From c19bbcb19bd5bf650cbee117075afb5f21c8d49b Mon Sep 17 00:00:00 2001 From: Mobb autofixer Date: Mon, 25 Sep 2023 08:48:08 +0000 Subject: [PATCH 1/4] mobb fix commit: b08c5573-c99f-40cd-95d6-ea32b70a596b --- src/main/java/org/cysecurity/cspf/jvl/controller/Register.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/cysecurity/cspf/jvl/controller/Register.java b/src/main/java/org/cysecurity/cspf/jvl/controller/Register.java index afa2f83..d04bbbd 100644 --- a/src/main/java/org/cysecurity/cspf/jvl/controller/Register.java +++ b/src/main/java/org/cysecurity/cspf/jvl/controller/Register.java @@ -55,7 +55,7 @@ protected void processRequest(HttpServletRequest request, HttpServletResponse re { Statement stmt = con.createStatement(); - stmt.executeUpdate("INSERT into users(username, password, email, About,avatar,privilege,secretquestion,secret) values ('"+user+"','"+pass+"','"+email+"','"+about+"','default.jpg','user',1,'"+secret+"')"); + stmt.executeUpdate("INSERT into users(username, password, email, About,avatar,privilege,secretquestion,secret) values ('"+user+"','"+pass+"',"+stmt.enquoteLiteral(String.valueOf(email))+",'"+about+"','default.jpg','user',1,'"+secret+"')"); stmt.executeUpdate("INSERT into UserMessages(recipient, sender, subject, msg) values ('"+user+"','admin','Hi','Hi
This is admin of this page.
Welcome to Our Forum')"); response.sendRedirect("index.jsp"); From 45fc115f89d38b5487fa32bfce0b7b56788ce8ad Mon Sep 17 00:00:00 2001 From: Mobb autofixer Date: Mon, 25 Sep 2023 08:48:09 +0000 Subject: [PATCH 2/4] mobb fix commit: 9678aff0-e954-4d2a-aff1-498e291e2af5 --- src/main/java/org/cysecurity/cspf/jvl/controller/Install.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/cysecurity/cspf/jvl/controller/Install.java b/src/main/java/org/cysecurity/cspf/jvl/controller/Install.java index 4d84a8a..4400900 100644 --- a/src/main/java/org/cysecurity/cspf/jvl/controller/Install.java +++ b/src/main/java/org/cysecurity/cspf/jvl/controller/Install.java @@ -124,7 +124,7 @@ protected boolean setup(String i) throws IOException { //User Table creation stmt.executeUpdate("Create table users(ID int NOT NULL AUTO_INCREMENT, username varchar(30),email varchar(60), password varchar(60), about varchar(50),privilege varchar(20),avatar TEXT,secretquestion int,secret varchar(30),primary key (id))"); - stmt.executeUpdate("INSERT into users(username, password, email,About,avatar, privilege,secretquestion,secret) values ('"+adminuser+"','"+adminpass+"','admin@localhost','I am the admin of this application','default.jpg','admin',1,'rocky')"); + stmt.executeUpdate("INSERT into users(username, password, email,About,avatar, privilege,secretquestion,secret) values ("+stmt.enquoteLiteral(String.valueOf(adminuser))+",'"+adminpass+"','admin@localhost','I am the admin of this application','default.jpg','admin',1,'rocky')"); stmt.executeUpdate("INSERT into users(username, password, email,About,avatar, privilege,secretquestion,secret) values ('victim','victim','victim@localhost','I am the victim of this application','default.jpg','user',1,'max')"); stmt.executeUpdate("INSERT into users(username, password, email,About,avatar, privilege,secretquestion,secret) values ('attacker','attacker','attacker@localhost','I am the attacker of this application','default.jpg','user',1,'bella')"); stmt.executeUpdate("INSERT into users(username, password, email,About,avatar, privilege,secretquestion,secret) values ('NEO','trinity','neo@matrix','I am the NEO','default.jpg','user',1,'sentinel')"); From 1353c0089b9c1b651836b83933e8048c9dfd73e0 Mon Sep 17 00:00:00 2001 From: Mobb autofixer Date: Mon, 25 Sep 2023 08:48:09 +0000 Subject: [PATCH 3/4] mobb fix commit: 66745f68-d629-4338-a6b8-9f0b38fc235a --- src/main/webapp/ForgotPassword.jsp | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/main/webapp/ForgotPassword.jsp b/src/main/webapp/ForgotPassword.jsp index b56f6cb..0a76e71 100644 --- a/src/main/webapp/ForgotPassword.jsp +++ b/src/main/webapp/ForgotPassword.jsp @@ -1,6 +1,6 @@ <%@page import="org.cysecurity.cspf.jvl.model.DBConnect"%> -<%@page import="java.sql.Statement"%> +<%@page import="java.sql.PreparedStatement"%> <%@page import="java.sql.ResultSet"%> <%@page import="java.sql.Connection"%> <%@ include file="header.jsp" %> @@ -38,8 +38,10 @@ if(request.getParameter("secret")!=null) { Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties")); ResultSet rs=null; - Statement stmt = con.createStatement(); - rs=stmt.executeQuery("select * from users where username='"+request.getParameter("username").trim()+"' and secret='"+request.getParameter("secret")+"'"); + PreparedStatement pstmt = con.prepareStatement("select * from users where username=? and secret=?"); + pstmt.setString(1, request.getParameter("username").trim()); + pstmt.setString(2, request.getParameter("secret")); + rs=pstmt.executeQuery(); if(rs != null && rs.next()){ out.print("Hello "+rs.getString("username")+", Your Password is: "+rs.getString("password")); } From 926d902838a7f57a6732f049d2ae216a50206feb Mon Sep 17 00:00:00 2001 From: Mobb autofixer Date: Mon, 25 Sep 2023 08:48:09 +0000 Subject: [PATCH 4/4] mobb fix commit: 82d8ac0d-1ee7-442b-802e-c0408500aca6 --- .../vulnerability/csrf/changepassword.jsp | 78 ++++++++----------- 1 file changed, 32 insertions(+), 46 deletions(-) diff --git a/src/main/webapp/vulnerability/csrf/changepassword.jsp b/src/main/webapp/vulnerability/csrf/changepassword.jsp index ca1646f..f83aaed 100644 --- a/src/main/webapp/vulnerability/csrf/changepassword.jsp +++ b/src/main/webapp/vulnerability/csrf/changepassword.jsp @@ -1,62 +1,48 @@ <%@ include file="/header.jsp" %> - <%@page import="java.sql.Connection"%> -<%@page import="java.sql.Statement"%> -<%@page import="java.sql.SQLException"%> - -<%@page import="java.sql.ResultSetMetaData"%> -<%@page import="java.sql.ResultSet"%> -<%@ page import="java.util.*,java.io.*"%> +<%@ page import="java.sql.Connection, java.sql.PreparedStatement, java.sql.SQLException"%> <%@ page import="org.cysecurity.cspf.jvl.model.DBConnect"%> <% -if(session.getAttribute("isLoggedIn")!=null) -{ - String id=session.getAttribute("userid").toString(); - %> +if(session.getAttribute("isLoggedIn") != null) { + String id = session.getAttribute("userid").toString(); +%> Enter the New Password:

- - - - - - + + + + +
New Password:
Confirm Password:
New Password:
Confirm Password:
-
- <% - Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties")); - - String action=request.getParameter("change"); - if(action!=null) - { - String pass=request.getParameter("password"); - String confirmPass=request.getParameter("confirmpassword"); - if(pass!=null && confirmPass!=null && !pass.equals("") ) - { - if(pass.equals(confirmPass) ) - { - Statement stmt = con.createStatement(); - stmt.executeUpdate("Update users set password='"+pass+"' where id="+id); - out.print("Password Changed"); - out.print("

Return to the Previous page "); +
+<% + Connection con = new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties")); + String action = request.getParameter("change"); + if(action != null) { + String pass = request.getParameter("password"); + String confirmPass = request.getParameter("confirmpassword"); + if(pass != null && confirmPass != null && !pass.equals("")) { + if(pass.equals(confirmPass)) { + PreparedStatement pstmt = con.prepareStatement("Update users set password=? where id=?"); + pstmt.setString(1, pass); + pstmt.setString(2, id); + pstmt.executeUpdate(); + out.print("Password Changed"); + out.print("

Return to the Previous page "); } - else - { - out.print("Passwords didn't match"); + else { + out.print("Passwords didn't match"); } } - else - { + else { out.print("Password can't be empty"); } } - } - - %> - - +} +%> + + - - <%@ include file="/footer.jsp" %> \ No newline at end of file +<%@ include file="/footer.jsp" %> \ No newline at end of file