Example 41 with SimpleAction
use of com.opensymphony.xwork2.SimpleAction in project struts by apache.
the class ValidateAction method testExcludedTrickyParameters.
public void testExcludedTrickyParameters() throws Exception {
Map<String, Object> params = new HashMap<String, Object>() {
{
put("blah", "This is blah");
put("name", "try_1");
put("(name)", "try_2");
put("['name']", "try_3");
put("['na' + 'me']", "try_4");
put("{name}[0]", "try_5");
put("(new string{'name'})[0]", "try_6");
put("#{key: 'name'}.key", "try_7");
}
};
HashMap<String, Object> extraContext = new HashMap<>();
extraContext.put(ActionContext.PARAMETERS, HttpParameters.create(params).build());
ActionProxy proxy = actionProxyFactory.createActionProxy("", MockConfigurationProvider.PARAM_INTERCEPTOR_ACTION_NAME, null, extraContext);
ActionConfig config = configuration.getRuntimeConfiguration().getActionConfig("", MockConfigurationProvider.PARAM_INTERCEPTOR_ACTION_NAME);
ParametersInterceptor pi = (ParametersInterceptor) config.getInterceptors().get(0).getInterceptor();
pi.setExcludeParams("name");
proxy.execute();
SimpleAction action = (SimpleAction) proxy.getAction();
assertNull(action.getName());
assertEquals("This is blah", (action).getBlah());
}
Also used :
ActionConfig(com.opensymphony.xwork2.config.entities.ActionConfig)
ActionProxy(com.opensymphony.xwork2.ActionProxy)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
SimpleAction(com.opensymphony.xwork2.SimpleAction)
Example 42 with SimpleAction
use of com.opensymphony.xwork2.SimpleAction in project struts by apache.
the class ValidateAction method testEvalExpressionAsParameterName.
/**
* This test demonstrates a vulnerability which allows to execute arbitrary code.
* For further details and explanations see https://cwiki.apache.org/confluence/display/WW/S2-009
*
* @throws Exception
*/
public void testEvalExpressionAsParameterName() throws Exception {
Map<String, Object> params = new HashMap<>();
params.put("blah", "(#context[\"xwork.MethodAccessor.denyMethodExecution\"]= new " + "java.lang.Boolean(false), #_memberAccess[\"allowStaticMethodAccess\"]= new java.lang.Boolean(true), " + "@java.lang.Runtime@getRuntime().exec('mkdir /tmp/PWNAGE'))(meh)");
params.put("top['blah'](0)", "true");
HashMap<String, Object> extraContext = new HashMap<>();
extraContext.put(ActionContext.PARAMETERS, HttpParameters.create(params).build());
ActionProxy proxy = actionProxyFactory.createActionProxy("", MockConfigurationProvider.PARAM_INTERCEPTOR_ACTION_NAME, null, extraContext);
proxy.execute();
@SuppressWarnings("unused") SimpleAction action = (SimpleAction) proxy.getAction();
File pwn = new File("/tmp/PWNAGE");
boolean dirExists = pwn.exists();
@SuppressWarnings("unused") boolean deleted = pwn.delete();
Assert.assertFalse("Remote exploit: The PWN folder has been created", dirExists);
}
Also used :
ActionProxy(com.opensymphony.xwork2.ActionProxy)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
SimpleAction(com.opensymphony.xwork2.SimpleAction)
File(java.io.File)
Example 43 with SimpleAction
use of com.opensymphony.xwork2.SimpleAction in project struts by apache.
the class ValidateAction method testBeanListSingleValue.
public void testBeanListSingleValue() throws Exception {
Map<String, Object> params = new HashMap<>();
params.put("beanList.name", new String[] { "Superman" });
HashMap<String, Object> extraContext = new HashMap<>();
extraContext.put(ActionContext.PARAMETERS, HttpParameters.create(params).build());
ActionProxy proxy = actionProxyFactory.createActionProxy("", MockConfigurationProvider.PARAM_INTERCEPTOR_ACTION_NAME, null, extraContext);
proxy.execute();
SimpleAction action = (SimpleAction) proxy.getAction();
assertNotNull(action);
assertNotNull(action.getBeanList());
assertFalse(action.getBeanList().isEmpty());
}
Also used :
ActionProxy(com.opensymphony.xwork2.ActionProxy)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
SimpleAction(com.opensymphony.xwork2.SimpleAction)
Example 44 with SimpleAction
use of com.opensymphony.xwork2.SimpleAction in project struts by apache.
the class ValidateAction method testParametersNotAccessPrivateVariables.
public void testParametersNotAccessPrivateVariables() throws Exception {
Map<String, Object> params = new HashMap<>();
params.put("protectedMap.foo", "This is blah");
params.put("theProtectedMap.boo", "This is blah");
HashMap<String, Object> extraContext = new HashMap<>();
extraContext.put(ActionContext.PARAMETERS, HttpParameters.create(params).build());
ActionProxy proxy = actionProxyFactory.createActionProxy("", MockConfigurationProvider.PARAM_INTERCEPTOR_ACTION_NAME, null, extraContext);
proxy.execute();
SimpleAction action = (SimpleAction) proxy.getAction();
assertEquals(1, action.getTheProtectedMap().size());
assertNotNull(action.getTheProtectedMap().get("boo"));
assertNull(action.getTheProtectedMap().get("foo"));
}
Also used :
ActionProxy(com.opensymphony.xwork2.ActionProxy)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
SimpleAction(com.opensymphony.xwork2.SimpleAction)
Example 45 with SimpleAction
use of com.opensymphony.xwork2.SimpleAction in project struts by apache.
the class ScopedModelDrivenInterceptorTest method testNoScopedModelAction.
public void testNoScopedModelAction() throws Exception {
Action action = new SimpleAction();
MockActionInvocation mai = new MockActionInvocation();
MockActionProxy map = new MockActionProxy();
ActionConfig ac = new ActionConfig.Builder("", "", "").build();
map.setConfig(ac);
mai.setAction(action);
mai.setProxy(map);
inter.intercept(mai);
inter.destroy();
// nothing happends
}
Also used :
ActionConfig(com.opensymphony.xwork2.config.entities.ActionConfig)
SimpleAction(com.opensymphony.xwork2.SimpleAction)
Action(com.opensymphony.xwork2.Action)
MockActionInvocation(com.opensymphony.xwork2.mock.MockActionInvocation)
SimpleAction(com.opensymphony.xwork2.SimpleAction)
MockActionProxy(com.opensymphony.xwork2.mock.MockActionProxy)
Aggregations
SimpleAction (com.opensymphony.xwork2.SimpleAction)32
ActionProxy (com.opensymphony.xwork2.ActionProxy)24
HashMap (java.util.HashMap)23
LinkedHashMap (java.util.LinkedHashMap)17
MockActionProxy (com.opensymphony.xwork2.mock.MockActionProxy)14
ActionConfig (com.opensymphony.xwork2.config.entities.ActionConfig)8
XmlConfigurationProvider (com.opensymphony.xwork2.config.providers.XmlConfigurationProvider)7
StrutsXmlConfigurationProvider (org.apache.struts2.config.StrutsXmlConfigurationProvider)7
OgnlUtil (com.opensymphony.xwork2.ognl.OgnlUtil)6
Action (com.opensymphony.xwork2.Action)5
TestBean (com.opensymphony.xwork2.TestBean)5
OgnlValueStack (com.opensymphony.xwork2.ognl.OgnlValueStack)5
ValueStack (com.opensymphony.xwork2.util.ValueStack)5
ActionInvocation (com.opensymphony.xwork2.ActionInvocation)4
ModelDrivenAction (com.opensymphony.xwork2.ModelDrivenAction)3
ConversionData (com.opensymphony.xwork2.conversion.impl.ConversionData)3
MockActionInvocation (com.opensymphony.xwork2.mock.MockActionInvocation)3
StaticWebApplicationContext (org.springframework.web.context.support.StaticWebApplicationContext)3
MockConfigurationProvider (com.opensymphony.xwork2.config.providers.MockConfigurationProvider)2
MockResult (com.opensymphony.xwork2.mock.MockResult)2
