| 1 | package com.renomad.minum.security; | |
| 2 | ||
| 3 | import com.renomad.minum.state.Constants; | |
| 4 | ||
| 5 | import java.util.List; | |
| 6 | import java.util.stream.Collectors; | |
| 7 | ||
| 8 | /** | |
| 9 | * Looking for bad actors in our system | |
| 10 | */ | |
| 11 | public final class UnderInvestigation { | |
| 12 | ||
| 13 | private final Constants constants; | |
| 14 | ||
| 15 | public UnderInvestigation(Constants constants) { | |
| 16 | this.constants = constants; | |
| 17 | } | |
| 18 | ||
| 19 | /** | |
| 20 | * Check for the kinds of error messages we usually see when an attacker is trying | |
| 21 | * their shenanigans on us. Returns true if we recognize anything. | |
| 22 | */ | |
| 23 | public String isClientLookingForVulnerabilities(String exceptionMessage) { | |
| 24 | List<String> suspiciousErrors = constants.suspiciousErrors; | |
| 25 |
1
1. isClientLookingForVulnerabilities : replaced return value with "" for com/renomad/minum/security/UnderInvestigation::isClientLookingForVulnerabilities → KILLED |
return suspiciousErrors.stream().filter(exceptionMessage::contains).collect(Collectors.joining(";")); |
| 26 | } | |
| 27 | ||
| 28 | ||
| 29 | /** | |
| 30 | * If the client is looking for paths like owa/auth/login.aspx, it means | |
| 31 | * they are probably some low-effort script scouring the web. In that case | |
| 32 | * the client is under control by a bad actor and we can safely block them. | |
| 33 | */ | |
| 34 | public String isLookingForSuspiciousPaths(String isolatedPath) { | |
| 35 |
1
1. isLookingForSuspiciousPaths : replaced return value with "" for com/renomad/minum/security/UnderInvestigation::isLookingForSuspiciousPaths → TIMED_OUT |
return constants.suspiciousPaths.stream().filter(isolatedPath::equals).collect(Collectors.joining(";")); |
| 36 | } | |
| 37 | } | |
Mutations | ||
| 25 |
1.1 |
|
| 35 |
1.1 |