Skip to content

Jr train 3 #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
jeff-cycode wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Jr train 3 #13

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
dbbab86
Update pom.xml
jeff-cycode Nov 18, 2024
066c35c
Update SecTest.py
jeff-cycode Nov 18, 2024
d4dec8f
Update search.ts
jeff-cycode Nov 18, 2024
42b08a3
[Cycode] Fix for SAST detections - Unsanitized input in SQL query
cycode-security[bot] Nov 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion SecTest.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
password = 'fjdkf7GG@9ikDF5!nZzzz'
password = 'fjdkf7GG@9ikDF5!nZzXz'
Copy link

@cycode-security cycode-security bot Nov 18, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cycode: Secret of type: 'Generic Password' was found.
Severity: Medium
Confidence Score: 99%

Description

A generic secret or password is an authentication token used to access a computer or application and is assigned to a password variable.

Tell us what how you wish to proceed using one of the following commands:

Tag Short Description
#cycode_secret_ignore_here Applies to this request only

⚠️ When commenting on Github, you may need to refresh the page to see the latest updates.

Copy link

@cycode-security cycode-security bot Jun 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cycode: Secret of type: 'Generic Password' was found.
Severity: Medium
Confidence Score: 99%
SHA: a25167b495

Description

A generic secret or password is an authentication token used to access a computer or application and is assigned to a password variable.

Company Remediation Guideline

Please see http://www.espn.com for more info

Tell us what how you wish to proceed using one of the following commands:

Tag Short Description
#cycode_secret_false_positive <reason> Applies to this secret value for all repos in your organization
#cycode_secret_revoked Applies to this secret value for all repos in your organization
#cycode_secret_ignore_everywhere <reason> Applies to this secret value for all repos in your organization
#cycode_secret_ignore_here <reason> Applies to this request only

⚠️ When commenting on Github, you may need to refresh the page to see the latest updates.

6 changes: 3 additions & 3 deletions java-app/pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,11 +85,11 @@
<artifactId>arquillian-container-impl-base</artifactId>
<version>1.7.0.Alpha12</version>
</dependency>
<!-- <dependency>
<dependency>
<groupId>org.jboss.shrinkwrap.descriptors</groupId>
<artifactId>shrinkwrap-descriptors-api-base</artifactId>
<version>2.0.0</version>
</dependency> -->
</dependency>
<dependency>
<groupId>org.jboss.shrinkwrap</groupId>
<artifactId>shrinkwrap-impl-base</artifactId>
Expand Down Expand Up @@ -207,4 +207,4 @@
</plugin>
</plugins>
</build>
</project>
</project>
58 changes: 58 additions & 0 deletions search.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,3 +72,61 @@ module.exports = function searchProducts () {
}
}

// vuln-code-snippet start unionSqlInjectionChallenge dbSchemaChallenge
module.exports = function searchProducts () {
return (req: Request, res: Response, next: NextFunction) => {
let criteria: any = req.query.q === 'undefined' ? '' : req.query.q ?? ''
criteria = (criteria.length <= 200) ? criteria : criteria.substring(0, 200)
const sqlQuery = `SELECT * FROM Products WHERE ((name LIKE ? OR description LIKE ?) AND deletedAt IS NULL) ORDER BY name`;
const replacements = [`%${criteria}%`, `%${criteria}%`];
models.sequelize.query(sqlQuery, { replacements })
.then(([products]: any) => {
const dataString = JSON.stringify(products)
if (challengeUtils.notSolved(challenges.unionSqlInjectionChallenge)) { // vuln-code-snippet hide-start
let solved = true
UserModel.findAll().then(data => {
const users = utils.queryResultToJson(data)
if (users.data?.length) {
for (let i = 0; i < users.data.length; i++) {
solved = solved && utils.containsOrEscaped(dataString, users.data[i].email) && utils.contains(dataString, users.data[i].password)
if (!solved) {
break
}
}
if (solved) {
challengeUtils.solve(challenges.unionSqlInjectionChallenge)
}
}
}).catch((error: Error) => {
next(error)
})
}
if (challengeUtils.notSolved(challenges.dbSchemaChallenge)) {
let solved = true
models.sequelize.query('SELECT sql FROM sqlite_master').then(([data]: any) => {
const tableDefinitions = utils.queryResultToJson(data)
if (tableDefinitions.data?.length) {
for (let i = 0; i < tableDefinitions.data.length; i++) {
if (tableDefinitions.data[i].sql) {
solved = solved && utils.containsOrEscaped(dataString, tableDefinitions.data[i].sql)
if (!solved) {
break
}
}
}
if (solved) {
challengeUtils.solve(challenges.dbSchemaChallenge)
}
}
})
} // vuln-code-snippet hide-end
for (let i = 0; i < products.length; i++) {
products[i].name = req.__(products[i].name)
products[i].description = req.__(products[i].description)
}
res.json(utils.queryResultToJson(products))
}).catch((error: ErrorWithParent) => {
next(error.parent)
})
}
}