Skip to content

Commit

Permalink
mv Endpoints
Browse files Browse the repository at this point in the history
  • Loading branch information
@Aif4thah
Aif4thah committed May 24, 2024
1 parent 9ef59b2 commit 99e8ff2
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 17 deletions.
20 changes: 10 additions & 10 deletions Controller/Controller.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,9 @@ public static object VulnerableHelloWorld(string FileName = "english")
Retourne le contenu du fichier correspondant à la langue choisie par l'utilisateur
*/
if (FileName.IsNullOrEmpty()) FileName = "francais";
string Content = File.ReadAllText(FileName.Replace("../", "").Replace("..\\", ""));
while (FileName.Contains("../") || FileName.Contains("..\\")) FileName = FileName.Replace("../", "").Replace("..\\", "");

return Results.Ok(Content);
return Results.Ok(File.ReadAllText(FileName));
}

public static object VulnerableDeserialize(string Json, string Token, string Secret)
Expand Down Expand Up @@ -61,13 +61,13 @@ On enregistre les objets "employé" valides dans un fichier en lecture seule
}
}

return Results.Ok($"File is : {File.GetAttributes(ROFile).ToString()} New id : {NewId} Empty Var: {HaveToBeEmpty.IsNullOrEmpty()}");
return Results.Ok(Newtonsoft.Json.JsonConvert.SerializeObject(new List<object> { File.GetAttributes(ROFile).ToString(), NewId, HaveToBeEmpty.IsNullOrEmpty() }));
}

public static string VulnerableXmlParser(string Xml, string Token, string Secret)
{
/*
Parse les données XML passées en paramètre et retourne son contenu
Parse les contrats au format XML passées en paramètre et retourne son contenu
*/
if (!VulnerableValidateToken(Token, Secret)) return Results.Unauthorized().ToString();
try
Expand Down Expand Up @@ -206,12 +206,12 @@ public static object VulnerableObjectReference(string Id, string Token, string S
{
/*
Retourne les informations liées à l'ID de l'utilisateur
Permets aux employés de consulter leurs données personnelles
*/
List<Employee> Employees = Data.GetEmployees();
var Address = Employees.Where(x => Id == x.Id)?.FirstOrDefault()?.Address;
if ((!VulnerableValidateToken(Token, Secret)) || Address.IsNullOrEmpty()) return Results.Unauthorized();
if (!VulnerableValidateToken(Token, Secret)) return Results.Unauthorized();
var Employee = Data.GetEmployees()?.Where(x => Id == x.Id)?.FirstOrDefault();

return Results.Ok(Address);
return Results.Ok(Newtonsoft.Json.JsonConvert.SerializeObject(Employee));
}

public static object VulnerableCmd(string UserStr, string Token, string Secret)
Expand Down Expand Up @@ -241,7 +241,7 @@ Effectue une requête DNS pour le FQDN passé en paramètre
public static unsafe string VulnerableBuffer(string UserStr)
{
/*
Copie une chaine de caractère
Limite les chaines à 50 caractères
*/
int BuffSize = 50;
char* Ptr = stackalloc char[BuffSize], Str = Ptr + BuffSize;
Expand All @@ -253,7 +253,7 @@ Copie une chaine de caractère
public static string VulnerableCodeExecution(string UserStr)
{
/*
Retourne le résultat de l'opération mathématique sur le chiffre donné en paramètre
Retourne un nouvel Id
*/
string Result = string.Empty;
if (UserStr.Length < 40 && !UserStr.Contains("class") && !UserStr.Contains("using"))
Expand Down
14 changes: 7 additions & 7 deletions Program.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,21 +61,21 @@

app.MapGet("/", async (string? lang) => await Task.FromResult(VLAController.VulnerableHelloWorld(HttpUtility.UrlDecode(lang))));

Check warning on line 62 in Program.cs

View workflow job for this annotation

GitHub Actions / build 

Possible null reference argument for parameter 'FileName' in 'object VLAController.VulnerableHelloWorld(string FileName = "english")'.

app.MapPost("/Auth", [ProducesResponseType(StatusCodes.Status200OK)] async (HttpRequest request, [FromBody] VulnerableWebApplication.VLAModel.Creds login) => await Task.FromResult(VLAController.VulnerableQuery(login.User, login.Passwd, Secret, LogFile)).Result).WithOpenApi();
app.MapPost("/Login", [ProducesResponseType(StatusCodes.Status200OK)] async (HttpRequest request, [FromBody] VulnerableWebApplication.VLAModel.Creds login) => await Task.FromResult(VLAController.VulnerableQuery(login.User, login.Passwd, Secret, LogFile)).Result).WithOpenApi();

Check warning on line 64 in Program.cs

View workflow job for this annotation

GitHub Actions / build 

Possible null reference argument for parameter 'Secret' in 'Task<object> VLAController.VulnerableQuery(string User, string Passwd, string Secret, string LogFile)'.

Check warning on line 64 in Program.cs

View workflow job for this annotation

GitHub Actions / build 

Possible null reference argument for parameter 'LogFile' in 'Task<object> VLAController.VulnerableQuery(string User, string Passwd, string Secret, string LogFile)'.

app.MapGet("/Xml", async (string i, [FromHeader(Name="Authorization")] string t) => await Task.FromResult(VLAController.VulnerableXmlParser(HttpUtility.UrlDecode(i), t, Secret))).WithOpenApi();
app.MapGet("/Contract", async (string i, [FromHeader(Name="Authorization")] string t) => await Task.FromResult(VLAController.VulnerableXmlParser(HttpUtility.UrlDecode(i), t, Secret))).WithOpenApi();

Check warning on line 66 in Program.cs

View workflow job for this annotation

GitHub Actions / build 

Possible null reference argument for parameter 'Secret' in 'string VLAController.VulnerableXmlParser(string Xml, string Token, string Secret)'.

app.MapGet("/Json", async (string i, [FromHeader(Name="Authorization")] string t) => await Task.FromResult(VLAController.VulnerableDeserialize(HttpUtility.UrlDecode(i), t, Secret))).WithOpenApi();
app.MapGet("/LocalWebQuery", async (string? i) => await VLAController.VulnerableWebRequest(i)).WithOpenApi();

Check warning on line 68 in Program.cs

View workflow job for this annotation

GitHub Actions / build 

Possible null reference argument for parameter 'Uri' in 'Task<object> VLAController.VulnerableWebRequest(string Uri = "https://localhost:3000/")'.

app.MapGet("/Req", async (string? i) => await VLAController.VulnerableWebRequest(i)).WithOpenApi();
app.MapGet("/Employee", async (string i, [FromHeader(Name="Authorization")] string t) => await Task.FromResult(VLAController.VulnerableObjectReference(i, t, Secret))).WithOpenApi();

Check warning on line 70 in Program.cs

View workflow job for this annotation

GitHub Actions / build 

Possible null reference argument for parameter 'Secret' in 'object VLAController.VulnerableObjectReference(string Id, string Token, string Secret)'.

app.MapGet("/Addr", async (string i, [FromHeader(Name="Authorization")] string t) => await Task.FromResult(VLAController.VulnerableObjectReference(i, t, Secret))).WithOpenApi();
app.MapGet("/NewEmployee", async (string i, [FromHeader(Name = "Authorization")] string t) => await Task.FromResult(VLAController.VulnerableDeserialize(HttpUtility.UrlDecode(i), t, Secret))).WithOpenApi();

Check warning on line 72 in Program.cs

View workflow job for this annotation

GitHub Actions / build 

Possible null reference argument for parameter 'Secret' in 'object VLAController.VulnerableDeserialize(string Json, string Token, string Secret)'.

app.MapGet("/Dns", async (string i, [FromHeader(Name="Authorization")] string t) => await Task.FromResult(VLAController.VulnerableCmd(HttpUtility.UrlDecode(i), t ,Secret))).WithOpenApi();
app.MapGet("/LocalDNSResolver", async (string i, [FromHeader(Name="Authorization")] string t) => await Task.FromResult(VLAController.VulnerableCmd(HttpUtility.UrlDecode(i), t ,Secret))).WithOpenApi();

app.MapPatch("/Patch", async ([FromHeader(Name="X-Forwarded-For")] string h, [FromHeader(Name = "Authorization")] string t, [FromForm] IFormFile file) => await VLAController.VulnerableHandleFileUpload(file, h, t, Secret, LogFile)).DisableAntiforgery().WithOpenApi();

app.UseGraphQL<ISchema>("/GraphQL");
app.UseGraphQL<ISchema>("/Client");


// Arguments :
Expand Down

0 comments on commit 99e8ff2

Please sign in to comment.