Merge branch 'release/3.0.0-rc.2'

qtc-de · Jun 7, 2022 · 165a379 · 165a379
2 parents ab02c99 + fc68a8f
commit 165a379
Show file tree

Hide file tree

Showing 112 changed files with 6,505 additions and 1,077 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,22 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 
+## [3.0.0-rc.2] - Jun 07, 2022
+
+### Added
+
+* Added documentation for the docker containers
+* Added `execarray` action for the tonka bean
+* Added [tricot](https://github.com/qtc-de/tricot) based tests for all actions
+
+### Changed
+
+* Improve the argument handling of the `invoke` action
+* Improve the `shell` action (Windows compatibility)
+* Replace `execbackground` action with the option `--background`
+* Several bug fixes
+
+
 ## [3.0.0-rc.1] - March 21, 2022
 
 Global refactoring. Basically all code sections were renewed and several new features

diff --git a/README.md b/README.md
diff --git a/beanshooter/config.properties b/beanshooter/config.properties
@@ -1,19 +1,3 @@
-defaultCmd=id
-stagerPort=8080
-stagerHost=127.0.0.1
-
-username=
-password=
-boundName=jmxrmi
-brute_threads=5
-
-jarPath=/opt/beanshooter/tonka-bean/target/
-jarName=tonka-bean.jar
-
 yso=/opt/yso.jar
-
-mLetName=DefaultDomain:type=MLet
-beanClass=de.qtc.tonkabean.TonkaBean
-objectName=MLetTonkaBean:name=TonkaBean,id=1
-
-defaultMBeans=javax.management.MBeanServerDelegate sun.management.BaseOperatingSystemImpl sun.management.ClassLoadingImpl sun.management.CompilationImpl sun.management.GarbageCollectorImpl sun.management.ManagementFactoryHelper$1 sun.management.ManagementFactoryHelper$PlatformLoggingImpl sun.management.MemoryImpl sun.management.MemoryManagerImpl sun.management.MemoryPoolImpl sun.management.RuntimeImpl sun.management.ThreadImpl
+brute_threads=5
+defaultMBeans=javax.management.MBeanServerDelegate sun.management.BaseOperatingSystemImpl sun.management.ClassLoadingImpl sun.management.CompilationImpl sun.management.GarbageCollectorImpl sun.management.ManagementFactoryHelper$1 sun.management.ManagementFactoryHelper$PlatformLoggingImpl sun.management.MemoryImpl sun.management.MemoryManagerImpl sun.management.MemoryPoolImpl sun.management.RuntimeImpl sun.management.ThreadImpl com.sun.management.internal.OperatingSystemImpl com.sun.management.internal.HotSpotThreadImpl com.sun.management.internal.GarbageCollectorExtImpl com.sun.management.internal.GarbageCollectorExtImpl
diff --git a/beanshooter/pom.xml b/beanshooter/pom.xml
@@ -7,7 +7,7 @@
     <parent>
         <groupId>de.qtc.beanshooter</groupId>
         <artifactId>reactor</artifactId>
-        <version>3.0.0-rc.1</version>
+        <version>3.0.0-rc.2</version>
     </parent>
 
     <artifactId>beanshooter</artifactId>

diff --git a/beanshooter/src/de/qtc/beanshooter/cli/ArgType.java b/beanshooter/src/de/qtc/beanshooter/cli/ArgType.java
@@ -10,5 +10,6 @@ public enum ArgType
 {
     INT,
     BOOL,
-    STRING;
+    STRING,
+    ARRAY;
 }
diff --git a/beanshooter/src/de/qtc/beanshooter/cli/OptionHandler.java b/beanshooter/src/de/qtc/beanshooter/cli/OptionHandler.java
@@ -9,6 +9,7 @@
 import de.qtc.beanshooter.io.Logger;
 import de.qtc.beanshooter.mbean.MBean;
 import de.qtc.beanshooter.mbean.mlet.MLetOption;
+import de.qtc.beanshooter.mbean.tonkabean.TonkaBeanOption;
 import de.qtc.beanshooter.operation.BeanshooterOption;
 import de.qtc.beanshooter.utils.Utils;
 import net.sourceforge.argparse4j.inf.Argument;
@@ -130,6 +131,18 @@ public static void addModifiers(Option option, Argument arg)
         if( option == BeanshooterOption.CONN_SASL )
             arg.choices(SASLMechanism.getMechanisms());
 
+        if (option == BeanshooterOption.INVOKE_METHOD_ARGS)
+            arg.nargs("*");
+
+        if (option == TonkaBeanOption.EXEC_ARRAY)
+            arg.nargs("+");
+
+        if (option == TonkaBeanOption.DOWNLOAD_DEST)
+            arg.nargs("?");
+
+        if (option == TonkaBeanOption.UPLOAD_DEST)
+            arg.nargs("?");
+
         if( option == MLetOption.LOAD_BEAN )
         {
             List<String> mBeanNames = MBean.getLoadableBeanNames();

diff --git a/beanshooter/src/de/qtc/beanshooter/cli/SASLMechanism.java b/beanshooter/src/de/qtc/beanshooter/cli/SASLMechanism.java
@@ -13,6 +13,7 @@
 
 import de.qtc.beanshooter.exceptions.AuthenticationException;
 import de.qtc.beanshooter.exceptions.ExceptionHandler;
+import de.qtc.beanshooter.exceptions.MismatchedURIException;
 import de.qtc.beanshooter.exceptions.SaslProfileException;
 import de.qtc.beanshooter.operation.BeanshooterOption;
 import de.qtc.beanshooter.plugin.PluginSystem;
@@ -33,6 +34,7 @@ public enum SASLMechanism {
     NTLM("SASL/NTLM");
 
     private String profile;
+    private String extra;
 
     /**
      * A SASLMechanism is initialized by it's profile name as a String.
@@ -60,6 +62,17 @@ public String getProfile()
         return profile + this.profile;
     }
 
+    /**
+     * The extra field can be used to store additional information related to the mechanism. Currently,
+     * this is only used for DIGEST-MD5 and the expected digest-uri is stored inside.
+     *
+     * @return extra information
+     */
+    public String getExtra()
+    {
+        return extra;
+    }
+
     /**
      * Configures the specified environment for the usage of SASL. Configures the SASL
      * profile together with the username and password values.
@@ -149,6 +162,9 @@ public static SASLMechanism detectMechanis(String host, int port, Map<String,Obj
 
             catch (AuthenticationException e)
             {
+                if (mechanism == SASLMechanism.DIGEST && e instanceof MismatchedURIException)
+                    mechanism.extra = ((MismatchedURIException)e).getUri();
+
                 return mechanism;
             }
         }

diff --git a/beanshooter/src/de/qtc/beanshooter/exceptions/ExceptionHandler.java b/beanshooter/src/de/qtc/beanshooter/exceptions/ExceptionHandler.java
@@ -1,6 +1,8 @@
 package de.qtc.beanshooter.exceptions;
 
+import java.io.File;
 import java.io.IOException;
+import java.util.List;
 
 import de.qtc.beanshooter.io.Logger;
 import de.qtc.beanshooter.operation.BeanshooterOption;
@@ -29,7 +31,7 @@ private static void sslOption()
         else
         {
             Logger.eprintMixedYellow("You can retry the operation using the", "--ssl", "or ");
-            Logger.printlnPlainMixedYellowFirst("--jmxmp", "option.");
+            Logger.eprintlnPlainMixedYellowFirst("--jmxmp", "option.");
         }
     }
 
@@ -182,7 +184,7 @@ public static void connectionRefused(Exception e, String during1, String during2
 
     public static void insufficientPermission(Exception e, String during, boolean exit)
     {
-        Logger.eprintlnMixedYellow("Caught", e.getClass().getName(), "while " + during);
+        Logger.eprintlnMixedYellow("Caught", e.getClass().getName(), "while " + during + ".");
         Logger.eprintlnMixedBlue("The specified user has", "insufficient permission", "to perform the requested action.");
 
         showStackTrace(e);
@@ -291,7 +293,7 @@ public static void handleFileWrite(Exception e, String path, boolean exit)
         Throwable t = ExceptionHandler.getCause(e);
         String message = t.getMessage();
 
-        if(t instanceof java.io.FileNotFoundException)
+        if (t instanceof java.io.FileNotFoundException)
         {
             Logger.eprintlnMixedYellow("Caught", "FileNotFoundException", "while opening output file.");
 
@@ -308,6 +310,15 @@ else if(message.contains("Is a directory"))
                 unexpectedException(e, "writing", "file", exit);
         }
 
+        else if (t instanceof java.nio.file.AccessDeniedException)
+            Logger.eprintlnMixedBlue("Missing the required permissions to write to:", path);
+
+        else if (t instanceof java.nio.file.NoSuchFileException)
+            Logger.eprintlnMixedBlue("The parent directory of", path, "seems not to exist.");
+
+        else if (t instanceof java.nio.file.FileSystemException && t.getMessage().contains("Is a directory"))
+            Logger.eprintlnMixedBlue("The specified path", path, "is an existing directory.");
+
         else
             unexpectedException(e, "writing", "file", exit);
 
@@ -319,10 +330,11 @@ public static void handleFileRead(Exception e, String path, boolean exit)
     {
         Throwable t = ExceptionHandler.getCause(e);
         String message = t.getMessage();
+        File file = new File(path);
 
         if(t instanceof java.nio.file.NoSuchFileException)
         {
-            if(message.contains(path))
+            if(message.contains(file.getName()))
                 Logger.eprintlnMixedBlue("The specified file", path, "seems not to exist.");
 
             else
@@ -370,15 +382,33 @@ public static void handleMBeanGeneric(Exception e)
         }
     }
 
-    public static void handleExecException(Exception e, String[] commandArray)
+    public static void noSuchMethod(Exception e, String method)
+    {
+        String signature = BeanshooterOption.INVOKE_METHOD.getValue(method);
+
+        Logger.eprintlnMixedYellow("A method with signature", signature, "does not exist on the endpoint.");
+        Logger.eprintln("If you invoked a deployed MBean, make sure that the correct version was deployed.");
+        ExceptionHandler.showStackTrace(e);
+        Utils.exit();
+    }
+
+    public static void noSuchAttribute(Exception e, String attr)
+    {
+        Logger.eprintlnMixedYellow("An attribute with name", attr, "does not exist on the endpoint.");
+        Logger.eprintln("If you invoked a deployed MBean, make sure that the correct version was deployed.");
+        ExceptionHandler.showStackTrace(e);
+        Utils.exit();
+    }
+
+    public static void handleExecException(Exception e, List<String> commandArray)
     {
         Throwable t = ExceptionHandler.getCause(e);
         String message =  t.getMessage();
 
         if( t instanceof IOException )
         {
             if(message.contains("error=2,"))
-                Logger.eprintlnMixedYellow("Unknown command:", commandArray[0]);
+                Logger.eprintlnMixedYellow("Unknown command:", commandArray.get(0));
 
             else if(message.contains("error=13,"))
                 Logger.eprintlnYellow("Permission denied.");
@@ -458,6 +488,55 @@ public static void handleSecurityException(SecurityException e) throws Authentic
         Utils.exit();
     }
 
+    public static void handleAuthenticationException(AuthenticationException e)
+    {
+        if( e instanceof SaslMissingException)
+        {
+            Logger.eprintlnMixedYellow("Caught", "SaslMissingException", "while connecting to the JMX service.");
+            Logger.eprintlnMixedBlue("The sever requires a", "SASL profile (--sasl)", "to be specified.");
+        }
+
+        else if( e instanceof SaslProfileException)
+        {
+            Logger.eprintlnMixedYellow("Caught", "SaslProfileException", "while connecting to the JMX service.");
+            Logger.eprintlnMixedBlue("The specified", "SASL profile", "does not match the server SASL profile.");
+
+            if (BeanshooterOption.CONN_SSL.getBool())
+                Logger.eprintlnMixedYellow("If you are confident that you are using the correct profile, try without the", "--ssl", "option");
+
+            else
+                Logger.eprintlnMixedYellow("If you are confident that you are using the correct profile, try to use the", "--ssl", "option");
+        }
+
+        else if( e instanceof MismatchedURIException )
+        {
+            Logger.eprintlnMixedYellow("Caught", "MisMatchedURIException", "while connecting to the JMX service.");
+            Logger.eprintlnMixedBlue("The specified", "target host", "does not match the configured SASL host.");
+        }
+
+        else if( e instanceof ApacheKarafException )
+        {
+            Logger.eprintlnMixedYellow("Caught", "ApacheKarafException", "while connecting to the JMX service.");
+            Logger.eprintlnMixedBlue("The targeted JMX service is probably spawned by", "Apache Karaf", "and requires authentication.");
+            Logger.eprintlnMixedYellow("You can attempt to login using Apache Karaf default credentials:", "karaf:karaf");
+        }
+
+        else if( e instanceof WrongCredentialsException)
+        {
+            Logger.eprintlnMixedYellow("Caught", "AuthenticationException", "while connecting to the JMX service.");
+            Logger.eprintlnMixedBlue("The specified credentials are most likely", "incorrect.");
+        }
+
+        else
+        {
+            Logger.eprintlnMixedYellow("Caught", "AuthenticationException", "while connecting to the JMX service.");
+            Logger.eprintlnMixedBlue("The targeted JMX endpoint probably", "requires authentication.");
+        }
+
+        e.showDetails();
+        ExceptionHandler.showStackTrace(e);
+    }
+
     public static void ysoNotPresent(String location)
     {
         Logger.eprintlnMixedBlue("Unable to find ysoserial library in path", location);
@@ -530,6 +609,59 @@ public static void unknownReason(Exception e)
         Utils.exit();
     }
 
+    public static void invalidSignature(Throwable e, String signature)
+    {
+        Logger.eprintlnMixedYellow("The specified method signature", signature, "is invalid.");
+        Logger.eprintlnMixedBlue("The method signature has to be a valid method signature like:", "int example(String test, int test2)");
+        Logger.eprintlnMixedYellow("Make sure to use", "full qualified", "class names and that all classes are available on the classpath.");
+        ExceptionHandler.showStackTrace(e);
+        Utils.exit();
+    }
+
+    public static void invalidArgumentException(Throwable e, String argumentString)
+    {
+        Logger.eprintlnMixedYellow("The specified argument string", argumentString, "is invalid.");
+        Logger.eprintlnMixedBlue("Make sure to use", "full qualified", "class names and that all classes are available within the classpath.");
+        ExceptionHandler.showStackTrace(e);
+        Utils.exit();
+    }
+
+    public static void argumentCountMismatch(int actual, int expected)
+    {
+        Logger.eprintln("Mismatching number of arguments for the specified signature.");
+        Logger.eprintMixedBlueFirst("Expected " + expected, "argument(s), but", "got " + actual);
+        Logger.printlnPlain(" arguments.");
+        Utils.exit();
+    }
+
+    /**
+     * Walks down a stacktrace and searches for a specific exception name.
+     * If it finds the corresponding name, the corresponding Throwable is returned.
+     *
+     * @param name Exception name to look for.
+     * @param e stack trace to search in.
+     * @return identified Throwable.
+     */
+    public static Throwable getThrowable(String name, Throwable e)
+    {
+        if( e.getClass().getSimpleName().equals(name) )
+            return e;
+
+        Throwable exception = e;
+        Throwable cause = e.getCause();
+
+        while((exception != cause) && (cause != null)) {
+
+            if( cause.getClass().getSimpleName().equals(name))
+                return cause;
+
+            exception = cause;
+            cause = exception.getCause();
+        }
+
+        return null;
+    }
+
     /**
      * Taken from https://stackoverflow.com/questions/17747175/how-can-i-loop-through-exception-getcause-to-find-root-cause-with-detail-messa
      * Returns the actual cause of an exception.

diff --git a/beanshooter/src/de/qtc/beanshooter/exceptions/MismatchedURIException.java b/beanshooter/src/de/qtc/beanshooter/exceptions/MismatchedURIException.java
@@ -24,4 +24,11 @@ public Exception getOriginalException()
     {
         return origException;
     }
+
+    public String getUri()
+    {
+        String message = getMessage();
+        message = message.substring(message.lastIndexOf(" ") + 1);
+        return message.replace("jmxmp/", "");
+    }
 }