New XSS Secure Level Added

Author: Lyes

.settings/org.eclipse.jdt.core.prefs

@@ -0,0 +1,4 @@
+eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8
+org.eclipse.jdt.core.compiler.compliance=1.8
+org.eclipse.jdt.core.compiler.source=1.8

.vscode/settings.json

@@ -0,0 +1,3 @@
+{
+    "java.configuration.updateBuildConfiguration": "interactive"
+}

src/main/java/org/sasanlabs/service/vulnerability/sampleVulnerability/SampleVulnerability.java

@@ -0,0 +1,108 @@
+package org.sasanlabs.service.vulnerability.sampleVulnerability;
+
+import org.sasanlabs.internal.utility.LevelConstants;
+import org.sasanlabs.internal.utility.Variant;
+import org.sasanlabs.internal.utility.annotations.AttackVector;
+import org.sasanlabs.internal.utility.annotations.VulnerableAppRequestMapping;
+import org.sasanlabs.internal.utility.annotations.VulnerableAppRestController;
+import org.sasanlabs.service.vulnerability.bean.GenericVulnerabilityResponseBean;
+import org.sasanlabs.vulnerability.types.VulnerabilityType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.RequestParam;
+
+/**
+ * This is a sample vulnerability for helping developers in adding a new Vulnerability for
+ * VulnerableApp
+ *
+ * @author KSASAN preetkaran20@gmail.com
+ */
+/**
+ * {@code VulnerableAppRestController} annotation is similar to {@link
+ * org.springframework.stereotype.Controller} Annotation
+ */
+@VulnerableAppRestController(
+        /**
+         * "descriptionLabel" parameter of annotation is i18n label stored in {@link
+         * /VulnerableApp/src/main/resources/i18n/}. This descriptionLabel
+         * will be shown in the UI as the description of the Vulnerability. It helps students to
+         * learn about the vulnerability and can also include some of the useful references etc.
+         */
+        descriptionLabel = "SAMPLE_VULNERABILITY",
+        /**
+         * "value" parameter of annotation is used to create the request mapping. e.g. for the below
+         * parameter value, /VulnerableApp/SampleVulnerability will be created as URI Path.
+         */
+        value = "SampleVulnerability")
+public class SampleVulnerability {
+
+    /**
+     * {@code AttackVector} annotation is used to create the Hints section in the User Interface.
+     * This annotation can be mentioned multiple times in case the same vulnerability level
+     */
+    @AttackVector(
+            /**
+             * "vulnerabilityExposed" parameter is used to depict the Vulnerability exposed by the
+             * level. For example say a level is exposing SQL_INJECTION.
+             */
+            vulnerabilityExposed = VulnerabilityType.SAMPLE_VULNERABILITY,
+            /**
+             * "description" parameter of annotation is i18n label stored in {@link
+             * /VulnerableApp/src/main/resources/i18n/}. This description
+             * will be shown in the UI as hint to give some indication on how the level is handling
+             * input to help user to crack the level.
+             */
+            description = "SAMPLE_VULNERABILITY_USER_INPUT_HANDLING_INJECTION",
+
+            /**
+             * "payload" parameter of annotation is i18n label stored in {@link
+             * /VulnerableApp/src/main/resources/attackvectors/*.properties}. This payload will be
+             * shown in UI to help users find/exploit the vulnerability
+             */
+            payload = "NOT_APPLICABLE")
+    /**
+     * This annotation is similar to {@link RequestMapping} SpringBoot annotation. It will map the
+     * endpoint to /VulnerableApp/SampleVulnerability/LEVEL_1 where LEVEL_1 is coming from the value
+     * parameter.
+     */
+    @VulnerableAppRequestMapping(
+            /**
+             * "value" parameter is used to map the level to URI path
+             * /VulnerableApp/SampleVulnerability/${value}.
+             */
+            value = LevelConstants.LEVEL_1,
+
+            /**
+             * "htmlTemplate" is used to load the UI for the level for taking input from the user.
+             * It points to files in directory
+             * src/main/resource/static/templates/${VulnerabilityName} e.g.
+             * src/main/resource/static/templates/SampleVulnerability as ${htmlTemplate}.js,
+             * ${htmlTemplate}.css, ${htmlTemplate}.html. e.g. in this case it will be:
+             * src/main/resource/static/templates/SampleVulnerability/LEVEL_1/SampleVulnerability_Level1.js
+             * etc
+             *
+             * <p>CSS, JS and HTML are all loaded to render the UI.
+             */
+            htmlTemplate = "LEVEL_1/SampleVulnerability")
+    public GenericVulnerabilityResponseBean<String> sampleUnsecuredLevel(@RequestParam("name") String key) {
+        /** Add Business logic here */
+        return new GenericVulnerabilityResponseBean<>("Not Implemented", true);
+    }
+
+    /** For secured level there is no need for {@link AttackVector} annotation. */
+    @VulnerableAppRequestMapping(
+            value = LevelConstants.LEVEL_2,
+           
+            // Can reuse the same UI template in case it doesn't change between levels
+            htmlTemplate = "LEVEL_1/SampleVulnerability",
+            /**
+             * "variant" parameter defines whether the level is secure or not and same is depicted
+             * in the UI as a closed lock and open lock icon. Default value of the variant is
+             * UNSECURE so in case a secure level is added, please add the variant as {@link
+             * Variant#SECURE}
+             */
+            variant = Variant.SECURE)
+    public GenericVulnerabilityResponseBean<String> sampleSecuredLevel(@RequestParam("name") String key) {
+        /** Add Business logic here */
+    	return new GenericVulnerabilityResponseBean<>("Not Implemented", true);
+    }
+}

src/main/resources/static/templates/SampleVulnerability/LEVEL_1/SampleVulnerability.css

@@ -0,0 +1,16 @@
+#SampleVulnerability {
+    color: black;
+    text-align: center;
+}
+
+#fetchDetails {
+    background: blueviolet;
+    display: inline-block;
+    padding: 8px 8px;
+    margin: 10px;
+    border: 2px solid transparent;
+    border-radius: 3px;
+    transition: 0.2s opacity;
+    color: #FFF;
+    font-size: 12px;
+}

src/main/resources/static/templates/SampleVulnerability/LEVEL_1/SampleVulnerability.html

@@ -0,0 +1,9 @@
+<div id="SampleVulnerability">
+	<div>
+		<div id="level_info">
+			This is a Sample Vulnerability. please add the UI components here.
+		</div>
+		<button id=fetchDetails>Click Here</button>
+		<div id="response"></div>
+	</div>
+</div>

src/main/resources/static/templates/SampleVulnerability/LEVEL_1/SampleVulnerability.js

@@ -0,0 +1,23 @@
+function addingEventListenerToFetchData() {
+  document
+    .getElementById("fetchDetails")
+    .addEventListener("click", function () {
+      /**
+       * getUrlForVulnerabilityLevel() method provides url to call the Vulnerability Level
+       * of Sample Vulnerability.
+       * e.g. /VulnerableApp/SampleVulnerability/LEVEL_1 for LEVEL_1
+       */
+      let url = getUrlForVulnerabilityLevel();
+      /**
+       * doGetAjaxCall() method is used to do the ajax get call to the Vulnerability Level
+       */
+      doGetAjaxCall(fetchDataCallback, url + "?name=dummyInput", true);
+    });
+}
+// Used to register event on the button or any other component
+addingEventListenerToFetchData();
+
+//Callback function to handle the response and render in the UI
+function fetchDataCallback(data) {
+  document.getElementById("response").innerHTML = data.content;
+}