diff --git a/src/test/java/org/sasanlabs/service/vulnerability/xss/reflected/PersistentXSSInHTMLTagVulnerabilityTest.java b/src/test/java/org/sasanlabs/service/vulnerability/xss/reflected/PersistentXSSInHTMLTagVulnerabilityTest.java deleted file mode 100644 index 6e034c8e..00000000 --- a/src/test/java/org/sasanlabs/service/vulnerability/xss/reflected/PersistentXSSInHTMLTagVulnerabilityTest.java +++ /dev/null @@ -1,379 +0,0 @@ -package org.sasanlabs.service.vulnerability.xss.reflected; - -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.mockito.Mockito.*; - -import java.util.Arrays; -import java.util.Collections; -import java.util.Map; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Test; -import org.mockito.ArgumentCaptor; -import org.mockito.Mock; -import org.mockito.MockitoAnnotations; -import org.sasanlabs.service.vulnerability.xss.persistent.PersistentXSSInHTMLTagVulnerability; -import org.sasanlabs.service.vulnerability.xss.persistent.Post; -import org.sasanlabs.service.vulnerability.xss.persistent.PostRepository; -import org.springframework.http.HttpStatus; -import org.springframework.http.ResponseEntity; - -public class PersistentXSSInHTMLTagVulnerabilityTest { - @Mock private PostRepository postRepository; - - private PersistentXSSInHTMLTagVulnerability vulnerability; - - @BeforeEach - public void setup() { - MockitoAnnotations.initMocks(this); - vulnerability = new PersistentXSSInHTMLTagVulnerability(postRepository); - } - - @Test - public void testGetVulnerablePayloadLevel1() { - // Prepare test data - Map queryParams = - Collections.singletonMap("comment", ""); - - // Perform the test - ResponseEntity response = vulnerability.getVulnerablePayloadLevel1(queryParams); - - // Verify that the save method is called once - verify(postRepository, times(1)).save(any()); - - // Capture the argument passed to the save method - ArgumentCaptor postCaptor = ArgumentCaptor.forClass(Post.class); - verify(postRepository).save(postCaptor.capture()); - - // Assert on the content of the post being saved - assertEquals("", postCaptor.getValue().getContent()); - - // Assert on the HTTP response status code - assertEquals(200, response.getStatusCodeValue()); - } - - @Test - public void testGetVulnerablePayloadLevel1WithXSSInAttributeValue() { - // Prepare test data - Map queryParams = - Collections.singletonMap("comment", "Click me"); - - // Perform the test - ResponseEntity response = vulnerability.getVulnerablePayloadLevel1(queryParams); - - // Verify that the save method is called once - verify(postRepository, times(1)).save(any()); - - // Capture the argument passed to the save method - ArgumentCaptor postCaptor = ArgumentCaptor.forClass(Post.class); - verify(postRepository).save(postCaptor.capture()); - - // Assert on the content of the post being saved - assertEquals( - "Click me", postCaptor.getValue().getContent()); - - // Assert on the HTTP response status code - assertEquals(200, response.getStatusCodeValue()); - } - - @Test - public void testGetVulnerablePayloadLevel2() { - // Prepare test data - Map queryParams = - Collections.singletonMap("comment", ""); - - // Perform the test - ResponseEntity response = vulnerability.getVulnerablePayloadLevel2(queryParams); - - // Verify that the save method is called once - verify(postRepository, times(1)).save(any()); - - // Capture the argument passed to the save method - ArgumentCaptor postCaptor = ArgumentCaptor.forClass(Post.class); - verify(postRepository).save(postCaptor.capture()); - - // Assert on the content of the post being saved - assertEquals("", postCaptor.getValue().getContent()); - - // Assert on the HTTP response status code - assertEquals(200, response.getStatusCodeValue()); - } - - @Test - public void testGetVulnerablePayloadLevel3() { - // Prepare test data - Map queryParams = - Collections.singletonMap("comment", ""); - - // Perform the test - ResponseEntity response = vulnerability.getVulnerablePayloadLevel3(queryParams); - - // Verify that the save method is called once - verify(postRepository, times(1)).save(any()); - - // Capture the argument passed to the save method - ArgumentCaptor postCaptor = ArgumentCaptor.forClass(Post.class); - verify(postRepository).save(postCaptor.capture()); - - // Assert on the modified content of the post being saved - assertEquals("", postCaptor.getValue().getContent()); - - // Assert on the HTTP response status code - assertEquals(200, response.getStatusCodeValue()); - } - - @Test - public void testGetVulnerablePayloadLevel4() { - // Prepare test data - Map queryParams = - Collections.singletonMap("comment", ""); - - // Perform the test - ResponseEntity response = vulnerability.getVulnerablePayloadLevel4(queryParams); - - // Verify that the save method is called once - verify(postRepository, times(1)).save(any()); - - // Capture the argument passed to the save method - ArgumentCaptor postCaptor = ArgumentCaptor.forClass(Post.class); - verify(postRepository).save(postCaptor.capture()); - - // Assert on the modified content of the post being saved - assertEquals("", postCaptor.getValue().getContent()); - - // Assert on the HTTP response status code - assertEquals(200, response.getStatusCodeValue()); - } - - @Test - public void testGetVulnerablePayloadLevel5() { - // Prepare test data - Map queryParams = - Collections.singletonMap("comment", ""); - - // Perform the test - ResponseEntity response = vulnerability.getVulnerablePayloadLevel5(queryParams); - - // Verify that the save method is called once - verify(postRepository, times(1)).save(any()); - - // Capture the argument passed to the save method - ArgumentCaptor postCaptor = ArgumentCaptor.forClass(Post.class); - verify(postRepository).save(postCaptor.capture()); - - // Assert on the modified content of the post being saved - assertEquals("", postCaptor.getValue().getContent()); - - // Assert on the HTTP response status code - assertEquals(200, response.getStatusCodeValue()); - } - - @Test - public void testGetVulnerablePayloadLevel6() { - // Prepare test data - Map queryParams = - Collections.singletonMap("comment", ""); - - // Perform the test - ResponseEntity response = vulnerability.getVulnerablePayloadLevel6(queryParams); - - // Verify that the save method is called once - verify(postRepository, times(1)).save(any()); - - // Capture the argument passed to the save method - ArgumentCaptor postCaptor = ArgumentCaptor.forClass(Post.class); - verify(postRepository).save(postCaptor.capture()); - - // Assert on the modified content of the post being saved - assertEquals("", postCaptor.getValue().getContent()); - - // Assert on the HTTP response status code - assertEquals(200, response.getStatusCodeValue()); - } - - @Test - public void testGetVulnerablePayloadLevel7() { - // Prepare test data - Map queryParams = - Collections.singletonMap("comment", ""); - - // Perform the test - ResponseEntity response = vulnerability.getVulnerablePayloadLevel7(queryParams); - - // Verify that the save method is called once - verify(postRepository, times(1)).save(any()); - - // Capture the argument passed to the save method - ArgumentCaptor postCaptor = ArgumentCaptor.forClass(Post.class); - verify(postRepository).save(postCaptor.capture()); - - // Assert on the modified content of the post being saved - assertEquals("", postCaptor.getValue().getContent()); - - // Assert on the HTTP response status code - assertEquals(200, response.getStatusCodeValue()); - } - - @Test - public void testGetVulnerablePayloadLevel5WithNullByte() { - // Prepare test data with NullByte - Map queryParams = - Collections.singletonMap("comment", ""); - - // Perform the test - ResponseEntity response = vulnerability.getVulnerablePayloadLevel5(queryParams); - - // Verify that the save method is called once - verify(postRepository, times(1)).save(any()); - - // Capture the argument passed to the save method - ArgumentCaptor postCaptor = ArgumentCaptor.forClass(Post.class); - verify(postRepository).save(postCaptor.capture()); - - // Assert on the modified content of the post being saved (assuming it's not modified) - assertEquals("", postCaptor.getValue().getContent()); - - // Assert on the HTTP response status code - assertEquals(200, response.getStatusCodeValue()); - } - - @Test - public void testGetVulnerablePayloadLevel6WithNullByte() { - // Prepare test data with NullByte - Map queryParams = - Collections.singletonMap("comment", "\u0000"); - - // Perform the test - ResponseEntity response = vulnerability.getVulnerablePayloadLevel6(queryParams); - - // Verify that the save method is called once - verify(postRepository, times(1)).save(any()); - - // Capture the argument passed to the save method - ArgumentCaptor postCaptor = ArgumentCaptor.forClass(Post.class); - verify(postRepository).save(postCaptor.capture()); - - // Assert on the modified content of the post being saved (assuming it's not modified) - assertEquals("\u0000", postCaptor.getValue().getContent()); - - // Assert on the HTTP response status code - assertEquals(200, response.getStatusCodeValue()); - } - - @Test - public void testGetVulnerablePayloadLevel4WithResponseStatusAssertions() { - // Prepare test data - Map queryParams = - Collections.singletonMap("comment", ""); - - // Perform the test - ResponseEntity response = vulnerability.getVulnerablePayloadLevel4(queryParams); - - // Verify that the save method is called once - verify(postRepository, times(1)).save(any()); - - // Capture the argument passed to the save method - ArgumentCaptor postCaptor = ArgumentCaptor.forClass(Post.class); - verify(postRepository).save(postCaptor.capture()); - - // Assert on the modified content of the post being saved - assertEquals("", postCaptor.getValue().getContent()); - - // Assert on the HTTP response status code - assertEquals(HttpStatus.OK, response.getStatusCode()); - } - - @Test - public void testGetVulnerablePayloadLevel6WithHtmlEscaping() { - Post post = new Post(); - post.setContent(""); - - when(postRepository.findByLevelIdentifier("LEVEL_6")).thenReturn(Arrays.asList(post)); - - // Prepare test data - Map queryParams = - Collections.singletonMap("comment", ""); - - // Perform the test - ResponseEntity response = vulnerability.getVulnerablePayloadLevel6(queryParams); - - // Verify that the save method is called once - verify(postRepository, times(1)).save(any()); - - // Capture the argument passed to the save method - ArgumentCaptor postCaptor = ArgumentCaptor.forClass(Post.class); - verify(postRepository).save(postCaptor.capture()); - - // Assert on the content of the post being saved - assertEquals("", postCaptor.getValue().getContent()); - - // Assert on the modified content of the post being saved (HTML escaped) - assertEquals( - "
<img src='x' onerror='alert(1)'>
", - response.getBody()); - - // Assert on the HTTP response status code - assertEquals(HttpStatus.OK, response.getStatusCode()); - } - - @Test - public void testGetVulnerablePayloadLevel2_WithPatternReplacement() { - Post post = new Post(); - post.setContent(""); - - when(postRepository.findByLevelIdentifier("LEVEL_2")).thenReturn(Arrays.asList(post)); - - // Prepare test data - Map queryParams = - Collections.singletonMap("comment", ""); - - // Perform the test - ResponseEntity response = vulnerability.getVulnerablePayloadLevel2(queryParams); - - // Verify that the save method is called once - verify(postRepository, times(1)).save(any()); - - // Capture the argument passed to the save method - ArgumentCaptor postCaptor = ArgumentCaptor.forClass(Post.class); - verify(postRepository).save(postCaptor.capture()); - - // Assert on the content of the post being saved - assertEquals("", postCaptor.getValue().getContent()); - - // Assert on the modified content of the post being saved (pattern replaced) - assertEquals("
src='x' onerror='alert(1)'>
", response.getBody()); - - // Assert on the HTTP response status code - assertEquals(HttpStatus.OK, response.getStatusCode()); - } - - @Test - public void testGetVulnerablePayloadLevel3_WithResponseContentAssertions() { - Post post = new Post(); - post.setContent(""); - - when(postRepository.findByLevelIdentifier("LEVEL_3")).thenReturn(Arrays.asList(post)); - - // Prepare test data - Map queryParams = - Collections.singletonMap("comment", ""); - - // Perform the test - ResponseEntity response = vulnerability.getVulnerablePayloadLevel3(queryParams); - - // Verify that the save method is called once - verify(postRepository, times(1)).save(any()); - - // Capture the argument passed to the save method - ArgumentCaptor postCaptor = ArgumentCaptor.forClass(Post.class); - verify(postRepository).save(postCaptor.capture()); - - // Assert on the modified content of the post being saved - assertEquals("", postCaptor.getValue().getContent()); - - // Assert on the content of the response - assertEquals("
>alert('XSS')
", response.getBody()); - - // Assert on the HTTP response status code - assertEquals(HttpStatus.OK, response.getStatusCode()); - } -}