Better Spring4Shell detection logic

.github/workflows/community-build.yml

@@ -7,13 +7,14 @@ on:
   pull_request:
     paths:
       - 'community/**'
+  workflow_dispatch:
 
 jobs:
   build:
     strategy:
       matrix:
         os: [ ubuntu-latest, macos-latest ]
-        java: [ 11 ]
+        java: [ 21 ]
     runs-on: ${{ matrix.os }}
     name: 'Build Community plugins on ${{ matrix.os }} using Java ${{ matrix.java }}'
     steps:
@@ -24,7 +25,7 @@ jobs:
         with:
           java-version: ${{ matrix.java }}
       - name: 'Cache Gradle resources'
-        uses: actions/cache@v2
+        uses: actions/cache@v4
         with:
           path: ~/.gradle/caches
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}

.github/workflows/doyensec-build.yml

@@ -7,13 +7,14 @@ on:
   pull_request:
     paths:
       - 'doyensec/**'
+  workflow_dispatch:
 
 jobs:
   build:
     strategy:
       matrix:
         os: [ ubuntu-latest, macos-latest ]
-        java: [ 11 ]
+        java: [ 21 ]
     runs-on: ${{ matrix.os }}
     name: 'Build doyensec plugins on ${{ matrix.os }} using Java ${{ matrix.java }}'
     steps:
@@ -24,7 +25,7 @@ jobs:
         with:
           java-version: ${{ matrix.java }}
       - name: 'Cache Gradle resources'
-        uses: actions/cache@v2
+        uses: actions/cache@v4
         with:
           path: ~/.gradle/caches
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}

.github/workflows/examples-build.yml

@@ -7,13 +7,14 @@ on:
   pull_request:
     paths:
       - 'examples/**'
+  workflow_dispatch:
 
 jobs:
   build:
     strategy:
       matrix:
         os: [ ubuntu-latest, macos-latest ]
-        java: [ 11 ]
+        java: [ 21 ]
     runs-on: ${{ matrix.os }}
     name: 'Build example plugins on ${{ matrix.os }} using Java ${{ matrix.java }}'
     steps:
@@ -24,7 +25,7 @@ jobs:
         with:
           java-version: ${{ matrix.java }}
       - name: 'Cache Gradle resources'
-        uses: actions/cache@v2
+        uses: actions/cache@v4
         with:
           path: ~/.gradle/caches
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}

.github/workflows/google-build.yml

@@ -7,13 +7,14 @@ on:
   pull_request:
     paths:
       - 'google/**'
+  workflow_dispatch:
 
 jobs:
   build:
     strategy:
       matrix:
         os: [ ubuntu-latest, macos-latest ]
-        java: [ 11 ]
+        java: [ 21 ]
     runs-on: ${{ matrix.os }}
     name: 'Build Google plugins on ${{ matrix.os }} using Java ${{ matrix.java }}'
     steps:
@@ -24,7 +25,7 @@ jobs:
         with:
           java-version: ${{ matrix.java }}
       - name: 'Cache Gradle resources'
-        uses: actions/cache@v2
+        uses: actions/cache@v4
         with:
           path: ~/.gradle/caches
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}

.github/workflows/govtech-build.yml

@@ -7,13 +7,14 @@ on:
   pull_request:
     paths:
       - 'govtech/**'
+  workflow_dispatch:
 
 jobs:
   build:
     strategy:
       matrix:
         os: [ ubuntu-latest, macos-latest ]
-        java: [ 11 ]
+        java: [ 21 ]
     runs-on: ${{ matrix.os }}
     name: 'Build GovTech plugins on ${{ matrix.os }} using Java ${{ matrix.java }}'
     steps:
@@ -24,7 +25,7 @@ jobs:
         with:
           java-version: ${{ matrix.java }}
       - name: 'Cache Gradle resources'
-        uses: actions/cache@v2
+        uses: actions/cache@v4
         with:
           path: ~/.gradle/caches
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}

.github/workflows/templated-build.yml

@@ -0,0 +1,40 @@
+name: templated-plugins-build
+
+on:
+  push:
+    paths:
+      - 'templated/**'
+  pull_request:
+    paths:
+      - 'templated/**'
+  workflow_dispatch:
+
+jobs:
+  build:
+    strategy:
+      matrix:
+        os: [ ubuntu-latest, macos-latest ]
+        java: [ 21 ]
+    runs-on: ${{ matrix.os }}
+    name: 'Build plugins on ${{ matrix.os }} using Java ${{ matrix.java }}'
+    steps:
+      - name: 'Check out repository'
+        uses: actions/checkout@v2
+      - name: 'Set up JDK ${{ matrix.java }}'
+        uses: actions/setup-java@v1
+        with:
+          java-version: ${{ matrix.java }}
+      - name: 'Ensure protoc is installed'
+        uses: arduino/setup-protoc@v3
+        with:
+          version: "25.5"
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: 'Cache Gradle resources'
+        uses: actions/cache@v4
+        with:
+          path: ~/.gradle/caches
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
+          restore-keys: ${{ runner.os }}-gradle
+      - name: 'Build plugins'
+        run: ./gradlew build
+        working-directory: templated/templateddetector/

.github/workflows/templated-lint.yml

@@ -0,0 +1,25 @@
+# Ensures templated plugins are linted correctly.
+name: templated-plugins-linter
+
+on:
+  push:
+    paths:
+      - 'templated/**'
+  pull_request:
+    paths:
+      - 'templated/**'
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    name: 'Verify templated plugins'
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-go@v5
+        with:
+          go-version: 1.22
+      - run: go install github.com/google/tsunami-security-scanner-plugins/templated/utils/linter@latest
+      - run: |
+          find templated/templateddetector/ -type f \( -name '*.textproto' -a ! -name '*_test.textproto' -a ! -path '*/plugins/examples/*' \) \
+          | xargs -I{} linter {}

community/detectors/adobe_coldfusion_cve_2023_26360/README.md

@@ -0,0 +1,20 @@
+# CVE-2023-26360 Detector
+
+Description: Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021
+Update 5 (and earlier) are affected by an Improper Access Control vulnerability
+that could result in unauthenticated file read and arbitrary code execution in
+the context of the current user. Exploitation of this issue does not require
+user interaction.
+
+-   https://nvd.nist.gov/vuln/detail/CVE-2023-26360
+-   https://helpx.adobe.com/security/products/coldfusion/apsb23-25.html
+
+## Build jar file for this plugin
+
+Using `gradlew`:
+
+```shell
+./gradlew jar
+```
+
+Tsunami identifiable jar file is located at `build/libs` directory.

community/detectors/mlflow_cve_2023_6977/build.gradle → community/detectors/adobe_coldfusion_cve_2023_26360/build.gradle

@@ -2,9 +2,9 @@ plugins {
     id 'java-library'
 }
 
-description = 'Tsunami MLflow LFI/RFI (CVE-2023-6977) VulnDetector plugin.'
+description = 'Tsunami CVE-2023-26360 VulnDetector plugin.'
 group 'com.google.tsunami'
-version '0.0.2-SNAPSHOT'
+version '0.0.1-SNAPSHOT'
 
 
 repositories {
@@ -41,6 +41,7 @@ java {
             showExceptions true
             showCauses true
             showStackTraces true
+            showStandardStreams true //ADDED
         }
         maxHeapSize = '1500m'
     }
@@ -58,7 +59,6 @@ dependencies {
     implementation "com.google.tsunami:tsunami-common:${tsunamiVersion}"
     implementation "com.google.tsunami:tsunami-plugin:${tsunamiVersion}"
     implementation "com.google.tsunami:tsunami-proto:${tsunamiVersion}"
-    implementation 'com.google.googlejavaformat:google-java-format:1.13.0'
 
     testImplementation "junit:junit:${junitVersion}"
     testImplementation "org.mockito:mockito-core:${mockitoVersion}"

community/detectors/apache_spark_exposed_webui/gradle/wrapper/gradle-wrapper.properties → community/detectors/adobe_coldfusion_cve_2023_26360/gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.0-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.14-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME

community/detectors/adobe_coldfusion_cve_2023_26360/settings.gradle

@@ -0,0 +1 @@
+rootProject.name = 'CVE-2023-26360'