Template Injection emulator

[afeena]

Please, close another pr if you want only this to be merged. And resolve test problems

[rjt-gupta]

Please, close another pr if you want only this to be merged. And resolve test problems

Yes, that is I was trying to resolve and apparently the run method in aiodocker tries to pull the image template_injection:latest which doesn't exist in our case. Maybe I will try create method in this?

[rjt-gupta]

What about jinja2? What is the problem with that engine?

Only basic payloads were working like {{7*7}}, I tried but haven't found a way to execute more complex payloads securely.

Another engine I tried was twig, here twig specific payloads worked like charm like {{7*'7'}} -> 49 but there was no output for complex payloads. I can't see the problem with this bcoz there were no errors from php sandbox whatsoever it just returns empty output.

[coveralls]

Pull Request Test Coverage Report for Build 1094

• 47 of 48 (97.92%) changed or added relevant lines in 4 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage increased (+0.7%) to 77.695%

---

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
tanner/utils/aiodocker_helper.py	2	3	66.67%
<!--	Total:	47	48	97.92%	-->

Totals
Change from base Build 1066:	0.7%
Covered Lines:	1355
Relevant Lines:	1744

---

💛 - Coveralls

[rjt-gupta]

Done finally :)

[rnehra01]

Are tests passing locally?

[rjt-gupta]

Are tests passing locally?

Yes, snare side is also fine :)

[afeena]

I have exactly the same problem locally, on test_handle_mako (tanner.tests.test_template_injection.TestTemplateInjection) ... it just frezees

[afeena]

In the execution this code causes the problem: with open(work_dir, 'r') as f: mako_template = f.read().format(payload)

work_dir is a magick mock object, so reading fails and tests are frozen

The problem is in the test_server.py file. Config is replaced by mock and since it's a static class, it remains the mock after this test. You can check this probably https://stackoverflow.com/questions/11746431/any-way-to-reset-a-mocked-method-to-its-original-state-python-mock-mock-1-0

[rjt-gupta]

Done :)

I dont know why I am not able to reproduce this locally, everything worked perfectly.

[afeena]

Have you tested it? When I try to test it I got HTTP 504 error. And I do not see any logs. Could you please verify

path /index.php?p={{7*7}}

[rjt-gupta]

Have you tested it? When I try to test it I got HTTP 504 error. And I do not see any logs. Could you please verify

path /index.php?p={{7*7}}

Okay So, this problem is bcoz of using python instead of python3, the dockerfile itself is installing only python 3 but still..

Can you try it now?

[afeena]

Can you try it now?

I still have the same behavior. Can you reproduce it?

[rjt-gupta]

I still have the same behavior. Can you reproduce it?

It seems to work fine for me:

tornado -

mako -

Can you try setup.py install for new build?

[afeena]

Can you try setup.py install for new build?

:) For sure

[afeena]

Docker container is created, but not deleted, so somewhere in between some problem exists

[afeena]

Further investigation shows that the problem in the function await self.docker_client.images.build(**params)

Might be some docker related issue https://github.com/aio-libs/aiodocker/blob/master/tests/test_images.py#L11 look at the API requirements

upd: Changing the API from 1.26 to 1.40 didn't help

[rjt-gupta]

Further investigation shows that the problem in the function await self.docker_client.images.build(**params)

Might be some docker related issue https://github.com/aio-libs/aiodocker/blob/master/tests/test_images.py#L11 look at the API requirements

I guess for now aiodocker only supports 18.03.1 and 17.12.1 versions. But we are using latest 18.09. For both of them api_version is above 1.27.

https://github.com/aio-libs/aiodocker/blob/88d0285ddba8e606ff684278e0a831347209189c/tests/conftest.py#L13

[rjt-gupta]

upd: Changing the API from 1.26 to 1.40 didn't help

Should I try tar method then?

[rjt-gupta]

Done.

Added tests and order=4 logic :)