MainController extends SpringBootServletInitializer { +@EnableWebSocket +public class MainController extends SpringBootServletInitializer implements WebSocketConfigurer { + + @Override + public void registerWebSocketHandlers(WebSocketHandlerRegistry webSocketHandlerRegistry) { + webSocketHandlerRegistry.addHandler(new ChatMessageHandler(), "/chat-websocket").setAllowedOrigins("*"); + } public static void main(String[] args) { SpringApplication.run(MainController.class, args); diff --git a/backend/target/classes/com/acme/foo/MainController.class b/backend/target/classes/com/acme/foo/MainController.class deleted file mode 100644 index fea4b93..0000000 Binary files a/backend/target/classes/com/acme/foo/MainController.class and /dev/null differ diff --git a/backend/target/classes/com/acme/foo/Person.class b/backend/target/classes/com/acme/foo/Person.class deleted file mode 100644 index 2bff689..0000000 Binary files a/backend/target/classes/com/acme/foo/Person.class and /dev/null differ diff --git a/backend/target/classes/com/acme/foo/PersonApi.class b/backend/target/classes/com/acme/foo/PersonApi.class deleted file mode 100644 index 2052602..0000000 Binary files a/backend/target/classes/com/acme/foo/PersonApi.class and /dev/null differ diff --git a/backend/target/maven-archiver/pom.properties b/backend/target/maven-archiver/pom.properties deleted file mode 100644 index a8f6b12..0000000 --- a/backend/target/maven-archiver/pom.properties +++ /dev/null @@ -1,3 +0,0 @@ -artifactId=springboot-app -groupId=com.acme.foo -version=0.0.1-SNAPSHOT diff --git a/backend/target/maven-status/maven-compiler-plugin/compile/default-compile/createdFiles.lst b/backend/target/maven-status/maven-compiler-plugin/compile/default-compile/createdFiles.lst deleted file mode 100644 index eb49581..0000000 --- a/backend/target/maven-status/maven-compiler-plugin/compile/default-compile/createdFiles.lst +++ /dev/null @@ -1,3 +0,0 @@ -com\acme\foo\MainController.class -com\acme\foo\Person.class -com\acme\foo\PersonApi.class diff --git a/backend/target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst b/backend/target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst deleted file mode 100644 index 263cc5d..0000000 --- a/backend/target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst +++ /dev/null @@ -1,3 +0,0 @@ -C:\Users\blurr\Damn-vulnerable-sca\backend\src\main\java\com\acme\foo\PersonApi.java -C:\Users\blurr\Damn-vulnerable-sca\backend\src\main\java\com\acme\foo\Person.java -C:\Users\blurr\Damn-vulnerable-sca\backend\src\main\java\com\acme\foo\MainController.java diff --git a/backend/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/createdFiles.lst b/backend/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/createdFiles.lst deleted file mode 100644 index a9c4b6f..0000000 --- a/backend/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/createdFiles.lst +++ /dev/null @@ -1,4 +0,0 @@ -com\acme\backdoor\Backdoor.class -com\acme\backdoor\BackdoorTest.class -com\acme\jndi\LDAPRefServer$OperationInterceptor.class -com\acme\jndi\LDAPRefServer.class diff --git a/backend/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/inputFiles.lst b/backend/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/inputFiles.lst deleted file mode 100644 index 89d3d2d..0000000 --- a/backend/target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/inputFiles.lst +++ /dev/null @@ -1,3 +0,0 @@ -C:\Users\blurr\Damn-vulnerable-sca\backend\src\test\java\com\acme\backdoor\BackdoorTest.java -C:\Users\blurr\Damn-vulnerable-sca\backend\src\test\java\com\acme\backdoor\Backdoor.java -C:\Users\blurr\Damn-vulnerable-sca\backend\src\test\java\com\acme\jndi\LDAPRefServer.java diff --git a/backend/target/springboot-app-0.0.1-SNAPSHOT.jar b/backend/target/springboot-app-0.0.1-SNAPSHOT.jar deleted file mode 100644 index 29fb149..0000000 Binary files a/backend/target/springboot-app-0.0.1-SNAPSHOT.jar and /dev/null differ diff --git a/backend/target/springboot-app-0.0.1-SNAPSHOT.jar.original b/backend/target/springboot-app-0.0.1-SNAPSHOT.jar.original deleted file mode 100644 index 612c64c..0000000 Binary files a/backend/target/springboot-app-0.0.1-SNAPSHOT.jar.original and /dev/null differ diff --git a/backend/target/surefire-reports/TEST-com.acme.backdoor.BackdoorTest.xml b/backend/target/surefire-reports/TEST-com.acme.backdoor.BackdoorTest.xml deleted file mode 100644 index 250e1dd..0000000 --- a/backend/target/surefire-reports/TEST-com.acme.backdoor.BackdoorTest.xml +++ /dev/null @@ -1,60 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/backend/target/surefire-reports/com.acme.backdoor.BackdoorTest.txt b/backend/target/surefire-reports/com.acme.backdoor.BackdoorTest.txt deleted file mode 100644 index 604ac84..0000000 --- a/backend/target/surefire-reports/com.acme.backdoor.BackdoorTest.txt +++ /dev/null @@ -1,4 +0,0 @@ -------------------------------------------------------------------------------- -Test set: com.acme.backdoor.BackdoorTest -------------------------------------------------------------------------------- -Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.121 s - in com.acme.backdoor.BackdoorTest diff --git a/backend/target/test-classes/com/acme/backdoor/Backdoor.class b/backend/target/test-classes/com/acme/backdoor/Backdoor.class deleted file mode 100644 index cb874d8..0000000 Binary files a/backend/target/test-classes/com/acme/backdoor/Backdoor.class and /dev/null differ diff --git a/backend/target/test-classes/com/acme/backdoor/BackdoorTest.class b/backend/target/test-classes/com/acme/backdoor/BackdoorTest.class deleted file mode 100644 index 6d3d2df..0000000 Binary files a/backend/target/test-classes/com/acme/backdoor/BackdoorTest.class and /dev/null differ diff --git a/backend/target/test-classes/com/acme/jndi/LDAPRefServer$OperationInterceptor.class b/backend/target/test-classes/com/acme/jndi/LDAPRefServer$OperationInterceptor.class deleted file mode 100644 index 09e843a..0000000 Binary files a/backend/target/test-classes/com/acme/jndi/LDAPRefServer$OperationInterceptor.class and /dev/null differ diff --git a/backend/target/test-classes/com/acme/jndi/LDAPRefServer.class b/backend/target/test-classes/com/acme/jndi/LDAPRefServer.class deleted file mode 100644 index d07d84b..0000000 Binary files a/backend/target/test-classes/com/acme/jndi/LDAPRefServer.class and /dev/null differ diff --git a/index.js b/index.js index badf6e2..a91debf 100644 --- a/index.js +++ b/index.js @@ -31,6 +31,9 @@ app.get('/', function (req, res) { app.get('/markdown', function (req, res) { res.sendFile(__dirname + '/templates/markdown.html'); }); +app.get('/chat-ui', function (req, res) { + res.sendFile(__dirname + '/templates/chat-ui.html'); +}); app.get('/trimnewlines', function (req, res) { res.send(` diff --git a/templates/chat-ui.html b/templates/chat-ui.html new file mode 100644 index 0000000..a7a11cf --- /dev/null +++ b/templates/chat-ui.html @@ -0,0 +1,51 @@ + + + + + + + Document + + + + +
+ + + +