Created
May 2, 2014 01:27
-
-
Save bobrich/f4fa5562a52feae3f4f5 to your computer and use it in GitHub Desktop.
Threadfix changes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/threadfix-main/src/main/java/com/denimgroup/threadfix/data/entities/Finding.java b/threadfix-main/src/main/java/com/denimgroup/threadfix/data/entities/Finding.java | |
index 35fa3db..3c8cb3a 100644 | |
--- a/threadfix-main/src/main/java/com/denimgroup/threadfix/data/entities/Finding.java | |
+++ b/threadfix-main/src/main/java/com/denimgroup/threadfix/data/entities/Finding.java | |
@@ -46,6 +46,9 @@ | |
private static final long serialVersionUID = 5978786078427181952L; | |
public static final int LONG_DESCRIPTION_LENGTH = 2047; | |
+ public static final int ATTACK_STRING_LENGTH = 65535; | |
+ public static final int ATTACK_REQUEST_LENGTH = 65535; | |
+ public static final int ATTACK_RESPONSE_LENGTH = 1048575; | |
public static final int NATIVE_ID_LENGTH = 50; | |
public static final int SOURCE_FILE_LOCATION_LENGTH = 128; | |
@@ -56,6 +59,17 @@ | |
@Size(max = LONG_DESCRIPTION_LENGTH, message = "{errors.maxlength} " + LONG_DESCRIPTION_LENGTH + ".") | |
private String longDescription; | |
+ @Size(max = ATTACK_STRING_LENGTH, message = "{errors.maxlength} " + ATTACK_STRING_LENGTH + ".") | |
+ private String attackString; | |
+ | |
+ @Size(max = ATTACK_REQUEST_LENGTH, message = "{errors.maxlength} " + ATTACK_REQUEST_LENGTH + ".") | |
+ private String attackRequest; | |
+ | |
+ @Size(max = ATTACK_RESPONSE_LENGTH, message = "{errors.maxlength} " + ATTACK_RESPONSE_LENGTH + ".") | |
+ private String attackResponse; | |
+ | |
+ | |
+ | |
private ChannelVulnerability channelVulnerability; | |
@Size(max = NATIVE_ID_LENGTH, message = "{errors.maxlength} " + NATIVE_ID_LENGTH + ".") | |
@@ -221,6 +235,34 @@ | |
return longDescription; | |
} | |
+ @Column(length = ATTACK_STRING_LENGTH) | |
+ public String getAttackString() { | |
+ return attackString; | |
+ } | |
+ | |
+ public void setAttackString(String attackString) { | |
+ this.attackString = attackString; | |
+ } | |
+ | |
+ @Column(length = ATTACK_REQUEST_LENGTH) | |
+ public String getAttackRequest() { | |
+ return attackRequest; | |
+ } | |
+ | |
+ public void setAttackRequest(String attackRequest) { | |
+ this.attackRequest = attackRequest; | |
+ } | |
+ | |
+ | |
+ @Column(length = ATTACK_RESPONSE_LENGTH) | |
+ public String getAttackResponse() { | |
+ return attackResponse; | |
+ } | |
+ | |
+ public void setAttackResponse(String attackResponse) { | |
+ this.attackResponse = attackResponse; | |
+ } | |
+ | |
@Column(nullable = false) | |
public boolean isFirstFindingForVuln() { | |
return isFirstFindingForVuln; | |
diff --git a/threadfix-main/src/main/java/com/denimgroup/threadfix/data/entities/Vulnerability.java b/threadfix-main/src/main/java/com/denimgroup/threadfix/data/entities/Vulnerability.java | |
index c9f5e3a..55946f5 100644 | |
--- a/threadfix-main/src/main/java/com/denimgroup/threadfix/data/entities/Vulnerability.java | |
+++ b/threadfix-main/src/main/java/com/denimgroup/threadfix/data/entities/Vulnerability.java | |
@@ -354,7 +354,7 @@ | |
@Transient | |
public void closeVulnerability(Scan scan, Calendar closeTime) { | |
- active = false; | |
+/* active = false; | |
if (closeTime == null) { | |
this.closeTime = Calendar.getInstance(); | |
} else { | |
@@ -364,7 +364,7 @@ | |
// This constructor maps the objects for us | |
if (scan != null) { | |
new ScanCloseVulnerabilityMap(this, scan); | |
- } | |
+ }*/ | |
} | |
@Transient | |
diff --git a/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/AbstractChannelImporter.java b/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/AbstractChannelImporter.java | |
index 315fc55..eea2875 100644 | |
--- a/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/AbstractChannelImporter.java | |
+++ b/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/AbstractChannelImporter.java | |
@@ -96,7 +96,7 @@ | |
protected static final String FILE_CHECK_COMPLETED = "File check completed."; | |
protected enum FindingKey { | |
- VULN_CODE, PATH, PARAMETER, SEVERITY_CODE, NATIVE_ID, CVE, CWE | |
+ VULN_CODE, PATH, PARAMETER, SEVERITY_CODE, NATIVE_ID, CVE, CWE, VALUE, REQUEST, RESPONSE | |
} | |
// A stream pointing to the scan's contents. Set with either setFile or | |
@@ -259,7 +259,10 @@ | |
findingMap.get(FindingKey.PARAMETER), | |
findingMap.get(FindingKey.VULN_CODE), | |
findingMap.get(FindingKey.SEVERITY_CODE), | |
- findingMap.get(FindingKey.CWE)); | |
+ findingMap.get(FindingKey.CWE), | |
+ findingMap.get(FindingKey.VALUE), | |
+ findingMap.get(FindingKey.REQUEST), | |
+ findingMap.get(FindingKey.RESPONSE)); | |
} | |
/** | |
@@ -289,7 +292,26 @@ | |
* @return | |
*/ | |
protected Finding constructFinding(String url, String parameter, | |
- String channelVulnerabilityCode, String channelSeverityCode, String cweCode) { | |
+ String channelVulnerabilityCode, String channelSeverityCode, String cweCode) { | |
+ return constructFinding(url, parameter, channelVulnerabilityCode, channelSeverityCode, cweCode, null, null, null); | |
+ } | |
+ /** | |
+ * | |
+ * This method can be used to construct a finding out of the | |
+ * important common information that findings have. | |
+ * @param url | |
+ * @param parameter | |
+ * @param channelVulnerabilityCode | |
+ * @param channelSeverityCode | |
+ * @param cweCode | |
+ * @param parameterValue | |
+ * @param request | |
+ * @param response | |
+ * @return | |
+ */ | |
+ protected Finding constructFinding(String url, String parameter, | |
+ String channelVulnerabilityCode, String channelSeverityCode, String cweCode, String parameterValue, | |
+ String request, String response) { | |
if (channelVulnerabilityCode == null || channelVulnerabilityCode.isEmpty()) | |
return null; | |
@@ -329,6 +351,19 @@ | |
finding.setSurfaceLocation(location); | |
+ if (parameterValue != null && parameterValue.length() > Finding.ATTACK_STRING_LENGTH) | |
+ parameterValue = parameterValue.substring(0,Finding.ATTACK_STRING_LENGTH-20) + "\n\n<truncated>\n"; | |
+ finding.setAttackString(parameterValue); | |
+ | |
+ if (request != null && request.length() > Finding.ATTACK_REQUEST_LENGTH) | |
+ request = request.substring(0,Finding.ATTACK_REQUEST_LENGTH-20) + "\n\n<truncated>\n"; | |
+ | |
+ finding.setAttackRequest(request); | |
+ | |
+ if (response != null && response.length() > Finding.ATTACK_RESPONSE_LENGTH) | |
+ response = response.substring(0,Finding.ATTACK_RESPONSE_LENGTH-20) + "\n\n<truncated>\n"; | |
+ finding.setAttackResponse(response); | |
+ | |
ChannelVulnerability channelVulnerability = null; | |
if (channelVulnerabilityCode != null) { | |
channelVulnerability = getChannelVulnerability(channelVulnerabilityCode); | |
@@ -359,6 +394,7 @@ | |
} | |
finding.setChannelVulnerability(channelVulnerability); | |
+ | |
ChannelSeverity channelSeverity = null; | |
if (channelSeverityCode != null) | |
@@ -736,8 +772,8 @@ | |
int result = scan.getImportTime().compareTo(testDate); | |
if (result == 0) | |
return ScanImportStatus.DUPLICATE_ERROR; | |
- else if (result > 0) | |
- return ScanImportStatus.OLD_SCAN_ERROR; | |
+// else if (result > 0) | |
+// return ScanImportStatus.OLD_SCAN_ERROR; | |
} | |
} | |
} | |
diff --git a/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/ArachniChannelImporter.java b/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/ArachniChannelImporter.java | |
index c600d25..0a6ec93 100644 | |
--- a/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/ArachniChannelImporter.java | |
+++ b/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/ArachniChannelImporter.java | |
@@ -37,6 +37,7 @@ | |
import com.denimgroup.threadfix.data.entities.ChannelType; | |
import com.denimgroup.threadfix.data.entities.Finding; | |
import com.denimgroup.threadfix.data.entities.Scan; | |
+import com.denimgroup.threadfix.service.channel.AbstractChannelImporter.FindingKey; | |
import com.denimgroup.threadfix.webapp.controller.ScanCheckResultBean; | |
/** | |
@@ -52,6 +53,9 @@ | |
tagMap.put("variable", FindingKey.PARAMETER); | |
tagMap.put("var", FindingKey.PARAMETER); | |
tagMap.put("url", FindingKey.PATH); | |
+ tagMap.put("injected", FindingKey.VALUE); | |
+ tagMap.put("request", FindingKey.REQUEST); | |
+ tagMap.put("html", FindingKey.RESPONSE); | |
} | |
// Since the severity mappings are static and not included in the XML output, | |
@@ -170,6 +174,11 @@ | |
inFinding = false; | |
} else if (inFinding && itemKey != null) { | |
String currentItem = getBuilderText(); | |
+ | |
+ if (currentItem != null && "RESPONSE".equals(itemKey.toString())){ | |
+ //these are base64 encoded in the xml | |
+ currentItem = new String(javax.xml.bind.DatatypeConverter.parseBase64Binary(currentItem)); | |
+ } | |
if (currentItem != null && findingMap.get(itemKey) == null) { | |
findingMap.put(itemKey, currentItem); | |
diff --git a/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/BurpSuiteChannelImporter.java b/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/BurpSuiteChannelImporter.java | |
index 3053713..410fa17 100644 | |
--- a/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/BurpSuiteChannelImporter.java | |
+++ b/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/BurpSuiteChannelImporter.java | |
@@ -28,6 +28,8 @@ | |
import java.io.IOException; | |
import java.io.InputStreamReader; | |
import java.util.HashMap; | |
+import java.util.regex.Matcher; | |
+import java.util.regex.Pattern; | |
import org.springframework.beans.factory.annotation.Autowired; | |
import org.xml.sax.Attributes; | |
@@ -53,6 +55,8 @@ | |
private static final String REST_URL_PARAM = "REST URL parameter"; | |
private static final String MANUAL_INSERTION_POINT = "manual insertion point"; | |
private static final HashMap<String, String> SEVERITY_MAP = new HashMap<String, String>(); | |
+ private static Pattern pattern = Pattern.compile("The payload <b>(.*)</b> was submitted"); | |
+ | |
static { | |
SEVERITY_MAP.put("deformation", "Information"); | |
SEVERITY_MAP.put("eddium", "Medium"); | |
@@ -116,7 +120,13 @@ | |
private boolean getHostText = false; | |
private boolean getBackupParameter = false; | |
private boolean getSerialNumber = false; | |
+ private Boolean getParamValueText = false; | |
+ private Boolean getRequestText = false; | |
+ private Boolean getResponseText = false; | |
+ private String currentParameterValue = null; | |
+ private String currentRequest = null; | |
+ private String currentResponse = null; | |
private String currentChannelVulnCode = null; | |
private String currentUrlText = null; | |
private String currentParameter = null; | |
@@ -161,6 +171,11 @@ | |
atts.getValue("exportTime")); | |
} else if ("request".equals(qName)) { | |
getBackupParameter = true; | |
+ getRequestText = true; | |
+ } else if ("response".equals(qName)) { | |
+ getResponseText = true; | |
+ } else if ("issueDetail".equals(qName)) { | |
+ getParamValueText = true; | |
} | |
} | |
@@ -187,6 +202,25 @@ | |
} else if (getSerialNumber) { | |
currentSerialNumber = getBuilderText(); | |
getSerialNumber = false; | |
+ } else if (getParamValueText) { | |
+ currentParameterValue = getBuilderText(); | |
+ Matcher m = pattern.matcher(currentParameterValue); | |
+ if (m.find()){ | |
+ currentParameterValue = m.group(1); | |
+ } else { | |
+ currentParameterValue = ""; | |
+ } | |
+ getParamValueText = false; | |
+ } else if (getRequestText) { | |
+ currentRequest = getBuilderText(); | |
+ if (currentRequest != null) | |
+ currentRequest = new String(javax.xml.bind.DatatypeConverter.parseBase64Binary(currentRequest)); | |
+ getRequestText = false; | |
+ } else if (getResponseText) { | |
+ currentResponse = getBuilderText(); | |
+ if (currentResponse != null) | |
+ currentResponse = new String(javax.xml.bind.DatatypeConverter.parseBase64Binary(currentResponse)); | |
+ getResponseText = false; | |
} else if (getSeverityText) { | |
currentSeverityCode = getBuilderText(); | |
getSeverityText = false; | |
@@ -222,7 +256,7 @@ | |
currentSeverityCode = SEVERITY_MAP.get(currentSeverityCode.toLowerCase()); | |
} | |
Finding finding = constructFinding(currentHostText + currentUrlText, currentParameter, | |
- currentChannelVulnCode, currentSeverityCode); | |
+ currentChannelVulnCode, currentSeverityCode, null, currentParameterValue, currentRequest, currentResponse); | |
add(finding); | |
@@ -232,13 +266,17 @@ | |
currentUrlText = null; | |
currentSerialNumber = null; | |
currentBackupParameter = null; | |
+ currentParameterValue = null; | |
+ currentRequest = null; | |
+ currentResponse = null; | |
} | |
} | |
public void characters (char ch[], int start, int length) | |
{ | |
if (getChannelVulnText || getHostText || getUrlText || getParamText || | |
- getSeverityText || getBackupParameter || getSerialNumber) { | |
+ getSeverityText || getBackupParameter || getSerialNumber || | |
+ getParamValueText || getRequestText || getResponseText) { | |
addTextToBuilder(ch,start,length); | |
} | |
} | |
diff --git a/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/NTOSpiderChannelImporter.java b/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/NTOSpiderChannelImporter.java | |
index ca8ff85..2a29422 100644 | |
--- a/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/NTOSpiderChannelImporter.java | |
+++ b/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/NTOSpiderChannelImporter.java | |
@@ -51,6 +51,9 @@ | |
tagMap.put("attackscore", FindingKey.SEVERITY_CODE); | |
tagMap.put("parametername", FindingKey.PARAMETER); | |
tagMap.put("normalizedurl", FindingKey.PATH); | |
+ tagMap.put("attackvalue", FindingKey.VALUE); | |
+ tagMap.put("request", FindingKey.REQUEST); | |
+ tagMap.put("response", FindingKey.RESPONSE); | |
} | |
private static final String VULN_TAG = "vuln", SCAN_DATE = "scandate", | |
@@ -122,7 +125,15 @@ | |
inFinding = false; | |
} else if (inFinding && itemKey != null) { | |
String currentItem = getBuilderText(); | |
- if (currentItem != null && findingMap.get(itemKey) == null) { | |
+ if (currentItem != null && | |
+ ("REQUEST".equals(itemKey.toString()) || "RESPONSE".equals(itemKey.toString()))){ | |
+ //these are base64 encoded in the xml | |
+ currentItem = new String(javax.xml.bind.DatatypeConverter.parseBase64Binary(currentItem)); | |
+ } | |
+ | |
+ //NTO vulnerabilities have multiple attack details per vulnerability, with an extra attackvalue sent at the beginning | |
+ //because of this we allow them to be overwritten in the findingMap to grab the last instance | |
+ if (currentItem != null ){ // && findingMap.get(itemKey) == null) { | |
findingMap.put(itemKey, currentItem); | |
} | |
itemKey = null; | |
diff --git a/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/NetsparkerChannelImporter.java b/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/NetsparkerChannelImporter.java | |
index 2e60a00..288ba75 100644 | |
--- a/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/NetsparkerChannelImporter.java | |
+++ b/threadfix-main/src/main/java/com/denimgroup/threadfix/service/channel/NetsparkerChannelImporter.java | |
@@ -70,11 +70,17 @@ | |
private Boolean getUrlText = false; | |
private Boolean getParamText = false; | |
private Boolean getSeverityText = false; | |
+ private Boolean getParamValueText = false; | |
+ private Boolean getRequestText = false; | |
+ private Boolean getResponseText = false; | |
private String currentChannelVulnCode = null; | |
private String currentUrlText = null; | |
private String currentParameter = null; | |
private String currentSeverityCode = null; | |
+ private String currentParameterValue = null; | |
+ private String currentRequest = null; | |
+ private String currentResponse = null; | |
private String host = null; | |
@@ -101,6 +107,12 @@ | |
getParamText = true; | |
} else if ("severity".equals(qName)) { | |
getSeverityText = true; | |
+ } else if("vulnerableparametervalue".equals(qName)){ | |
+ getParamValueText = true; | |
+ } else if("rawrequest".equals(qName)){ | |
+ getRequestText = true; | |
+ } else if("rawresponse".equals(qName)){ | |
+ getResponseText = true; | |
} else if ("netsparker".equals(qName)) { | |
date = getCalendarFromString("MM/dd/yyyy hh:mm:ss a", atts.getValue("generated")); | |
} | |
@@ -120,6 +132,15 @@ | |
} else if (getParamText) { | |
currentParameter = getBuilderText(); | |
getParamText = false; | |
+ } else if (getParamValueText) { | |
+ currentParameterValue = getBuilderText(); | |
+ getParamValueText = false; | |
+ } else if (getRequestText) { | |
+ currentRequest = getBuilderText(); | |
+ getRequestText = false; | |
+ } else if (getResponseText) { | |
+ currentResponse = getBuilderText(); | |
+ getResponseText = false; | |
} else if (getSeverityText) { | |
currentSeverityCode = getBuilderText(); | |
getSeverityText = false; | |
@@ -127,7 +148,7 @@ | |
if ("vulnerability".equals(qName)) { | |
Finding finding = constructFinding(currentUrlText, currentParameter, | |
- currentChannelVulnCode, currentSeverityCode); | |
+ currentChannelVulnCode, currentSeverityCode, null, currentParameterValue, currentRequest, currentResponse); | |
// The old XML format didn't include severities. As severities are required | |
// for vulnerabilities to show on the application page, let's assign medium | |
@@ -143,12 +164,15 @@ | |
currentSeverityCode = null; | |
currentParameter = null; | |
currentUrlText = null; | |
+ currentParameterValue = null; | |
+ currentRequest = null; | |
+ currentResponse = null; | |
} | |
} | |
public void characters (char ch[], int start, int length) | |
{ | |
- if (getChannelVulnText || getUrlText || getParamText || getSeverityText) { | |
+ if (getChannelVulnText || getUrlText || getParamText || getSeverityText || getParamValueText || getRequestText || getResponseText) { | |
addTextToBuilder(ch, start, length); | |
} | |
} | |
diff --git a/threadfix-main/src/main/java/com/denimgroup/threadfix/service/report/ReportsServiceImpl.java b/threadfix-main/src/main/java/com/denimgroup/threadfix/service/report/ReportsServiceImpl.java | |
index f3fd990..c60e17a 100644 | |
--- a/threadfix-main/src/main/java/com/denimgroup/threadfix/service/report/ReportsServiceImpl.java | |
+++ b/threadfix-main/src/main/java/com/denimgroup/threadfix/service/report/ReportsServiceImpl.java | |
@@ -707,6 +707,10 @@ | |
if (vuln == null || (!vuln.isActive() && !vuln.getIsFalsePositive())) { | |
continue; | |
} | |
+ Finding finding = null; | |
+ if ( vuln.getFindings() != null && vuln.getFindings().size() > 0){ | |
+ finding = vuln.getFindings().get(0); | |
+ } | |
String openedDate = formatter.format(vuln.getOpenTime().getTime()); | |
// Orders of positions: CWE ID, CWE Name, Path, Parameter, Severity, Open Date, Defect ID | |
rowParamsList.add(Arrays.asList(vuln.getGenericVulnerability().getId().toString(), | |
@@ -715,7 +719,12 @@ | |
vuln.getSurfaceLocation().getParameter(), | |
vuln.getGenericSeverity().getName(), | |
openedDate, | |
- (vuln.getDefect() == null) ? "" : vuln.getDefect().getId().toString())); | |
+ (vuln.getDefect() == null) ? "" : vuln.getDefect().getId().toString(), | |
+ (finding == null) ? "" : finding.getAttackString(), | |
+ (finding == null) ? "" : finding.getChannelVulnerability().getChannelType().getName(), | |
+ (finding == null) ? "" : finding.getNativeId() | |
+ ) | |
+ ); | |
} | |
} | |
return rowParamsList; | |
diff --git a/threadfix-main/src/main/resources/.gitignore b/threadfix-main/src/main/resources/.gitignore | |
new file mode 100644 | |
index 0000000..b2bb0f6 | |
--- /dev/null | |
+++ b/threadfix-main/src/main/resources/.gitignore | |
@@ -0,0 +1 @@ | |
+/threadfix-backup.script.original | |
diff --git a/threadfix-main/src/main/resources/threadfix-backup.script b/threadfix-main/src/main/resources/threadfix-backup.script | |
index b91044e..ebb7eab 100644 | |
--- a/threadfix-main/src/main/resources/threadfix-backup.script | |
+++ b/threadfix-main/src/main/resources/threadfix-backup.script | |
@@ -29,7 +29,7 @@ | |
CREATE MEMORY TABLE DOCUMENT(ID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL PRIMARY KEY,ACTIVE BOOLEAN NOT NULL,CREATEDDATE TIMESTAMP NOT NULL,MODIFIEDDATE TIMESTAMP NOT NULL,CONTENTTYPE VARCHAR(255),FILE LONGVARBINARY,NAME VARCHAR(50) NOT NULL,TYPE VARCHAR(10),APPLICATIONID INTEGER,VULNERABILITYID INTEGER,CONSTRAINT FK3737353BC96E039C FOREIGN KEY(APPLICATIONID) REFERENCES APPLICATION(ID)) | |
CREATE MEMORY TABLE EMPTYSCAN(ID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL PRIMARY KEY,ALREADYPROCESSED BOOLEAN NOT NULL,DATEUPLOADED TIMESTAMP,FILENAME VARCHAR(100) NOT NULL,APPLICATIONCHANNELID INTEGER,CONSTRAINT FK22CE714AD1ED50A0 FOREIGN KEY(APPLICATIONCHANNELID) REFERENCES APPLICATIONCHANNEL(ID)) | |
CREATE MEMORY TABLE EXCEPTIONLOG(ID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL PRIMARY KEY,UUID VARCHAR(36),EXCEPTIONSTACKTRACE LONGVARCHAR,EXCEPTIONTOSTRING LONGVARCHAR,MESSAGE VARCHAR(256),TIME TIMESTAMP,TYPE VARCHAR(256)) | |
-CREATE MEMORY TABLE FINDING(ID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL PRIMARY KEY,ACTIVE BOOLEAN NOT NULL,CREATEDDATE TIMESTAMP NOT NULL,MODIFIEDDATE TIMESTAMP NOT NULL,DISPLAYID VARCHAR(50),FIRSTFINDINGFORVULN BOOLEAN NOT NULL,ISSTATIC BOOLEAN NOT NULL,LONGDESCRIPTION VARCHAR(2047),MARKEDFALSEPOSITIVE BOOLEAN,NATIVEID VARCHAR(50),NUMBERMERGEDRESULTS INTEGER,SOURCEFILELOCATION VARCHAR(128),CHANNELSEVERITYID INTEGER,CHANNELVULNERABILITYID INTEGER,DEPENDENCYID INTEGER,SCANID INTEGER,SURFACELOCATIONID INTEGER,USERID INTEGER,VULNERABILITYID INTEGER,CONSTRAINT FK305E33699240CF0 FOREIGN KEY(DEPENDENCYID) REFERENCES DEPENDENCY(ID),CONSTRAINT FK305E33694BC6129C FOREIGN KEY(CHANNELSEVERITYID) REFERENCES CHANNELSEVERITY(ID),CONSTRAINT FK305E3369E2A500AC FOREIGN KEY(CHANNELVULNERABILITYID) REFERENCES CHANNELVULNERABILITY(ID)) | |
+CREATE MEMORY TABLE FINDING(ID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL PRIMARY KEY,ACTIVE BOOLEAN NOT NULL,CREATEDDATE TIMESTAMP NOT NULL,MODIFIEDDATE TIMESTAMP NOT NULL,DISPLAYID VARCHAR(50),FIRSTFINDINGFORVULN BOOLEAN NOT NULL,ISSTATIC BOOLEAN NOT NULL,LONGDESCRIPTION VARCHAR(2047),MARKEDFALSEPOSITIVE BOOLEAN,NATIVEID VARCHAR(50),NUMBERMERGEDRESULTS INTEGER,SOURCEFILELOCATION VARCHAR(128),CHANNELSEVERITYID INTEGER,CHANNELVULNERABILITYID INTEGER,DEPENDENCYID INTEGER,SCANID INTEGER,SURFACELOCATIONID INTEGER,USERID INTEGER,VULNERABILITYID INTEGER,ATTACKVALUE VARCHAR(65535),ATTACKREQUEST VARCHAR(65535),ATTACKRESPONSE VARCHAR(1048575),CONSTRAINT FK305E33699240CF0 FOREIGN KEY(DEPENDENCYID) REFERENCES DEPENDENCY(ID),CONSTRAINT FK305E33694BC6129C FOREIGN KEY(CHANNELSEVERITYID) REFERENCES CHANNELSEVERITY(ID),CONSTRAINT FK305E3369E2A500AC FOREIGN KEY(CHANNELVULNERABILITYID) REFERENCES CHANNELVULNERABILITY(ID)) | |
CREATE MEMORY TABLE GENERICSEVERITY(ID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL PRIMARY KEY,INTVALUE INTEGER NOT NULL,NAME VARCHAR(50) NOT NULL) | |
CREATE MEMORY TABLE GENERICVULNERABILITY(ID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL PRIMARY KEY,NAME VARCHAR(256) NOT NULL) | |
CREATE MEMORY TABLE JOBSTATUS(ID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL PRIMARY KEY,ENDDATE TIMESTAMP,HASSTARTEDPROCESSING BOOLEAN NOT NULL,MODIFIEDDATE TIMESTAMP NOT NULL,OPEN BOOLEAN NOT NULL,SCANDATE TIMESTAMP,STARTDATE TIMESTAMP NOT NULL,STATUS VARCHAR(128),TYPE VARCHAR(128),URLPATH VARCHAR(128),URLTEXT VARCHAR(128),APPLICATIONCHANNELID INTEGER,CONSTRAINT FKBABFF5EFD1ED50A0 FOREIGN KEY(APPLICATIONCHANNELID) REFERENCES APPLICATIONCHANNEL(ID)) | |
diff --git a/threadfix-main/src/main/webapp/WEB-INF/views/applications/vulnerability.jsp b/threadfix-main/src/main/webapp/WEB-INF/views/applications/vulnerability.jsp | |
index ff83bd5..6e00ebc 100644 | |
--- a/threadfix-main/src/main/webapp/WEB-INF/views/applications/vulnerability.jsp | |
+++ b/threadfix-main/src/main/webapp/WEB-INF/views/applications/vulnerability.jsp | |
@@ -28,6 +28,7 @@ | |
<h2>Vulnerability Details | |
<span style="font-size:10pt;"> | |
<a href="#statisticsDiv" data-toggle="collapse" class="btn header-button">Toggle More Info</a> | |
+ <a href="#attackDiv" data-toggle="collapse" class="btn header-button">Toggle Attack Info</a> | |
</span> | |
</h2> | |
@@ -336,6 +337,23 @@ | |
</a> | |
</td> | |
</tr> | |
+ <tr><td colspan=20 cellpadding="0"> | |
+ <div id="attackDiv" style="margin: 0; padding: 0;" class="container-fluid collapse"> | |
+ <table class="table table-striped" cellspacing="0" cellpadding="0" width="100%"> | |
+ <tr> | |
+ <th valign=top>Attack String</th><td colspan=20 id="attackString${ status.count }"><c:out value="${ finding.attackString }" /></td> | |
+ </tr> | |
+ <tr> | |
+ <th valign=top>Attack Request</th><td colspan=20 id="attackRequest${ status.count } "><pre><c:out value="${ finding.attackRequest }"/></pre></td> | |
+ </tr> | |
+ <tr> | |
+ <th valign=top>Attack Response</th><td colspan=20 id="attackResponse${ status.count } "><pre><c:out value="${ finding.attackResponse }"/></pre></td> | |
+ </tr> | |
+ </table> | |
+ </div> | |
+ </td> | |
+ </tr> | |
+ | |
</c:forEach> | |
</tbody> | |
</table> | |
diff --git a/threadfix-main/src/main/webapp/WEB-INF/views/reports/vulnerabilityList.jsp b/threadfix-main/src/main/webapp/WEB-INF/views/reports/vulnerabilityList.jsp | |
index 80c7772..a535c62 100644 | |
--- a/threadfix-main/src/main/webapp/WEB-INF/views/reports/vulnerabilityList.jsp | |
+++ b/threadfix-main/src/main/webapp/WEB-INF/views/reports/vulnerabilityList.jsp | |
@@ -31,7 +31,10 @@ | |
<th>Parameter</th> | |
<th>Severity</th> | |
<th>Open Date</th> | |
- <th class="last">Defect ID</th> | |
+ <th>Defect ID</th> | |
+ <th>Attack String</th> | |
+ <th>Scanner</th> | |
+ <th class="last">Native ID</th> | |
</tr> | |
</thead> | |
diff --git a/threadfix-main/src/main/webapp/WEB-INF/views/scans/findingDetail.jsp b/threadfix-main/src/main/webapp/WEB-INF/views/scans/findingDetail.jsp | |
index e808776..1b8a3dc 100644 | |
--- a/threadfix-main/src/main/webapp/WEB-INF/views/scans/findingDetail.jsp | |
+++ b/threadfix-main/src/main/webapp/WEB-INF/views/scans/findingDetail.jsp | |
@@ -81,6 +81,19 @@ | |
<c:if test="${ empty finding.displayId }"><c:out value="${ finding.nativeId }" /></c:if> | |
</td> | |
</tr> | |
+ <tr> | |
+ <td class="bold" >Attack String</td> | |
+ <td class="inputValue"><c:out value="${ finding.attackString }"/></td> | |
+ </tr> | |
+ <tr> | |
+ <td class="bold" valign=top>Attack Request</td> | |
+ <td class="inputValue" style="word-wrap: break-word;"><PRE><c:out value="${ finding.attackRequest }"/></PRE></td> | |
+ </tr> | |
+ <tr> | |
+ <td class="bold" valign=top>Attack Response</td> | |
+ <td class="inputValue" style="word-wrap: break-word;"><PRE><c:out value="${ finding.attackResponse }"/></PRE></td> | |
+ </tr> | |
+ | |
</c:if> | |
<c:if test="${ not empty finding.dependency }"> | |
<tr> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment