STRLCPY/tsunami-security-scanner

Add remote plugins to the plugin matching proccess in the PluginManager.

PiperOrigin-RevId: 461688117
Change-Id: I3d40b12d77bc431b8e60f7ad1060effd69525421

John Y. Kim committed with Copybara-Service 2 years ago

524d383a

1 parent ed40cfca

Total 2 files Show one by one

■ ■ ■ ■ ■ ■ ■

plugin/src/main/java/com/google/tsunami/plugin/PluginManager.java

		skipped 21 lines
22	22		import com.google.common.base.Ascii;
23	23		import com.google.common.collect.ImmutableList;
24	24		import com.google.common.collect.Streams;
	25	+	import com.google.tsunami.proto.MatchedPlugin;
25	26		import com.google.tsunami.proto.NetworkService;
26	27		import com.google.tsunami.proto.ReconnaissanceReport;
27	28		import java.util.Arrays;
		skipped 67 lines
95	96		public ImmutableList<PluginMatchingResult<VulnDetector>> getVulnDetectors(
96	97		ReconnaissanceReport reconnaissanceReport) {
97	98		return tsunamiPlugins.entrySet().stream()
98		-	.filter(entry -> entry.getKey().type().equals(PluginType.VULN_DETECTION))
99		-	.map(entry -> matchVulnDetectors(entry.getKey(), entry.getValue(), reconnaissanceReport))
	99	+	.filter(entry -> isVulnDetector(entry.getKey()))
	100	+	.map(entry -> matchAllVulnDetectors(entry.getKey(), entry.getValue(), reconnaissanceReport))
100	101		.flatMap(Streams::stream)
101	102		.collect(toImmutableList());
	103	+	}
	104	+
	105	+	private static boolean isVulnDetector(PluginDefinition pluginDefinition) {
	106	+	return pluginDefinition.type().equals(PluginType.VULN_DETECTION)
	107	+	\|\| pluginDefinition.type().equals(PluginType.REMOTE_VULN_DETECTION);
	108	+	}
	109	+
	110	+	private static Optional<PluginMatchingResult<VulnDetector>> matchAllVulnDetectors(
	111	+	PluginDefinition pluginDefinition,
	112	+	Provider<TsunamiPlugin> vulnDetectorProvider,
	113	+	ReconnaissanceReport reconnaissanceReport) {
	114	+	if (pluginDefinition.type().equals(PluginType.REMOTE_VULN_DETECTION)) {
	115	+	return matchRemoteVulnDetectors(pluginDefinition, vulnDetectorProvider, reconnaissanceReport);
	116	+	}
	117	+	return matchVulnDetectors(pluginDefinition, vulnDetectorProvider, reconnaissanceReport);
102	118		}
103	119
104	120		private static Optional<PluginMatchingResult<VulnDetector>> matchVulnDetectors(
		skipped 27 lines
132	148		.build());
133	149		}
134	150
	151	+	private static Optional<PluginMatchingResult<VulnDetector>> matchRemoteVulnDetectors(
	152	+	PluginDefinition pluginDefinition,
	153	+	Provider<TsunamiPlugin> tsunamiPlugin,
	154	+	ReconnaissanceReport reconnaissanceReport) {
	155	+	var remoteVulnDetector = (RemoteVulnDetector) tsunamiPlugin.get();
	156	+	var builder =
	157	+	PluginMatchingResult.<VulnDetector>builder()
	158	+	.setTsunamiPlugin(remoteVulnDetector)
	159	+	// PluginDefinition class for the RemoteVulnDetector.
	160	+	.setPluginDefinition(pluginDefinition)
	161	+	.addAllMatchedServices(reconnaissanceReport.getNetworkServicesList());
	162	+	for (com.google.tsunami.proto.PluginDefinition remotePluginDefinition :
	163	+	remoteVulnDetector.getAllPlugins()) {
	164	+	var matchedPlugin =
	165	+	MatchedPlugin.newBuilder()
	166	+	// PluginDefinition proto of the language-specific detector.
	167	+	.setPlugin(remotePluginDefinition)
	168	+	// TODO(b/239439169): Add plugin matching logic for remote plugins.
	169	+	.addAllServices(reconnaissanceReport.getNetworkServicesList())
	170	+	.build();
	171	+	remoteVulnDetector.addMatchedPluginToDetect(matchedPlugin);
	172	+	}
	173	+	return Optional.of(builder.build());
	174	+	}
	175	+
135	176		private static boolean hasMatchingServiceName(
136	177		NetworkService networkService, PluginDefinition pluginDefinition) {
137	178		String serviceName = networkService.getServiceName();
		skipped 21 lines
159	200		@AutoValue
160	201		public abstract static class PluginMatchingResult<T extends TsunamiPlugin> {
161	202		public abstract PluginDefinition pluginDefinition();
	203	+
162	204		public abstract T tsunamiPlugin();
	205	+
163	206		public abstract ImmutableList<NetworkService> matchedServices();
164	207
165	208		public String pluginId() {
		skipped 5 lines
171	214		}
172	215
173	216		/** Builder for {@link PluginMatchingResult}. */
	217	+	@SuppressWarnings("CanIgnoreReturnValueSuggester")
174	218		@AutoValue.Builder
175	219		public abstract static class Builder<T extends TsunamiPlugin> {
176	220		public abstract Builder<T> setPluginDefinition(PluginDefinition value);
		skipped 17 lines

■ ■ ■ ■ ■ ■

plugin/src/test/java/com/google/tsunami/plugin/PluginManagerTest.java

		skipped 18 lines
19	19		import static com.google.common.truth.Truth8.assertThat;
20	20
21	21		import com.google.common.collect.ImmutableList;
	22	+	import com.google.inject.AbstractModule;
22	23		import com.google.inject.Guice;
	24	+	import com.google.inject.multibindings.MapBinder;
23	25		import com.google.tsunami.common.data.NetworkEndpointUtils;
24	26		import com.google.tsunami.plugin.PluginManager.PluginMatchingResult;
25	27		import com.google.tsunami.plugin.annotations.ForServiceName;
		skipped 4 lines
30	32		import com.google.tsunami.plugin.testing.FakePortScanner2;
31	33		import com.google.tsunami.plugin.testing.FakePortScannerBootstrapModule;
32	34		import com.google.tsunami.plugin.testing.FakePortScannerBootstrapModule2;
	35	+	import com.google.tsunami.plugin.testing.FakeRemoteVulnDetector;
33	36		import com.google.tsunami.plugin.testing.FakeServiceFingerprinterBootstrapModule;
34	37		import com.google.tsunami.plugin.testing.FakeVulnDetector;
35	38		import com.google.tsunami.plugin.testing.FakeVulnDetector2;
		skipped 395 lines
431	434		assertThat(pluginManager.getVulnDetectors(fakeReconnaissanceReport)).isEmpty();
432	435		}
433	436
	437	+	@Test
	438	+	public void
	439	+	getVulnDetectors_whenRemotePluginsInstalledNoFiltering_returnsAllRemoteTsunamiPlugins()
	440	+	throws Exception {
	441	+	NetworkService fakeNetworkService1 =
	442	+	NetworkService.newBuilder()
	443	+	.setNetworkEndpoint(NetworkEndpointUtils.forIpAndPort("1.1.1.1", 80))
	444	+	.setTransportProtocol(TransportProtocol.TCP)
	445	+	.setServiceName("http")
	446	+	.build();
	447	+	NetworkService fakeNetworkService2 =
	448	+	NetworkService.newBuilder()
	449	+	.setNetworkEndpoint(NetworkEndpointUtils.forIpAndPort("1.1.1.1", 443))
	450	+	.setTransportProtocol(TransportProtocol.TCP)
	451	+	.setServiceName("https")
	452	+	.build();
	453	+	ReconnaissanceReport fakeReconnaissanceReport =
	454	+	ReconnaissanceReport.newBuilder()
	455	+	.setTargetInfo(TargetInfo.getDefaultInstance())
	456	+	.addNetworkServices(fakeNetworkService1)
	457	+	.addNetworkServices(fakeNetworkService2)
	458	+	.build();
	459	+	PluginManager pluginManager =
	460	+	Guice.createInjector(
	461	+	new FakeServiceFingerprinterBootstrapModule(),
	462	+	new FakeRemoteVulnDetectorLoadingModule(2))
	463	+	.getInstance(PluginManager.class);
	464	+
	465	+	ImmutableList<PluginMatchingResult<VulnDetector>> remotePlugins =
	466	+	pluginManager.getVulnDetectors(fakeReconnaissanceReport);
	467	+
	468	+	assertThat(
	469	+	remotePlugins.stream()
	470	+	.map(pluginMatchingResult -> pluginMatchingResult.tsunamiPlugin().getClass()))
	471	+	.containsExactly(FakeRemoteVulnDetector.class, FakeRemoteVulnDetector.class);
	472	+	}
	473	+
434	474		@PluginInfo(
435	475		type = PluginType.SERVICE_FINGERPRINT,
436	476		name = "NoAnnotationFingerprinter",
		skipped 100 lines
537	577		@Override
538	578		protected void configurePlugin() {
539	579		registerPlugin(FakeSoftwareFilteringDetector.class);
	580	+	}
	581	+	}
	582	+	}
	583	+
	584	+	private static final class FakeRemoteVulnDetectorLoadingModule extends AbstractModule {
	585	+	private final int numRemotePlugins;
	586	+
	587	+	public FakeRemoteVulnDetectorLoadingModule() {
	588	+	this(0);
	589	+	}
	590	+
	591	+	public FakeRemoteVulnDetectorLoadingModule(int numRemotePlugins) {
	592	+	this.numRemotePlugins = numRemotePlugins;
	593	+	}
	594	+
	595	+	@Override
	596	+	protected void configure() {
	597	+	MapBinder<PluginDefinition, TsunamiPlugin> tsunamiPluginBinder =
	598	+	MapBinder.newMapBinder(binder(), PluginDefinition.class, TsunamiPlugin.class);
	599	+	for (int i = 0; i < numRemotePlugins; i++) {
	600	+	tsunamiPluginBinder
	601	+	.addBinding(RemoteVulnDetectorLoadingModule.getRemoteVulnDetectorPluginDefinition(i))
	602	+	.toInstance(new FakeRemoteVulnDetector(i));
540	603		}
541	604		}
542	605		}
		skipped 2 lines