codesake-dawn 0.50
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +18 -0
- data/.rvmrc +48 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +22 -0
- data/README.md +54 -0
- data/Rakefile +64 -0
- data/Roadmap.md +44 -0
- data/bin/dawn +106 -0
- data/codesake_dawn.gemspec +25 -0
- data/lib/codesake-dawn.rb +7 -0
- data/lib/codesake/dawn/engine.rb +144 -0
- data/lib/codesake/dawn/kb/basic_check.rb +93 -0
- data/lib/codesake/dawn/kb/cve_2011_2931.rb +32 -0
- data/lib/codesake/dawn/kb/cve_2012_2660.rb +30 -0
- data/lib/codesake/dawn/kb/cve_2012_2661.rb +29 -0
- data/lib/codesake/dawn/kb/cve_2012_2694.rb +31 -0
- data/lib/codesake/dawn/kb/cve_2012_2695.rb +29 -0
- data/lib/codesake/dawn/kb/cve_2012_3465.rb +28 -0
- data/lib/codesake/dawn/kb/cve_2012_6496.rb +30 -0
- data/lib/codesake/dawn/kb/cve_2012_6497.rb +30 -0
- data/lib/codesake/dawn/kb/cve_2013_0155.rb +30 -0
- data/lib/codesake/dawn/kb/cve_2013_0269.rb +29 -0
- data/lib/codesake/dawn/kb/cve_2013_0333.rb +33 -0
- data/lib/codesake/dawn/kb/cve_2013_1800.rb +28 -0
- data/lib/codesake/dawn/kb/cve_2013_1855.rb +20 -0
- data/lib/codesake/dawn/kb/cve_2013_1857.rb +22 -0
- data/lib/codesake/dawn/kb/dependency_check.rb +39 -0
- data/lib/codesake/dawn/kb/not_revised_code.rb +24 -0
- data/lib/codesake/dawn/kb/pattern_match_check.rb +60 -0
- data/lib/codesake/dawn/knowledge_base.rb +105 -0
- data/lib/codesake/dawn/rails.rb +17 -0
- data/lib/codesake/dawn/sinatra.rb +14 -0
- data/lib/codesake/dawn/version.rb +5 -0
- data/spec/lib/dawn/codesake_knowledgebase_spec.rb +100 -0
- data/spec/lib/dawn/codesake_sinatra_engine_spec.rb +80 -0
- data/spec/lib/kb/codesake_cve_2013_1800_spec.rb +66 -0
- data/spec/lib/kb/codesake_cve_2013_1855_spec.rb +16 -0
- data/spec/lib/kb/cve_2011_2931_spec.rb +7 -0
- data/spec/lib/kb/cve_2012_2660_spec.rb +9 -0
- data/spec/lib/kb/cve_2012_2661_spec.rb +7 -0
- data/spec/lib/kb/cve_2012_2694_spec.rb +7 -0
- data/spec/lib/kb/cve_2012_2695_spec.rb +7 -0
- data/spec/lib/kb/cve_2012_3465_spec.rb +7 -0
- data/spec/lib/kb/cve_2012_6496_spec.rb +7 -0
- data/spec/lib/kb/cve_2012_6497_spec.rb +7 -0
- data/spec/lib/kb/cve_2013_0155_spec.rb +7 -0
- data/spec/lib/kb/cve_2013_0269_spec.rb +7 -0
- data/spec/lib/kb/cve_2013_0333_spec.rb +7 -0
- data/spec/lib/kb/cve_2013_1857_spec.rb +13 -0
- data/spec/spec_helper.rb +1 -0
- data/spec/support/hello_world_3.0.19/.gitignore +4 -0
- data/spec/support/hello_world_3.0.19/Gemfile +31 -0
- data/spec/support/hello_world_3.0.19/README +256 -0
- data/spec/support/hello_world_3.0.19/Rakefile +7 -0
- data/spec/support/hello_world_3.0.19/app/controllers/application_controller.rb +3 -0
- data/spec/support/hello_world_3.0.19/app/helpers/application_helper.rb +2 -0
- data/spec/support/hello_world_3.0.19/app/views/layouts/application.html.erb +14 -0
- data/spec/support/hello_world_3.0.19/config.ru +4 -0
- data/spec/support/hello_world_3.0.19/config/application.rb +42 -0
- data/spec/support/hello_world_3.0.19/config/boot.rb +6 -0
- data/spec/support/hello_world_3.0.19/config/database.yml +22 -0
- data/spec/support/hello_world_3.0.19/config/environment.rb +5 -0
- data/spec/support/hello_world_3.0.19/config/environments/development.rb +26 -0
- data/spec/support/hello_world_3.0.19/config/environments/production.rb +49 -0
- data/spec/support/hello_world_3.0.19/config/environments/test.rb +35 -0
- data/spec/support/hello_world_3.0.19/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/support/hello_world_3.0.19/config/initializers/inflections.rb +10 -0
- data/spec/support/hello_world_3.0.19/config/initializers/mime_types.rb +5 -0
- data/spec/support/hello_world_3.0.19/config/initializers/secret_token.rb +7 -0
- data/spec/support/hello_world_3.0.19/config/initializers/session_store.rb +8 -0
- data/spec/support/hello_world_3.0.19/config/locales/en.yml +5 -0
- data/spec/support/hello_world_3.0.19/config/routes.rb +58 -0
- data/spec/support/hello_world_3.0.19/db/seeds.rb +7 -0
- data/spec/support/hello_world_3.0.19/lib/tasks/.gitkeep +0 -0
- data/spec/support/hello_world_3.0.19/public/404.html +26 -0
- data/spec/support/hello_world_3.0.19/public/422.html +26 -0
- data/spec/support/hello_world_3.0.19/public/500.html +26 -0
- data/spec/support/hello_world_3.0.19/public/favicon.ico +0 -0
- data/spec/support/hello_world_3.0.19/public/images/rails.png +0 -0
- data/spec/support/hello_world_3.0.19/public/index.html +239 -0
- data/spec/support/hello_world_3.0.19/public/javascripts/application.js +2 -0
- data/spec/support/hello_world_3.0.19/public/javascripts/controls.js +965 -0
- data/spec/support/hello_world_3.0.19/public/javascripts/dragdrop.js +974 -0
- data/spec/support/hello_world_3.0.19/public/javascripts/effects.js +1123 -0
- data/spec/support/hello_world_3.0.19/public/javascripts/prototype.js +6001 -0
- data/spec/support/hello_world_3.0.19/public/javascripts/rails.js +202 -0
- data/spec/support/hello_world_3.0.19/public/robots.txt +5 -0
- data/spec/support/hello_world_3.0.19/public/stylesheets/.gitkeep +0 -0
- data/spec/support/hello_world_3.0.19/script/rails +6 -0
- data/spec/support/hello_world_3.0.19/test/performance/browsing_test.rb +9 -0
- data/spec/support/hello_world_3.0.19/test/test_helper.rb +13 -0
- data/spec/support/hello_world_3.0.19/vendor/plugins/.gitkeep +0 -0
- data/spec/support/hello_world_3.1.0/.gitignore +5 -0
- data/spec/support/hello_world_3.1.0/Gemfile +33 -0
- data/spec/support/hello_world_3.1.0/README +261 -0
- data/spec/support/hello_world_3.1.0/Rakefile +7 -0
- data/spec/support/hello_world_3.1.0/app/assets/images/rails.png +0 -0
- data/spec/support/hello_world_3.1.0/app/assets/javascripts/application.js +9 -0
- data/spec/support/hello_world_3.1.0/app/assets/stylesheets/application.css +7 -0
- data/spec/support/hello_world_3.1.0/app/controllers/application_controller.rb +3 -0
- data/spec/support/hello_world_3.1.0/app/helpers/application_helper.rb +2 -0
- data/spec/support/hello_world_3.1.0/app/mailers/.gitkeep +0 -0
- data/spec/support/hello_world_3.1.0/app/models/.gitkeep +0 -0
- data/spec/support/hello_world_3.1.0/app/views/layouts/application.html.erb +14 -0
- data/spec/support/hello_world_3.1.0/config.ru +4 -0
- data/spec/support/hello_world_3.1.0/config/application.rb +48 -0
- data/spec/support/hello_world_3.1.0/config/boot.rb +6 -0
- data/spec/support/hello_world_3.1.0/config/database.yml +25 -0
- data/spec/support/hello_world_3.1.0/config/environment.rb +5 -0
- data/spec/support/hello_world_3.1.0/config/environments/development.rb +30 -0
- data/spec/support/hello_world_3.1.0/config/environments/production.rb +60 -0
- data/spec/support/hello_world_3.1.0/config/environments/test.rb +42 -0
- data/spec/support/hello_world_3.1.0/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/support/hello_world_3.1.0/config/initializers/inflections.rb +10 -0
- data/spec/support/hello_world_3.1.0/config/initializers/mime_types.rb +5 -0
- data/spec/support/hello_world_3.1.0/config/initializers/secret_token.rb +7 -0
- data/spec/support/hello_world_3.1.0/config/initializers/session_store.rb +8 -0
- data/spec/support/hello_world_3.1.0/config/initializers/wrap_parameters.rb +14 -0
- data/spec/support/hello_world_3.1.0/config/locales/en.yml +5 -0
- data/spec/support/hello_world_3.1.0/config/routes.rb +58 -0
- data/spec/support/hello_world_3.1.0/db/seeds.rb +7 -0
- data/spec/support/hello_world_3.1.0/lib/assets/.gitkeep +0 -0
- data/spec/support/hello_world_3.1.0/lib/tasks/.gitkeep +0 -0
- data/spec/support/hello_world_3.1.0/log/.gitkeep +0 -0
- data/spec/support/hello_world_3.1.0/public/404.html +26 -0
- data/spec/support/hello_world_3.1.0/public/422.html +26 -0
- data/spec/support/hello_world_3.1.0/public/500.html +26 -0
- data/spec/support/hello_world_3.1.0/public/favicon.ico +0 -0
- data/spec/support/hello_world_3.1.0/public/index.html +241 -0
- data/spec/support/hello_world_3.1.0/public/robots.txt +5 -0
- data/spec/support/hello_world_3.1.0/script/rails +6 -0
- data/spec/support/hello_world_3.1.0/test/fixtures/.gitkeep +0 -0
- data/spec/support/hello_world_3.1.0/test/functional/.gitkeep +0 -0
- data/spec/support/hello_world_3.1.0/test/integration/.gitkeep +0 -0
- data/spec/support/hello_world_3.1.0/test/performance/browsing_test.rb +12 -0
- data/spec/support/hello_world_3.1.0/test/test_helper.rb +13 -0
- data/spec/support/hello_world_3.1.0/test/unit/.gitkeep +0 -0
- data/spec/support/hello_world_3.1.0/vendor/assets/stylesheets/.gitkeep +0 -0
- data/spec/support/hello_world_3.1.0/vendor/plugins/.gitkeep +0 -0
- data/spec/support/hello_world_3.2.13/.gitignore +15 -0
- data/spec/support/hello_world_3.2.13/Gemfile +38 -0
- data/spec/support/hello_world_3.2.13/README.rdoc +261 -0
- data/spec/support/hello_world_3.2.13/Rakefile +7 -0
- data/spec/support/hello_world_3.2.13/app/assets/images/rails.png +0 -0
- data/spec/support/hello_world_3.2.13/app/assets/javascripts/application.js +15 -0
- data/spec/support/hello_world_3.2.13/app/assets/stylesheets/application.css +13 -0
- data/spec/support/hello_world_3.2.13/app/controllers/application_controller.rb +3 -0
- data/spec/support/hello_world_3.2.13/app/helpers/application_helper.rb +2 -0
- data/spec/support/hello_world_3.2.13/app/mailers/.gitkeep +0 -0
- data/spec/support/hello_world_3.2.13/app/models/.gitkeep +0 -0
- data/spec/support/hello_world_3.2.13/app/views/layouts/application.html.erb +14 -0
- data/spec/support/hello_world_3.2.13/config.ru +4 -0
- data/spec/support/hello_world_3.2.13/config/application.rb +62 -0
- data/spec/support/hello_world_3.2.13/config/boot.rb +6 -0
- data/spec/support/hello_world_3.2.13/config/database.yml +25 -0
- data/spec/support/hello_world_3.2.13/config/environment.rb +5 -0
- data/spec/support/hello_world_3.2.13/config/environments/development.rb +37 -0
- data/spec/support/hello_world_3.2.13/config/environments/production.rb +67 -0
- data/spec/support/hello_world_3.2.13/config/environments/test.rb +37 -0
- data/spec/support/hello_world_3.2.13/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/support/hello_world_3.2.13/config/initializers/inflections.rb +15 -0
- data/spec/support/hello_world_3.2.13/config/initializers/mime_types.rb +5 -0
- data/spec/support/hello_world_3.2.13/config/initializers/secret_token.rb +7 -0
- data/spec/support/hello_world_3.2.13/config/initializers/session_store.rb +8 -0
- data/spec/support/hello_world_3.2.13/config/initializers/wrap_parameters.rb +14 -0
- data/spec/support/hello_world_3.2.13/config/locales/en.yml +5 -0
- data/spec/support/hello_world_3.2.13/config/routes.rb +58 -0
- data/spec/support/hello_world_3.2.13/db/seeds.rb +7 -0
- data/spec/support/hello_world_3.2.13/lib/assets/.gitkeep +0 -0
- data/spec/support/hello_world_3.2.13/lib/tasks/.gitkeep +0 -0
- data/spec/support/hello_world_3.2.13/log/.gitkeep +0 -0
- data/spec/support/hello_world_3.2.13/public/404.html +26 -0
- data/spec/support/hello_world_3.2.13/public/422.html +26 -0
- data/spec/support/hello_world_3.2.13/public/500.html +25 -0
- data/spec/support/hello_world_3.2.13/public/favicon.ico +0 -0
- data/spec/support/hello_world_3.2.13/public/index.html +241 -0
- data/spec/support/hello_world_3.2.13/public/robots.txt +5 -0
- data/spec/support/hello_world_3.2.13/script/rails +6 -0
- data/spec/support/hello_world_3.2.13/test/fixtures/.gitkeep +0 -0
- data/spec/support/hello_world_3.2.13/test/functional/.gitkeep +0 -0
- data/spec/support/hello_world_3.2.13/test/integration/.gitkeep +0 -0
- data/spec/support/hello_world_3.2.13/test/performance/browsing_test.rb +12 -0
- data/spec/support/hello_world_3.2.13/test/test_helper.rb +13 -0
- data/spec/support/hello_world_3.2.13/test/unit/.gitkeep +0 -0
- data/spec/support/hello_world_3.2.13/vendor/assets/javascripts/.gitkeep +0 -0
- data/spec/support/hello_world_3.2.13/vendor/assets/stylesheets/.gitkeep +0 -0
- data/spec/support/hello_world_3.2.13/vendor/plugins/.gitkeep +0 -0
- data/spec/support/lorem.txt +23 -0
- data/spec/support/sinatra-safe/.gems +4 -0
- data/spec/support/sinatra-safe/.gitignore +6 -0
- data/spec/support/sinatra-safe/Gemfile +18 -0
- data/spec/support/sinatra-safe/MIT-LICENSE +20 -0
- data/spec/support/sinatra-safe/README.rdoc +35 -0
- data/spec/support/sinatra-safe/Rakefile +32 -0
- data/spec/support/sinatra-safe/application.rb +23 -0
- data/spec/support/sinatra-safe/config.ru +11 -0
- data/spec/support/sinatra-safe/environment.rb +25 -0
- data/spec/support/sinatra-safe/lib/profile.rb +11 -0
- data/spec/support/sinatra-safe/public/main.css +52 -0
- data/spec/support/sinatra-safe/script/console +16 -0
- data/spec/support/sinatra-safe/views/layout.haml +14 -0
- data/spec/support/sinatra-safe/views/root.haml +4 -0
- data/spec/support/sinatra-vulnerable/.gems +4 -0
- data/spec/support/sinatra-vulnerable/.gitignore +6 -0
- data/spec/support/sinatra-vulnerable/Gemfile +17 -0
- data/spec/support/sinatra-vulnerable/MIT-LICENSE +20 -0
- data/spec/support/sinatra-vulnerable/README.rdoc +35 -0
- data/spec/support/sinatra-vulnerable/Rakefile +32 -0
- data/spec/support/sinatra-vulnerable/application.rb +28 -0
- data/spec/support/sinatra-vulnerable/config.ru +11 -0
- data/spec/support/sinatra-vulnerable/environment.rb +25 -0
- data/spec/support/sinatra-vulnerable/lib/profile.rb +11 -0
- data/spec/support/sinatra-vulnerable/public/main.css +52 -0
- data/spec/support/sinatra-vulnerable/script/console +16 -0
- data/spec/support/sinatra-vulnerable/views/layout.haml +14 -0
- data/spec/support/sinatra-vulnerable/views/root.haml +4 -0
- metadata +519 -0
data/.gitignore
ADDED
data/.rvmrc
ADDED
@@ -0,0 +1,48 @@
|
|
1
|
+
#!/usr/bin/env bash
|
2
|
+
|
3
|
+
# This is an RVM Project .rvmrc file, used to automatically load the ruby
|
4
|
+
# development environment upon cd'ing into the directory
|
5
|
+
|
6
|
+
# First we specify our desired <ruby>[@<gemset>], the @gemset name is optional,
|
7
|
+
# Only full ruby name is supported here, for short names use:
|
8
|
+
# echo "rvm use 1.9.3" > .rvmrc
|
9
|
+
environment_id="ruby-1.9.3-p194@codesake"
|
10
|
+
|
11
|
+
# Uncomment the following lines if you want to verify rvm version per project
|
12
|
+
# rvmrc_rvm_version="1.16.10 (stable)" # 1.10.1 seams as a safe start
|
13
|
+
# eval "$(echo ${rvm_version}.${rvmrc_rvm_version} | awk -F. '{print "[[ "$1*65536+$2*256+$3" -ge "$4*65536+$5*256+$6" ]]"}' )" || {
|
14
|
+
# echo "This .rvmrc file requires at least RVM ${rvmrc_rvm_version}, aborting loading."
|
15
|
+
# return 1
|
16
|
+
# }
|
17
|
+
|
18
|
+
# First we attempt to load the desired environment directly from the environment
|
19
|
+
# file. This is very fast and efficient compared to running through the entire
|
20
|
+
# CLI and selector. If you want feedback on which environment was used then
|
21
|
+
# insert the word 'use' after --create as this triggers verbose mode.
|
22
|
+
if [[ -d "${rvm_path:-$HOME/.rvm}/environments"
|
23
|
+
&& -s "${rvm_path:-$HOME/.rvm}/environments/$environment_id" ]]
|
24
|
+
then
|
25
|
+
\. "${rvm_path:-$HOME/.rvm}/environments/$environment_id"
|
26
|
+
[[ -s "${rvm_path:-$HOME/.rvm}/hooks/after_use" ]] &&
|
27
|
+
\. "${rvm_path:-$HOME/.rvm}/hooks/after_use" || true
|
28
|
+
else
|
29
|
+
# If the environment file has not yet been created, use the RVM CLI to select.
|
30
|
+
rvm --create "$environment_id" || {
|
31
|
+
echo "Failed to create RVM environment '${environment_id}'."
|
32
|
+
return 1
|
33
|
+
}
|
34
|
+
fi
|
35
|
+
|
36
|
+
# If you use bundler, this might be useful to you:
|
37
|
+
# if [[ -s Gemfile ]] && {
|
38
|
+
# ! builtin command -v bundle >/dev/null ||
|
39
|
+
# builtin command -v bundle | GREP_OPTIONS= \grep $rvm_path/bin/bundle >/dev/null
|
40
|
+
# }
|
41
|
+
# then
|
42
|
+
# printf "%b" "The rubygem 'bundler' is not installed. Installing it now.\n"
|
43
|
+
# gem install bundler
|
44
|
+
# fi
|
45
|
+
# if [[ -s Gemfile ]] && builtin command -v bundle >/dev/null
|
46
|
+
# then
|
47
|
+
# bundle install | GREP_OPTIONS= \grep -vE '^Using|Your bundle is complete'
|
48
|
+
# fi
|
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2013 Paolo Perego
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,54 @@
|
|
1
|
+
# Codesake::Dawn - code review engine for ruby powered code
|
2
|
+
|
3
|
+
This is an ongoing roadmap for the dawn source code review tool.
|
4
|
+
|
5
|
+
Dawn is a static analysis security scanner for ruby written web applications.
|
6
|
+
It supports [Sinatra](http://www.sinatrarb.com),
|
7
|
+
[Padrino](http://www.padrinorb.com) and [Ruby on Rails](http://rubyonrails.org)
|
8
|
+
frameworks.
|
9
|
+
|
10
|
+
## Installation
|
11
|
+
|
12
|
+
Add this line to your application's Gemfile:
|
13
|
+
|
14
|
+
gem 'codesake_dawn'
|
15
|
+
|
16
|
+
And then execute:
|
17
|
+
|
18
|
+
$ bundle
|
19
|
+
|
20
|
+
Or install it yourself as:
|
21
|
+
|
22
|
+
$ gem install codesake_dawn
|
23
|
+
|
24
|
+
## Usage
|
25
|
+
|
26
|
+
You can start your code review with dawn very easily. Simply tell the tool
|
27
|
+
where the project root directory is and which is the framework you used to
|
28
|
+
write the web application.
|
29
|
+
|
30
|
+
_Sorry for non autodetect this; at this point we prefere working hard over core
|
31
|
+
features like adding new vulnerabilities and having valuable output._
|
32
|
+
|
33
|
+
dawn command line is in this form with options and the target.
|
34
|
+
```
|
35
|
+
$ dawn [options] target
|
36
|
+
```
|
37
|
+
|
38
|
+
|
39
|
+
|
40
|
+
You can also dump all security checks in the knowledge base by using the -k
|
41
|
+
flag:
|
42
|
+
|
43
|
+
```
|
44
|
+
$ dawn -k|--list-knowledge-base
|
45
|
+
```
|
46
|
+
|
47
|
+
|
48
|
+
## Contributing
|
49
|
+
|
50
|
+
1. Fork it
|
51
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
52
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
53
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
54
|
+
5. Create new Pull Request
|
data/Rakefile
ADDED
@@ -0,0 +1,64 @@
|
|
1
|
+
require "bundler/gem_tasks"
|
2
|
+
require "rspec/core/rake_task"
|
3
|
+
|
4
|
+
require 'fileutils'
|
5
|
+
require "codesake/dawn/knowledge_base"
|
6
|
+
|
7
|
+
RSpec::Core::RakeTask.new
|
8
|
+
|
9
|
+
task :default => :spec
|
10
|
+
task :test => :spec
|
11
|
+
|
12
|
+
desc "Create a new CVE test"
|
13
|
+
task :new_cve, :name do |t,args|
|
14
|
+
name = args.name
|
15
|
+
SRC_DIR = "./lib/codesake/dawn/kb/"
|
16
|
+
SPEC_DIR = "./spec/lib/kb/"
|
17
|
+
|
18
|
+
raise "### It seems that #{name} is already in Dawn knowledge base" unless Codesake::Dawn::KnowledgeBase.find(nil, name).nil?
|
19
|
+
raise "### Invalid CVE title: #{name}" if name.nil? or name.empty? or /CVE-\d{4}-\d{4}/.match(name).nil?
|
20
|
+
raise "### No target directory: #{SRC_DIR}" unless Dir.exists?(SRC_DIR)
|
21
|
+
raise "### No rspec directory: #{SPEC_DIR}" unless Dir.exists?(SPEC_DIR)
|
22
|
+
|
23
|
+
puts "Adding #{name} to knowledge base..."
|
24
|
+
|
25
|
+
rb_filename = SRC_DIR+name.downcase.gsub("-", "_")+".rb"
|
26
|
+
spec_filename = SPEC_DIR+name.downcase.gsub("-", "_")+"_spec.rb"
|
27
|
+
class_name = name.gsub("-", "_")
|
28
|
+
|
29
|
+
open(rb_filename, "w") do |file|
|
30
|
+
file.puts "module Codesake"
|
31
|
+
file.puts "\tmodule Dawn"
|
32
|
+
file.puts "\t\tmodule Kb"
|
33
|
+
file.puts "\t\t\t# Automatically created with rake on #{Time.now.strftime('%Y-%m-%d')}"
|
34
|
+
file.puts "\t\t\tclass #{class_name}"
|
35
|
+
file.puts "\t\t\t\t#"
|
36
|
+
file.puts "\t\t\t\t# Include the testing skeleton for this CVE"
|
37
|
+
file.puts "\t\t\t\t# include PatternMatchCheck"
|
38
|
+
file.puts "\t\t\t\t# include DependencyCheck"
|
39
|
+
file.puts "\t\t\t\t#"
|
40
|
+
file.puts ""
|
41
|
+
file.puts ""
|
42
|
+
file.puts "\t\t\t\tdef initialize"
|
43
|
+
file.puts "\t\t\t\tend"
|
44
|
+
file.puts "\t\t\tend"
|
45
|
+
file.puts "\t\tend"
|
46
|
+
file.puts "\tend"
|
47
|
+
file.puts "end"
|
48
|
+
end
|
49
|
+
puts "#{rb_filename} created"
|
50
|
+
|
51
|
+
open(spec_filename, "w") do |file|
|
52
|
+
file.puts "require \"spec_helper\""
|
53
|
+
file.puts "# Automatically created with rake on #{Time.now.strftime('%Y-%m-%d')}"
|
54
|
+
file.puts ""
|
55
|
+
file.puts "describe \"Security check for #{name}\" do"
|
56
|
+
file.puts "\tlet(:check) {Codesake::Dawn::Kb::#{class_name}.new}"
|
57
|
+
file.puts "\tit \"should be added to rspec\""
|
58
|
+
file.puts "end"
|
59
|
+
end
|
60
|
+
puts "#{spec_filename} created"
|
61
|
+
|
62
|
+
puts "*** PLEASE ADD #{name} to spec/lib/dawn/codesake_knowledgebase_spec.rb in order to reflect changes"
|
63
|
+
puts "*** PLEASE ADD #{name} to lib/codesake/dawn/knowledge_base.rb in order to reflect changes"
|
64
|
+
end
|
data/Roadmap.md
ADDED
@@ -0,0 +1,44 @@
|
|
1
|
+
# Codesake Dawn - roadmap
|
2
|
+
|
3
|
+
This is an ongoing roadmap for the dawn source code review tool.
|
4
|
+
|
5
|
+
Dawn is a static analysis security scanner for ruby written web applications.
|
6
|
+
It supports [Sinatra](http://www.sinatrarb.com),
|
7
|
+
[Padrino](http://www.padrinorb.com) and [Ruby on Rails](http://rubyonrails.org)
|
8
|
+
frameworks.
|
9
|
+
|
10
|
+
This is an ongoing roadmap for the project.
|
11
|
+
|
12
|
+
_latest update: Fri May 10 09:43:11 CEST 2013_
|
13
|
+
|
14
|
+
## Version 0.50 (First public release)
|
15
|
+
|
16
|
+
* adding test for CVE\_2013\_0269
|
17
|
+
* adding test for CVE\_2013\_0155
|
18
|
+
* adding test for CVE\_2011\_2931
|
19
|
+
* adding test for CVE\_2012\_3465
|
20
|
+
|
21
|
+
## Version 0.60
|
22
|
+
|
23
|
+
* make output less verbose. Only vulnerabilities and severity will be shown
|
24
|
+
* adding a '--verbose' option to see also the whole knowledge base info about each findings
|
25
|
+
* grepping views for XSS attempts (sinatra)
|
26
|
+
|
27
|
+
## Version 0.70
|
28
|
+
|
29
|
+
* add ruby\_parser dependency
|
30
|
+
* support sinatra application controllers parsing for XSS
|
31
|
+
* grepping views for XSS attempts (rails)
|
32
|
+
|
33
|
+
## Version 0.80
|
34
|
+
|
35
|
+
* support sinatra application controllers parsing for SQLi
|
36
|
+
* support rails application controllers parsing for XSS
|
37
|
+
* grepping views for XSS attempts (padrino)
|
38
|
+
|
39
|
+
## Version 1.00
|
40
|
+
|
41
|
+
* dedicated web site under dawn.codesake.com
|
42
|
+
* support rails application controllers parsing for SQLi
|
43
|
+
* support padrino application controllers parsing for XSS
|
44
|
+
* support padrino application controllers parsing for SQLi
|
data/bin/dawn
ADDED
@@ -0,0 +1,106 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require 'getoptlong'
|
4
|
+
|
5
|
+
require 'codesake_commons'
|
6
|
+
require 'codesake-dawn'
|
7
|
+
|
8
|
+
APPNAME = File.basename($0)
|
9
|
+
LIST_KNOWN_FRAMEWORK = %w(rails sinatra) #padrino)
|
10
|
+
|
11
|
+
logger = Codesake::Commons::Logging.instance
|
12
|
+
opts = GetoptLong.new(
|
13
|
+
[ '--rails', '-r', GetoptLong::NO_ARGUMENT],
|
14
|
+
[ '--sinatra', '-s', GetoptLong::NO_ARGUMENT],
|
15
|
+
[ '--padrino', '-p', GetoptLong::NO_ARGUMENT],
|
16
|
+
[ '--list-known-framework', '-f', GetoptLong::NO_ARGUMENT ],
|
17
|
+
[ '--list-knowledgebase', '-k', GetoptLong::NO_ARGUMENT ],
|
18
|
+
[ '--version', '-v', GetoptLong::NO_ARGUMENT],
|
19
|
+
[ '--help', '-h', GetoptLong::NO_ARGUMENT]
|
20
|
+
)
|
21
|
+
engine = nil
|
22
|
+
|
23
|
+
trap("INT") { logger.die('[INTERRUPTED]') }
|
24
|
+
|
25
|
+
|
26
|
+
opts.each do |opt, val|
|
27
|
+
case opt
|
28
|
+
when '--version'
|
29
|
+
puts "#{Codesake::Dawn::VERSION}"
|
30
|
+
Kernel.exit(0)
|
31
|
+
when '--rails'
|
32
|
+
engine = Codesake::Dawn::Rails.new
|
33
|
+
when '--sinatra'
|
34
|
+
engine = Codesake::Dawn::Sinatra.new
|
35
|
+
when '--padrino'
|
36
|
+
puts "sorry padrino is not yet supported"
|
37
|
+
Kernel.exit(1)
|
38
|
+
when '--list-knowledgebase'
|
39
|
+
kb = Codesake::Dawn::KnowledgeBase.new
|
40
|
+
puts "Security checks currently supported:\n\n"
|
41
|
+
|
42
|
+
kb.all.each do |check|
|
43
|
+
puts "Name: #{check.name}\tCVSS: #{check.cvss_score}\tReleased: #{check.release_date}"
|
44
|
+
puts "Description\n#{check.message}"
|
45
|
+
puts "Remediation\n#{check.remediation}\n\n"
|
46
|
+
end
|
47
|
+
Kernel.exit(0)
|
48
|
+
|
49
|
+
when '--list-known-framework'
|
50
|
+
puts "Ruby MVC framework supported by #{APPNAME}:"
|
51
|
+
LIST_KNOWN_FRAMEWORK.each do |mvc|
|
52
|
+
puts "* #{mvc}"
|
53
|
+
end
|
54
|
+
Kernel.exit(0)
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
target=ARGV.shift
|
59
|
+
|
60
|
+
logger.helo "#{APPNAME} v#{Codesake::Dawn::VERSION} (C) 2013 - paolo@armoredcode.com is starting up"
|
61
|
+
logger.die "please specify the target language" if engine.nil?
|
62
|
+
|
63
|
+
engine.set_target(target) unless engine.nil?
|
64
|
+
engine.load_knowledge_base
|
65
|
+
|
66
|
+
logger.die "nothing to do on #{target}" unless engine.can_apply?
|
67
|
+
logger.log "scanning #{target}"
|
68
|
+
logger.log "#{engine.name} v#{engine.get_mvc_version} detected"
|
69
|
+
logger.log "applying all security checks"
|
70
|
+
if engine.apply_all
|
71
|
+
logger.ok "all security checks applied"
|
72
|
+
else
|
73
|
+
logger.err "no security checks in the knowledge base"
|
74
|
+
end
|
75
|
+
|
76
|
+
if engine.vulnerabilities.count != 0
|
77
|
+
|
78
|
+
logger.log "#{engine.vulnerabilities.count} vulnerabilities found"
|
79
|
+
engine.vulnerabilities.each do |vuln|
|
80
|
+
logger.err "#{vuln[:name]} failed"
|
81
|
+
logger.log "Description: #{vuln[:message]}"
|
82
|
+
logger.log "Solution: #{vuln[:remediation]}"
|
83
|
+
logger.err "Evidence:"
|
84
|
+
vuln[:evidences].each do |evidence|
|
85
|
+
logger.err evidence
|
86
|
+
end
|
87
|
+
end
|
88
|
+
else
|
89
|
+
logger.ok "no vulnerabilities found."
|
90
|
+
end
|
91
|
+
|
92
|
+
if engine.mitigated_issues.count != 0
|
93
|
+
logger.log "#{engine.mitigated_issues.count} mitigated vulnerabilities found"
|
94
|
+
engine.mitigated_issues.each do |vuln|
|
95
|
+
logger.ok "#{vuln[:name]} mitigated"
|
96
|
+
vuln[:evidences].each do |evidence|
|
97
|
+
logger.err evidence
|
98
|
+
end
|
99
|
+
end
|
100
|
+
end
|
101
|
+
|
102
|
+
|
103
|
+
|
104
|
+
logger.helo "#{APPNAME} is shutting down"
|
105
|
+
Kernel.exit(0)
|
106
|
+
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'codesake/dawn/version'
|
5
|
+
|
6
|
+
Gem::Specification.new do |gem|
|
7
|
+
gem.name = "codesake-dawn"
|
8
|
+
gem.version = Codesake::Dawn::VERSION
|
9
|
+
gem.authors = ["Paolo Perego"]
|
10
|
+
gem.email = ["thesp0nge@gmail.com"]
|
11
|
+
gem.description = %q{dawn is a security static source code analyzer for web applications written in ruby. It supports major MVC frameworks like sinatra, padrino and ruby on rails. dawn output is a list of security vulnerabilities affecting your code with a suggestion on how to mitigate all of them.}
|
12
|
+
gem.summary = %q{dawn is a security static source code analyzer for sinatra, padrino and ruby on rails web applicartions.}
|
13
|
+
gem.homepage = "http://codesake.com"
|
14
|
+
|
15
|
+
gem.files = `git ls-files`.split($/)
|
16
|
+
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
17
|
+
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
18
|
+
gem.require_paths = ["lib"]
|
19
|
+
|
20
|
+
gem.add_dependency 'codesake_commons', '> 0.50.0'
|
21
|
+
gem.add_dependency 'cvss'
|
22
|
+
|
23
|
+
gem.add_development_dependency 'rake'
|
24
|
+
gem.add_development_dependency 'rspec'
|
25
|
+
end
|
@@ -0,0 +1,144 @@
|
|
1
|
+
require 'bundler'
|
2
|
+
|
3
|
+
module Codesake
|
4
|
+
module Dawn
|
5
|
+
module Engine
|
6
|
+
attr_reader :target
|
7
|
+
attr_reader :name
|
8
|
+
attr_reader :gemfile_lock
|
9
|
+
attr_reader :mvc_version
|
10
|
+
attr_reader :connected_gems
|
11
|
+
attr_reader :checks
|
12
|
+
attr_reader :vulnerabilities
|
13
|
+
attr_reader :mitigated_issues
|
14
|
+
|
15
|
+
def initialize(dir=nil, name="")
|
16
|
+
@name = name
|
17
|
+
@mvc_version = ""
|
18
|
+
@gemfile_lock = ""
|
19
|
+
@connected_gems = []
|
20
|
+
@checks = []
|
21
|
+
@vulnerabilities = []
|
22
|
+
@mitigated_issues = []
|
23
|
+
@applied = []
|
24
|
+
set_target(dir) unless dir.nil?
|
25
|
+
load_knowledge_base
|
26
|
+
end
|
27
|
+
|
28
|
+
def set_target(dir)
|
29
|
+
@target = dir
|
30
|
+
@gemfile_lock = File.join(@target, "Gemfile.lock")
|
31
|
+
@mvc_version = set_mvc_version
|
32
|
+
end
|
33
|
+
|
34
|
+
def target_is_dir?
|
35
|
+
File.directory?(@target)
|
36
|
+
end
|
37
|
+
|
38
|
+
def load_knowledge_base
|
39
|
+
@checks = Codesake::Dawn::KnowledgeBase.new.all_by_mvc(self.name)
|
40
|
+
@checks
|
41
|
+
end
|
42
|
+
|
43
|
+
def set_mvc_version
|
44
|
+
ver = ""
|
45
|
+
return ver unless target_is_dir?
|
46
|
+
return ver unless has_gemfile_lock?
|
47
|
+
|
48
|
+
my_dir = Dir.pwd
|
49
|
+
Dir.chdir(@target)
|
50
|
+
lockfile = Bundler::LockfileParser.new(Bundler.read_file("Gemfile.lock"))
|
51
|
+
lockfile.specs.each do |s|
|
52
|
+
ver= s.version.to_s if s.name == @name
|
53
|
+
@connected_gems << {:name=>s.name, :version=>s.version.to_s}
|
54
|
+
end
|
55
|
+
Dir.chdir(my_dir)
|
56
|
+
return ver
|
57
|
+
end
|
58
|
+
|
59
|
+
def has_gemfile_lock?
|
60
|
+
File.exist?(@gemfile_lock)
|
61
|
+
end
|
62
|
+
|
63
|
+
def is_good_mvc?
|
64
|
+
(@mvc_version != "")
|
65
|
+
end
|
66
|
+
|
67
|
+
def can_apply?
|
68
|
+
target_is_dir? and is_good_mvc?
|
69
|
+
end
|
70
|
+
|
71
|
+
def get_mvc_version
|
72
|
+
"#{@name} #{@mvc_version}" if is_good_mvc?
|
73
|
+
end
|
74
|
+
|
75
|
+
## Security stuff applies here
|
76
|
+
#
|
77
|
+
# Public it applies a single security check given by its name
|
78
|
+
#
|
79
|
+
# name - the security check to be applied
|
80
|
+
#
|
81
|
+
# Examples
|
82
|
+
#
|
83
|
+
# engine.apply("CVE-2013-1800")
|
84
|
+
# # => boolean
|
85
|
+
#
|
86
|
+
# Returns a true value if the security check was successfully applied or false
|
87
|
+
# otherwise
|
88
|
+
def apply(name)
|
89
|
+
load_knowledge_base if @checks.nil?
|
90
|
+
|
91
|
+
@checks.each do |check|
|
92
|
+
if check.name == name
|
93
|
+
@applied << { :name=>name }
|
94
|
+
check.dependencies = self.connected_gems if check.kind == Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK
|
95
|
+
check.root_dir = self.target if check.kind == Codesake::Dawn::KnowledgeBase::PATTERN_MATCH_CHECK
|
96
|
+
@vulnerabilities << {:name=> check.name, :message=>check.message, :remediation=>check.remediation, :evidences=>check.evidences} if check.vuln?
|
97
|
+
@mitigated_issues << {:name=> check.name, :message=>check.message, :remediation=>check.remediation, :evidences=>check.evidences} if check.mitigated?
|
98
|
+
return true
|
99
|
+
end
|
100
|
+
end
|
101
|
+
|
102
|
+
false
|
103
|
+
end
|
104
|
+
|
105
|
+
def apply_all
|
106
|
+
load_knowledge_base if @checks.nil?
|
107
|
+
return false if @checks.empty?
|
108
|
+
|
109
|
+
@checks.each do |check|
|
110
|
+
@applied << { :name => name }
|
111
|
+
check.dependencies = self.connected_gems if check.kind == Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK
|
112
|
+
check.root_dir = self.target if check.kind == Codesake::Dawn::KnowledgeBase::PATTERN_MATCH_CHECK
|
113
|
+
@vulnerabilities << {:name=> check.name, :message=>check.message, :remediation=>check.remediation , :evidences=>check.evidences} if check.vuln?
|
114
|
+
@mitigated_issues << {:name=> check.name, :message=>check.message, :remediation=>check.remediation, :evidences=>check.evidences} if check.mitigated?
|
115
|
+
end
|
116
|
+
|
117
|
+
true
|
118
|
+
|
119
|
+
end
|
120
|
+
|
121
|
+
def is_applied?(name)
|
122
|
+
@applied.each do |a|
|
123
|
+
return true if a[:name] == name
|
124
|
+
end
|
125
|
+
return false
|
126
|
+
end
|
127
|
+
|
128
|
+
def vulnerabilities
|
129
|
+
apply_all if @applied.empty?
|
130
|
+
@vulnerabilities
|
131
|
+
end
|
132
|
+
|
133
|
+
def is_vulnerable_to?(name)
|
134
|
+
apply(name) unless is_applied?(name)
|
135
|
+
|
136
|
+
@vulnerabilities.each do |v|
|
137
|
+
return true if v[:name] == name
|
138
|
+
end
|
139
|
+
|
140
|
+
false
|
141
|
+
end
|
142
|
+
end
|
143
|
+
end
|
144
|
+
end
|