-
Notifications
You must be signed in to change notification settings - Fork 8
Expand file tree
/
Copy pathform3.rb
More file actions
151 lines (133 loc) · 3.81 KB
/
form3.rb
File metadata and controls
151 lines (133 loc) · 3.81 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
#!/usr/bin/env ruby
########################################################################
# Calculate the max length of key as the x for the item
########################################################################
require [File.expand_path(File.dirname(__FILE__)), '..', 'lib', 'mrdialog'].join('/')
require 'pp'
class TestForm
ME = File.basename($0)
HIDDEN = 1
READ_ONLY = 2
if ENV['CHANGE_TITLE']
if ME =~ /(.+)\.rb$/
base = $1
puts "\033]0;mrdialog - #{base}\007"
end
end
def initialize
@a = []
@h = {}
end
def populate_data
@a << "Base DN: "
@a << "LDAP URI: "
@a << "LDAP Version: "
@a << "LDAP Bind DN: "
@a << "LDAP Bind Password: "
@a << "Login Attribute: "
@h[@a[0]] = "dc=example,dc=com"
@h[@a[1]] = "ldap://192.168.1.1:389"
@h[@a[2]] = "3"
@h[@a[3]] = "cn=Mary Jane, cn=Users, dc=example, dc=com"
@h[@a[4]] = "secret"
@h[@a[5]] = "sAMAccountName"
end
def max_key_len
len = 0
@a.each do |v|
if v.length > len
len = v.length
end
end
return len
end
def show_form
items = []
form_data = Struct.new(:label, :ly, :lx, :item, :iy, :ix, :flen, :ilen, :attr)
ly = 1
lx = 1
iy = 1
ix = max_key_len + 2 # Add some padding
flen = 40 # More reasonable field length
@a.each do |key|
data = form_data.new
data.label = key
data.ly = ly
data.lx = lx
data.item = @h[key]
data.iy = ly
data.ix = ix
data.flen = flen
data.ilen = 0
if key =~ /password/i
data.attr = HIDDEN
else
data.attr = 0
end
items.push(data.to_a)
ly = ly + 1
end
dialog = MRDialog.new
dialog.logger = Logger.new(ENV["HOME"] + "/dialog_" + ME + ".log")
dialog.clear = true
dialog.insecure = true
dialog.title = "MIXEDFORM"
text = <<EOF
In this example of mixedform, the x co-ordinate of the items
are calculated dynamically. The longest value among the keys
is the x value for the items.
Try entering special characters in the password field:
Examples: p@ss'word, test"123, my$pass`word, etc.
EOF
height = 20
width = 70
result_hash = dialog.mixedform(text, items, height, width, 0)
# Return the result_hash so doit can use it
return result_hash
end
def doit
populate_data
result_hash = show_form
# Display the results
if result_hash
puts "\nForm Results:"
puts "=" * 50
result_hash.each do |key, value|
puts "#{key} => #{value}"
end
# Check if password contains special characters
password_key = @a.find { |k| k =~ /password/i }
if password_key && result_hash[password_key]
password = result_hash[password_key]
puts "\n" + "=" * 50
puts "Password Analysis (for testing only!):"
puts "Password entered: '#{password}'"
puts "Length: #{password.length}"
special_chars = password.scan(/[^a-zA-Z0-9]/)
if special_chars.any?
puts "Special characters found: #{special_chars.uniq.join(', ')}"
else
puts "No special characters found"
end
# Test for problematic characters
if password.include?("'")
puts "✓ Contains apostrophe - testing quote handling"
end
if password.include?('"')
puts "✓ Contains double quote - testing quote handling"
end
if password.include?('$')
puts "✓ Contains dollar sign - testing variable expansion prevention"
end
if password.include?('`')
puts "✓ Contains backtick - testing command substitution prevention"
end
end
else
puts "\nForm was cancelled"
end
end
end
if __FILE__ == $0
TestForm.new.doit
end