■ ■ ■ ■ ■ ■
plugin/src/main/java/com/google/tsunami/plugin/PluginManager.java
| skipped 16 lines |
17 | 17 | | |
18 | 18 | | import static com.google.common.collect.ImmutableList.toImmutableList; |
19 | 19 | | import static com.google.tsunami.common.data.NetworkServiceUtils.isWebService; |
| 20 | + | import static java.util.Arrays.stream; |
20 | 21 | | |
21 | 22 | | import com.google.auto.value.AutoValue; |
22 | 23 | | import com.google.common.base.Ascii; |
| skipped 2 lines |
25 | 26 | | import com.google.tsunami.proto.MatchedPlugin; |
26 | 27 | | import com.google.tsunami.proto.NetworkService; |
27 | 28 | | import com.google.tsunami.proto.ReconnaissanceReport; |
28 | | - | import java.util.Arrays; |
29 | 29 | | import java.util.List; |
30 | 30 | | import java.util.Map; |
31 | 31 | | import java.util.Optional; |
| skipped 129 lines |
161 | 161 | | .addAllMatchedServices(reconnaissanceReport.getNetworkServicesList()); |
162 | 162 | | for (com.google.tsunami.proto.PluginDefinition remotePluginDefinition : |
163 | 163 | | remoteVulnDetector.getAllPlugins()) { |
164 | | - | var matchedPlugin = |
165 | | - | MatchedPlugin.newBuilder() |
166 | | - | // PluginDefinition proto of the language-specific detector. |
167 | | - | .setPlugin(remotePluginDefinition) |
168 | | - | // TODO(b/239439169): Add plugin matching logic for remote plugins. |
169 | | - | .addAllServices(reconnaissanceReport.getNetworkServicesList()) |
170 | | - | .build(); |
171 | | - | remoteVulnDetector.addMatchedPluginToDetect(matchedPlugin); |
| 164 | + | var matchedPluginBuilder = MatchedPlugin.newBuilder(); |
| 165 | + | if (!remotePluginDefinition.hasTargetServiceName() |
| 166 | + | && !remotePluginDefinition.hasTargetSoftware() |
| 167 | + | && !remotePluginDefinition.getForWebService()) { |
| 168 | + | matchedPluginBuilder |
| 169 | + | .setPlugin(remotePluginDefinition) |
| 170 | + | .addAllServices(reconnaissanceReport.getNetworkServicesList()); |
| 171 | + | } else { |
| 172 | + | matchedPluginBuilder |
| 173 | + | .setPlugin(remotePluginDefinition) |
| 174 | + | .addAllServices( |
| 175 | + | reconnaissanceReport.getNetworkServicesList().stream() |
| 176 | + | .filter( |
| 177 | + | networkService -> |
| 178 | + | hasMatchingServiceName(networkService, remotePluginDefinition) |
| 179 | + | || hasMatchingSoftware(networkService, remotePluginDefinition)) |
| 180 | + | .collect(toImmutableList())); |
| 181 | + | } |
| 182 | + | remoteVulnDetector.addMatchedPluginToDetect(matchedPluginBuilder.build()); |
172 | 183 | | } |
173 | 184 | | return Optional.of(builder.build()); |
174 | 185 | | } |
| skipped 4 lines |
179 | 190 | | boolean hasServiceNameMatch = |
180 | 191 | | pluginDefinition.targetServiceName().isPresent() |
181 | 192 | | && (serviceName.isEmpty() |
182 | | - | || Arrays.stream(pluginDefinition.targetServiceName().get().value()) |
| 193 | + | || stream(pluginDefinition.targetServiceName().get().value()) |
183 | 194 | | .anyMatch( |
184 | 195 | | targetServiceName -> |
185 | 196 | | Ascii.equalsIgnoreCase(targetServiceName, serviceName))); |
| skipped 1 lines |
187 | 198 | | return hasServiceNameMatch || hasWebServiceMatch; |
188 | 199 | | } |
189 | 200 | | |
| 201 | + | private static boolean hasMatchingServiceName( |
| 202 | + | NetworkService networkService, com.google.tsunami.proto.PluginDefinition pluginDefinition) { |
| 203 | + | String serviceName = networkService.getServiceName(); |
| 204 | + | boolean hasServiceNameMatch = |
| 205 | + | pluginDefinition.hasTargetServiceName() |
| 206 | + | && (serviceName.isEmpty() |
| 207 | + | || pluginDefinition.getTargetServiceName().getValueList().stream() |
| 208 | + | .anyMatch( |
| 209 | + | targetServiceName -> |
| 210 | + | Ascii.equalsIgnoreCase(targetServiceName, serviceName))); |
| 211 | + | boolean hasWebServiceMatch = |
| 212 | + | pluginDefinition.getForWebService() && isWebService(networkService); |
| 213 | + | return hasServiceNameMatch || hasWebServiceMatch; |
| 214 | + | } |
| 215 | + | |
190 | 216 | | private static boolean hasMatchingSoftware( |
191 | 217 | | NetworkService networkService, PluginDefinition pluginDefinition) { |
192 | 218 | | String softwareName = networkService.getSoftware().getName(); |
| skipped 1 lines |
194 | 220 | | && (softwareName.isEmpty() |
195 | 221 | | || Ascii.equalsIgnoreCase( |
196 | 222 | | pluginDefinition.targetSoftware().get().name(), softwareName)); |
| 223 | + | } |
| 224 | + | |
| 225 | + | private static boolean hasMatchingSoftware( |
| 226 | + | NetworkService networkService, com.google.tsunami.proto.PluginDefinition pluginDefinition) { |
| 227 | + | String softwareName = networkService.getSoftware().getName(); |
| 228 | + | return pluginDefinition.hasTargetSoftware() |
| 229 | + | && (softwareName.isEmpty() |
| 230 | + | || Ascii.equalsIgnoreCase( |
| 231 | + | pluginDefinition.getTargetSoftware().getName(), softwareName)); |
197 | 232 | | } |
198 | 233 | | |
199 | 234 | | /** Matched {@link TsunamiPlugin}s based on certain criteria. */ |
| skipped 38 lines |