24/3/29 漏洞类型接口开发完成

fuzzbackend/src/main/java/com/example/fuzzControll/conf/kittyProperties.java

@@ -9,7 +9,7 @@ public class kittyProperties {
     String path;
     String venvPath;
     String methodPath;
-
+    String vulnerabilityTypePath;
     public String getPath() {
         return path;
     }
@@ -33,4 +33,12 @@ public class kittyProperties {
     public void setMethodPath(String methodPath) {
         this.methodPath = methodPath;
     }
+
+    public String getVulnerabilityTypePath() {
+        return vulnerabilityTypePath;
+    }
+
+    public void setVulnerabilityTypePath(String vulnerabilityTypePath) {
+        this.vulnerabilityTypePath = vulnerabilityTypePath;
+    }
 }

fuzzbackend/src/main/java/com/example/fuzzControll/constents/vulnerabilityTypeConstent.java

+package com.example.fuzzControll.constents;
+
+public class vulnerabilityTypeConstent {
+    public static final String ARRAY_INDEX_OUT_OF_BOUNDS_VULNERABILIT  = "0";
+}

fuzzbackend/src/main/java/com/example/fuzzControll/controller/vulnerabilityTypeController.java

 package com.example.fuzzControll.controller;
 
+import com.example.fuzzControll.pojo.vo.AjaxResult;
+import com.example.fuzzControll.pojo.vo.generateMethodEntity;
+import com.example.fuzzControll.pojo.vo.vulnerabilityTypeEntity;
+import com.example.fuzzControll.service.testService;
+import com.example.fuzzControll.service.vulnerabilityTypeService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RestController;
 
 @RestController
 @RequestMapping("/vulnerabilityType")
 public class vulnerabilityTypeController {
+    @Autowired
+    vulnerabilityTypeService service;
 
+    @RequestMapping(value = "/generate", method = RequestMethod.POST)
+    public AjaxResult upload(@RequestBody vulnerabilityTypeEntity vulnerabilityTypeEntity) {
+        try {
+            service.generation(vulnerabilityTypeEntity);
+        } catch (Exception e) {
+            return AjaxResult.error("漏洞类型测试失败！");
+        }
+        return AjaxResult.success("漏洞类型测试成功！");
+    }
 }

fuzzbackend/src/main/java/com/example/fuzzControll/pojo/vo/vulnerabilityTypeEntity.java

+package com.example.fuzzControll.pojo.vo;
+
+import lombok.Data;
+
+@Data
+public class vulnerabilityTypeEntity {
+    String vulnerabilityTypeName;
+    String[] paramJson;
+}

fuzzbackend/src/main/java/com/example/fuzzControll/service/impl/vulnerabilityTypeServiceImpl.java

+package com.example.fuzzControll.service.impl;
+
+import com.example.fuzzControll.conf.kittyProperties;
+import com.example.fuzzControll.constents.protocolConstent;
+import com.example.fuzzControll.constents.vulnerabilityTypeConstent;
+import com.example.fuzzControll.pojo.vo.protocolGenerationEntity;
+import com.example.fuzzControll.pojo.vo.vulnerabilityTypeEntity;
+import com.example.fuzzControll.service.vulnerabilityTypeService;
+import com.example.fuzzControll.tools.cmdTools;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+@Slf4j
+@Service("vulnerabilityTypeService")
+public class vulnerabilityTypeServiceImpl implements vulnerabilityTypeService {
+    cmdTools cmdTools = new cmdTools();
+    @Autowired
+    kittyProperties kitty;
+
+    @Override
+    public void generation(vulnerabilityTypeEntity vulnerabilityTypeEntity) {
+        String cmd = parseParameters(vulnerabilityTypeEntity);
+        cmdTools.runProgramCmdAndResultTofile(cmd);
+    }
+
+    public String parseParameters(vulnerabilityTypeEntity vulnerabilityTypeEntity) {
+        switch (vulnerabilityTypeEntity.getVulnerabilityTypeName().toLowerCase()) {
+            case "array_index_out_of_bounds_vulnerabilit":
+                return arrayIndexOutOfBoundsVulnerabilitCmd(vulnerabilityTypeEntity);
+            default:
+                log.error("未知漏洞！[{}]", vulnerabilityTypeEntity.getVulnerabilityTypeName());
+                return null;
+        }
+    }
+
+    private String arrayIndexOutOfBoundsVulnerabilitCmd(vulnerabilityTypeEntity vulnerabilityTypeEntity) {
+        return kitty.getVenvPath() + " " + kitty.getVulnerabilityTypePath() +"vul_types_test.py "+ vulnerabilityTypeConstent.ARRAY_INDEX_OUT_OF_BOUNDS_VULNERABILIT ;
+    }
+    //todo 还有很多类型要写
+}

fuzzbackend/src/main/java/com/example/fuzzControll/service/vulnerabilityTypeService.java

+package com.example.fuzzControll.service;
+
+import com.example.fuzzControll.pojo.vo.protocolGenerationEntity;
+import com.example.fuzzControll.pojo.vo.vulnerabilityTypeEntity;
+
+public interface vulnerabilityTypeService {
+    void generation(vulnerabilityTypeEntity vulnerabilityTypeEntity);
+}

fuzzbackend/src/main/resources/application-dev.yml

@@ -19,4 +19,5 @@ filepath:
 kitty:
   path: "/home/qbq/fuzz50/kitty/renix/" #kitty项目下的各协议生成模板python文件路径
   venvPath: "/home/qbq/fuzz50/kitty/venv/bin/python"
-  methodPath: "/home/qbq/fuzz50/kitty/2020test/"#kitty下变异方法路径
\ No newline at end of file
+  methodPath: "/home/qbq/fuzz50/kitty/2020test/"#kitty下变异方法路径
+  vulnerabilityTypePath: "/home/qbq/fuzz50/kitty/2020test/"#kitty下漏洞类型python路径
\ No newline at end of file