brakeman-min 0.5.2 → 2.1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGES +529 -0
- data/README.md +74 -28
- data/bin/brakeman +60 -266
- data/lib/brakeman.rb +422 -0
- data/lib/brakeman/app_tree.rb +101 -0
- data/lib/brakeman/brakeman.rake +10 -0
- data/lib/brakeman/call_index.rb +215 -0
- data/lib/brakeman/checks.rb +180 -0
- data/lib/brakeman/checks/base_check.rb +538 -0
- data/lib/brakeman/checks/check_basic_auth.rb +89 -0
- data/lib/brakeman/checks/check_content_tag.rb +162 -0
- data/lib/brakeman/checks/check_cross_site_scripting.rb +334 -0
- data/lib/{checks → brakeman/checks}/check_default_routes.rb +13 -6
- data/lib/brakeman/checks/check_deserialize.rb +57 -0
- data/lib/brakeman/checks/check_digest_dos.rb +38 -0
- data/lib/brakeman/checks/check_escape_function.rb +21 -0
- data/lib/brakeman/checks/check_evaluation.rb +33 -0
- data/lib/brakeman/checks/check_execute.rb +98 -0
- data/lib/brakeman/checks/check_file_access.rb +62 -0
- data/lib/brakeman/checks/check_filter_skipping.rb +31 -0
- data/lib/brakeman/checks/check_forgery_setting.rb +54 -0
- data/lib/brakeman/checks/check_jruby_xml.rb +38 -0
- data/lib/brakeman/checks/check_json_parsing.rb +102 -0
- data/lib/brakeman/checks/check_link_to.rb +132 -0
- data/lib/brakeman/checks/check_link_to_href.rb +92 -0
- data/lib/{checks → brakeman/checks}/check_mail_to.rb +14 -13
- data/lib/brakeman/checks/check_mass_assignment.rb +143 -0
- data/lib/brakeman/checks/check_model_attr_accessible.rb +48 -0
- data/lib/brakeman/checks/check_model_attributes.rb +118 -0
- data/lib/brakeman/checks/check_model_serialize.rb +66 -0
- data/lib/{checks → brakeman/checks}/check_nested_attributes.rb +10 -6
- data/lib/brakeman/checks/check_quote_table_name.rb +40 -0
- data/lib/brakeman/checks/check_redirect.rb +177 -0
- data/lib/brakeman/checks/check_render.rb +62 -0
- data/lib/brakeman/checks/check_response_splitting.rb +21 -0
- data/lib/brakeman/checks/check_safe_buffer_manipulation.rb +31 -0
- data/lib/brakeman/checks/check_sanitize_methods.rb +54 -0
- data/lib/brakeman/checks/check_select_tag.rb +60 -0
- data/lib/brakeman/checks/check_select_vulnerability.rb +58 -0
- data/lib/brakeman/checks/check_send.rb +35 -0
- data/lib/brakeman/checks/check_send_file.rb +19 -0
- data/lib/brakeman/checks/check_session_settings.rb +145 -0
- data/lib/brakeman/checks/check_single_quotes.rb +101 -0
- data/lib/brakeman/checks/check_skip_before_filter.rb +62 -0
- data/lib/brakeman/checks/check_sql.rb +577 -0
- data/lib/brakeman/checks/check_strip_tags.rb +64 -0
- data/lib/brakeman/checks/check_symbol_dos.rb +67 -0
- data/lib/brakeman/checks/check_translate_bug.rb +45 -0
- data/lib/brakeman/checks/check_unsafe_reflection.rb +51 -0
- data/lib/brakeman/checks/check_validation_regex.rb +88 -0
- data/lib/brakeman/checks/check_without_protection.rb +64 -0
- data/lib/brakeman/checks/check_yaml_parsing.rb +121 -0
- data/lib/brakeman/differ.rb +66 -0
- data/lib/{format → brakeman/format}/style.css +28 -0
- data/lib/brakeman/options.rb +256 -0
- data/lib/brakeman/parsers/rails2_erubis.rb +6 -0
- data/lib/brakeman/parsers/rails2_xss_plugin_erubis.rb +48 -0
- data/lib/{scanner_erubis.rb → brakeman/parsers/rails3_erubis.rb} +8 -21
- data/lib/brakeman/processor.rb +102 -0
- data/lib/brakeman/processors/alias_processor.rb +780 -0
- data/lib/{processors → brakeman/processors}/base_processor.rb +90 -74
- data/lib/brakeman/processors/config_processor.rb +14 -0
- data/lib/brakeman/processors/controller_alias_processor.rb +334 -0
- data/lib/brakeman/processors/controller_processor.rb +265 -0
- data/lib/{processors → brakeman/processors}/erb_template_processor.rb +21 -19
- data/lib/brakeman/processors/erubis_template_processor.rb +96 -0
- data/lib/brakeman/processors/gem_processor.rb +59 -0
- data/lib/{processors → brakeman/processors}/haml_template_processor.rb +26 -21
- data/lib/brakeman/processors/lib/find_all_calls.rb +185 -0
- data/lib/{processors → brakeman/processors}/lib/find_call.rb +23 -28
- data/lib/brakeman/processors/lib/find_return_value.rb +134 -0
- data/lib/brakeman/processors/lib/processor_helper.rb +82 -0
- data/lib/{processors/config_processor.rb → brakeman/processors/lib/rails2_config_processor.rb} +32 -35
- data/lib/{processors → brakeman/processors}/lib/rails2_route_processor.rb +60 -52
- data/lib/brakeman/processors/lib/rails3_config_processor.rb +129 -0
- data/lib/brakeman/processors/lib/rails3_route_processor.rb +282 -0
- data/lib/{processors → brakeman/processors}/lib/render_helper.rb +54 -20
- data/lib/brakeman/processors/lib/route_helper.rb +62 -0
- data/lib/{processors → brakeman/processors}/library_processor.rb +24 -17
- data/lib/{processors → brakeman/processors}/model_processor.rb +46 -22
- data/lib/{processors → brakeman/processors}/output_processor.rb +34 -40
- data/lib/brakeman/processors/route_processor.rb +17 -0
- data/lib/brakeman/processors/slim_template_processor.rb +113 -0
- data/lib/brakeman/processors/template_alias_processor.rb +120 -0
- data/lib/{processors → brakeman/processors}/template_processor.rb +10 -7
- data/lib/brakeman/report.rb +68 -0
- data/lib/brakeman/report/ignore/config.rb +130 -0
- data/lib/brakeman/report/ignore/interactive.rb +311 -0
- data/lib/brakeman/report/initializers/faster_csv.rb +7 -0
- data/lib/brakeman/report/initializers/multi_json.rb +29 -0
- data/lib/brakeman/report/renderer.rb +24 -0
- data/lib/brakeman/report/report_base.rb +279 -0
- data/lib/brakeman/report/report_csv.rb +56 -0
- data/lib/brakeman/report/report_hash.rb +22 -0
- data/lib/brakeman/report/report_html.rb +203 -0
- data/lib/brakeman/report/report_json.rb +46 -0
- data/lib/brakeman/report/report_table.rb +109 -0
- data/lib/brakeman/report/report_tabs.rb +17 -0
- data/lib/brakeman/report/templates/controller_overview.html.erb +18 -0
- data/lib/brakeman/report/templates/controller_warnings.html.erb +17 -0
- data/lib/brakeman/report/templates/error_overview.html.erb +25 -0
- data/lib/brakeman/report/templates/header.html.erb +44 -0
- data/lib/brakeman/report/templates/ignored_warnings.html.erb +21 -0
- data/lib/brakeman/report/templates/model_warnings.html.erb +17 -0
- data/lib/brakeman/report/templates/overview.html.erb +34 -0
- data/lib/brakeman/report/templates/security_warnings.html.erb +19 -0
- data/lib/brakeman/report/templates/template_overview.html.erb +17 -0
- data/lib/brakeman/report/templates/view_warnings.html.erb +30 -0
- data/lib/brakeman/report/templates/warning_overview.html.erb +13 -0
- data/lib/brakeman/rescanner.rb +446 -0
- data/lib/brakeman/scanner.rb +362 -0
- data/lib/brakeman/tracker.rb +296 -0
- data/lib/brakeman/util.rb +413 -0
- data/lib/brakeman/version.rb +3 -0
- data/lib/brakeman/warning.rb +217 -0
- data/lib/brakeman/warning_codes.rb +68 -0
- data/lib/ruby_parser/bm_sexp.rb +562 -0
- data/lib/ruby_parser/bm_sexp_processor.rb +230 -0
- metadata +152 -66
- data/lib/checks.rb +0 -71
- data/lib/checks/base_check.rb +0 -357
- data/lib/checks/check_cross_site_scripting.rb +0 -336
- data/lib/checks/check_evaluation.rb +0 -27
- data/lib/checks/check_execute.rb +0 -110
- data/lib/checks/check_file_access.rb +0 -46
- data/lib/checks/check_forgery_setting.rb +0 -42
- data/lib/checks/check_mass_assignment.rb +0 -74
- data/lib/checks/check_model_attributes.rb +0 -36
- data/lib/checks/check_redirect.rb +0 -98
- data/lib/checks/check_render.rb +0 -65
- data/lib/checks/check_send_file.rb +0 -15
- data/lib/checks/check_session_settings.rb +0 -79
- data/lib/checks/check_sql.rb +0 -146
- data/lib/checks/check_validation_regex.rb +0 -60
- data/lib/processor.rb +0 -86
- data/lib/processors/alias_processor.rb +0 -384
- data/lib/processors/controller_alias_processor.rb +0 -237
- data/lib/processors/controller_processor.rb +0 -202
- data/lib/processors/erubis_template_processor.rb +0 -85
- data/lib/processors/lib/find_model_call.rb +0 -39
- data/lib/processors/lib/processor_helper.rb +0 -36
- data/lib/processors/lib/rails3_route_processor.rb +0 -184
- data/lib/processors/lib/route_helper.rb +0 -34
- data/lib/processors/params_processor.rb +0 -77
- data/lib/processors/route_processor.rb +0 -11
- data/lib/processors/template_alias_processor.rb +0 -86
- data/lib/report.rb +0 -680
- data/lib/scanner.rb +0 -227
- data/lib/tracker.rb +0 -144
- data/lib/util.rb +0 -141
- data/lib/version.rb +0 -1
- data/lib/warning.rb +0 -99
data/README.md
CHANGED
@@ -1,8 +1,27 @@
|
|
1
|
+
![Brakeman Logo](http://brakemanscanner.org/images/logo_medium.png)
|
2
|
+
|
3
|
+
[![Travis CI
|
4
|
+
Status](https://secure.travis-ci.org/presidentbeef/brakeman.png)](https://travis-ci.org/presidentbeef/brakeman)
|
5
|
+
[![Code
|
6
|
+
Climate](https://codeclimate.com/github/presidentbeef/brakeman.png)](https://codeclimate.com/github/presidentbeef/brakeman)
|
7
|
+
|
1
8
|
# Brakeman
|
2
9
|
|
3
10
|
Brakeman is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities.
|
4
11
|
|
5
|
-
It
|
12
|
+
It works with Rails 2.x, 3.x, and 4.x.
|
13
|
+
|
14
|
+
There is also a [plugin available](http://brakemanscanner.org/docs/jenkins/) for Jenkins/Hudson.
|
15
|
+
|
16
|
+
For even more continuous testing, try the [Guard plugin](https://github.com/oreoshake/guard-brakeman).
|
17
|
+
|
18
|
+
# Homepage/News
|
19
|
+
|
20
|
+
Website: http://brakemanscanner.org/
|
21
|
+
|
22
|
+
Twitter: http://twitter.com/brakeman
|
23
|
+
|
24
|
+
Mailing list: brakeman@librelist.com
|
6
25
|
|
7
26
|
# Installation
|
8
27
|
|
@@ -10,6 +29,12 @@ Using RubyGems:
|
|
10
29
|
|
11
30
|
gem install brakeman
|
12
31
|
|
32
|
+
Using Bundler, add to development group in Gemfile:
|
33
|
+
|
34
|
+
group :development do
|
35
|
+
gem 'brakeman', :require => false
|
36
|
+
end
|
37
|
+
|
13
38
|
From source:
|
14
39
|
|
15
40
|
gem build brakeman.gemspec
|
@@ -19,7 +44,7 @@ From source:
|
|
19
44
|
|
20
45
|
brakeman [app_path]
|
21
46
|
|
22
|
-
It is simplest to run
|
47
|
+
It is simplest to run Brakeman from the root directory of the Rails application. A path may also be supplied.
|
23
48
|
|
24
49
|
# Options
|
25
50
|
|
@@ -27,7 +52,11 @@ To specify an output file for the results:
|
|
27
52
|
|
28
53
|
brakeman -o output_file
|
29
54
|
|
30
|
-
The output format is determined by the file extension or by using the `-f` option. Current options are: `text`, `html`, `
|
55
|
+
The output format is determined by the file extension or by using the `-f` option. Current options are: `text`, `html`, `tabs`, `json` and `csv`.
|
56
|
+
|
57
|
+
Multiple output files can be specified:
|
58
|
+
|
59
|
+
brakeman -o output.html -o output.json
|
31
60
|
|
32
61
|
To suppress informational warnings and just output the report:
|
33
62
|
|
@@ -61,9 +90,48 @@ To only raise warnings only when untrusted data is being directly used:
|
|
61
90
|
|
62
91
|
brakeman -r
|
63
92
|
|
93
|
+
By default, each check will be run in a separate thread. To disable this behavior:
|
94
|
+
|
95
|
+
brakeman -n
|
96
|
+
|
97
|
+
Normally Brakeman will parse `routes.rb` and attempt to infer which controller methods are used as actions. However, this is not perfect (especially for Rails 3). To ignore the automatically inferred routes and assume all methods are actions:
|
98
|
+
|
99
|
+
brakeman -a
|
100
|
+
|
101
|
+
Note that this will be enabled automatically if Brakeman runs into an error while parsing the routes.
|
102
|
+
|
103
|
+
If Brakeman is running a bit slow, try
|
104
|
+
|
105
|
+
brakeman --faster
|
106
|
+
|
107
|
+
This will disable some features, but will probably be much faster (currently it is the same as `--skip-libs --no-branching`). *WARNING*: This may cause Brakeman to miss some vulnerabilities.
|
108
|
+
|
109
|
+
By default, Brakeman will return 0 as an exit code unless something went very wrong. To return an error code when warnings were found:
|
110
|
+
|
111
|
+
brakeman -z
|
112
|
+
|
113
|
+
To skip certain files that Brakeman may have trouble parsing, use:
|
114
|
+
|
115
|
+
brakeman --skip-files file1,file2,etc
|
116
|
+
|
117
|
+
Brakeman will raise warnings on models that use `attr_protected`. To suppress these warnings:
|
118
|
+
|
119
|
+
brakeman --ignore-protected
|
120
|
+
|
121
|
+
To compare results of a scan with a previous scan, use the JSON output option and then:
|
122
|
+
|
123
|
+
brakeman --compare old_report.json
|
124
|
+
|
125
|
+
This will output JSON with two lists: one of fixed warnings and one of new warnings.
|
126
|
+
|
127
|
+
Brakeman will ignore warnings if configured to do so. By default, it looks for a configuration file in `config/brakeman.ignore`.
|
128
|
+
To create and manage this file, use:
|
129
|
+
|
130
|
+
brakeman -I
|
131
|
+
|
64
132
|
# Warning information
|
65
133
|
|
66
|
-
See
|
134
|
+
See WARNING\_TYPES for more information on the warnings reported by this tool.
|
67
135
|
|
68
136
|
# Warning context
|
69
137
|
|
@@ -91,30 +159,8 @@ Brakeman options can stored and read from YAML files. To simplify the process of
|
|
91
159
|
|
92
160
|
Options passed in on the commandline have priority over configuration files.
|
93
161
|
|
94
|
-
The default config locations are `./config.
|
162
|
+
The default config locations are `./config/brakeman.yml`, `~/.brakeman/config.yml`, and `/etc/brakeman/config.yml`
|
95
163
|
|
96
164
|
The `-c` option can be used to specify a configuration file to use.
|
97
165
|
|
98
|
-
# License
|
99
|
-
|
100
|
-
The MIT License
|
101
|
-
|
102
|
-
Copyright (c) 2010, YELLOWPAGES.COM, LLC
|
103
|
-
|
104
|
-
Permission is hereby granted, free of charge, to any person obtaining a copy
|
105
|
-
of this software and associated documentation files (the "Software"), to deal
|
106
|
-
in the Software without restriction, including without limitation the rights
|
107
|
-
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
108
|
-
copies of the Software, and to permit persons to whom the Software is
|
109
|
-
furnished to do so, subject to the following conditions:
|
110
|
-
|
111
|
-
The above copyright notice and this permission notice shall be included in
|
112
|
-
all copies or substantial portions of the Software.
|
113
|
-
|
114
|
-
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
115
|
-
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
116
|
-
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
117
|
-
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
118
|
-
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
119
|
-
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
120
|
-
THE SOFTWARE.
|
166
|
+
# License see MIT-LICENSE
|
data/bin/brakeman
CHANGED
@@ -1,294 +1,88 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
|
-
|
3
|
-
require 'set'
|
4
|
-
require 'yaml'
|
5
|
-
|
2
|
+
#Adjust path in case called directly and not through gem
|
6
3
|
$:.unshift "#{File.expand_path(File.dirname(__FILE__))}/../lib"
|
7
4
|
|
8
|
-
require '
|
5
|
+
require 'brakeman'
|
6
|
+
require 'brakeman/options'
|
7
|
+
require 'brakeman/version'
|
9
8
|
|
10
|
-
|
11
|
-
|
12
|
-
|
9
|
+
#Parse options
|
10
|
+
begin
|
11
|
+
options, parser = Brakeman::Options.parse! ARGV
|
12
|
+
rescue OptionParser::ParseError => e
|
13
|
+
$stderr.puts e.message.capitalize
|
14
|
+
$stderr.puts "Please see `brakeman --help` for valid options"
|
15
|
+
exit -1
|
13
16
|
end
|
14
17
|
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
18
|
+
#Exit early for these options
|
19
|
+
if options[:list_checks]
|
20
|
+
Brakeman.list_checks
|
21
|
+
exit
|
22
|
+
elsif options[:create_config]
|
23
|
+
Brakeman.dump_config options
|
24
|
+
exit
|
25
|
+
elsif options[:show_help]
|
26
|
+
puts parser
|
27
|
+
exit
|
28
|
+
elsif options[:show_version]
|
29
|
+
puts "brakeman #{Brakeman::Version}"
|
30
|
+
exit
|
31
|
+
elsif options[:install_rake_task]
|
32
|
+
Brakeman.install_rake_task
|
20
33
|
exit
|
21
34
|
end
|
22
35
|
|
23
|
-
#
|
24
|
-
options
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
opts.on "-p", "--path PATH", "Specify path to Rails application" do |path|
|
30
|
-
options[:app_path] = File.expand_path path
|
31
|
-
end
|
32
|
-
|
33
|
-
opts.on "-q", "--quiet", "Suppress informational messages" do
|
34
|
-
options[:quiet] = true
|
35
|
-
$VERBOSE = nil
|
36
|
-
end
|
37
|
-
|
38
|
-
opts.separator ""
|
39
|
-
opts.separator "Scanning options:"
|
40
|
-
|
41
|
-
opts.on "--ignore-model-output", "Consider model attributes XSS-safe" do
|
42
|
-
options[:ignore_model_output] = true
|
36
|
+
#Set application path according to the commandline arguments
|
37
|
+
unless options[:app_path]
|
38
|
+
if ARGV[-1].nil?
|
39
|
+
options[:app_path] = File.expand_path "."
|
40
|
+
else
|
41
|
+
options[:app_path] = File.expand_path ARGV[-1]
|
43
42
|
end
|
43
|
+
end
|
44
44
|
|
45
|
-
|
46
|
-
|
47
|
-
end
|
45
|
+
trap("INT") do
|
46
|
+
$stderr.puts "\nInterrupted - exiting."
|
48
47
|
|
49
|
-
|
50
|
-
|
48
|
+
if options[:debug]
|
49
|
+
$stderr.puts caller
|
51
50
|
end
|
52
51
|
|
53
|
-
|
54
|
-
|
55
|
-
options[:safe_methods].merge methods.map {|e| e.to_sym }
|
56
|
-
end
|
52
|
+
exit!
|
53
|
+
end
|
57
54
|
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
checks[index] = "Check" << s
|
62
|
-
end
|
63
|
-
end
|
55
|
+
if options[:quiet].nil?
|
56
|
+
options[:quiet] = :command_line
|
57
|
+
end
|
64
58
|
|
65
|
-
|
66
|
-
|
67
|
-
|
59
|
+
begin
|
60
|
+
if options[:previous_results_json]
|
61
|
+
vulns = Brakeman.compare options.merge(:quiet => options[:quiet])
|
68
62
|
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
s = "Check" << s
|
63
|
+
if options[:comparison_output_file]
|
64
|
+
File.open options[:comparison_output_file], "w" do |f|
|
65
|
+
f.puts MultiJson.dump(vulns, :pretty => true)
|
73
66
|
end
|
74
67
|
|
75
|
-
options[:
|
76
|
-
options[:skip_checks] << s
|
77
|
-
end
|
78
|
-
end
|
79
|
-
|
80
|
-
opts.separator ""
|
81
|
-
opts.separator "Output options:"
|
82
|
-
|
83
|
-
opts.on "-d", "--debug", "Lots of output" do
|
84
|
-
options[:debug] = true
|
85
|
-
end
|
86
|
-
|
87
|
-
opts.on "-f",
|
88
|
-
"--format TYPE",
|
89
|
-
[:pdf, :text, :html, :csv, :tabs],
|
90
|
-
"Specify output format. Default is tabs" do |type|
|
91
|
-
|
92
|
-
type = "s" if type == :text
|
93
|
-
options[:output_format] = ("to_" << type.to_s).to_sym
|
94
|
-
end
|
95
|
-
|
96
|
-
opts.on "-l", "--[no]-combine-locations", "Combine warning locations (Default)" do |combine|
|
97
|
-
options[:combine_locations] = combine
|
98
|
-
end
|
99
|
-
|
100
|
-
opts.on "-m", "--routes", "Report controller information" do
|
101
|
-
options[:report_routes] = true
|
102
|
-
end
|
103
|
-
|
104
|
-
opts.on "--message-limit LENGTH", "Limit message length in HTML report" do |limit|
|
105
|
-
options[:message_limit] = limit.to_i
|
106
|
-
end
|
107
|
-
|
108
|
-
opts.on "-o", "--output FILE", "Specify file for output. Defaults to stdout" do |file|
|
109
|
-
options[:output_file] = file
|
110
|
-
end
|
111
|
-
|
112
|
-
opts.on "-w",
|
113
|
-
"--confidence-level LEVEL",
|
114
|
-
["1", "2", "3"],
|
115
|
-
"Set minimal confidence level (1 - 3). Default: 1" do |level|
|
116
|
-
|
117
|
-
options[:min_confidence] = 3 - level.to_i
|
118
|
-
end
|
119
|
-
|
120
|
-
opts.separator ""
|
121
|
-
opts.separator "Configuration files:"
|
122
|
-
|
123
|
-
opts.on "-c", "--config-file FILE", "Use specified configuration file" do |file|
|
124
|
-
options[:config_file] = File.expand_path(file)
|
125
|
-
end
|
126
|
-
|
127
|
-
opts.on "-C", "--create-config [FILE]", "Output configuration file based on options" do |file|
|
128
|
-
if file
|
129
|
-
options[:create_config] = file
|
68
|
+
Brakeman.notify "Comparison saved in '#{options[:comparison_output_file]}'"
|
130
69
|
else
|
131
|
-
|
70
|
+
puts MultiJson.dump(vulns, :pretty => true)
|
132
71
|
end
|
133
|
-
end
|
134
|
-
|
135
|
-
opts.separator ""
|
136
|
-
|
137
|
-
opts.on "-k", "--checks", "List all available vulnerability checks" do
|
138
|
-
options[:list_checks] = true
|
139
|
-
end
|
140
|
-
|
141
|
-
opts.on_tail "-h", "--help", "Display this message" do
|
142
|
-
puts opts
|
143
|
-
exit
|
144
|
-
end
|
145
|
-
end.parse!(ARGV)
|
146
72
|
|
147
|
-
|
148
|
-
|
149
|
-
File.expand_path("./config.yaml"),
|
150
|
-
File.expand_path("~/.brakeman/config.yaml"),
|
151
|
-
File.expand_path("/etc/brakeman/config.yaml"),
|
152
|
-
"#{File.expand_path(File.dirname(__FILE__))}/../lib/config.yaml"].each do |f|
|
153
|
-
|
154
|
-
if File.exist? f and not File.directory? f
|
155
|
-
warn "[Notice] Using configuration in #{f}" unless options[:quiet]
|
156
|
-
OPTIONS = YAML.load_file f
|
157
|
-
OPTIONS.merge! options
|
158
|
-
OPTIONS.each do |k,v|
|
159
|
-
if v.is_a? Array
|
160
|
-
OPTIONS[k] = Set.new v
|
161
|
-
end
|
73
|
+
if options[:exit_on_warn] and (vulns[:new].count + vulns[:fixed].count > 0)
|
74
|
+
exit Brakeman::Warnings_Found_Exit_Code
|
162
75
|
end
|
163
|
-
break
|
164
|
-
end
|
165
|
-
end
|
166
|
-
|
167
|
-
OPTIONS = options unless defined? OPTIONS
|
168
|
-
|
169
|
-
#List available checks and exits
|
170
|
-
list_checks if OPTIONS[:list_checks]
|
171
|
-
|
172
|
-
#Set defaults just in case
|
173
|
-
{ :skip_checks => Set.new,
|
174
|
-
:check_arguments => true,
|
175
|
-
:safe_methods => Set.new,
|
176
|
-
:min_confidence => 2,
|
177
|
-
:combine_locations => true,
|
178
|
-
:collapse_mass_assignment => true,
|
179
|
-
:ignore_redirect_to_model => true,
|
180
|
-
:ignore_model_output => false,
|
181
|
-
:message_limit => 100,
|
182
|
-
:html_style => "#{File.expand_path(File.dirname(__FILE__))}/../lib/format/style.css"
|
183
|
-
}.each do |k,v|
|
184
|
-
OPTIONS[k] = v if OPTIONS[k].nil?
|
185
|
-
end
|
186
|
-
|
187
|
-
|
188
|
-
#Set output format
|
189
|
-
if OPTIONS[:output_format]
|
190
|
-
case OPTIONS[:output_format]
|
191
|
-
when :html, :to_html
|
192
|
-
OPTIONS[:output_format] = :to_html
|
193
|
-
when :csv, :to_csv
|
194
|
-
OPTIONS[:output_format] = :to_csv
|
195
|
-
when :pdf, :to_pdf
|
196
|
-
OPTIONS[:output_format] = :to_pdf
|
197
|
-
when :tabs, :to_tabs
|
198
|
-
OPTIONS[:output_format] = :to_tabs
|
199
|
-
when OPTIONS[:output_format] = :to_s
|
200
|
-
OPTIONS[:output_format] = :to_s
|
201
|
-
else
|
202
|
-
OPTIONS[:output_format] = :to_tabs
|
203
|
-
end
|
204
|
-
else
|
205
|
-
case OPTIONS[:output_file]
|
206
|
-
when /\.html$/i
|
207
|
-
OPTIONS[:output_format] = :to_html
|
208
|
-
when /\.csv$/i
|
209
|
-
OPTIONS[:output_format] = :to_csv
|
210
|
-
when /\.pdf$/i
|
211
|
-
OPTIONS[:output_format] = :to_pdf
|
212
|
-
when /\.tabs$/i
|
213
|
-
OPTIONS[:output_format] = :to_tabs
|
214
|
-
when /\.text$/i
|
215
|
-
OPTIONS[:output_format] = :to_s
|
216
|
-
else
|
217
|
-
OPTIONS[:output_format] = :to_tabs
|
218
|
-
end
|
219
|
-
end
|
220
|
-
|
221
|
-
#Output configuration if requested
|
222
|
-
if OPTIONS[:create_config]
|
223
|
-
|
224
|
-
if OPTIONS[:create_config].is_a? String
|
225
|
-
file = OPTIONS[:create_config]
|
226
76
|
else
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
OPTIONS.delete :create_config
|
77
|
+
#Run scan and output a report
|
78
|
+
tracker = Brakeman.run options.merge(:print_report => true, :quiet => options[:quiet])
|
231
79
|
|
232
|
-
|
233
|
-
if
|
234
|
-
|
80
|
+
#Return error code if --exit-on-warn is used and warnings were found
|
81
|
+
if options[:exit_on_warn] and not tracker.warnings.empty?
|
82
|
+
exit Brakeman::Warnings_Found_Exit_Code
|
235
83
|
end
|
236
84
|
end
|
237
|
-
|
238
|
-
|
239
|
-
|
240
|
-
YAML.dump OPTIONS, f
|
241
|
-
end
|
242
|
-
puts "Output configuration to #{file}"
|
243
|
-
else
|
244
|
-
puts YAML.dump(OPTIONS)
|
245
|
-
end
|
246
|
-
exit
|
247
|
-
end
|
248
|
-
|
249
|
-
|
250
|
-
#Check application path
|
251
|
-
unless OPTIONS[:app_path]
|
252
|
-
if ARGV[-1].nil?
|
253
|
-
OPTIONS[:app_path] = File.expand_path "."
|
254
|
-
else
|
255
|
-
OPTIONS[:app_path] = File.expand_path ARGV[-1]
|
256
|
-
end
|
257
|
-
end
|
258
|
-
|
259
|
-
app_path = OPTIONS[:app_path]
|
260
|
-
|
261
|
-
abort("Please supply the path to a Rails application.") unless app_path and File.exist? app_path + "/app"
|
262
|
-
|
263
|
-
warn "[Notice] Using Ruby #{RUBY_VERSION}. Please make sure this matches the one used to run your Rails application."
|
264
|
-
|
265
|
-
if File.exist? app_path + "/script/rails"
|
266
|
-
OPTIONS[:rails3] = true
|
267
|
-
warn "[Notice] Detected Rails 3 application. Enabling experimental Rails 3 support."
|
268
|
-
end
|
269
|
-
|
270
|
-
#Load scanner
|
271
|
-
begin
|
272
|
-
require 'scanner'
|
273
|
-
rescue LoadError
|
274
|
-
abort "Cannot find lib/ directory."
|
275
|
-
end
|
276
|
-
|
277
|
-
#Start scanning
|
278
|
-
scanner = Scanner.new app_path
|
279
|
-
|
280
|
-
warn "Processing application in #{app_path}"
|
281
|
-
tracker = scanner.process
|
282
|
-
|
283
|
-
warn "Running checks..."
|
284
|
-
tracker.run_checks
|
285
|
-
|
286
|
-
warn "Generating report..."
|
287
|
-
if OPTIONS[:output_file]
|
288
|
-
File.open OPTIONS[:output_file], "w" do |f|
|
289
|
-
f.puts tracker.report.send(OPTIONS[:output_format])
|
290
|
-
end
|
291
|
-
warn "Report saved in '#{OPTIONS[:output_file]}'"
|
292
|
-
else
|
293
|
-
puts tracker.report.send(OPTIONS[:output_format])
|
85
|
+
rescue Brakeman::NoApplication => e
|
86
|
+
$stderr.puts e.message
|
87
|
+
exit 1
|
294
88
|
end
|