Using Hibernate to execute a dynamic SQL statement
with built-in user-controlled input can allow an attacker to
modify the statement's meaning or to execute arbitrary SQL commands.
FALSE
org.apache.jmeter.NewDriver
$SS_TC_ROOT/$SS_TC_INSTALL/classes/core:$SS_TC_ROOT/$SS_TC_INSTALL/classes/components:$SS_TC_ROOT/$SS_TC_INSTALL/classes/functions:$SS_TC_ROOT/$SS_TC_INSTALL/classes/jorphan:$SS_TC_ROOT/$SS_TC_INSTALL/classes/junit:$SS_TC_ROOT/$SS_TC_INSTALL/classes/monitor:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/ftp:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/http:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/java:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/jdbc:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/jms:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/ldap:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/mail:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/native:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/tcp:$SS_TC_ROOT/$SS_TC_INSTALL/classes/reports:$SS_TC_ROOT/$SS_TC_INSTALL/classes/res:$SS_TC_ROOT/$SS_TC_INSTALL/lib/*:$SS_TC_ROOT/$SS_TC_INSTALL/lib/opt/*:$SS_TC_DEPS/java/stonesoup/hibernate/mysql/*:$SS_TC_DEPS/java/stonesoup/socket/*:$SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar
UNSPECIFIED
UNSPECIFIED
java $SS_JAVA_OPTS -Djava.library.path=$SS_TC_DEPS/lib64/ -cp $SS_JAVA_CLASSPATH -Djmeter.home="$SS_TC_ROOT/$SS_TC_INSTALL" org.apache.jmeter.NewDriver
env ANT_HOME=$SS_TC_DEPS/ant ant $SS_ANT_OPTS -Dstonesoup.database.postgres.required=no -Dstonesoup.hibernate.postgres.required=no -Dstonesoup.hibernate.mysql.required=yes -Dstonesoup.database.mysql.required=no -Dstonesoup.socket.required=yes -lib $SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar -Dstonesoup.socket.lib.dir="$SS_TC_DEPS/java/stonesoup/socket" -Dstonesoup.hibernate.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/mysql" -Dstonesoup.hibernate.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/postgres" -Dstonesoup.database.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/database/mysql" -Dstonesoup.database.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/database/postgres" -Ddist.dir="$SS_TC_ROOT/$SS_TC_INSTALL" -Dbuild.dir="$SS_TC_ROOT/$SS_TC_INSTALL" -Dstonesoup.lttng.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng" -Dstonesoup.lttng.dummy.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng-dummy" compile prepare-resources prepare-nonjar-dist -Dbuild.dir=$SS_TC_ROOT/$SS_TC_INSTALL/classes
cp -r lib $SS_TC_ROOT/$SS_TC_INSTALL
cp -r bin $SS_TC_ROOT/$SS_TC_INSTALL
Environment variable defining test value.
NONE
$SS_TC_ROOT/$SS_TC_INSTALL
/opt/stonesoup/workspace/scripts/northwind_create_northwind_tirkknisxjbatpej.sql
northwind_tirkknisxjbatpej
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
-n -t good-01/CSVSample.jmx
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
STDOUT-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-01/CSVSample.jtl
s="true" lb="Login as u1" rc="200" rm="OK" tn="Thread Group 1-1" dt="text" by="15"
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/$SS_TC_INSTALL
/opt/stonesoup/workspace/scripts/northwind_create_northwind_nihregkbmjvegtyq.sql
northwind_nihregkbmjvegtyq
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
-n -t good-02/http-test.jmx
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
STDOUT-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-02/http-test.jtl
good-02/http-test.jtl
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/$SS_TC_INSTALL
/opt/stonesoup/workspace/scripts/northwind_create_northwind_goxzdweowbkuermo.sql
northwind_goxzdweowbkuermo
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
-n -t good-03/http-test.jmx
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
STDOUT-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-03/http-test.jtl
good-03/http-test.jtl
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/$SS_TC_INSTALL
/opt/stonesoup/workspace/scripts/northwind_create_northwind_khbsadobrwwpwxmr.sql
northwind_khbsadobrwwpwxmr
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
-n -t good-04/http-test.jmx
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
STATUS-CHECK-01 AND STATUS-CHECK-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
bash -c "if [[ $(grep -E '<httpSample s=\"true\" lb=\"Homepage\" rc=\"200\" rm=\"OK\" tn=\"Thread Group 1-[1-5]\" dt=\"text\"/>' ../testData/good-04/http-test.jtl | wc -l) -eq 50 ]]; then true; else false; fi"
bash -c "if [[ $(grep -E '<httpSample s=\"true\" lb=\"PageOne\" rc=\"200\" rm=\"OK\" tn=\"Thread Group 1-[1-5]\" dt=\"text\"/>' ../testData/good-04/http-test.jtl | wc -l) -eq 50 ]]; then true; else false; fi"
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/$SS_TC_INSTALL
/opt/stonesoup/workspace/scripts/northwind_create_northwind_nsdzzktiztbiemed.sql
northwind_nsdzzktiztbiemed
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
-n -t good-05/http-test.jmx
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
STDOUT-05 AND GOOD-05-HOSTNAME AND GOOD-05-LS AND GOOD-05-NETSTAT AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-05/http-test.jtl
good-05/http-test.jtl
if [[ -a good-05/hostname.out ]]; then exit 0; else exit 1; fi;
if [[ -a good-05/ls.out ]]; then exit 0; else exit 1; fi;
if [[ -a good-05/netstat.out ]]; then exit 0; else exit 1; fi;
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
EXECUTE_UNAUTHORIZED_CODE
$SS_TC_ROOT/$SS_TC_INSTALL
/opt/stonesoup/workspace/scripts/northwind_create_northwind_qgsqrnagqzbojsyz.sql
northwind_qgsqrnagqzbojsyz
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
-n -t good-03/http-test.jmx
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
weakness_started_94GklDXazPPFVyNDKSDa AND ((NOT PERFORMER AND (hibernate_sql_output_1LbXwwUmeZ OR hibernate_sql_output_jhwnJu87WQ) AND NOT timeout_dGqs7VSqJp) or (PERFORMER AND NOT ((hibernate_sql_output_1LbXwwUmeZ OR hibernate_sql_output_jhwnJu87WQ) OR timeout_dGqs7VSqJp OR controlled_exit_Sk8CW1ruf7)))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
logfile.txt
Zbyszek Piestrzeniewicz
logfile.txt
South House 300 Queensbridge
None
stonesoup_trace:weakness_start
Environment variable defining test value.
EXECUTE_UNAUTHORIZED_CODE
$SS_TC_ROOT/$SS_TC_INSTALL
/opt/stonesoup/workspace/scripts/northwind_create_northwind_jcugmavmnewsclai.sql
northwind_jcugmavmnewsclai
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
-n -t good-05/http-test.jmx
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
weakness_started_hz3IsSvnBqcfq84WKooQ AND ((NOT PERFORMER AND (hibernate_sql_output_t5Fl6SiIpH OR hibernate_sql_output_8XHYlxM3R1) AND NOT timeout_ywpuHW3zs0) or (PERFORMER AND NOT ((hibernate_sql_output_t5Fl6SiIpH OR hibernate_sql_output_8XHYlxM3R1) OR timeout_ywpuHW3zs0 OR controlled_exit_ZGaDTEu2uC)))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
logfile.txt
Zbyszek Piestrzeniewicz
logfile.txt
South House 300 Queensbridge
None
stonesoup_trace:weakness_start