forked from yukuansong-uscis/aws-codeguru-test
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathSample2.java
More file actions
41 lines (35 loc) · 1.29 KB
/
Sample2.java
File metadata and controls
41 lines (35 loc) · 1.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
package com.amazon.aws.codegurusample;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.Random;
public class Sample2 {
String username="testuser";
String password="test123";
public static void main(String[] args) {
System.out.println("Hello world");
Sample2 sample = new Sample2();
sample.testPassword();
String vulnerableRandomString = sample.testRandomGenerator();
System.out.println("Vulnerable random string:"+vulnerableRandomString);
try {
sample.leakingResource();
} catch (IOException e) {
e.printStackTrace();
}
}
private String testRandomGenerator() {
Random r = new Random();
String vulnerableRandomString = Long.toHexString(r.nextLong());
System.out.println("Vulnerable random string:"+vulnerableRandomString);
return vulnerableRandomString;
}
private void leakingResource() throws IOException {
Process p = Runtime.getRuntime().exec("date");
BufferedReader in = new BufferedReader(new InputStreamReader(p.getInputStream()));
}
private void testPassword() {
System.out.println("Username is:"+username);
System.out.println("Password is:"+password);
}
}