SylvainJuge

## cve-2017-5638.sh
#!/bin/bash

set -euo pipefail

# write to output stream
payload="(@java.lang.System@out.println('\\n\\n\\n---[ hello Sqreeners ]---'))"

attack=${1:-hello}

if [[ 'shell' == "${attack}" ]]; then

## TestOgnl.java
package io.sqreen.sandbox;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.TextProvider;
import com.opensymphony.xwork2.XWorkTestCase;
import com.opensymphony.xwork2.conversion.impl.XWorkConverter;
import com.opensymphony.xwork2.ognl.OgnlUtil;
import com.opensymphony.xwork2.ognl.OgnlValueStack;
import com.opensymphony.xwork2.ognl.accessor.CompoundRootAccessor;
import com.opensymphony.xwork2.util.CompoundRoot;

## JakartaMultiPartRequest.java
    public void parse(HttpServletRequest request, String saveDir) throws IOException {
        try {
            setLocale(request);
            processUpload(request, saveDir);
        } catch (FileUploadException e) {
            LOG.warn("Request exceeded size limit!", e);
            LocalizedMessage errorMessage;
            if(e instanceof FileUploadBase.SizeLimitExceededException) {
                FileUploadBase.SizeLimitExceededException ex = (FileUploadBase.SizeLimitExceededException) e;
                errorMessage = buildErrorMessage(e, new Object[]{ex.getPermittedSize(), ex.getActualSize()});

## FileUploadInterceptor.java
// intercept(...) method from Struts 2.5.10
// https://github.com/apache/struts/blob/f0f4e9ece77000e0eb0071bf233ed4b9bc9c8205/core/src/main/java/org/apache/struts2/interceptor/FileUploadInterceptor.java#L264

    public String intercept(ActionInvocation invocation) throws Exception {
        ActionContext ac = invocation.getInvocationContext();

        HttpServletRequest request = (HttpServletRequest) ac.get(ServletActionContext.HTTP_REQUEST);

        if (!(request instanceof MultiPartRequestWrapper)) {
            if (LOG.isDebugEnabled()) {

## git-add-bunny.sh
# make your colleages stop using "git add ."
#
# you should put this into usual alias file .bashrc, .zshrc or whatever you use
# - make sure path to git executable fits your setup (here on linux/ubuntu)
# - increate timeout if symptoms persist
git() {
    if [[ $@ == "add ." ]]; then
        echo "you shall use 'git add -p instead'"
        echo '         ,'
        echo '        /|      __'

## git current branch

#
# 1) add function to add to your ~/.profile or ~/.bashrc (or aliases) file
#

_current_branch () {
        ref=$(git symbolic-ref HEAD 2>/dev/null)  || head=$(git rev-parse --short HEAD 2>/dev/null)
        echo ${ref#refs/heads/}
}

## sshaudit
# ssh "audit" : see who accesses what
sshaudit (){
   for server in "$@"; do
      ssh $server -C 'cat ~/.ssh/authorized_keys' | sort | while read line; do
         tmp="$(mktemp)"
         echo "$line" > "$tmp"
         echo $server $(ssh-keygen -lf "$tmp" | cut -d ' ' -f2,4)
         rm -f "$tmp"
      done
   done
	#!/bin/bash

	set -euo pipefail

	# write to output stream
	payload="(@java.lang.System@out.println('\\n\\n\\n---[ hello Sqreeners ]---'))"

	attack=${1:-hello}

	if [[ 'shell' == "${attack}" ]]; then
	package io.sqreen.sandbox;

	import com.opensymphony.xwork2.ActionContext;
	import com.opensymphony.xwork2.TextProvider;
	import com.opensymphony.xwork2.XWorkTestCase;
	import com.opensymphony.xwork2.conversion.impl.XWorkConverter;
	import com.opensymphony.xwork2.ognl.OgnlUtil;
	import com.opensymphony.xwork2.ognl.OgnlValueStack;
	import com.opensymphony.xwork2.ognl.accessor.CompoundRootAccessor;
	import com.opensymphony.xwork2.util.CompoundRoot;
	public void parse(HttpServletRequest request, String saveDir) throws IOException {
	try {
	setLocale(request);
	processUpload(request, saveDir);
	} catch (FileUploadException e) {
	LOG.warn("Request exceeded size limit!", e);
	LocalizedMessage errorMessage;
	if(e instanceof FileUploadBase.SizeLimitExceededException) {
	FileUploadBase.SizeLimitExceededException ex = (FileUploadBase.SizeLimitExceededException) e;
	errorMessage = buildErrorMessage(e, new Object[]{ex.getPermittedSize(), ex.getActualSize()});
	// intercept(...) method from Struts 2.5.10
	// https://github.com/apache/struts/blob/f0f4e9ece77000e0eb0071bf233ed4b9bc9c8205/core/src/main/java/org/apache/struts2/interceptor/FileUploadInterceptor.java#L264

	public String intercept(ActionInvocation invocation) throws Exception {
	ActionContext ac = invocation.getInvocationContext();

	HttpServletRequest request = (HttpServletRequest) ac.get(ServletActionContext.HTTP_REQUEST);

	if (!(request instanceof MultiPartRequestWrapper)) {
	if (LOG.isDebugEnabled()) {
	# make your colleages stop using "git add ."
	#
	# you should put this into usual alias file .bashrc, .zshrc or whatever you use
	# - make sure path to git executable fits your setup (here on linux/ubuntu)
	# - increate timeout if symptoms persist
	git() {
	if [[ $@ == "add ." ]]; then
	echo "you shall use 'git add -p instead'"
	echo ' ,'
	echo ' /\| __'

	#
	# 1) add function to add to your ~/.profile or ~/.bashrc (or aliases) file
	#

	_current_branch () {
	ref=$(git symbolic-ref HEAD 2>/dev/null) \|\| head=$(git rev-parse --short HEAD 2>/dev/null)
	echo ${ref#refs/heads/}
	}
	# ssh "audit" : see who accesses what
	sshaudit (){
	for server in "$@"; do
	ssh $server -C 'cat ~/.ssh/authorized_keys' \| sort \| while read line; do
	tmp="$(mktemp)"
	echo "$line" > "$tmp"
	echo $server $(ssh-keygen -lf "$tmp" \| cut -d ' ' -f2,4)
	rm -f "$tmp"
	done
	done