Philippe Arteau
Philippe Arteau
Following the findings made in #134. A tutorial should be create with a demo project. - [x] Android Project - [ ] Java Project - [ ] Grails Project **...
This is long term enhancement that need to be done. I will document those even if it is only going to be introduce in 2 or 3 release. For the...
## Description Annotation classes when doing annotation processing (Reading annotation by reflection) is prone to false positive for multiples bug patterns. I have stumbled upon many case when reviewing Struts...
## Description Detect if the entity resolver used is overriding the `resolveEntity()` function. ## Code Code taken from batik-dom 1.7 (Vulnerable to XXE) ```java protected Document createDocument(InputSource is) throws IOException...
## Description The class [ZipEntry ](https://docs.oracle.com/javase/8/docs/api/java/util/zip/ZipEntry.html)describe one file inside a Zip archive. [`getName()`](https://docs.oracle.com/javase/8/docs/api/java/util/zip/ZipEntry.html#getName--) return the file name from this file. It could contain a malicious string such as "../../../". If...
## Description Support `StringUtils.isAlphanumeric()` as a valid solution for LDAP filter. ## Code (If needed) ```java if(StringUtils.isAlphanumeric(username)) { NamingEnumeration<SearchResult> answers = context.search("dc=People,dc=example,dc=com", "(uid=" + username + ")", ctrls); } ```
Detect the following annotations: Explicitly accepting Java serialize object (potential RCE..) - `@Consumes({"application/x-java-serialized-object"})` Or the implicit: - No `@Consumes` annotation - `@Consumes({"*/*"})` - `@Consumes({MediaType.WILDCARD_TYPE})` https://0ang3el.blogspot.ca/2016/06/note-about-security-of-resteasy-services.html
Detect SQL injection in Groovy code. As seen in https://stackoverflow.com/questions/29946464/detect-sql-injection-in-groovy-dynamic-sql ```groovy def sql = new Sql(dataSource) def dynamicWhereClause = "" if (params.col) { dynamicWhereClause = " and col = :col"...
## Description It might already be supported ... but I'm not sure. Detect XXE when using JAXB context class. https://stackoverflow.com/a/12978808/89769 ## Code ```java package xxe; import javax.xml.bind.*; import javax.xml.stream.*; import...
## Description In JavaFX desktop application there is a embedded browser capability. The main API is the class [WebEngine](https://docs.oracle.com/javase/8/javafx/api/javafx/scene/web/WebEngine.html). Just like the method `addJavascriptInterface` in Android. It allow to expose...