dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed ContentTypeAssignment and SimpleXXE to work with MacOSX

Browse Source
This commit is contained in:
Noah Hansen 2018-01-12 12:02:39 -05:00 committed by Nanne Baars
parent bad60c43c0
commit 568fa82270
2 changed files with 17 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/plugin/ContentTypeAssignment.java
View File

@ -46,7 +46,7 @@ import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
@AssignmentHints({"xxe.hints.content.type.xxe.1", "xxe.hints.content.type.xxe.2"}) @AssignmentHints({"xxe.hints.content.type.xxe.1", "xxe.hints.content.type.xxe.2"})
public class ContentTypeAssignment extends AssignmentEndpoint { public class ContentTypeAssignment extends AssignmentEndpoint {
private final static String[] DEFAULT_LINUX_DIRECTORIES = {"usr", "opt", "var"}; private final static String[] DEFAULT_LINUX_DIRECTORIES = {"usr", "etc", "var"};
private final static String[] DEFAULT_WINDOWS_DIRECTORIES = {"Windows", "Program Files (x86)", "Program Files"}; private final static String[] DEFAULT_WINDOWS_DIRECTORIES = {"Windows", "Program Files (x86)", "Program Files"};
@ -85,7 +85,7 @@ public class ContentTypeAssignment extends AssignmentEndpoint {
} }
private boolean checkSolution(Comment comment) { private boolean checkSolution(Comment comment) {
String[] directoriesToCheck = OS.isFamilyUnix() ? DEFAULT_LINUX_DIRECTORIES : DEFAULT_WINDOWS_DIRECTORIES; String[] directoriesToCheck = OS.isFamilyMac() || OS.isFamilyUnix() ? DEFAULT_LINUX_DIRECTORIES : DEFAULT_WINDOWS_DIRECTORIES;
boolean success = true; boolean success = true;
for (String directory : directoriesToCheck) { for (String directory : directoriesToCheck) {
success &= org.apache.commons.lang3.StringUtils.contains(comment.getText(), directory); success &= org.apache.commons.lang3.StringUtils.contains(comment.getText(), directory);

7
webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/plugin/SimpleXXE.java
View File

@ -54,7 +54,7 @@ import static org.springframework.web.bind.annotation.RequestMethod.POST;
@AssignmentHints({"xxe.hints.simple.xxe.1", "xxe.hints.simple.xxe.2", "xxe.hints.simple.xxe.3", "xxe.hints.simple.xxe.4"}) @AssignmentHints({"xxe.hints.simple.xxe.1", "xxe.hints.simple.xxe.2", "xxe.hints.simple.xxe.3", "xxe.hints.simple.xxe.4"})
public class SimpleXXE extends AssignmentEndpoint { public class SimpleXXE extends AssignmentEndpoint {
private final static String[] DEFAULT_LINUX_DIRECTORIES = {"usr", "opt", "var"}; private final static String[] DEFAULT_LINUX_DIRECTORIES = {"usr", "etc", "var"};
private final static String[] DEFAULT_WINDOWS_DIRECTORIES = {"Windows", "Program Files (x86)", "Program Files"}; private final static String[] DEFAULT_WINDOWS_DIRECTORIES = {"Windows", "Program Files (x86)", "Program Files"};
@Value("${webgoat.server.directory}") @Value("${webgoat.server.directory}")
@ -77,12 +77,11 @@ public class SimpleXXE extends AssignmentEndpoint {
} }
return trackProgress(failed().output(error).build()); return trackProgress(failed().output(error).build());
} }
private boolean checkSolution(Comment comment) { private boolean checkSolution(Comment comment) {
String[] directoriesToCheck = OS.isFamilyUnix() ? DEFAULT_LINUX_DIRECTORIES : DEFAULT_WINDOWS_DIRECTORIES; String[] directoriesToCheck = OS.isFamilyMac() || OS.isFamilyUnix() ? DEFAULT_LINUX_DIRECTORIES : DEFAULT_WINDOWS_DIRECTORIES;
boolean success = true; boolean success = true;
for (String directory : directoriesToCheck) { for (String directory : directoriesToCheck) {
success &= comment.getText().contains(directory); success &= org.apache.commons.lang3.StringUtils.contains(comment.getText(), directory);
} }
return success; return success;
} }