Skip to content

📝 Add docstrings to feat1 #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
coderabbitai wants to merge 1 commit into
base: feat1
Choose a base branch
from
Open

📝 Add docstrings to feat1 #5

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 33 additions & 6 deletions src/main/java/org/joychou/controller/CommandInject2.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,18 @@ public class CommandInject {
protected final Logger logger = LoggerFactory.getLogger(this.getClass());

/**
* http://localhost:8080/codeinject?filepath=/tmp;cat /etc/passwd
* Executes a shell command to list the contents of a directory.
*
* @param filepath filepath
* @return result
* <p>This GET endpoint is mapped to {@code /codeinject}. It constructs a shell command by appending the
* provided {@code filepath} to {@code ls -la} and executes it using a {@link ProcessBuilder}. The combined output
* (standard and error) of the command is then returned as a string.</p>
*
* <p><strong>Security Note:</strong> The {@code filepath} parameter is used directly in the shell command without
* sanitization, which may lead to command injection vulnerabilities if untrusted input is provided.</p>
*
* @param filepath the directory path whose contents are to be listed
* @return the output of the directory listing command as a string
* @throws IOException if an error occurs while starting the process
*/
@GetMapping("/codeinject")
public String codeInject(String filepath) throws IOException {
Expand All @@ -32,9 +40,16 @@ public String codeInject(String filepath) throws IOException {
}

/**
* Host Injection
* Host: hacked by joychou;cat /etc/passwd
* http://localhost:8080/codeinject/host
* Executes a shell command using 'curl' to request the host specified in the HTTP request header.
* <p>
* The method retrieves the 'host' header from the provided HttpServletRequest, logs its value, and
* constructs a shell command to perform a curl request to that host. The output of the executed
* command is returned as a string.
* </p>
*
* @param request the HTTP request containing the 'host' header
* @return the output of the curl command as a String
* @throws IOException if an I/O error occurs during command execution
*/
@GetMapping("/codeinject/host")
public String codeInjectHost(HttpServletRequest request) throws IOException {
Expand All @@ -48,6 +63,18 @@ public String codeInjectHost(HttpServletRequest request) throws IOException {
return WebUtils.convertStreamToString(process.getInputStream());
}

/**
* Executes a shell command to list a directory's contents using a security-filtered file path.
*
* <p>The provided file path is first filtered using a security utility. If the filter returns null,
* indicating a potential security violation, a warning message is returned. Otherwise, the method
* constructs and executes the command "ls -la" on the filtered path, capturing and returning the
* command's output.</p>
*
* @param filepath the file path to be filtered and used for the directory listing
* @return the output of the directory listing command, or a security violation warning message if filtering fails
* @throws IOException if an error occurs while starting the process
*/
@GetMapping("/codeinject/sec")
public String codeInjectSec(String filepath) throws IOException {
String filterFilePath = SecurityUtil.cmdFilter(filepath);
Expand Down