inject payloads into key and values

owasp-offat · Oct 18, 2024 · a33a914 · a33a914
1 parent 3150c4f
commit a33a914
Show file tree

Hide file tree

Showing 6 changed files with 48 additions and 17 deletions.
diff --git a/pkg/parser/parser.go b/pkg/parser/parser.go
@@ -132,15 +132,21 @@ func (p *Parser) Parse(filename string, isUrl bool) (err error) {
 			return err
 		}
 		p.Doc = &OpenApi{}
-		p.Doc.SetDoc(doc)
+		if err := p.Doc.SetDoc(doc); err != nil {
+			log.Error().Err(err).Msgf("failed to set doc values")
+			return err
+		}
 
 	} else {
 		var doc openapi2.T
 		if err := utils.LoadJsonYaml(content, &doc, contentType); err != nil {
 			return err
 		}
 		p.Doc = &Swagger{}
-		p.Doc.SetDoc(&doc)
+		if err := p.Doc.SetDoc(&doc); err != nil {
+			log.Error().Err(err).Msgf("failed to set doc values")
+			return err
+		}
 	}
 
 	return nil

diff --git a/pkg/tgen/const.go b/pkg/tgen/const.go
@@ -0,0 +1,9 @@
+package tgen
+
+const (
+	Path   = "path"
+	Query  = "query"
+	Header = "header"
+	Cookie = "cookie"
+	Body   = "body"
+)
diff --git a/pkg/tgen/payloadInjection.go b/pkg/tgen/payloadInjection.go
@@ -9,10 +9,16 @@ import (
 
 // injects payload in HTTP parser.param based on type/value
 // It's being used in `injectParamIntoApiTest` function
-func injectParamInParam(params *[]parser.Param, payload string) {
-	for i := range *params {
+func injectParamInParam(params []parser.Param, payload, injectIn string) []parser.Param {
+	// inject payload in key
+	injectedParams := append(params, parser.Param{
+		Name: payload,
+		In:   injectIn,
+		Type: []string{"string"},
+	})
+
+	for _, param := range injectedParams {
 		var paramType string
-		param := &(*params)[i]
 		if len(param.Type) == 0 && param.Value == nil {
 			log.Warn().Msgf("skipping payload %s injection for %v since type/value is missing", payload, param)
 			continue
@@ -28,28 +34,32 @@ func injectParamInParam(params *[]parser.Param, payload string) {
 			param.Value = payload
 		}
 	}
+
+	return injectedParams
 }
 
 // generates Api tests by injecting payloads in values
 func injectParamIntoApiTest(url string, docParams []*parser.DocHttpParams, queryParams map[string]string, headers map[string]string, testName string, injectionConfig InjectionConfig) []*ApiTest {
 	var tests []*ApiTest
+	docPrms := docParams
 	// TODO: only inject payloads if any payload is accepted by the endpoint, else ignore injection
 	// as this will reduce number of tests generated and increase efficiency
 	for _, payload := range injectionConfig.Payloads {
 		// TODO: implement injection in both key or value at a time
-		for _, docParam := range docParams {
+		for _, docParam := range docPrms {
 			// inject payloads into string before converting it to map[string]string
 			if injectionConfig.InBody {
-				injectParamInParam(&(docParam.BodyParams), payload.InjText)
+				docParam.BodyParams = injectParamInParam(docParam.BodyParams, payload.InjText, Body)
+
 			}
 			if injectionConfig.InQuery {
-				injectParamInParam(&(docParam.QueryParams), payload.InjText)
+				docParam.QueryParams = injectParamInParam(docParam.QueryParams, payload.InjText, Query)
 			}
 			if injectionConfig.InCookie {
-				injectParamInParam(&(docParam.CookieParams), payload.InjText)
+				docParam.CookieParams = injectParamInParam(docParam.CookieParams, payload.InjText, Cookie)
 			}
 			if injectionConfig.InHeader {
-				injectParamInParam(&(docParam.HeaderParams), payload.InjText)
+				docParam.HeaderParams = injectParamInParam(docParam.HeaderParams, payload.InjText, Header)
 			}
 
 			// parse maps

diff --git a/pkg/tgen/struct.go b/pkg/tgen/struct.go
@@ -47,6 +47,11 @@ type Payload struct {
 	Regex                   string // regex to be used for post processing
 }
 
+// Struct used for injecting payloads as per configuration
+type PayloadConfig struct {
+	In string // body,
+}
+
 // For Post runner
 type DataLeakPattern struct {
 	Name       string `json:"name" yaml:"name"`

diff --git a/pkg/trunner/postrunner/dataleak_test.go b/pkg/trunner/postrunner/dataleak_test.go
@@ -9,14 +9,12 @@ import (
 	"github.com/dmdhrumilmistry/fasthttpclient/client"
 	"github.com/owasp-offat/offat/pkg/tgen"
 	"github.com/owasp-offat/offat/pkg/trunner/postrunner"
-
-	"github.com/dlclark/regexp2"
 )
 
 // Mock utility function for FindAllString
-var mockFindAllString = func(re *regexp2.Regexp, target string) []string {
-	return []string{}
-}
+// var mockFindAllString = func(re *regexp2.Regexp, target string) []string {
+// 	return []string{}
+// }
 
 // Test cases for UpdateDataLeakResult
 func TestUpdateDataLeakResult(t *testing.T) {

diff --git a/pkg/trunner/runner.go b/pkg/trunner/runner.go
@@ -8,6 +8,7 @@ import (
 	c "github.com/dmdhrumilmistry/fasthttpclient/client"
 	"github.com/k0kubun/go-ansi"
 	"github.com/owasp-offat/offat/pkg/tgen"
+	"github.com/rs/zerolog/log"
 	"github.com/schollz/progressbar/v3"
 	"golang.org/x/term"
 )
@@ -45,10 +46,12 @@ func RunApiTests(t *tgen.TGenHandler, client c.ClientInterface, apiTests []*tgen
 		wg.Add(1)
 		go func(apiTest *tgen.ApiTest) {
 			defer wg.Done()
-			defer bar.Add(1)
-
 			resp, err := client.Do(apiTest.Request.Uri, apiTest.Request.Method, apiTest.Request.QueryParams, apiTest.Request.Headers, apiTest.Request.Body)
 			apiTest.Response = c.NewConcurrentResponse(resp, err)
+
+			if err := bar.Add(1); err != nil {
+				log.Error().Err(err).Msg("Failed to add to bar")
+			}
 		}(apiTest)
 	}