test: add jboss eap-8.1 cases

Author: ReaJason

.github/workflows/memshell-integration-test.yml

@@ -27,7 +27,7 @@ jobs:
           - middleware: "jbossas"
             depend_tasks: ":vul:vul-webapp:war"
           - middleware: "jbosseap"
-            depend_tasks: ":vul:vul-webapp:war"
+            depend_tasks: ":vul:vul-webapp:war :vul:vul-webapp-jakarta:war"
           - middleware: "wildfly"
             depend_tasks: ":vul:vul-webapp:war :vul:vul-webapp-jakarta:war"
           - middleware: "glassfish"

.github/workflows/probe-integration-test.yml

@@ -25,7 +25,7 @@ jobs:
           - middleware: "jbossas"
             depend_tasks: ":vul:vul-webapp:war"
           - middleware: "jbosseap"
-            depend_tasks: ":vul:vul-webapp:war"
+            depend_tasks: ":vul:vul-webapp:war :vul:vul-webapp-jakarta:war"
           - middleware: "wildfly"
             depend_tasks: ":vul:vul-webapp:war :vul:vul-webapp-jakarta:war"
           - middleware: "glassfish"

integration-test/src/test/java/com/reajason/javaweb/integration/memshell/jbosseap/JbossEap81ContainerTest.java

@@ -0,0 +1,89 @@
+package com.reajason.javaweb.integration.memshell.jbosseap;
+
+import com.reajason.javaweb.Server;
+import com.reajason.javaweb.integration.ShellAssertion;
+import com.reajason.javaweb.integration.TestCasesProvider;
+import com.reajason.javaweb.memshell.ShellTool;
+import com.reajason.javaweb.memshell.ShellType;
+import com.reajason.javaweb.packer.Packers;
+import lombok.extern.slf4j.Slf4j;
+import net.bytebuddy.jar.asm.Opcodes;
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.Arguments;
+import org.junit.jupiter.params.provider.MethodSource;
+import org.junit.jupiter.params.provider.ValueSource;
+import org.testcontainers.containers.GenericContainer;
+import org.testcontainers.containers.Network;
+import org.testcontainers.containers.wait.strategy.Wait;
+import org.testcontainers.images.builder.ImageFromDockerfile;
+import org.testcontainers.junit.jupiter.Container;
+import org.testcontainers.junit.jupiter.Testcontainers;
+
+import java.util.List;
+import java.util.stream.Stream;
+
+import static com.reajason.javaweb.integration.ContainerTool.*;
+import static com.reajason.javaweb.integration.DoesNotContainExceptionMatcher.doesNotContainException;
+import static com.reajason.javaweb.integration.ShellAssertion.shellInjectIsOk;
+import static org.hamcrest.MatcherAssert.assertThat;
+
+/**
+ * @author ReaJason
+ * @since 2024/12/10
+ */
+@Slf4j
+@Testcontainers
+public class JbossEap81ContainerTest {
+    public static final String imageName = "reajason/jboss:eap-8.1-jdk17";
+    static Network network = Network.newNetwork();
+    @Container
+    public final static GenericContainer<?> python = new GenericContainer<>(new ImageFromDockerfile()
+            .withDockerfile(neoGeorgDockerfile))
+            .withNetwork(network);
+    @Container
+    public static final GenericContainer<?> container = new GenericContainer<>(imageName)
+            .withCopyToContainer(warJakartaFile, "/usr/local/jboss/standalone/deployments/app.war")
+            .withCopyToContainer(jattachFile, "/jattach")
+            .withCopyToContainer(jbossPid, "/fetch_pid.sh")
+            .withNetwork(network)
+            .withNetworkAliases("app")
+            .waitingFor(Wait.forHttp("/app"))
+            .withExposedPorts(8080);
+
+    static Stream<Arguments> casesProvider() {
+        String server = Server.Undertow;
+        List<String> supportedShellTypes = List.of(
+                ShellType.JAKARTA_SERVLET,
+                ShellType.JAKARTA_FILTER,
+                ShellType.JAKARTA_LISTENER,
+                ShellType.UNDERTOW_AGENT_SERVLET_HANDLER
+        );
+        List<Packers> testPackers = List.of(Packers.JSP);
+        return TestCasesProvider.getTestCases(imageName, server, supportedShellTypes, testPackers,
+                null, List.of(ShellTool.AntSword) // AntSword not support jakarta
+        );
+    }
+
+    @AfterAll
+    static void tearDown() {
+        String logs = container.getLogs();
+        log.info(logs);
+        assertThat("Logs should not contain any exceptions", logs, doesNotContainException());
+    }
+
+    @ParameterizedTest(name = "{0}|{1}{2}|{3}")
+    @MethodSource("casesProvider")
+    void test(String imageName, String shellType, String shellTool, Packers packer) {
+        shellInjectIsOk(getUrl(container), Server.Undertow, shellType, shellTool, Opcodes.V17, packer, container, python);
+    }
+
+    @ParameterizedTest
+    @ValueSource(strings = {ShellType.JAKARTA_SERVLET,
+            ShellType.JAKARTA_FILTER,
+            ShellType.JAKARTA_LISTENER,})
+    void testProbeInject(String shellType) {
+        String url = getUrl(container);
+        ShellAssertion.testProbeInject(url, Server.Undertow, shellType, Opcodes.V17);
+    }
+}

integration-test/src/test/java/com/reajason/javaweb/integration/probe/jbosseap/JbossEap81ContainerTest.java

@@ -0,0 +1,72 @@
+package com.reajason.javaweb.integration.probe.jbosseap;
+
+import com.reajason.javaweb.Server;
+import com.reajason.javaweb.integration.ProbeAssertion;
+import com.reajason.javaweb.integration.VulTool;
+import com.reajason.javaweb.integration.probe.DetectionTool;
+import lombok.SneakyThrows;
+import lombok.extern.slf4j.Slf4j;
+import org.junit.jupiter.api.Test;
+import org.objectweb.asm.Opcodes;
+import org.testcontainers.containers.GenericContainer;
+import org.testcontainers.containers.wait.strategy.Wait;
+import org.testcontainers.junit.jupiter.Container;
+import org.testcontainers.junit.jupiter.Testcontainers;
+
+import java.nio.file.Files;
+import java.nio.file.Paths;
+
+import static com.reajason.javaweb.integration.ContainerTool.*;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+/**
+ * @author ReaJason
+ * @since 2024/12/10
+ */
+@Slf4j
+@Testcontainers
+public class JbossEap81ContainerTest {
+    public static final String imageName = "reajason/jboss:eap-8.1-jdk17";
+
+    @Container
+    public static final GenericContainer<?> container = new GenericContainer<>(imageName)
+            .withCopyToContainer(warJakartaFile, "/usr/local/jboss/standalone/deployments/app.war")
+            .waitingFor(Wait.forHttp("/app"))
+            .withExposedPorts(8080);
+
+    @Test
+    void testJDK() {
+        String url = getUrl(container);
+        String data = VulTool.post(url + "/b64", DetectionTool.getJdkDetection());
+        assertEquals("JDK|17.0.15|61", data);
+    }
+
+    @Test
+    @SneakyThrows
+    void testBasicInfo() {
+        String url = getUrl(container);
+        String data = VulTool.post(url + "/b64", DetectionTool.getBasicInfoPrinter());
+        Files.writeString(Paths.get("src", "test", "resources", "infos", this.getClass().getSimpleName() + "BasicInfo.txt"), data);
+    }
+
+    @Test
+    void testServerDetection() {
+        String url = getUrl(container);
+        String data = VulTool.post(url + "/b64", DetectionTool.getServerDetection());
+        assertEquals(Server.Undertow, data);
+    }
+
+    @Test
+    @SneakyThrows
+    void testCommandReqHeaderResponseBody() {
+        String url = getUrl(container);
+        ProbeAssertion.responseCommandIsOk(url, Server.Undertow, Opcodes.V17);
+    }
+
+    @Test
+    @SneakyThrows
+    void testBytecodeReqParamResponseBody() {
+        String url = getUrl(container);
+        ProbeAssertion.responseBytecodeIsOk(url, Server.Undertow, Opcodes.V17);
+    }
+}