Dynamic (#77)

2026-06-27 20:29:39 +02:00 · 2026-06-05 10:16:30 -05:00 · 2026-06-05 10:16:30 -05:00 · 991c84a1eb
commit 991c84a1eb
parent 55247b7fcd
1464 changed files with 225448 additions and 1985 deletions
--- a/tests/dynamic_fixtures/go/handler_func/benign.go
+++ b/tests/dynamic_fixtures/go/handler_func/benign.go
@ -0,0 +1,19 @@
+// Phase 15 — http.HandlerFunc, benign.
+// Echoes a fixed string; query value is discarded.
+
+package entry
+
+import (
+	"fmt"
+	"net/http"
+	"os/exec"
+)
+
+func Handle(w http.ResponseWriter, r *http.Request) {
+	_ = r.URL.Query().Get("payload")
+	cmd := exec.Command("echo", "hello")
+	out, _ := cmd.CombinedOutput()
+	fmt.Print(string(out))
+	w.WriteHeader(http.StatusOK)
+	w.Write(out)
+}
--- a/tests/dynamic_fixtures/go/handler_func/go.mod
+++ b/tests/dynamic_fixtures/go/handler_func/go.mod
@ -0,0 +1,3 @@
+module nyx_handler_func_fixture
+
+go 1.21
--- a/tests/dynamic_fixtures/go/handler_func/vuln.go
+++ b/tests/dynamic_fixtures/go/handler_func/vuln.go
@ -0,0 +1,21 @@
+// Phase 15 — http.HandlerFunc, vulnerable.
+// Reads `?payload=` query value and pipes to /bin/sh -c.
+// Entry: Handle(w http.ResponseWriter, r *http.Request)  Cap: CODE_EXEC
+
+package entry
+
+import (
+	"fmt"
+	"net/http"
+	"os/exec"
+)
+
+func Handle(w http.ResponseWriter, r *http.Request) {
+	fmt.Print("__NYX_SINK_HIT__\n")
+	payload := r.URL.Query().Get("payload")
+	cmd := exec.Command("sh", "-c", "echo hello "+payload)
+	out, _ := cmd.CombinedOutput()
+	fmt.Print(string(out))
+	w.WriteHeader(http.StatusOK)
+	w.Write(out)
+}