The system or application is vulnerable to file system contents
disclosure through path equivalence. Path equivalence involves the
use of special characters in file and directory names. The associated
manipulations are intended to generate multiple names for the same
object. This test will accept input of a file to read, but prohibits access
to file in the /etc directory. The input generates an equivalent name
/////etc/////passwd which bypasses the filter.
TRUE
com.planet_ink.coffee_mud.application.MUD
$SS_TC_ROOT/$SS_TC_INSTALL:$SS_TC_ROOT/$SS_TC_INSTALL/lib/*:$SS_TC_DEPS/java/coffeemud/js.jar:$SS_TC_DEPS/java/coffeemud/jzlib.jar:$SS_TC_DEPS/java/stonesoup/socket/*:$SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar
UNSPECIFIED
UNSPECIFIED
java -classpath "$SS_JAVA_CLASSPATH" -Xmx170m com.planet_ink.coffee_mud.application.MUD "SS_Mud_Server"
env ANT_HOME="$SS_TC_DEPS/ant" ant $SS_ANT_OPTS -Dstonesoup.database.postgres.required=no -Dstonesoup.hibernate.postgres.required=no -Dstonesoup.hibernate.mysql.required=no -Dstonesoup.database.mysql.required=no -Dstonesoup.socket.required=yes -lib $SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar -Dlib.dir="$SS_TC_DEPS/java/coffeemud" -Dstonesoup.socket.lib.dir="$SS_TC_DEPS/java/stonesoup/socket" -Dstonesoup.hibernate.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/mysql" -Dstonesoup.hibernate.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/postgres" -Dstonesoup.database.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/database/mysql" -Dstonesoup.database.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/database/postgres" -Dstonesoup.lttng.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng" -Dstonesoup.lttng.dummy.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng-dummy" -Ddist.dir="$SS_TC_ROOT/$SS_TC_INSTALL" -Dbuild.dir=$SS_TC_ROOT/$SS_TC_INSTALL compile
register a character, become an archon (essentially a superuser), destroy character
Environment variable defining test value.
NONE
/tmp/screen_name.txt
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
GOOD-01-01 AND GOOD-01-02 AND GOOD-01-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
../testData/screenlog.0
good-01/good-01-01.txt
../testData/screenlog.0
good-01/good-01-02.txt
../testData/screenlog.0
good-01/good-01-03.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
register character, become archon, check inventory, destroy character
Environment variable defining test value.
NONE
/tmp/screen_name.txt
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
GOOD-02-01 AND GOOD-02-02 AND GOOD-02-03 AND GOOD-02-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
../testData/screenlog.0
good-02/good-02-01.txt
../testData/screenlog.0
good-02/good-02-02.txt
../testData/screenlog.0
good-02/good-02-03.txt
../testData/screenlog.0
good-02/good-02-04.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
register character, become archon, auto-generate a dungeon, move room, destroy character
Environment variable defining test value.
NONE
/tmp/screen_name.txt
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
GOOD-03-01 AND GOOD-03-02 AND GOOD-03-03 AND GOOD-03-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
../testData/screenlog.0
good-03/good-03-01.txt
../testData/screenlog.0
good-03/good-03-02.txt
../testData/screenlog.0
good-03/good-03-03.txt
../testData/screenlog.0
good-03/good-03-04.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
register character, become archon, auto-generate a dungeon, check inventory, hold torch, move room, destroy character
Environment variable defining test value.
NONE
/tmp/screen_name.txt
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
GOOD-04-01 AND GOOD-04-02 AND GOOD-04-03 AND GOOD-04-05 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
../testData/screenlog.0
good-04/good-04-01.txt
../testData/screenlog.0
good-04/good-04-02.txt
../testData/screenlog.0
good-04/good-04-03.txt
../testData/screenlog.0
good-04/good-04-04.txt
../testData/screenlog.0
good-04/good-04-05.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
register character, become archon, auto-generate a dungeon, search, check inventory, hold torch, move room, destroy character
Environment variable defining test value.
NONE
/tmp/screen_name.txt
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
GOOD-05-01 AND GOOD-05-02 AND GOOD-05-03 AND GOOD-05-04 AND GOOD-05-05 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
../testData/screenlog.0
good-05/good-05-01.txt
../testData/screenlog.0
good-05/good-05-02.txt
../testData/screenlog.0
good-05/good-05-03.txt
../testData/screenlog.0
good-05/good-05-04.txt
../testData/screenlog.0
good-05/good-05-05.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
register character, become archon, export world-state to file, destroy character
Environment variable defining test value.
NONE
/tmp/screen_name.txt
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
GOOD-06 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
../testData/worldexport.txt
good-06/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
register character, become archon, import area from file, list areas of world, destroy character
Environment variable defining test value.
NONE
/tmp/screen_name.txt
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
(GOOD-07-01 OR GOOD-07-02) AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
../testData/screenlog.0
good-07/output.txt
../testData/screenlog.0
good-07/output2.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
register character, become archon, create a news entry, check news, destroy character
Environment variable defining test value.
NONE
/tmp/screen_name.txt
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
GOOD-08-HEADER AND GOOD-08-SUBJECT AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
../testData/screenlog.0
good-08/header.txt
../testData/screenlog.0
good-08/subject.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
register character, become archon, create mobs, have them fight, destroy character
Environment variable defining test value.
NONE
/tmp/screen_name.txt
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
GOOD-09 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
../testData/screenlog.0
is DEAD!!!
DOES_NOT_RETURN
CONTROLLED_EXIT
register character, become archon, generate an average level 5 bard, destroy character
Environment variable defining test value.
NONE
/tmp/screen_name.txt
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
GOOD-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
../testData/screenlog.0
good-10/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
READ_APPLICATION_DATA
/tmp/screen_name.txt
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
weakness_started_NISGWeNtC7qi4VgmyVNX AND ((NOT PERFORMER AND (etc_passwd_line_pattern_5AK2RdWyjB OR etc_passwd_root_user_TRYn9HaHyH OR etc_group_line_pattern_H7qbNlaSfI) AND NOT timeout_KbDjqk8fm5) or (PERFORMER AND NOT ((etc_passwd_line_pattern_5AK2RdWyjB OR etc_passwd_root_user_TRYn9HaHyH OR etc_group_line_pattern_H7qbNlaSfI) OR timeout_KbDjqk8fm5 OR controlled_exit_BMqI0zA4Rz)))
(NOT PERFORMER AND (etc_passwd_line_pattern_5AK2RdWyjB OR etc_passwd_root_user_TRYn9HaHyH OR etc_group_line_pattern_H7qbNlaSfI) AND NOT timeout_KbDjqk8fm5) or (PERFORMER AND NOT ((etc_passwd_line_pattern_5AK2RdWyjB OR etc_passwd_root_user_TRYn9HaHyH OR etc_group_line_pattern_H7qbNlaSfI) OR timeout_KbDjqk8fm5 OR controlled_exit_BMqI0zA4Rz))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
logfile.txt
.+:.+:[0-9]+:[0-9]+:.+:.+:.*
logfile.txt
^root:.*
logfile.txt
.+:x:[0-9]+:
None
stonesoup_trace:weakness_start
Environment variable defining test value.
READ_APPLICATION_DATA
/tmp/screen_name.txt
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
weakness_started_QCVmQCvcpGGAHqgJ6vNo AND ((NOT PERFORMER AND (etc_passwd_line_pattern_COUPnNKR15 OR etc_passwd_root_user_Jp3NIPHjaI OR etc_group_line_pattern_3LJN1XOK9O) AND NOT timeout_pEAX18TqGp) or (PERFORMER AND NOT ((etc_passwd_line_pattern_COUPnNKR15 OR etc_passwd_root_user_Jp3NIPHjaI OR etc_group_line_pattern_3LJN1XOK9O) OR timeout_pEAX18TqGp OR controlled_exit_efOzAIHw7o)))
(NOT PERFORMER AND (etc_passwd_line_pattern_COUPnNKR15 OR etc_passwd_root_user_Jp3NIPHjaI OR etc_group_line_pattern_3LJN1XOK9O) AND NOT timeout_pEAX18TqGp) or (PERFORMER AND NOT ((etc_passwd_line_pattern_COUPnNKR15 OR etc_passwd_root_user_Jp3NIPHjaI OR etc_group_line_pattern_3LJN1XOK9O) OR timeout_pEAX18TqGp OR controlled_exit_efOzAIHw7o))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
logfile.txt
.+:.+:[0-9]+:[0-9]+:.+:.+:.*
logfile.txt
^root:.*
logfile.txt
.+:x:[0-9]+:
None
stonesoup_trace:weakness_start