def generateWithType(self, IDOR, params):
file = File()
#Build constraints
safe = None
for param in params:
if isinstance(param, Construction):
for param2 in params:
if isinstance(param2, Sanitize):
safe = self.testSafety(param, param2, IDOR + "_IDOR") # 1 : safe ,0 : unsafe
flawCwe = {"CWE_862_SQL": "SQL",
"CWE_862_Fopen": "fopen",
"CWE_862_XPath": "XPath"
}
#Creates folder tree and sample files if they don't exists
file.addPath("PHPTestSuite_"+self.date)
file.addPath("IDOR")
file.addPath(IDOR)
#sort by safe/unsafe
file.addPath("safe" if safe else "unsafe")
file.setName(self.generateFileName(params, IDOR))
file.addContent("<?php\n")
file.addContent("/*\n")
#Adds comments
file.addContent("/* \n" + ("Safe sample\n" if safe else "Unsafe sample\n"))
for param in params:
file.addContent(param.comment + "\n")
file.addContent("*/\n\n")
# Gets copyright header from file
header = open("./rights_PHP.txt", "r")
copyright = header.readlines()
header.close()
#Writes copyright statement in the sample file
file.addContent("\n\n")
for line in copyright:
file.addContent(line)
#Writes the code in the sample file
file.addContent("\n\n")
for param in params:
for line in param.code:
file.addContent(line)
file.addContent("\n\n")
if flawCwe[IDOR] != "fopen":
for param in params:
if isinstance(param, Construction):
if param.prepared == 0 or flawCwe[IDOR] == "XPath":
fileQuery = open("./execQuery_" + flawCwe[IDOR] + ".txt", "r")
execQuery = fileQuery.readlines()
fileQuery.close()
for line in execQuery:
file.addContent(line)
else:
fileQuery = open("./execQuery_" + flawCwe[IDOR] + "_prepared.txt", "r")
execQueryPrepared = fileQuery.readlines()
fileQuery.close()
for line in execQueryPrepared:
file.addContent(line)
file.addContent("\n ?>")
FileManager.createFile(file)
flawLine = 0 if safe else self.findFlaw(file.getPath() + "/" + file.getName())
for param in params:
if isinstance(param, InputSample):
self.manifest.beginTestCase(param.inputType)
break
self.manifest.addFileToTestCase(file.getPath() + "/" + file.getName(), flawLine)
self.manifest.endTestCase()
return file
def generateWithType(self, urf, params):
file = File()
# Coherence test
for param in params:
if (isinstance(param, Sanitize) and param.constraintType != ""):
for param2 in params:
if (isinstance(param2, Construction) and (param.constraintType != param2.constraintType)):
return
if (isinstance(param, Sanitize) and param.constraintField != ""):
for param2 in params:
if (isinstance(param2, Construction) and (param.constraintField != param2.constraintField)):
return
# retreve parameters for safety test
safe = None
for param in params:
if isinstance(param, Construction):
for param2 in params:
if isinstance(param2, Sanitize):
safe = self.testSafety(param, param2, urf + "_URF")
flawCwe = {"CWE_601": "Open_Redirect"
}
# Creates folder tree and sample files if they don't exists
file.addPath("PHPTestSuite_"+self.date)
file.addPath("URF")
file.addPath(urf)
# sort by safe/unsafe
file.addPath("safe" if safe else "unsafe")
file.setName(self.generateFileName(params, urf))
file.addContent("<?php\n")
#file.addContent("/*\n")
# Adds comments
file.addContent("/* \n" + ("Safe sample\n" if safe else "Unsafe sample\n"))
for param in params:
file.addContent(param.comment + "\n")
file.addContent("*/\n\n")
# Gets copyright header from file
header = open("./rights_PHP.txt", "r")
copyright = header.readlines()
header.close()
# Writes copyright statement in the sample file
file.addContent("\n\n")
for line in copyright:
file.addContent(line)
# Writes the code in the sample file
file.addContent("\n\n")
for param in params:
if not safe and isinstance(param, Construction) :
file.addContent("//flaw\n") #add this comment if not safe
for line in param.code:
file.addContent(line)
file.addContent("\n\n")
#if injection != "eval" and injection != "include_require":
# #Gets query execution code
# footer = open("./execQuery_" + injection + ".txt", "r")
# execQuery = footer.readlines()
# footer.close()
# #Adds the code for query execution
# for line in execQuery:
# file.addContent(line)
file.addContent("\n\n?>")
FileManager.createFile(file)
flawLine = 0 if safe else self.findFlaw(file.getPath() + "/" + file.getName())
for param in params:
if isinstance(param, InputSample):
self.manifest.beginTestCase(param.inputType)
break
self.manifest.addFileToTestCase(file.getPath() + "/" + file.getName(), flawLine)
self.manifest.endTestCase()
return file
def generate(self, params):
file = File()
# retrieve parameters for safety test
safe = None
for param in params:
if isinstance(param, Construction):
for param2 in params:
if isinstance(param2, Sanitize):
safe = self.testSafety(param, param2, "CWE_79_XSS")
# Creates folder tree and sample files if they don't exists
file.addPath("PHPTestSuite_" + self.date)
file.addPath("XSS")
file.addPath("CWE_79")
file.addPath("safe" if safe else "unsafe")
file.setName(self.generateFileName(params, "CWE_79"))
# Adds comments
file.addContent("<!-- \n" +
("Safe sample\n" if safe else "Unsafe sample\n"))
for param in params:
file.addContent(param.comment + "\n")
file.addContent("-->\n\n")
# Writes copyright statement in the sample file
for line in copyright:
file.addContent(line)
# Writes the code in the sample file
file.addContent("\n\n")
out = ""
tmp = ""
for param in params:
if isinstance(param, Construction):
for line in open(param.code[0], "r").readlines():
tmp += line
out = tmp + out
tmp = ""
if not safe and isinstance(param, Construction):
tmp = "//flaw" #add this comment if not safe
for line in open(param.code[1], "r").readlines():
tmp += line
else:
for line in param.code:
out += line
out += "\n\n"
#file.addContent("\n\n")
file.addContent(out + tmp)
FileManager.createFile(file)
flawLine = 0 if safe else self.findFlaw(file.getPath() + "/" +
file.getName())
for param in params:
if isinstance(param, InputSample):
self.manifest.beginTestCase(param.inputType)
break
self.manifest.addFileToTestCase(file.getPath() + "/" + file.getName(),
flawLine)
self.manifest.endTestCase()
return file
def generateWithType(self, injection, params):
file = File()
# test if the samples need to be generated
if self.revelancyTest(params) == 0:
return None
# Coherence test
for param in params:
if (isinstance(param, Sanitize) and param.constraintType != ""):
for param2 in params:
if (isinstance(param2, Construction) and
(param.constraintType != param2.constraintType)):
return
if (isinstance(param, Sanitize) and param.constraintField != ""):
for param2 in params:
if (isinstance(param2, Construction) and
(param.constraintField != param2.constraintField)):
return
# retreve parameters for safety test
safe = None
for param in params:
if isinstance(param, Construction):
for param2 in params:
if isinstance(param2, Sanitize):
safe = self.testSafety(param, param2,
injection + "_Injection")
flawCwe = {
"CWE_78": "OSCommand",
"CWE_91": "XPath",
"CWE_90": "LDAP",
"CWE_89": "SQL",
"CWE_95": "eval",
"CWE_98": "include_require"
}
# Creates folder tree and sample files if they don't exists
file.addPath("generation_" + self.date)
file.addPath("Injection")
file.addPath(injection)
# sort by safe/unsafe
file.addPath("safe" if safe else "unsafe")
file.setName(self.generateFileName(params, injection))
file.addContent("<?php\n")
# Adds comments
file.addContent("/* \n" +
("Safe sample\n" if safe else "Unsafe sample\n"))
for param in params:
file.addContent(param.comment + "\n")
file.addContent("*/\n\n")
# Gets copyright header from file
header = open("./rights_PHP.txt", "r")
copyright = header.readlines()
header.close()
# Writes copyright statement in the sample file
file.addContent("\n\n")
for line in copyright:
file.addContent(line)
# Writes the code in the sample file
file.addContent("\n\n")
for param in params:
for line in param.code:
file.addContent(line)
file.addContent("\n\n")
if injection != "CWE_98":
#Gets query execution code
footer = open("./execQuery_" + flawCwe[injection] + ".txt", "r")
execQuery = footer.readlines()
footer.close()
#Adds the code for query execution
for line in execQuery:
file.addContent(line)
file.addContent("\n\n?>")
FileManager.createFile(file)
flawLine = 0 if safe else self.findFlaw(file.getPath() + "/" +
file.getName())
for param in params:
if isinstance(param, InputSample):
self.manifest.beginTestCase(param.inputType)
break
self.manifest.addFileToTestCase(file.getPath() + "/" + file.getName(),
flawLine)
self.manifest.endTestCase()
return file
def generate(self, params):
file = File()
# retrieve parameters for safety test
safe = None
for param in params:
if isinstance(param, Construction):
for param2 in params:
if isinstance(param2, Sanitize):
safe = self.testSafety(param, param2, "CWE_79_XSS")
# Creates folder tree and sample files if they don't exists
file.addPath("PHPTestSuite_"+self.date)
file.addPath("XSS")
file.addPath("CWE_79")
file.addPath("safe" if safe else "unsafe")
file.setName(self.generateFileName(params, "CWE_79"))
# Adds comments
file.addContent("<!-- \n" + ("Safe sample\n" if safe else "Unsafe sample\n"))
for param in params:
file.addContent(param.comment + "\n")
file.addContent("-->\n\n")
# Writes copyright statement in the sample file
for line in copyright:
file.addContent(line)
# Writes the code in the sample file
file.addContent("\n\n")
out = ""
tmp = ""
for param in params:
if isinstance(param, Construction):
for line in open(param.code[0], "r").readlines():
tmp += line
out = tmp + out
tmp = ""
if not safe and isinstance(param, Construction) :
tmp = "//flaw" #add this comment if not safe
for line in open(param.code[1], "r").readlines():
tmp += line
else:
for line in param.code:
out += line
out += "\n\n"
#file.addContent("\n\n")
file.addContent(out + tmp)
FileManager.createFile(file)
flawLine = 0 if safe else self.findFlaw(file.getPath() + "/" + file.getName())
for param in params:
if isinstance(param, InputSample):
self.manifest.beginTestCase(param.inputType)
break
self.manifest.addFileToTestCase(file.getPath() + "/" + file.getName(), flawLine)
self.manifest.endTestCase()
return file
def generateWithType(self, sde, params):
file = File()
# test if the samples need to be generated
if self.revelancyTest(params) == 0:
return None
# retreve parameters for safety test
safe = None
for param in params:
if isinstance(param, Construction):
for param2 in params:
if isinstance(param2, Sanitize):
safe = self.testSafety(param, param2, sde + "_SDE")
# Creates folder tree and sample files if they don't exists
file.addPath("generation_" + self.date)
file.addPath("SDE")
file.addPath(sde)
# sort by safe/unsafe
file.addPath("safe" if safe else "unsafe")
file.setName(self.generateFileName(params, sde))
file.addContent("<?php\n")
#file.addContent("/*\n")
# Adds comments
file.addContent("/* \n" +
("Safe sample\n" if safe else "Unsafe sample\n"))
for param in params:
file.addContent(param.comment + "\n")
file.addContent("*/\n\n")
# Gets copyright header from file
header = open("./rights_PHP.txt", "r")
copyright = header.readlines()
header.close()
# Writes copyright statement in the sample file
file.addContent("\n\n")
for line in copyright:
file.addContent(line)
# Writes the code in the sample file
file.addContent("\n\n")
for param in params:
for line in param.code:
file.addContent(line)
file.addContent("\n\n")
#if injection != "eval" and injection != "include_require":
# #Gets query execution code
# footer = open("./execQuery_" + injection + ".txt", "r")
# execQuery = footer.readlines()
# footer.close()
# #Adds the code for query execution
# for line in execQuery:
# file.addContent(line)
file.addContent("\n\n?>")
FileManager.createFile(file)
flawLine = 0 if safe else self.findFlaw(file.getPath() + "/" +
file.getName())
#for param in params:
# if isinstance(param, InputSample):
# self.manifest.beginTestCase(param.inputType)
# break
self.manifest.beginTestCase("Sensitive_data")
self.manifest.addFileToTestCase(file.getPath() + "/" + file.getName(),
flawLine)
self.manifest.endTestCase()
return file
def generateWithType(self, IDOR, params):
file = File()
#Build constraints
safe = None
for param in params:
if isinstance(param, Construction):
for param2 in params:
if isinstance(param2, Sanitize):
safe = self.testSafety(param, param2, IDOR + "_IDOR") # 1 : safe ,0 : unsafe
flawCwe = {"CWE_862_SQL": "SQL",
"CWE_862_Fopen": "fopen",
"CWE_862_XPath": "XPath"
}
#Creates folder tree and sample files if they don't exists
file.addPath("PHPTestSuite_"+self.date)
file.addPath("IDOR")
file.addPath(IDOR)
#sort by safe/unsafe
file.addPath("safe" if safe else "unsafe")
file.setName(self.generateFileName(params, IDOR))
file.addContent("<?php\n")
file.addContent("/*\n")
#Adds comments
file.addContent("/* \n" + ("Safe sample\n" if safe else "Unsafe sample\n"))
for param in params:
file.addContent(param.comment + "\n")
file.addContent("*/\n\n")
# Gets copyright header from file
header = open("./rights_PHP.txt", "r")
copyright = header.readlines()
header.close()
#Writes copyright statement in the sample file
file.addContent("\n\n")
for line in copyright:
file.addContent(line)
#Writes the code in the sample file
file.addContent("\n\n")
for param in params:
if not safe and isinstance(param, Construction) :
file.addContent("//flaw\n") #add this comment if not safe
for line in param.code:
file.addContent(line)
file.addContent("\n\n")
if flawCwe[IDOR] != "fopen":
for param in params:
if isinstance(param, Construction):
if param.prepared == 0 or flawCwe[IDOR] == "XPath":
fileQuery = open("./execQuery_" + flawCwe[IDOR] + ".txt", "r")
execQuery = fileQuery.readlines()
fileQuery.close()
for line in execQuery:
file.addContent(line)
else:
fileQuery = open("./execQuery_" + flawCwe[IDOR] + "_prepared.txt", "r")
execQueryPrepared = fileQuery.readlines()
fileQuery.close()
for line in execQueryPrepared:
file.addContent(line)
file.addContent("\n ?>")
FileManager.createFile(file)
flawLine = 0 if safe else self.findFlaw(file.getPath() + "/" + file.getName())
for param in params:
if isinstance(param, InputSample):
self.manifest.beginTestCase(param.inputType)
break
self.manifest.addFileToTestCase(file.getPath() + "/" + file.getName(), flawLine)
self.manifest.endTestCase()
return file