From 2761c391bc1974eb46ee53b1ed1423ce7b2ffddc Mon Sep 17 00:00:00 2001 From: KC Berg Date: Thu, 24 Oct 2024 11:17:15 -0600 Subject: [PATCH] some delay params to simulate slow responding apps fuzzer script example /api/jwt/items/{id} route that throws a 500 for fuzzer script testing --- .github/workflows/build.yaml | 7 +- .github/workflows/release.yaml | 5 + build.gradle.kts | 9 +- gradle/wrapper/gradle-wrapper.properties | 2 +- hawkscripts/active/fuzzer.kts | 69 +++++++ hawkscripts/hawkscripts.gradle.kts | 2 +- openapi.json | 2 +- openapi.yaml | 186 +++++++++++------- .../java/hawk/api/jwt/JwtItemController.java | 11 ++ .../hawk/controller/PayloadController.java | 22 ++- src/main/java/hawk/repos/ItemsRepo.java | 2 + .../resources/application-postgresql.yaml | 6 + src/main/resources/application.yaml | 4 +- stackhawk.d/stackhawk-fuzzer.yaml | 25 +++ stackhawk.d/stackhawk-openapi.yml | 10 + 15 files changed, 284 insertions(+), 78 deletions(-) create mode 100644 hawkscripts/active/fuzzer.kts create mode 100644 stackhawk.d/stackhawk-fuzzer.yaml diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 02ba22c6..a444e7f7 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -10,5 +10,10 @@ jobs: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v2 + - name: Set up JDK 17 + uses: actions/setup-java@v2 + with: + distribution: 'temurin' + java-version: '17' - name: Gradle build - run: ./gradlew :build + run: ./gradlew :build --stacktrace --info --rerun diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 48e6abdd..98834b3f 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -10,6 +10,11 @@ jobs: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v2 + - name: Set up JDK 17 + uses: actions/setup-java@v2 + with: + distribution: 'temurin' + java-version: '17' - name: Gradle assemble run: './gradlew :assemble' - uses: softprops/action-gh-release@v1 diff --git a/build.gradle.kts b/build.gradle.kts index cf5a6e3f..37d9dc13 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -4,7 +4,7 @@ plugins { java idea distribution - id("org.springframework.boot") version "2.1.6.RELEASE" + id("org.springframework.boot") version "2.7.18" } apply(plugin = "io.spring.dependency-management") @@ -12,8 +12,8 @@ repositories { mavenCentral() } -java.sourceCompatibility = JavaVersion.VERSION_11 -java.targetCompatibility = JavaVersion.VERSION_11 +java.sourceCompatibility = JavaVersion.VERSION_17 +java.targetCompatibility = JavaVersion.VERSION_17 dependencies { @@ -28,13 +28,14 @@ dependencies { implementation("io.jsonwebtoken:jjwt-api:0.10.7") implementation("org.apache.logging.log4j:log4j-slf4j-impl:2.14.1") - implementation("org.springdoc:springdoc-openapi-ui:1.2.32") + implementation("org.springdoc:springdoc-openapi-ui:1.8.0") testCompileOnly("junit:junit") implementation("io.jsonwebtoken:jjwt-impl:0.10.7") implementation("io.jsonwebtoken:jjwt-jackson:0.10.7") implementation("io.resurface:resurfaceio-logger:2.2.0") + implementation("org.apache.commons:commons-compress:1.27.1") compileOnly("org.projectlombok:lombok:1.18.10") annotationProcessor("org.projectlombok:lombok:1.18.22") diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 31cca491..763217c5 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,5 +1,5 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-7.6.1-all.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-7.6.4-all.zip zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists diff --git a/hawkscripts/active/fuzzer.kts b/hawkscripts/active/fuzzer.kts new file mode 100644 index 00000000..ecf43b9c --- /dev/null +++ b/hawkscripts/active/fuzzer.kts @@ -0,0 +1,69 @@ +import com.github.javafaker.Faker +import com.stackhawk.hste.extension.script.ScriptVars +import com.stackhawk.hste.extension.scripts.scanrules.ScriptsActiveScanner +import org.apache.log4j.LogManager +import org.parosproxy.paros.network.HttpMessage + +val logger = LogManager.getLogger("fuzzer") + +val faker = Faker() +val scriptVars = ScriptVars.getScriptVars("fuzzer.kts") + +fun alert(activeScanner: ScriptsActiveScanner, msg: HttpMessage, evidence: String, param: String, fuzzedParam: String) { + val risk = 2 // 0: info, 1: low, 2: medium, 3: high + val confidence = 3 // 0: falsePositive, 1: low, 2: medium, 3: high, 4: confirmed + val title = "Fuzzer found a 5xx error" + val description = "Fuzzer was able to find a 5xx error" + val solution = "Handle bad input and never throw a 5xx error" + val reference = "" + val otherInfo = "fuzzed param: $param=$fuzzedParam" + val pluginId = 10_00_063; //Custom Plugin ID + + activeScanner.newAlert() + .setPluginId(pluginId) + .setRisk(risk) + .setConfidence(confidence) + .setName(title) + .setDescription(description) + .setEvidence(evidence) + .setOtherInfo(otherInfo) + .setSolution(solution) + .setReference(reference) + .setMessage(msg) + .raise(); +} + +fun scanNode(activeScanner: ScriptsActiveScanner, origMessage: HttpMessage) { + logger.debug("scanNode fuzzer hook: ${origMessage.requestHeader.uri}") + return +} + +fun scan(activeScanner: ScriptsActiveScanner, origMessage: HttpMessage, param: String, value: String) { + logger.debug("scan fuzzer hook: ${origMessage.requestHeader.uri} | ${param}=${value}") + val iterations = scriptVars["iterations"]?.toInt() ?: 1 + val stringStartLength = scriptVars["stringStartLength"]?.toInt() ?: 1 + val stringEndLength = scriptVars["stringEndLength"]?.toInt() ?: 100 + (1..iterations).forEach { i -> + val msg = origMessage.cloneRequest() + val fuzzedParamValue = if (i % 2 == 0) { + faker.lorem().characters(stringStartLength, stringEndLength) + } else { + faker.harryPotter().spell() + } + + if (param.isNotBlank()) { + activeScanner.setParam(msg, param, fuzzedParamValue) + } + try { + activeScanner.sendAndReceive(msg, false, false) + if (msg.responseHeader.statusCode >= 500) { + logger.debug("request: ${msg.requestHeader}${msg.requestBody}") + alert(activeScanner, msg, msg.responseHeader.primeHeader, param, fuzzedParamValue) + logger.debug("response: ${msg.responseHeader.statusCode} ${msg.responseHeader}${msg.responseBody}") + } + } catch (e: Exception) { + logger.error("Error sending request: ${e.message}") + } + } + +} \ No newline at end of file diff --git a/hawkscripts/hawkscripts.gradle.kts b/hawkscripts/hawkscripts.gradle.kts index 851de948..4f31ba8a 100644 --- a/hawkscripts/hawkscripts.gradle.kts +++ b/hawkscripts/hawkscripts.gradle.kts @@ -7,7 +7,7 @@ plugins { kotlin("jvm") version "1.8.22" } -val kotlinVersion = "1.7.20" +val kotlinVersion = "1.8.22" val hawkScriptSdkVersion = lazy { sdkVersion() } val sdkZipName = lazy { "hawkscript-sdk-${hawkScriptSdkVersion.value}.zip" } val hawkScriptSDKZip = lazy { "$buildDir/${sdkZipName.value}" } diff --git a/openapi.json b/openapi.json index 0eef139d..a9fe5f6d 100644 --- a/openapi.json +++ b/openapi.json @@ -1 +1 @@ -{"openapi":"3.0.1","info":{"title":"OpenAPI definition","version":"v0"},"servers":[{"url":"https://localhost:9000","description":"Generated server url"}],"paths":{"/api/token/items/search/":{"get":{"tags":["token-item-controller"],"operationId":"search","responses":{"200":{"description":"default response","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/token/items/search/{text}":{"get":{"tags":["token-item-controller"],"operationId":"search_1","parameters":[{"name":"text","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"default response","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/jwt/auth/signin":{"post":{"tags":["jwt-auth-controller"],"operationId":"signin","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/AuthenticationRequest"}}}},"responses":{"200":{"description":"default response","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/jwt/items/search":{"post":{"tags":["jwt-item-controller"],"operationId":"search_2","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Search"}}}},"responses":{"200":{"description":"default response","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/jwt/items/search/{text}":{"get":{"tags":["jwt-item-controller"],"operationId":"search_3","parameters":[{"name":"text","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"default response","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/jwt/items/search/":{"get":{"tags":["jwt-item-controller"],"operationId":"searchAll","responses":{"200":{"description":"default response","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/jwt/users/search/{text}":{"get":{"tags":["jwt-user-controller"],"operationId":"search_4","parameters":[{"name":"text","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"default response","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/jwt/users/search/bad/{text}":{"get":{"tags":["jwt-user-controller"],"operationId":"searchCrappy","parameters":[{"name":"text","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"default response","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/jwt/users/search/":{"get":{"tags":["jwt-user-controller"],"operationId":"searchAll_1","responses":{"200":{"description":"default response","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/basic/items/search/":{"get":{"tags":["basic-auth-item-controller"],"operationId":"search_5","responses":{"200":{"description":"default response","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/basic/items/search/{text}":{"get":{"tags":["basic-auth-item-controller"],"operationId":"search_6","parameters":[{"name":"text","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"default response","content":{"*/*":{"schema":{"type":"string"}}}}}}}},"components":{"schemas":{"AuthenticationRequest":{"type":"object","properties":{"username":{"type":"string"},"password":{"type":"string"},"tenant":{"type":"string"}}},"Search":{"type":"object","properties":{"searchText":{"type":"string"}}}}}} \ No newline at end of file +{"openapi":"3.0.1","info":{"title":"OpenAPI definition","version":"v0"},"servers":[{"url":"https://localhost:9000","description":"Generated server url"}],"paths":{"/api/jwt/items/search":{"post":{"tags":["jwt-item-controller"],"operationId":"search","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Search"}}},"required":true},"responses":{"200":{"description":"OK","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/jwt/auth/signin":{"post":{"tags":["jwt-auth-controller"],"operationId":"signin","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/AuthenticationRequest"}}},"required":true},"responses":{"200":{"description":"OK","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/token/items/search/":{"get":{"tags":["token-item-controller"],"operationId":"search_1","responses":{"200":{"description":"OK","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/token/items/search/{text}":{"get":{"tags":["token-item-controller"],"operationId":"search_2","parameters":[{"name":"text","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"OK","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/okta/me/token":{"get":{"tags":["okta-controller"],"operationId":"me","responses":{"200":{"description":"OK","content":{"*/*":{"schema":{"$ref":"#/components/schemas/OktaIdInfo"}}}}}}},"/api/jwt/users/search/":{"get":{"tags":["jwt-user-controller"],"operationId":"searchAll","responses":{"200":{"description":"OK","content":{"*/*":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/User"}}}}}}}},"/api/jwt/users/search/{text}":{"get":{"tags":["jwt-user-controller"],"operationId":"search_3","parameters":[{"name":"text","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"OK","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/jwt/users/search/bad/{text}":{"get":{"tags":["jwt-user-controller"],"operationId":"searchCrappy","parameters":[{"name":"text","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"OK","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/jwt/items/{id}":{"get":{"tags":["jwt-item-controller"],"operationId":"getById","parameters":[{"name":"id","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"OK","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/jwt/items/search/":{"get":{"tags":["jwt-item-controller"],"operationId":"searchAll_1","responses":{"200":{"description":"OK","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/jwt/items/search/{text}":{"get":{"tags":["jwt-item-controller"],"operationId":"search_4","parameters":[{"name":"text","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"OK","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/basic/items/search/":{"get":{"tags":["basic-auth-item-controller"],"operationId":"search_5","responses":{"200":{"description":"OK","content":{"*/*":{"schema":{"type":"string"}}}}}}},"/api/basic/items/search/{text}":{"get":{"tags":["basic-auth-item-controller"],"operationId":"search_6","parameters":[{"name":"text","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"OK","content":{"*/*":{"schema":{"type":"string"}}}}}}}},"components":{"schemas":{"Search":{"type":"object","properties":{"searchText":{"type":"string"}}},"AuthenticationRequest":{"type":"object","properties":{"username":{"type":"string"},"password":{"type":"string"},"tenant":{"type":"string"}}},"OktaIdInfo":{"type":"object","properties":{"token":{"type":"string"}}},"User":{"type":"object","properties":{"id":{"type":"integer","format":"int64"},"name":{"type":"string"},"description":{"type":"string"},"tenantId":{"type":"string"}}}}}} \ No newline at end of file diff --git a/openapi.yaml b/openapi.yaml index 326678d1..72997a2f 100644 --- a/openapi.yaml +++ b/openapi.yaml @@ -1,4 +1,3 @@ ---- openapi: 3.0.1 info: title: OpenAPI definition @@ -7,37 +6,25 @@ servers: - url: https://localhost:9000 description: Generated server url paths: - "/api/token/items/search/": - get: + /api/jwt/items/search: + post: tags: - - token-item-controller + - jwt-item-controller operationId: search + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Search' + required: true responses: '200': - description: default response - content: - "*/*": - schema: - type: string - "/api/token/items/search/{text}": - get: - tags: - - token-item-controller - operationId: search_1 - parameters: - - name: text - in: path - required: true - schema: - type: string - responses: - '200': - description: default response + description: OK content: - "*/*": + '*/*': schema: type: string - "/api/jwt/auth/signin": + /api/jwt/auth/signin: post: tags: - jwt-auth-controller @@ -46,36 +33,32 @@ paths: content: application/json: schema: - "$ref": "#/components/schemas/AuthenticationRequest" + $ref: '#/components/schemas/AuthenticationRequest' + required: true responses: '200': - description: default response + description: OK content: - "*/*": + '*/*': schema: type: string - "/api/jwt/items/search": - post: + /api/token/items/search/: + get: tags: - - jwt-item-controller - operationId: search_2 - requestBody: - content: - application/json: - schema: - "$ref": "#/components/schemas/Search" + - token-item-controller + operationId: search_1 responses: '200': - description: default response + description: OK content: - "*/*": + '*/*': schema: type: string - "/api/jwt/items/search/{text}": + /api/token/items/search/{text}: get: tags: - - jwt-item-controller - operationId: search_3 + - token-item-controller + operationId: search_2 parameters: - name: text in: path @@ -84,28 +67,42 @@ paths: type: string responses: '200': - description: default response + description: OK content: - "*/*": + '*/*': schema: type: string - "/api/jwt/items/search/": + /api/okta/me/token: get: tags: - - jwt-item-controller + - okta-controller + operationId: me + responses: + '200': + description: OK + content: + '*/*': + schema: + $ref: '#/components/schemas/OktaIdInfo' + /api/jwt/users/search/: + get: + tags: + - jwt-user-controller operationId: searchAll responses: '200': - description: default response + description: OK content: - "*/*": + '*/*': schema: - type: string - "/api/jwt/users/search/{text}": + type: array + items: + $ref: '#/components/schemas/User' + /api/jwt/users/search/{text}: get: tags: - jwt-user-controller - operationId: search_4 + operationId: search_3 parameters: - name: text in: path @@ -114,12 +111,12 @@ paths: type: string responses: '200': - description: default response + description: OK content: - "*/*": + '*/*': schema: type: string - "/api/jwt/users/search/bad/{text}": + /api/jwt/users/search/bad/{text}: get: tags: - jwt-user-controller @@ -132,36 +129,72 @@ paths: type: string responses: '200': - description: default response + description: OK content: - "*/*": + '*/*': schema: type: string - "/api/jwt/users/search/": + /api/jwt/items/{id}: get: tags: - - jwt-user-controller + - jwt-item-controller + operationId: getById + parameters: + - name: id + in: path + required: true + schema: + type: string + responses: + '200': + description: OK + content: + '*/*': + schema: + type: string + /api/jwt/items/search/: + get: + tags: + - jwt-item-controller operationId: searchAll_1 responses: '200': - description: default response + description: OK content: - "*/*": + '*/*': schema: type: string - "/api/basic/items/search/": + /api/jwt/items/search/{text}: + get: + tags: + - jwt-item-controller + operationId: search_4 + parameters: + - name: text + in: path + required: true + schema: + type: string + responses: + '200': + description: OK + content: + '*/*': + schema: + type: string + /api/basic/items/search/: get: tags: - basic-auth-item-controller operationId: search_5 responses: '200': - description: default response + description: OK content: - "*/*": + '*/*': schema: type: string - "/api/basic/items/search/{text}": + /api/basic/items/search/{text}: get: tags: - basic-auth-item-controller @@ -174,13 +207,18 @@ paths: type: string responses: '200': - description: default response + description: OK content: - "*/*": + '*/*': schema: type: string components: schemas: + Search: + type: object + properties: + searchText: + type: string AuthenticationRequest: type: object properties: @@ -190,8 +228,20 @@ components: type: string tenant: type: string - Search: + OktaIdInfo: type: object properties: - searchText: + token: + type: string + User: + type: object + properties: + id: + type: integer + format: int64 + name: + type: string + description: + type: string + tenantId: type: string diff --git a/src/main/java/hawk/api/jwt/JwtItemController.java b/src/main/java/hawk/api/jwt/JwtItemController.java index 649d62bd..3f8be875 100644 --- a/src/main/java/hawk/api/jwt/JwtItemController.java +++ b/src/main/java/hawk/api/jwt/JwtItemController.java @@ -2,6 +2,7 @@ import hawk.api.SearchResult; import hawk.form.Search; +import hawk.repos.ItemsRepo; import hawk.service.SearchService; import lombok.val; import org.springframework.beans.factory.annotation.Autowired; @@ -18,6 +19,9 @@ @RequestMapping("/api/jwt/items") public class JwtItemController { + @Autowired + ItemsRepo repo; + private final SearchService searchService; @Autowired @@ -42,4 +46,11 @@ public ResponseEntity search(@RequestBody Search search) { SearchResult result = new SearchResult(search.getSearchText(), searchService.search(search)); return ResponseEntity.ok(result); } + + // @PathVariable("id") String id should be types correctly as a Long. eg: @PathVariable("id") Long id + @GetMapping("/{id}") + public ResponseEntity getById(@PathVariable("id") String id) { + val item = repo.findById(Long.getLong(id)); + return ResponseEntity.ok(item); + } } diff --git a/src/main/java/hawk/controller/PayloadController.java b/src/main/java/hawk/controller/PayloadController.java index 5fdeec5f..7080e6ab 100644 --- a/src/main/java/hawk/controller/PayloadController.java +++ b/src/main/java/hawk/controller/PayloadController.java @@ -5,6 +5,7 @@ import java.io.IOException; import java.io.OutputStream; import java.util.Map; +import java.util.Random; import java.util.concurrent.ConcurrentHashMap; import org.apache.commons.compress.utils.IOUtils; import org.apache.commons.lang3.RandomStringUtils; @@ -27,10 +28,29 @@ public class PayloadController { @Value("${payload.count:10}") private int payloadCount = 20; + @Value("${payload.delayStart:0}") + private int payloadDelayStart = 0; + + @Value("${payload.delayEnd:0}") + private int payloadDelayEnd = 0; + + public void sleepy() { + if ((payloadDelayStart > 0 || payloadDelayEnd > 0) && payloadDelayEnd > payloadDelayStart) { + Random random = new Random(); + Long sleepFor = random.nextLong(payloadDelayStart, payloadDelayEnd); + try { + Thread.sleep(sleepFor); + } catch (InterruptedException e) { + e.printStackTrace(); + } + } + } + @GetMapping(value={"/payload/{size}","/admin/payload/{size}"}) public String getPayload(Model model, @PathVariable("size") Integer size) { + sleepy(); if(payloadCache.containsKey(size)){ model.addAttribute("payload", new String( payloadCache.get(size))); }else { @@ -57,7 +77,7 @@ public String getPayloadsList(Model model){ @GetMapping(value={"/payload/stream/{size}", "/admin/payload/stream/{size}"}) public StreamingResponseBody getPayloadStream(@PathVariable("size") Integer size) { String tmpData = "mobile: 555-678-5343 "; - + sleepy(); return new StreamingResponseBody() { Integer cnt = 0; @Override diff --git a/src/main/java/hawk/repos/ItemsRepo.java b/src/main/java/hawk/repos/ItemsRepo.java index ce746ab1..aba9475f 100644 --- a/src/main/java/hawk/repos/ItemsRepo.java +++ b/src/main/java/hawk/repos/ItemsRepo.java @@ -7,4 +7,6 @@ public interface ItemsRepo extends Repository { List findByNameContainingOrDescriptionContaining(String name, String description); + + Item findById(Long id); } diff --git a/src/main/resources/application-postgresql.yaml b/src/main/resources/application-postgresql.yaml index d69b6b74..192bbbdd 100644 --- a/src/main/resources/application-postgresql.yaml +++ b/src/main/resources/application-postgresql.yaml @@ -44,3 +44,9 @@ management: endpoints: jmx.exposure.include: '*' web.exposure.include: '*' + +payload: + count: 50 + start-size: 10240 + delayStart: 0 + delayEnd: 0 \ No newline at end of file diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index c1e0e509..b8923993 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -30,4 +30,6 @@ springdoc: payload: start-size: 3096 - count: 10 \ No newline at end of file + count: 10 + delayStart: 0 + delayEnd: 0 \ No newline at end of file diff --git a/stackhawk.d/stackhawk-fuzzer.yaml b/stackhawk.d/stackhawk-fuzzer.yaml new file mode 100644 index 00000000..dc827192 --- /dev/null +++ b/stackhawk.d/stackhawk-fuzzer.yaml @@ -0,0 +1,25 @@ +app: + inputVectors: + injectableParam: + urlPath: true + urlQuery: true + urlQueryParam: true + # httpHeaders: true +hawk: + scan: + policyName: CUSTOM_SCRIPTS + +hawkAddOn: + scripts: + - name: fuzzer.kts + type: active + path: hawkscripts + id: 1000063 # Replace with your own registered plugin ID + language: KOTLIN + vars: + - name: iterations + val: 10 + - name: stringStartLength + val: 50 + - name: stringEndLength + val: 10_000 \ No newline at end of file diff --git a/stackhawk.d/stackhawk-openapi.yml b/stackhawk.d/stackhawk-openapi.yml index f733a5b0..d6743b3a 100644 --- a/stackhawk.d/stackhawk-openapi.yml +++ b/stackhawk.d/stackhawk-openapi.yml @@ -27,6 +27,10 @@ app: success: "HTTP.*200.*" openApiConf: + forbiddenVariables: + - field: zone_id + values: + - "" # path: /openapi filePath: openapi.yaml includeAllMethods: true @@ -39,6 +43,12 @@ app: - "customTextValue1" - "customTextValue2" - "customTextValue3" + - field: Dana + values: + - "no judgment!" + - "quiet you!" + - "shoosh!" + - "something something... your face!" - field: searchText values: - "customSearchText1"