■ ■ ■ ■ ■ ■
plugin/src/main/java/com/google/tsunami/plugin/payload/PayloadGenerator.java
skipped 18 lines 19 19 import static java.lang.annotation.RetentionPolicy.RUNTIME; 20 20 21 21 import com.google.common.collect.ImmutableList; 22 + import com.google.common.flogger.GoogleLogger; 22 23 import com.google.protobuf.ByteString; 23 24 import com.google.tsunami.plugin.TcsClient; 24 25 import com.google.tsunami.proto.PayloadAttributes; skipped 6 lines 31 32 32 33 /** Holds the generate function to get a detection payload given config parameters */ 33 34 public final class PayloadGenerator { 35 + private static final GoogleLogger logger = GoogleLogger.forEnclosingClass(); 34 36 35 37 private static final int SECRET_LENGTH = 8; 36 - 37 38 private static final String TOKEN_CALLBACK_SERVER_URL = "$TSUNAMI_PAYLOAD_TOKEN_URL"; 38 39 private static final String TOKEN_RANDOM_STRING = "$TSUNAMI_PAYLOAD_TOKEN_RANDOM"; 39 40 40 41 private final TcsClient tcsClient; 41 - 42 42 private final PayloadSecretGenerator secretGenerator; 43 - 44 43 private final ImmutableList<PayloadDefinition> payloads; 44 + private final PayloadFrameworkConfigs frameworkConfig; 45 45 46 46 @Inject 47 47 PayloadGenerator( 48 48 TcsClient tcsClient, 49 49 PayloadSecretGenerator secretGenerator, 50 - @Payloads ImmutableList<PayloadDefinition> payloads) { 50 + @Payloads ImmutableList<PayloadDefinition> payloads, 51 + PayloadFrameworkConfigs config) { 51 52 this.tcsClient = checkNotNull(tcsClient); 52 53 this.secretGenerator = checkNotNull(secretGenerator); 53 54 this.payloads = checkNotNull(payloads); 55 + this.frameworkConfig = checkNotNull(config); 54 56 } 55 57 56 58 public boolean isCallbackServerEnabled() { skipped 1 lines 58 60 } 59 61 60 62 public Payload generate(PayloadGeneratorConfig config) { 61 - PayloadDefinition p = null; 63 + PayloadDefinition selectedPayload = null; 62 64 63 65 // If a payload that uses callback server is requested, prioritize finding 64 66 // one. If there's none, fallback to any payload that matches. 65 - if (tcsClient . isCallbackServerEnabled ( ) & & config.getUseCallbackServer()) { 66 - for (PayloadDefinition candidate : payloads) { 67 - if (isMatchingPayload(candidate, config) 68 - && candidate.getUsesCallbackServer().getValue()) { 69 - p = candidate; 70 - break; 67 + if (config.getUseCallbackServer()) { 68 + if (tcsClient.isCallbackServerEnabled()) { 69 + for (PayloadDefinition candidate : payloads) { 70 + if (isMatchingPayload(candidate, config) 71 + && candidate.getUsesCallbackServer().getValue()) { 72 + selectedPayload = candidate; 73 + break; 74 + } 75 + } 76 + } 77 + 78 + if (selectedPayload == null) { // or implictly the callback server is not enabled 79 + if (frameworkConfig.throwErrorIfCallbackServerUnconfigured) { 80 + throw new NoCallbackServerException(); 81 + } else { 82 + logger.atWarning().log( 83 + "Received request for payload that uses the callback server but no callback server is" 84 + + " configured. Attemping to fallback and find a suitable payload that does not" 85 + + " use the callback server. To disable this behavior and error instead, set" 86 + + " PayloadFrameworkConfigs.throwErrorIfCallbackServerUnconfigured to true."); 71 87 } 72 88 } 73 89 } 74 90 75 - if (p == null) { 91 + if (selectedPayload == null) { 76 92 for (PayloadDefinition candidate : payloads) { 77 - if (isMatchingPayload(candidate, config) 78 - && !candidate.getUsesCallbackServer().getValue()) { 79 - p = candidate; 93 + if (isMatchingPayload(candidate, config) & & ! candidate . getUsesCallbackServer ( ) . getValue ( ) ) { 94 + selectedPayload = candidate; 80 95 break; 81 96 } 82 97 } 83 98 } 84 99 85 - if (p == null) { 100 + if (selectedPayload == null) { 86 101 throw new NotImplementedException( 87 102 "No payload implemented for %s vulnerability type, %s interpretation environment, %s" 88 103 + " execution environment", skipped 2 lines 91 106 config.getExecutionEnvironment()); 92 107 } 93 108 94 - return convertParsedPayload(p , config); 109 + return convertParsedPayload(selectedPayload , config); 95 110 } 96 111 97 112 private boolean isMatchingPayload(PayloadDefinition p, PayloadGeneratorConfig c) { skipped 44 lines