From 76058d7b8dae9e88331a4b58ce3faf4c3f0e599d Mon Sep 17 00:00:00 2001 From: W0ngL1 <148697527+W0ngL1@users.noreply.github.com> Date: Sat, 25 May 2024 23:16:36 +0800 Subject: [PATCH 01/12] feat: add Weak Credential tester for Apache Hive --- ...WeakCredentialDetectorBootstrapModule.java | 2 + .../provider/Top100Passwords.java | 1 + .../testers/hive/HiveCredentialTester.java | 107 ++++++++++++++++ .../src/main/proto/target_service.proto | 1 + .../hive/HiveCredentialTesterTest.java | 121 ++++++++++++++++++ 5 files changed, 232 insertions(+) create mode 100644 google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java create mode 100644 google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/GenericWeakCredentialDetectorBootstrapModule.java b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/GenericWeakCredentialDetectorBootstrapModule.java index 7c46ce6b4..695939c1e 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/GenericWeakCredentialDetectorBootstrapModule.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/GenericWeakCredentialDetectorBootstrapModule.java @@ -41,6 +41,7 @@ import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.testers.jenkins.JenkinsCredentialTester; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.testers.mlflow.MlFlowCredentialTester; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.testers.mysql.MysqlCredentialTester; +import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.testers.hive.HiveCredentialTester; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.testers.ncrack.NcrackCredentialTester; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.testers.postgres.PostgresCredentialTester; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.testers.rabbitmq.RabbitMQCredentialTester; @@ -68,6 +69,7 @@ protected void configurePlugin() { credentialTesterBinder.addBinding().to(JenkinsCredentialTester.class); credentialTesterBinder.addBinding().to(MlFlowCredentialTester.class); credentialTesterBinder.addBinding().to(MysqlCredentialTester.class); + credentialTesterBinder.addBinding().to(HiveCredentialTester.class); credentialTesterBinder.addBinding().to(HydraCredentialTester.class); credentialTesterBinder.addBinding().to(NcrackCredentialTester.class); credentialTesterBinder.addBinding().to(PostgresCredentialTester.class); diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/provider/Top100Passwords.java b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/provider/Top100Passwords.java index 3a2d2afa5..c0f9e2347 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/provider/Top100Passwords.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/provider/Top100Passwords.java @@ -38,6 +38,7 @@ public final class Top100Passwords extends CredentialProvider { private static final ImmutableList TOP_USER_NAMES = ImmutableList.of( + "", "anonymous", "root", "admin", diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java new file mode 100644 index 000000000..87e1d9e85 --- /dev/null +++ b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java @@ -0,0 +1,107 @@ +/* + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.testers.hive; + +import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableMap; +import com.google.common.flogger.GoogleLogger; +import com.google.tsunami.common.data.NetworkEndpointUtils; +import com.google.tsunami.common.data.NetworkServiceUtils; +import com.google.tsunami.common.net.db.ConnectionProviderInterface; +import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.proto.TargetService; +import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.provider.TestCredential; +import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.tester.CredentialTester; +import com.google.tsunami.proto.NetworkService; + +import javax.inject.Inject; +import java.sql.Connection; +import java.sql.SQLException; +import java.util.List; + +import static com.google.common.base.Preconditions.checkNotNull; +import static com.google.common.collect.ImmutableList.toImmutableList; + +/** Credential tester specifically for hive. */ +public final class HiveCredentialTester extends CredentialTester { + private static final GoogleLogger logger = GoogleLogger.forEnclosingClass(); + private final ConnectionProviderInterface connectionProvider; + + private static final ImmutableMap SERVICE_MAP = + ImmutableMap.of("snet-sensor-mgmt", TargetService.HIVE); + + @Inject + HiveCredentialTester(ConnectionProviderInterface connectionProvider) { + this.connectionProvider = checkNotNull(connectionProvider); + } + + @Override + public String name() { + return "HiveCredentialTester"; + } + + @Override + public String description() { + return "Hive credential tester."; + } + + @Override + public boolean canAccept(NetworkService networkService) { + String serviceName = NetworkServiceUtils.getServiceName(networkService); + return SERVICE_MAP.containsKey(serviceName); + } + + @Override + public boolean batched() { + return true; + } + + @Override + public ImmutableList testValidCredentials( + NetworkService networkService, List credentials) { + if (!canAccept(networkService)) { + return ImmutableList.of(); + } + + return credentials.stream() + .filter(cred -> isHiveAccessible(networkService, cred)) + .collect(toImmutableList()); + } + + private boolean isHiveAccessible(NetworkService networkService, TestCredential credential) { + + try { + var url = + String.format( + "jdbc:hive2://%s/default", + NetworkEndpointUtils.toUriAuthority(networkService.getNetworkEndpoint())); + logger.atInfo().log( + "url: %s, username: %s, password: %s", + url, credential.username(), credential.password().orElse("")); + Connection conn = + connectionProvider.getConnection( + url, credential.username(), credential.password().orElse("")); + + if (conn != null) { + logger.atInfo().log("Connected to the Hive server successfully."); + return true; + } + } catch (SQLException e) { + logger.atSevere().log( + "HiveCredentialTester sql error: %s (%d)", e.getMessage(), e.getErrorCode()); + } + return false; + } +} diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/main/proto/target_service.proto b/google/detectors/credentials/generic_weak_credential_detector/src/main/proto/target_service.proto index 02d3496ef..f7e877b7c 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/main/proto/target_service.proto +++ b/google/detectors/credentials/generic_weak_credential_detector/src/main/proto/target_service.proto @@ -58,4 +58,5 @@ enum TargetService { OWA = 23; // Outlook Web App (Web Application) DICOM = 24; // Digital Imaging and Communications in Medicine (Healthcare // Protocol) + HIVE = 25; // Apache Hive (SQL Database) } diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java new file mode 100644 index 000000000..26dfeebf1 --- /dev/null +++ b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java @@ -0,0 +1,121 @@ +/* + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.testers.hive; + +import com.google.common.collect.ImmutableList; +import com.google.tsunami.common.net.db.ConnectionProviderInterface; +import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.provider.TestCredential; +import com.google.tsunami.proto.NetworkService; +import org.junit.Before; +import org.junit.Rule; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.JUnit4; +import org.mockito.Mock; +import org.mockito.junit.MockitoJUnit; +import org.mockito.junit.MockitoRule; + +import java.sql.Connection; +import java.util.Optional; + +import static com.google.common.truth.Truth.assertThat; +import static com.google.tsunami.common.data.NetworkEndpointUtils.forHostnameAndPort; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.verifyNoInteractions; +import static org.mockito.Mockito.when; + +/** Tests for {@link HiveCredentialTester}. */ +@RunWith(JUnit4.class) +public class HiveCredentialTesterTest { + @Rule public MockitoRule rule = MockitoJUnit.rule(); + @Mock private ConnectionProviderInterface mockConnectionProvider; + @Mock private Connection mockConnection; + private HiveCredentialTester tester; + + private static final TestCredential WEAK_CRED_1 = + TestCredential.create("user", Optional.of("1234")); + private static final TestCredential WEAK_CRED_2 = + TestCredential.create("root", Optional.of("pass")); + + @Before + public void setup() { + tester = new HiveCredentialTester(mockConnectionProvider); + } + + @Test + public void detect_weakCredExists_returnsWeakCred() throws Exception { + when(mockConnectionProvider.getConnection( + "jdbc:hive2://example.com:10000/default", "user", "1234")) + .thenReturn(mockConnection); + NetworkService targetNetworkService = + NetworkService.newBuilder() + .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) + .setServiceName("snet-sensor-mgmt") + .build(); + + assertThat(tester.testValidCredentials(targetNetworkService, ImmutableList.of(WEAK_CRED_1))) + .containsExactly(WEAK_CRED_1); + } + + @Test + public void detect_weakCredsExist_returnsAllWeakCreds() throws Exception { + when(mockConnectionProvider.getConnection( + "jdbc:hive2://example.com:10000/default", "user", "1234")) + .thenReturn(mockConnection); + when(mockConnectionProvider.getConnection( + "jdbc:hive2://example.com:10000/default", "root", "pass")) + .thenReturn(mockConnection); + NetworkService targetNetworkService = + NetworkService.newBuilder() + .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) + .setServiceName("snet-sensor-mgmt") + .build(); + + assertThat( + tester.testValidCredentials( + targetNetworkService, ImmutableList.of(WEAK_CRED_1, WEAK_CRED_2))) + .containsExactly(WEAK_CRED_1, WEAK_CRED_2); + } + + @Test + public void detect_noWeakCred_returnsNoCred() throws Exception { + when(mockConnectionProvider.getConnection( + "jdbc:hive2://example.com:10000/default", "hardtoguess", "hardtoguess")) + .thenReturn(mockConnection); + NetworkService targetNetworkService = + NetworkService.newBuilder() + .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) + .setServiceName("snet-sensor-mgmt") + .build(); + + assertThat(tester.testValidCredentials(targetNetworkService, ImmutableList.of(WEAK_CRED_1))) + .isEmpty(); + } + + @Test + public void detect_hiveService_skips() throws Exception { + when(mockConnectionProvider.getConnection(any(), any(), any())).thenReturn(mockConnection); + NetworkService targetNetworkService = + NetworkService.newBuilder() + .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) + .setServiceName("snet-sensor-mgmt") + .build(); + + assertThat(tester.testValidCredentials(targetNetworkService, ImmutableList.of())) + .isEmpty(); + verifyNoInteractions(mockConnectionProvider); + } +} From 8cbcbbf05dc23798c12d67e1c380d9b81a96171c Mon Sep 17 00:00:00 2001 From: W0ngL1 <148697527+W0ngL1@users.noreply.github.com> Date: Tue, 9 Jul 2024 22:37:04 +0800 Subject: [PATCH 02/12] chore: format --- .../testers/hive/HiveCredentialTester.java | 10 +++++----- .../testers/hive/HiveCredentialTesterTest.java | 14 +++++++------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java index 87e1d9e85..ad264d3a5 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java @@ -13,8 +13,12 @@ * See the License for the specific language governing permissions and * limitations under the License. */ + package com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.testers.hive; +import static com.google.common.base.Preconditions.checkNotNull; +import static com.google.common.collect.ImmutableList.toImmutableList; + import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; import com.google.common.flogger.GoogleLogger; @@ -25,14 +29,10 @@ import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.provider.TestCredential; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.tester.CredentialTester; import com.google.tsunami.proto.NetworkService; - -import javax.inject.Inject; import java.sql.Connection; import java.sql.SQLException; import java.util.List; - -import static com.google.common.base.Preconditions.checkNotNull; -import static com.google.common.collect.ImmutableList.toImmutableList; +import javax.inject.Inject; /** Credential tester specifically for hive. */ public final class HiveCredentialTester extends CredentialTester { diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java index 26dfeebf1..d0b97975f 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java @@ -13,8 +13,15 @@ * See the License for the specific language governing permissions and * limitations under the License. */ + package com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.testers.hive; +import static com.google.common.truth.Truth.assertThat; +import static com.google.tsunami.common.data.NetworkEndpointUtils.forHostnameAndPort; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.verifyNoInteractions; +import static org.mockito.Mockito.when; + import com.google.common.collect.ImmutableList; import com.google.tsunami.common.net.db.ConnectionProviderInterface; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.provider.TestCredential; @@ -27,16 +34,9 @@ import org.mockito.Mock; import org.mockito.junit.MockitoJUnit; import org.mockito.junit.MockitoRule; - import java.sql.Connection; import java.util.Optional; -import static com.google.common.truth.Truth.assertThat; -import static com.google.tsunami.common.data.NetworkEndpointUtils.forHostnameAndPort; -import static org.mockito.ArgumentMatchers.any; -import static org.mockito.Mockito.verifyNoInteractions; -import static org.mockito.Mockito.when; - /** Tests for {@link HiveCredentialTester}. */ @RunWith(JUnit4.class) public class HiveCredentialTesterTest { From 01f991f21521e55ecfbd938d8e7f1311a16e3313 Mon Sep 17 00:00:00 2001 From: W0ngL1 <148697527+W0ngL1@users.noreply.github.com> Date: Wed, 10 Jul 2024 15:23:44 +0800 Subject: [PATCH 03/12] feat: add http detection for apache hive --- .../testers/hive/HiveCredentialTester.java | 31 +++++++++++++++++-- .../hive/HiveCredentialTesterTest.java | 5 ++- 2 files changed, 33 insertions(+), 3 deletions(-) diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java index ad264d3a5..637641c32 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java @@ -18,33 +18,43 @@ import static com.google.common.base.Preconditions.checkNotNull; import static com.google.common.collect.ImmutableList.toImmutableList; +import static com.google.tsunami.common.net.http.HttpRequest.get; import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; import com.google.common.flogger.GoogleLogger; +import com.google.common.net.HostAndPort; import com.google.tsunami.common.data.NetworkEndpointUtils; import com.google.tsunami.common.data.NetworkServiceUtils; import com.google.tsunami.common.net.db.ConnectionProviderInterface; +import com.google.tsunami.common.net.http.HttpResponse; +import com.google.tsunami.common.net.http.HttpClient; +import com.google.tsunami.common.net.http.HttpStatus; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.proto.TargetService; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.provider.TestCredential; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.tester.CredentialTester; import com.google.tsunami.proto.NetworkService; + +import java.io.IOException; import java.sql.Connection; import java.sql.SQLException; import java.util.List; +import java.util.Optional; import javax.inject.Inject; /** Credential tester specifically for hive. */ public final class HiveCredentialTester extends CredentialTester { private static final GoogleLogger logger = GoogleLogger.forEnclosingClass(); private final ConnectionProviderInterface connectionProvider; - + private final HttpClient httpClient; private static final ImmutableMap SERVICE_MAP = ImmutableMap.of("snet-sensor-mgmt", TargetService.HIVE); + private static final String HIVE_TITLE = "HiveServer2"; @Inject - HiveCredentialTester(ConnectionProviderInterface connectionProvider) { + HiveCredentialTester(ConnectionProviderInterface connectionProvider, HttpClient httpClient) { this.connectionProvider = checkNotNull(connectionProvider); + this.httpClient = httpClient; } @Override @@ -59,6 +69,23 @@ public String description() { @Override public boolean canAccept(NetworkService networkService) { + HostAndPort targetPage = NetworkEndpointUtils.toHostAndPort(networkService.getNetworkEndpoint()); + String targetUri = String.format("http://%s:%d", targetPage.getHost(), 10002); + + try { + HttpResponse response = httpClient.send(get(targetUri).withEmptyHeaders().build(), networkService); + if (response != null) { + Optional body = response.bodyString(); + if (response.status().code() == HttpStatus.OK.code() + && body.isPresent() && body.get().contains(HIVE_TITLE)) { + logger.atWarning().log("Succeed to query hive http server '%s'.", targetUri); + } else { + logger.atWarning().log("Unable to query hive http server '%s'.", targetUri); + } + } + } catch (IOException e) { + logger.atWarning().withCause(e).log("Unable to query hive http server '%s'.", targetUri); + } String serviceName = NetworkServiceUtils.getServiceName(networkService); return SERVICE_MAP.containsKey(serviceName); } diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java index d0b97975f..e09c12cde 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java @@ -24,6 +24,7 @@ import com.google.common.collect.ImmutableList; import com.google.tsunami.common.net.db.ConnectionProviderInterface; +import com.google.tsunami.common.net.http.HttpClient; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.provider.TestCredential; import com.google.tsunami.proto.NetworkService; import org.junit.Before; @@ -34,6 +35,7 @@ import org.mockito.Mock; import org.mockito.junit.MockitoJUnit; import org.mockito.junit.MockitoRule; + import java.sql.Connection; import java.util.Optional; @@ -43,6 +45,7 @@ public class HiveCredentialTesterTest { @Rule public MockitoRule rule = MockitoJUnit.rule(); @Mock private ConnectionProviderInterface mockConnectionProvider; @Mock private Connection mockConnection; + @Mock private HttpClient httpClient; private HiveCredentialTester tester; private static final TestCredential WEAK_CRED_1 = @@ -52,7 +55,7 @@ public class HiveCredentialTesterTest { @Before public void setup() { - tester = new HiveCredentialTester(mockConnectionProvider); + tester = new HiveCredentialTester(mockConnectionProvider, httpClient); } @Test From 43df9f5726fbf232957539188fbcc286819913e8 Mon Sep 17 00:00:00 2001 From: W0ngL1 <148697527+W0ngL1@users.noreply.github.com> Date: Fri, 12 Jul 2024 09:47:12 +0800 Subject: [PATCH 04/12] chore: format --- .../testers/hive/HiveCredentialTester.java | 1 - .../testers/hive/HiveCredentialTesterTest.java | 1 - 2 files changed, 2 deletions(-) diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java index 637641c32..086d8b49a 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java @@ -34,7 +34,6 @@ import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.provider.TestCredential; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.tester.CredentialTester; import com.google.tsunami.proto.NetworkService; - import java.io.IOException; import java.sql.Connection; import java.sql.SQLException; diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java index e09c12cde..56b1d20fd 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java @@ -35,7 +35,6 @@ import org.mockito.Mock; import org.mockito.junit.MockitoJUnit; import org.mockito.junit.MockitoRule; - import java.sql.Connection; import java.util.Optional; From 7f7a034f010349b650e1a5ac4058728274b155cc Mon Sep 17 00:00:00 2001 From: W0ngL1 <148697527+W0ngL1@users.noreply.github.com> Date: Fri, 12 Jul 2024 11:04:00 +0800 Subject: [PATCH 05/12] feat: return hive detection results directly through HTTP response --- .../testers/hive/HiveCredentialTester.java | 10 +- .../hive/HiveCredentialTesterTest.java | 107 +++++++++++++----- 2 files changed, 85 insertions(+), 32 deletions(-) diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java index 086d8b49a..2a3f27869 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java @@ -75,18 +75,16 @@ public boolean canAccept(NetworkService networkService) { HttpResponse response = httpClient.send(get(targetUri).withEmptyHeaders().build(), networkService); if (response != null) { Optional body = response.bodyString(); + body.ifPresent(s -> logger.atWarning().log(s)); if (response.status().code() == HttpStatus.OK.code() && body.isPresent() && body.get().contains(HIVE_TITLE)) { - logger.atWarning().log("Succeed to query hive http server '%s'.", targetUri); - } else { - logger.atWarning().log("Unable to query hive http server '%s'.", targetUri); + return true; } } } catch (IOException e) { - logger.atWarning().withCause(e).log("Unable to query hive http server '%s'.", targetUri); + return false; } - String serviceName = NetworkServiceUtils.getServiceName(networkService); - return SERVICE_MAP.containsKey(serviceName); + return false; } @Override diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java index 56b1d20fd..2d2aab3d6 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java @@ -23,18 +23,30 @@ import static org.mockito.Mockito.when; import com.google.common.collect.ImmutableList; +import com.google.protobuf.ByteString; import com.google.tsunami.common.net.db.ConnectionProviderInterface; import com.google.tsunami.common.net.http.HttpClient; +import com.google.tsunami.common.net.http.HttpStatus; +import com.google.tsunami.common.net.http.HttpHeaders; +import com.google.tsunami.common.net.http.HttpRequest; +import com.google.tsunami.common.net.http.HttpResponse; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.provider.TestCredential; import com.google.tsunami.proto.NetworkService; +import okhttp3.mockwebserver.Dispatcher; +import okhttp3.mockwebserver.MockResponse; +import okhttp3.mockwebserver.MockWebServer; +import okhttp3.mockwebserver.RecordedRequest; +import org.junit.After; import org.junit.Before; import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.JUnit4; import org.mockito.Mock; +import org.mockito.MockitoAnnotations; import org.mockito.junit.MockitoJUnit; import org.mockito.junit.MockitoRule; +import java.io.IOException; import java.sql.Connection; import java.util.Optional; @@ -46,6 +58,7 @@ public class HiveCredentialTesterTest { @Mock private Connection mockConnection; @Mock private HttpClient httpClient; private HiveCredentialTester tester; + private MockWebServer mockWebServer; private static final TestCredential WEAK_CRED_1 = TestCredential.create("user", Optional.of("1234")); @@ -53,71 +66,113 @@ public class HiveCredentialTesterTest { TestCredential.create("root", Optional.of("pass")); @Before - public void setup() { + public void setup() throws IOException { + MockitoAnnotations.openMocks(this); + mockWebServer = new MockWebServer(); + startMockWebServer(); + tester = new HiveCredentialTester(mockConnectionProvider, httpClient); } + @After + public void tearDown() throws IOException { + mockWebServer.shutdown(); + } + @Test public void detect_weakCredExists_returnsWeakCred() throws Exception { when(mockConnectionProvider.getConnection( "jdbc:hive2://example.com:10000/default", "user", "1234")) - .thenReturn(mockConnection); + .thenReturn(mockConnection); + when(httpClient.send(any(HttpRequest.class), any(NetworkService.class))) + .thenReturn(HttpResponse.builder() + .setStatus(HttpStatus.OK) + .setBodyBytes(ByteString.copyFromUtf8("HiveServer2")) + .setHeaders(HttpHeaders.builder().addHeader("Content-Type", "text/html").build()) + .build()); NetworkService targetNetworkService = - NetworkService.newBuilder() - .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) - .setServiceName("snet-sensor-mgmt") - .build(); + NetworkService.newBuilder() + .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) + .setServiceName("snet-sensor-mgmt") + .build(); assertThat(tester.testValidCredentials(targetNetworkService, ImmutableList.of(WEAK_CRED_1))) - .containsExactly(WEAK_CRED_1); + .containsExactly(WEAK_CRED_1); } @Test public void detect_weakCredsExist_returnsAllWeakCreds() throws Exception { when(mockConnectionProvider.getConnection( "jdbc:hive2://example.com:10000/default", "user", "1234")) - .thenReturn(mockConnection); + .thenReturn(mockConnection); when(mockConnectionProvider.getConnection( "jdbc:hive2://example.com:10000/default", "root", "pass")) - .thenReturn(mockConnection); + .thenReturn(mockConnection); + when(httpClient.send(any(HttpRequest.class), any(NetworkService.class))) + .thenReturn(HttpResponse.builder() + .setStatus(HttpStatus.OK) + .setBodyBytes(ByteString.copyFromUtf8("HiveServer2")) + .setHeaders(HttpHeaders.builder().addHeader("Content-Type", "text/html").build()) + .build()); NetworkService targetNetworkService = - NetworkService.newBuilder() - .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) - .setServiceName("snet-sensor-mgmt") - .build(); + NetworkService.newBuilder() + .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) + .setServiceName("snet-sensor-mgmt") + .build(); assertThat( tester.testValidCredentials( - targetNetworkService, ImmutableList.of(WEAK_CRED_1, WEAK_CRED_2))) - .containsExactly(WEAK_CRED_1, WEAK_CRED_2); + targetNetworkService, ImmutableList.of(WEAK_CRED_1, WEAK_CRED_2))) + .containsExactly(WEAK_CRED_1, WEAK_CRED_2); } @Test public void detect_noWeakCred_returnsNoCred() throws Exception { when(mockConnectionProvider.getConnection( "jdbc:hive2://example.com:10000/default", "hardtoguess", "hardtoguess")) - .thenReturn(mockConnection); + .thenReturn(mockConnection); + when(httpClient.send(any(HttpRequest.class), any(NetworkService.class))) + .thenReturn(HttpResponse.builder() + .setStatus(HttpStatus.OK) + .setBodyBytes(ByteString.copyFromUtf8("HiveServer2")) + .setHeaders(HttpHeaders.builder().addHeader("Content-Type", "text/html").build()) + .build()); NetworkService targetNetworkService = - NetworkService.newBuilder() - .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) - .setServiceName("snet-sensor-mgmt") - .build(); + NetworkService.newBuilder() + .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) + .setServiceName("snet-sensor-mgmt") + .build(); assertThat(tester.testValidCredentials(targetNetworkService, ImmutableList.of(WEAK_CRED_1))) - .isEmpty(); + .isEmpty(); } @Test public void detect_hiveService_skips() throws Exception { when(mockConnectionProvider.getConnection(any(), any(), any())).thenReturn(mockConnection); NetworkService targetNetworkService = - NetworkService.newBuilder() - .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) - .setServiceName("snet-sensor-mgmt") - .build(); + NetworkService.newBuilder() + .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) + .setServiceName("snet-sensor-mgmt") + .build(); assertThat(tester.testValidCredentials(targetNetworkService, ImmutableList.of())) - .isEmpty(); + .isEmpty(); verifyNoInteractions(mockConnectionProvider); } + + private void startMockWebServer() throws IOException { + final Dispatcher dispatcher = + new Dispatcher() { + @Override + public MockResponse dispatch(RecordedRequest request) { + return new MockResponse() + .setResponseCode(200) + .setBody("HiveServer2"); + } + }; + mockWebServer.setDispatcher(dispatcher); + mockWebServer.start(10002); + mockWebServer.url("/"); + } } From 121e4a4264858965704e76656d2481f0f112eccc Mon Sep 17 00:00:00 2001 From: W0ngL1 <148697527+W0ngL1@users.noreply.github.com> Date: Fri, 12 Jul 2024 11:04:43 +0800 Subject: [PATCH 06/12] chore: remove debug log --- .../testers/hive/HiveCredentialTester.java | 1 - 1 file changed, 1 deletion(-) diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java index 2a3f27869..0c993a7a0 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java @@ -75,7 +75,6 @@ public boolean canAccept(NetworkService networkService) { HttpResponse response = httpClient.send(get(targetUri).withEmptyHeaders().build(), networkService); if (response != null) { Optional body = response.bodyString(); - body.ifPresent(s -> logger.atWarning().log(s)); if (response.status().code() == HttpStatus.OK.code() && body.isPresent() && body.get().contains(HIVE_TITLE)) { return true; From 390fac68eac94ce2f9f7cb61e3610ad2bfe3f4fa Mon Sep 17 00:00:00 2001 From: W0ngL1 <148697527+W0ngL1@users.noreply.github.com> Date: Fri, 12 Jul 2024 11:35:21 +0800 Subject: [PATCH 07/12] chore: remove useless variables and imports --- .../testers/hive/HiveCredentialTester.java | 5 ----- 1 file changed, 5 deletions(-) diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java index 0c993a7a0..b3180ba7a 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java @@ -21,16 +21,13 @@ import static com.google.tsunami.common.net.http.HttpRequest.get; import com.google.common.collect.ImmutableList; -import com.google.common.collect.ImmutableMap; import com.google.common.flogger.GoogleLogger; import com.google.common.net.HostAndPort; import com.google.tsunami.common.data.NetworkEndpointUtils; -import com.google.tsunami.common.data.NetworkServiceUtils; import com.google.tsunami.common.net.db.ConnectionProviderInterface; import com.google.tsunami.common.net.http.HttpResponse; import com.google.tsunami.common.net.http.HttpClient; import com.google.tsunami.common.net.http.HttpStatus; -import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.proto.TargetService; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.provider.TestCredential; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.tester.CredentialTester; import com.google.tsunami.proto.NetworkService; @@ -46,8 +43,6 @@ public final class HiveCredentialTester extends CredentialTester { private static final GoogleLogger logger = GoogleLogger.forEnclosingClass(); private final ConnectionProviderInterface connectionProvider; private final HttpClient httpClient; - private static final ImmutableMap SERVICE_MAP = - ImmutableMap.of("snet-sensor-mgmt", TargetService.HIVE); private static final String HIVE_TITLE = "HiveServer2"; @Inject From 19561530cf649caf113fee2e57630a4511281b7f Mon Sep 17 00:00:00 2001 From: W0ngL1 <148697527+W0ngL1@users.noreply.github.com> Date: Fri, 12 Jul 2024 22:51:34 +0800 Subject: [PATCH 08/12] chore: format --- .../testers/hive/HiveCredentialTester.java | 2 +- .../testers/hive/HiveCredentialTesterTest.java | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java index b3180ba7a..8a8e8dc39 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java @@ -25,8 +25,8 @@ import com.google.common.net.HostAndPort; import com.google.tsunami.common.data.NetworkEndpointUtils; import com.google.tsunami.common.net.db.ConnectionProviderInterface; -import com.google.tsunami.common.net.http.HttpResponse; import com.google.tsunami.common.net.http.HttpClient; +import com.google.tsunami.common.net.http.HttpResponse; import com.google.tsunami.common.net.http.HttpStatus; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.provider.TestCredential; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.tester.CredentialTester; diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java index 2d2aab3d6..71f99462e 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java @@ -26,12 +26,15 @@ import com.google.protobuf.ByteString; import com.google.tsunami.common.net.db.ConnectionProviderInterface; import com.google.tsunami.common.net.http.HttpClient; -import com.google.tsunami.common.net.http.HttpStatus; import com.google.tsunami.common.net.http.HttpHeaders; import com.google.tsunami.common.net.http.HttpRequest; import com.google.tsunami.common.net.http.HttpResponse; +import com.google.tsunami.common.net.http.HttpStatus; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.provider.TestCredential; import com.google.tsunami.proto.NetworkService; +import java.io.IOException; +import java.sql.Connection; +import java.util.Optional; import okhttp3.mockwebserver.Dispatcher; import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; @@ -46,9 +49,6 @@ import org.mockito.MockitoAnnotations; import org.mockito.junit.MockitoJUnit; import org.mockito.junit.MockitoRule; -import java.io.IOException; -import java.sql.Connection; -import java.util.Optional; /** Tests for {@link HiveCredentialTester}. */ @RunWith(JUnit4.class) From e1a19073fa073f66e9b25a81d31a50ffcbfdc14c Mon Sep 17 00:00:00 2001 From: W0ngL1 <148697527+W0ngL1@users.noreply.github.com> Date: Sat, 13 Jul 2024 16:59:54 +0800 Subject: [PATCH 09/12] feat: update --- .../testers/hive/HiveCredentialTester.java | 12 ++++----- .../hive/HiveCredentialTesterTest.java | 27 ++++++++++--------- 2 files changed, 20 insertions(+), 19 deletions(-) diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java index 8a8e8dc39..4442c63fd 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java @@ -24,6 +24,7 @@ import com.google.common.flogger.GoogleLogger; import com.google.common.net.HostAndPort; import com.google.tsunami.common.data.NetworkEndpointUtils; +import com.google.tsunami.common.data.NetworkServiceUtils; import com.google.tsunami.common.net.db.ConnectionProviderInterface; import com.google.tsunami.common.net.http.HttpClient; import com.google.tsunami.common.net.http.HttpResponse; @@ -44,6 +45,7 @@ public final class HiveCredentialTester extends CredentialTester { private final ConnectionProviderInterface connectionProvider; private final HttpClient httpClient; private static final String HIVE_TITLE = "HiveServer2"; + private static final int HIVE_TCP_PORT = 10000; @Inject HiveCredentialTester(ConnectionProviderInterface connectionProvider, HttpClient httpClient) { @@ -63,8 +65,7 @@ public String description() { @Override public boolean canAccept(NetworkService networkService) { - HostAndPort targetPage = NetworkEndpointUtils.toHostAndPort(networkService.getNetworkEndpoint()); - String targetUri = String.format("http://%s:%d", targetPage.getHost(), 10002); + String targetUri = NetworkServiceUtils.buildWebApplicationRootUrl(networkService); try { HttpResponse response = httpClient.send(get(targetUri).withEmptyHeaders().build(), networkService); @@ -99,12 +100,9 @@ public ImmutableList testValidCredentials( } private boolean isHiveAccessible(NetworkService networkService, TestCredential credential) { - + HostAndPort targetPage = NetworkEndpointUtils.toHostAndPort(networkService.getNetworkEndpoint()); try { - var url = - String.format( - "jdbc:hive2://%s/default", - NetworkEndpointUtils.toUriAuthority(networkService.getNetworkEndpoint())); + String url = String.format("jdbc:hive2://%s:%d/default", targetPage.getHost(), HIVE_TCP_PORT); logger.atInfo().log( "url: %s, username: %s, password: %s", url, credential.username(), credential.password().orElse("")); diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java index 71f99462e..5164bcad0 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java @@ -35,6 +35,8 @@ import java.io.IOException; import java.sql.Connection; import java.util.Optional; + +import com.google.tsunami.proto.Software; import okhttp3.mockwebserver.Dispatcher; import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; @@ -46,7 +48,6 @@ import org.junit.runner.RunWith; import org.junit.runners.JUnit4; import org.mockito.Mock; -import org.mockito.MockitoAnnotations; import org.mockito.junit.MockitoJUnit; import org.mockito.junit.MockitoRule; @@ -67,10 +68,8 @@ public class HiveCredentialTesterTest { @Before public void setup() throws IOException { - MockitoAnnotations.openMocks(this); mockWebServer = new MockWebServer(); startMockWebServer(); - tester = new HiveCredentialTester(mockConnectionProvider, httpClient); } @@ -92,8 +91,9 @@ public void detect_weakCredExists_returnsWeakCred() throws Exception { .build()); NetworkService targetNetworkService = NetworkService.newBuilder() - .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) - .setServiceName("snet-sensor-mgmt") + .setNetworkEndpoint(forHostnameAndPort("example.com", mockWebServer.getPort())) + .setServiceName("http") + .setSoftware(Software.newBuilder().setName("hive")) .build(); assertThat(tester.testValidCredentials(targetNetworkService, ImmutableList.of(WEAK_CRED_1))) @@ -116,8 +116,9 @@ public void detect_weakCredsExist_returnsAllWeakCreds() throws Exception { .build()); NetworkService targetNetworkService = NetworkService.newBuilder() - .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) - .setServiceName("snet-sensor-mgmt") + .setNetworkEndpoint(forHostnameAndPort("example.com", mockWebServer.getPort())) + .setServiceName("http") + .setSoftware(Software.newBuilder().setName("hive")) .build(); assertThat( @@ -139,8 +140,9 @@ public void detect_noWeakCred_returnsNoCred() throws Exception { .build()); NetworkService targetNetworkService = NetworkService.newBuilder() - .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) - .setServiceName("snet-sensor-mgmt") + .setNetworkEndpoint(forHostnameAndPort("example.com", mockWebServer.getPort())) + .setServiceName("http") + .setSoftware(Software.newBuilder().setName("hive")) .build(); assertThat(tester.testValidCredentials(targetNetworkService, ImmutableList.of(WEAK_CRED_1))) @@ -152,8 +154,9 @@ public void detect_hiveService_skips() throws Exception { when(mockConnectionProvider.getConnection(any(), any(), any())).thenReturn(mockConnection); NetworkService targetNetworkService = NetworkService.newBuilder() - .setNetworkEndpoint(forHostnameAndPort("example.com", 10000)) - .setServiceName("snet-sensor-mgmt") + .setNetworkEndpoint(forHostnameAndPort("example.com", mockWebServer.getPort())) + .setServiceName("http") + .setSoftware(Software.newBuilder().setName("hive")) .build(); assertThat(tester.testValidCredentials(targetNetworkService, ImmutableList.of())) @@ -172,7 +175,7 @@ public MockResponse dispatch(RecordedRequest request) { } }; mockWebServer.setDispatcher(dispatcher); - mockWebServer.start(10002); + mockWebServer.start(); mockWebServer.url("/"); } } From 4d67ac8be58640755e4d79dda385d6552cc2320e Mon Sep 17 00:00:00 2001 From: W0ngL1 <148697527+W0ngL1@users.noreply.github.com> Date: Sat, 13 Jul 2024 17:02:38 +0800 Subject: [PATCH 10/12] chore: format --- .../testers/hive/HiveCredentialTesterTest.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java index 5164bcad0..d8481ff34 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/test/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTesterTest.java @@ -32,11 +32,10 @@ import com.google.tsunami.common.net.http.HttpStatus; import com.google.tsunami.plugins.detectors.credentials.genericweakcredentialdetector.provider.TestCredential; import com.google.tsunami.proto.NetworkService; +import com.google.tsunami.proto.Software; import java.io.IOException; import java.sql.Connection; import java.util.Optional; - -import com.google.tsunami.proto.Software; import okhttp3.mockwebserver.Dispatcher; import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; From 00bcc876b85be47009753ecbf708f46f7f4d1a6c Mon Sep 17 00:00:00 2001 From: W0ngL1 <148697527+W0ngL1@users.noreply.github.com> Date: Wed, 31 Jul 2024 11:51:04 +0800 Subject: [PATCH 11/12] fix: failed to build target url --- .../testers/hive/HiveCredentialTester.java | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java index 4442c63fd..d8fc18797 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java @@ -63,9 +63,25 @@ public String description() { return "Hive credential tester."; } + private static String buildTargetUrl(NetworkService networkService, String path) { + StringBuilder targetUrlBuilder = new StringBuilder(); + + if (NetworkServiceUtils.isWebService(networkService)) { + targetUrlBuilder.append(NetworkServiceUtils.buildWebApplicationRootUrl(networkService)); + + } else { + targetUrlBuilder + .append("http://") + .append(NetworkEndpointUtils.toUriAuthority(networkService.getNetworkEndpoint())) + .append("/"); + } + targetUrlBuilder.append(path); + return targetUrlBuilder.toString(); + } + @Override public boolean canAccept(NetworkService networkService) { - String targetUri = NetworkServiceUtils.buildWebApplicationRootUrl(networkService); + String targetUri = buildTargetUrl(networkService, ""); try { HttpResponse response = httpClient.send(get(targetUri).withEmptyHeaders().build(), networkService); From 4193d5a69fad3d70161bd225e5d537e67c7e355a Mon Sep 17 00:00:00 2001 From: W0ngL1 <148697527+W0ngL1@users.noreply.github.com> Date: Wed, 23 Oct 2024 11:28:38 +0800 Subject: [PATCH 12/12] feat: use NetworkServiceUtils.buildWebApplicationRootUrl(networkService) instead of the whole buildTargetUrl function --- .../testers/hive/HiveCredentialTester.java | 18 +----------------- 1 file changed, 1 insertion(+), 17 deletions(-) diff --git a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java index d8fc18797..4442c63fd 100644 --- a/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java +++ b/google/detectors/credentials/generic_weak_credential_detector/src/main/java/com/google/tsunami/plugins/detectors/credentials/genericweakcredentialdetector/testers/hive/HiveCredentialTester.java @@ -63,25 +63,9 @@ public String description() { return "Hive credential tester."; } - private static String buildTargetUrl(NetworkService networkService, String path) { - StringBuilder targetUrlBuilder = new StringBuilder(); - - if (NetworkServiceUtils.isWebService(networkService)) { - targetUrlBuilder.append(NetworkServiceUtils.buildWebApplicationRootUrl(networkService)); - - } else { - targetUrlBuilder - .append("http://") - .append(NetworkEndpointUtils.toUriAuthority(networkService.getNetworkEndpoint())) - .append("/"); - } - targetUrlBuilder.append(path); - return targetUrlBuilder.toString(); - } - @Override public boolean canAccept(NetworkService networkService) { - String targetUri = buildTargetUrl(networkService, ""); + String targetUri = NetworkServiceUtils.buildWebApplicationRootUrl(networkService); try { HttpResponse response = httpClient.send(get(targetUri).withEmptyHeaders().build(), networkService);