codesake-dawn 0.77 → 0.79.99
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +13 -14
- data/Roadmap.md +15 -11
- data/bin/dawn +31 -17
- data/lib/codesake/dawn/core.rb +29 -0
- data/lib/codesake/dawn/engine.rb +81 -37
- data/lib/codesake/dawn/gemfile_lock.rb +2 -2
- data/lib/codesake/dawn/kb/owasp_ror_cheatsheet/command_injection.rb +1 -1
- data/lib/codesake/dawn/version.rb +2 -1
- data/spec/spec_helper.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: de9e08c8270b35f54fa2b233e5998d9e66e5772c
|
4
|
+
data.tar.gz: 7a10a5787cb7b03a335fc4b62d56e630de1738a4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 88ceeabc3abadd5b795d2c17e3d24492f4cb0e35ce3b965890a43c8dd035ff4b9436c36d2a1280c921553b2741f6cfc2875591db2d25e4d0271d15a740f3d1d2
|
7
|
+
data.tar.gz: d0d515fcda51b7a127923416f555772fb32280df8aa1077ed4e581d8fd567a1401ddc3da123e37da2fd14059730a58e22297c0717bad34aa199f456813992e12
|
data/README.md
CHANGED
@@ -14,7 +14,7 @@ frameworks.
|
|
14
14
|
|
15
15
|
www: [http://codesake.com](http://codesake.com)
|
16
16
|
|
17
|
-
twitter: [https://twitter.com/codesake](https://twitter.com/codesake) #
|
17
|
+
twitter: [https://twitter.com/codesake](https://twitter.com/codesake) #dawnscanner hashtag
|
18
18
|
|
19
19
|
github: [https://github.com/codesake/codesake\-dawn](https://github.com/codesake/codesake-dawn)
|
20
20
|
|
@@ -67,19 +67,18 @@ In example, this is the output of a scan performed over a very simple Sinatra
|
|
67
67
|
application:
|
68
68
|
|
69
69
|
```
|
70
|
-
$
|
71
|
-
|
72
|
-
[
|
73
|
-
08:
|
74
|
-
08:
|
75
|
-
08:
|
76
|
-
08:
|
77
|
-
08:
|
78
|
-
08:
|
79
|
-
08:
|
80
|
-
08:
|
81
|
-
08:
|
82
|
-
[*] dawn is shutting down at 08:14:17
|
70
|
+
$ dawn target
|
71
|
+
08:34:53 [*] dawn v0.79.99 is starting up
|
72
|
+
08:34:54 [$] dawn: scanning target
|
73
|
+
08:34:54 [$] dawn: sinatra v1.4.2 detected
|
74
|
+
08:34:54 [$] dawn: applying all security checks
|
75
|
+
08:34:54 [$] dawn: 32 security checks applied - 0 security checks skipped
|
76
|
+
08:34:54 [$] dawn: 1 vulnerabilities found
|
77
|
+
08:34:54 [$] dawn: CVE-2013-1800 failed
|
78
|
+
08:34:54 [$] dawn: Solution: Please use crack gem version 0.3.2 or above. Correct your gemfile
|
79
|
+
08:34:54 [!] dawn: Evidence:
|
80
|
+
08:34:54 [!] dawn: Vulnerable crack gem version found: 0.3.1
|
81
|
+
08:34:54 [*] dawn is leaving
|
83
82
|
```
|
84
83
|
|
85
84
|
|
data/Roadmap.md
CHANGED
@@ -75,17 +75,10 @@ _latest update: Fri 17 May 2013 15:29:55 CEST_
|
|
75
75
|
* detect sinks for XSS in Sinatra applications
|
76
76
|
* detect reflected XSS in Sinatra applications
|
77
77
|
|
78
|
-
## Version 0.
|
78
|
+
## Version 0.79.99 - codename:oddity (2013-11-14)
|
79
79
|
|
80
|
-
|
81
|
-
|
82
|
-
* detect stored XSS in Sinatra applications
|
83
|
-
* detect stored XSS in Padrino applications
|
84
|
-
* detect insecure direct object reference in Sinatra applications
|
85
|
-
* detect insecure direct object reference in Padrino applications
|
86
|
-
* support ERB for in detect\_views (for both Sinatra and Padrino)
|
87
|
-
* integration with [codesake.com](http://codesake.com) with a public available
|
88
|
-
APIs to be consumed by codesake beta users.
|
80
|
+
This is the first codesake-dawn version making codesake.com web application
|
81
|
+
able to scan something. It deserves a special release.
|
89
82
|
|
90
83
|
* adding test for CVE-2013-2065
|
91
84
|
* adding test for CVE-2013-4389
|
@@ -102,8 +95,19 @@ _latest update: Fri 17 May 2013 15:29:55 CEST_
|
|
102
95
|
* adding test for RoRCheatSheet\_7
|
103
96
|
* adding test for RoRCheatSheet\_8
|
104
97
|
* Fix issue #1. You can read more about it in TODO.md
|
105
|
-
* Added
|
98
|
+
* Added API to scan a single Gemfile.lock using -G flag
|
106
99
|
|
100
|
+
## Version 0.80
|
101
|
+
|
102
|
+
* detect sinks for XSS in Padrino applications
|
103
|
+
* detect reflected XSS in Padrino applications
|
104
|
+
* detect stored XSS in Sinatra applications
|
105
|
+
* detect stored XSS in Padrino applications
|
106
|
+
* detect insecure direct object reference in Sinatra applications
|
107
|
+
* detect insecure direct object reference in Padrino applications
|
108
|
+
* support ERB for in detect\_views (for both Sinatra and Padrino)
|
109
|
+
* integration with [codesake.com](http://codesake.com) with a public available
|
110
|
+
APIs to be consumed by codesake beta users.
|
107
111
|
|
108
112
|
## Version 0.90
|
109
113
|
|
data/bin/dawn
CHANGED
@@ -68,6 +68,7 @@ def help
|
|
68
68
|
printf "\n -s, --sinatra\t\t\t\tforce dawn to consider the target a sinatra application"
|
69
69
|
printf "\n -p, --padrino\t\t\t\tforce dawn to consider the target a padrino application"
|
70
70
|
printf "\n -G, --gem-lock\t\t\t\tforce dawn to scan only for vulnerabilities affecting dependencies in Gemfile.lock"
|
71
|
+
printf "\n -D, --debug\t\t\t\t\tenters dawn debug mode"
|
71
72
|
printf "\n -f, --list-known-framework\t\t\tlist ruby MVC frameworks supported by dawn"
|
72
73
|
printf "\n -k, --list-knowledgebase [check_name]\tlist dawn known security checks. If check_name is specified dawn says if check is present or not"
|
73
74
|
printf "\n -o, --output [console, json. csv, html]\tthe output will be in the specified format"
|
@@ -90,26 +91,28 @@ opts = GetoptLong.new(
|
|
90
91
|
[ '--rails', '-r', GetoptLong::NO_ARGUMENT],
|
91
92
|
[ '--sinatra', '-s', GetoptLong::NO_ARGUMENT],
|
92
93
|
[ '--padrino', '-p', GetoptLong::NO_ARGUMENT],
|
93
|
-
[ '--gem-lock', '-G', GetoptLong::
|
94
|
+
[ '--gem-lock', '-G', GetoptLong::OPTIONAL_ARGUMENT],
|
94
95
|
[ '--list-known-framework', '-f', GetoptLong::NO_ARGUMENT],
|
95
96
|
[ '--list-knowledgebase', '-k', GetoptLong::OPTIONAL_ARGUMENT],
|
96
97
|
[ '--output', '-o', GetoptLong::REQUIRED_ARGUMENT],
|
97
98
|
[ '--verbose', '-V', GetoptLong::NO_ARGUMENT],
|
99
|
+
[ '--debug', '-D', GetoptLong::NO_ARGUMENT],
|
98
100
|
[ '--count-only', '-C', GetoptLong::NO_ARGUMENT],
|
99
101
|
[ '--version', '-v', GetoptLong::NO_ARGUMENT],
|
100
102
|
[ '--help', '-h', GetoptLong::NO_ARGUMENT]
|
101
103
|
)
|
102
104
|
engine = nil
|
103
|
-
options = {:verbose=>false, :output=>"console", :count_only=>false, :dump_kb=>false, :mvc=>"", :gemfile_scan=>false}
|
105
|
+
options = {:verbose=>false, :output=>"console", :count_only=>false, :dump_kb=>false, :mvc=>"", :gemfile_scan=>false, :gemfile_name=>"", :debug=>false}
|
104
106
|
|
105
107
|
trap("INT") { $logger.die('[INTERRUPTED]') }
|
106
108
|
check = ""
|
109
|
+
guess = {:name=>"", :version=>"", :connected_gems=>[]}
|
107
110
|
|
108
111
|
|
109
112
|
opts.each do |opt, val|
|
110
113
|
case opt
|
111
114
|
when '--version'
|
112
|
-
puts "#{Codesake::Dawn::VERSION}"
|
115
|
+
puts "#{Codesake::Dawn::VERSION} [#{Codesake::Dawn::CODENAME}]"
|
113
116
|
Kernel.exit(0)
|
114
117
|
when '--rails'
|
115
118
|
options[:mvc]=:rails
|
@@ -120,12 +123,18 @@ opts.each do |opt, val|
|
|
120
123
|
$logger.die "sorry padrino is not yet supported"
|
121
124
|
when '--gem-lock'
|
122
125
|
options[:gemfile_scan] = true
|
126
|
+
options[:gemfile_name] = val unless val.nil?
|
127
|
+
guess = Codesake::Dawn::Core.guess_mvc(val)
|
128
|
+
$logger.log "Guessed MVC: #{guess[:name]} v#{guess[:version]}"
|
129
|
+
|
123
130
|
when '--verbose'
|
124
131
|
options[:verbose]=true
|
125
132
|
when '--output'
|
126
133
|
options[:output] = val unless VALID_OUTPUT_FORMAT.find_index(val).nil?
|
127
134
|
when '--count-only'
|
128
135
|
options[:count_only] = true
|
136
|
+
when '--debug'
|
137
|
+
options[:debug] = true
|
129
138
|
|
130
139
|
when '--list-knowledgebase'
|
131
140
|
options[:dump_kb]=true
|
@@ -155,22 +164,26 @@ end
|
|
155
164
|
|
156
165
|
target=ARGV.shift
|
157
166
|
|
158
|
-
$logger.die("missing target") if target.nil?
|
159
|
-
$logger.die("invalid directory (#{target})")
|
160
|
-
$logger.die("if scanning Gemfile.lock file you must force target MVC using one from -r, -s or -p flag") if options[:mvc].empty? && options[:gemfile_scan]
|
167
|
+
$logger.die("missing target") if target.nil? && options[:gemfile_name].nil?
|
168
|
+
$logger.die("invalid directory (#{target})") if options[:gemfile_name].nil? &&! Codesake::Dawn::Core.is_good_target?(target)
|
169
|
+
$logger.die("if scanning Gemfile.lock file you must not force target MVC using one from -r, -s or -p flag") if ! options[:mvc].empty? && options[:gemfile_scan]
|
161
170
|
|
162
171
|
|
163
|
-
## MVC auto detect
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
172
|
+
## MVC auto detect.
|
173
|
+
# Skipping MVC autodetect if it's already been done by guess_mvc when choosing Gemfile.lock scan
|
174
|
+
|
175
|
+
unless options[:gemfile_scan]
|
176
|
+
begin
|
177
|
+
engine = Codesake::Dawn::Core.detect_mvc(target) if options[:mvc].empty?
|
178
|
+
rescue ArgumentError => e
|
179
|
+
$logger.die(e.message)
|
180
|
+
end
|
168
181
|
end
|
169
182
|
|
170
|
-
engine = Codesake::Dawn::Rails.new(target) if options[:mvc] == :rails
|
171
|
-
engine = Codesake::Dawn::Sinatra.new(target) if options[:mvc] == :sinatra
|
172
|
-
# engine = Codesake::Dawn::Padrino.new(target) if options[:mvc] == :padrino
|
173
|
-
engine = Codesake::Dawn::GemfileLock.new(target, options[:
|
183
|
+
engine = Codesake::Dawn::Rails.new(target) if options[:mvc] == :rails && options[:gemfile_scan].nil?
|
184
|
+
engine = Codesake::Dawn::Sinatra.new(target) if options[:mvc] == :sinatra && options[:gemfile_scan].nil?
|
185
|
+
# engine = Codesake::Dawn::Padrino.new(target) if options[:mvc] == :padrino && options[:gemfile_scan].nil?
|
186
|
+
engine = Codesake::Dawn::GemfileLock.new(target, options[:gemfile_name], options[:debug], guess) if options[:gemfile_scan]
|
174
187
|
|
175
188
|
$logger.die("ruby framework auto detect failed. Please force if rails, sinatra or padrino with -r, -s or -p flags") if engine.nil?
|
176
189
|
|
@@ -191,13 +204,14 @@ $logger.die "missing target framework option" if engine.nil?
|
|
191
204
|
|
192
205
|
engine.load_knowledge_base
|
193
206
|
|
194
|
-
$logger.die "nothing to do on #{target}"
|
207
|
+
$logger.die "nothing to do on #{target}" if ! options[:gemfile_scan] && ! engine.can_apply?
|
208
|
+
|
195
209
|
$logger.log "scanning #{target}"
|
196
210
|
$logger.log "#{engine.name} v#{engine.get_mvc_version} detected" unless engine.name == "Gemfile.lock"
|
197
211
|
$logger.log "#{engine.force} v#{engine.get_mvc_version} detected" if engine.name == "Gemfile.lock"
|
198
212
|
$logger.log "applying all security checks"
|
199
213
|
if engine.apply_all
|
200
|
-
$logger.log "
|
214
|
+
$logger.log "#{engine.applied_checks} security checks applied - #{engine.skipped_checks} security checks skipped"
|
201
215
|
else
|
202
216
|
$logger.err "no security checks in the knowledge base"
|
203
217
|
end
|
data/lib/codesake/dawn/core.rb
CHANGED
@@ -1,7 +1,36 @@
|
|
1
1
|
module Codesake
|
2
2
|
module Dawn
|
3
3
|
class Core
|
4
|
+
|
5
|
+
|
6
|
+
# guess_mvc is very close to detect_mvc despite it accepts a
|
7
|
+
# filename as input and it tries to guess the mvc framework used from the
|
8
|
+
# gems it founds in Gemfile.lock without creating an engine.
|
9
|
+
|
10
|
+
def self.guess_mvc(gemfile_lock)
|
11
|
+
ret = {:name=>"", :version=>"", :connected_gems=>[]}
|
12
|
+
|
13
|
+
a = []
|
14
|
+
my_dir = Dir.pwd
|
15
|
+
Dir.chdir(File.dirname(gemfile_lock))
|
16
|
+
raise ArgumentError.new("can't read #{gemfile_lock}") unless File.readable?(File.basename(gemfile_lock))
|
17
|
+
|
18
|
+
lockfile = Bundler::LockfileParser.new(Bundler.read_file(File.basename(gemfile_lock)))
|
19
|
+
Dir.chdir(my_dir)
|
20
|
+
lockfile.specs.each do |s|
|
21
|
+
ret = {:name=>s.name, :version=>s.version.to_s} if s.name == "rails" || s.name == "sinatra"
|
22
|
+
a << {:name=>s.name, :version=>s.version.to_s}
|
23
|
+
end
|
24
|
+
|
25
|
+
ret[:connected_gems]=a
|
26
|
+
ret
|
27
|
+
|
28
|
+
end
|
29
|
+
|
4
30
|
def self.detect_mvc(target)
|
31
|
+
|
32
|
+
raise ArgumentError.new("you must set target directory") if target.nil?
|
33
|
+
|
5
34
|
my_dir = Dir.pwd
|
6
35
|
Dir.chdir(target)
|
7
36
|
raise ArgumentError.new("no Gemfile.lock in #{target}") unless File.exist?("Gemfile.lock")
|
data/lib/codesake/dawn/engine.rb
CHANGED
@@ -39,6 +39,9 @@ module Codesake
|
|
39
39
|
|
40
40
|
attr_accessor :debug
|
41
41
|
|
42
|
+
attr_reader :applied_checks
|
43
|
+
attr_reader :skipped_checks
|
44
|
+
|
42
45
|
def initialize(dir=nil, name="", options={})
|
43
46
|
@name = name
|
44
47
|
@mvc_version = ""
|
@@ -52,18 +55,36 @@ module Codesake
|
|
52
55
|
@engine_error = false
|
53
56
|
@debug = false
|
54
57
|
@debug = options[:debug] unless options[:debug].nil?
|
55
|
-
|
56
|
-
|
57
|
-
# provided the default behaviour for Gemfile.lock engine is to load all
|
58
|
-
# security checks.
|
59
|
-
@force = options[:force] if ! options[:force].nil? and @name == "Gemfile.lock"
|
58
|
+
@applied_checks = 0
|
59
|
+
@skipped_checks = 0
|
60
60
|
|
61
61
|
set_target(dir) unless dir.nil?
|
62
|
+
@ruby_version = get_ruby_version if dir.nil?
|
63
|
+
@gemfile_lock = options[:gemfile_name] unless options[:gemfile_name].nil?
|
62
64
|
|
63
65
|
@views = detect_views
|
64
66
|
@controllers = detect_controllers
|
65
67
|
@models = detect_models
|
68
|
+
|
69
|
+
if $logger.nil?
|
70
|
+
$logger = Codesake::Commons::Logging.instance
|
71
|
+
$logger.helo "dawn-engine", Codesake::Dawn::VERSION
|
72
|
+
|
73
|
+
end
|
74
|
+
$logger.warn "pattern matching security checks are disabled for Gemfile.lock scan" if @name == "Gemfile.lock"
|
75
|
+
$logger.warn "combo security checks are disabled for Gemfile.lock scan" if @name == "Gemfile.lock"
|
76
|
+
debug_me "engine is in debug mode"
|
66
77
|
|
78
|
+
if @name == "Gemfile.lock" && ! options[:guessed_mvc].nil?
|
79
|
+
# since all checks relies on @name a Gemfile.lock engine must
|
80
|
+
# impersonificate the engine for the mvc it was detected
|
81
|
+
debug_me "now I'm switching my name from #{@name} to #{options[:guessed_mvc][:name]}"
|
82
|
+
$logger.err "there are no connected gems... it seems Gemfile.lock parsing failed" if options[:guessed_mvc][:connected_gems].empty?
|
83
|
+
@name = options[:guessed_mvc][:name]
|
84
|
+
@mvc_version = options[:guessed_mvc][:version]
|
85
|
+
@connected_gems = options[:guessed_mvc][:connected_gems]
|
86
|
+
end
|
87
|
+
|
67
88
|
load_knowledge_base
|
68
89
|
end
|
69
90
|
|
@@ -98,12 +119,18 @@ module Codesake
|
|
98
119
|
end
|
99
120
|
|
100
121
|
def get_ruby_version
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
122
|
+
unless @target.nil?
|
123
|
+
|
124
|
+
# does target use rbenv?
|
125
|
+
ver = get_rbenv_ruby_ver
|
126
|
+
# does the target use rvm?
|
127
|
+
ver = get_rvm_ruby_ver if ver[:version].empty? && ver[:patchlevel].empty?
|
128
|
+
# take the running ruby otherwise
|
129
|
+
ver = {:engine=>RUBY_ENGINE, :version=>RUBY_VERSION, :patchlevel=>"p#{RUBY_PATCHLEVEL}"} if ver[:version].empty? && ver[:patchlevel].empty?
|
130
|
+
else
|
131
|
+
ver = {:engine=>RUBY_ENGINE, :version=>RUBY_VERSION, :patchlevel=>"p#{RUBY_PATCHLEVEL}"}
|
132
|
+
|
133
|
+
end
|
107
134
|
|
108
135
|
ver
|
109
136
|
end
|
@@ -131,6 +158,8 @@ module Codesake
|
|
131
158
|
@checks
|
132
159
|
end
|
133
160
|
|
161
|
+
|
162
|
+
|
134
163
|
def set_mvc_version
|
135
164
|
ver = ""
|
136
165
|
return ver unless target_is_dir?
|
@@ -185,21 +214,28 @@ module Codesake
|
|
185
214
|
|
186
215
|
@checks.each do |check|
|
187
216
|
if check.name == name
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
|
201
|
-
|
202
|
-
|
217
|
+
unless ((check.kind == Codesake::Dawn::KnowledgeBase::PATTERN_MATCH_CHECK || check.kind == Codesake::Dawn::KnowledgeBase::COMBO_CHECK ) && @name == "Gemfile.lock")
|
218
|
+
debug_me "applying check #{check.name}"
|
219
|
+
@applied_checks += 1
|
220
|
+
@applied << { :name=>name }
|
221
|
+
check.ruby_version = @ruby_version[:version]
|
222
|
+
check.detected_ruby = @ruby_version if check.kind == Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK
|
223
|
+
check.dependencies = self.connected_gems if check.kind == Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK
|
224
|
+
check.root_dir = self.target if check.kind == Codesake::Dawn::KnowledgeBase::PATTERN_MATCH_CHECK
|
225
|
+
check.options = {:detected_ruby => self.ruby_version, :dependencies => self.connected_gems, :root_dir => self.target } if check.kind == Codesake::Dawn::KnowledgeBase::COMBO_CHECK
|
226
|
+
|
227
|
+
check_vuln = check.vuln?
|
228
|
+
|
229
|
+
@vulnerabilities << {:name=> check.name, :message=>check.message, :remediation=>check.remediation, :evidences=>check.evidences, :vulnerable_checks=>nil} if check_vuln && check.kind != Codesake::Dawn::KnowledgeBase::COMBO_CHECK
|
230
|
+
|
231
|
+
@vulnerabilities << {:name=> check.name, :message=>check.message, :remediation=>check.remediation, :evidences=>check.evidences, :vulnerable_checks=>check.vulnerable_checks} if check_vuln && check.kind == Codesake::Dawn::KnowledgeBase::COMBO_CHECK
|
232
|
+
|
233
|
+
@mitigated_issues << {:name=> check.name, :message=>check.message, :remediation=>check.remediation, :evidences=>check.evidences, :vulnerable_checks=>nil} if check.mitigated?
|
234
|
+
return true
|
235
|
+
else
|
236
|
+
debug_me "skipping check #{check.name}"
|
237
|
+
@skipped_checks += 1
|
238
|
+
end
|
203
239
|
end
|
204
240
|
end
|
205
241
|
|
@@ -211,25 +247,33 @@ module Codesake
|
|
211
247
|
return false if @checks.empty?
|
212
248
|
|
213
249
|
@checks.each do |check|
|
214
|
-
|
250
|
+
unless ((check.kind == Codesake::Dawn::KnowledgeBase::PATTERN_MATCH_CHECK || check.kind == Codesake::Dawn::KnowledgeBase::COMBO_CHECK ) && @name == "Gemfile.lock")
|
215
251
|
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
check.root_dir = self.target if check.kind == Codesake::Dawn::KnowledgeBase::PATTERN_MATCH_CHECK
|
220
|
-
check.options = {:detected_ruby => self.ruby_version, :dependencies => self.connected_gems, :root_dir => self.target } if check.kind == Codesake::Dawn::KnowledgeBase::COMBO_CHECK
|
221
|
-
check_vuln = check.vuln?
|
252
|
+
@applied << { :name => name }
|
253
|
+
debug_me "applying check #{check.name}"
|
254
|
+
@applied_checks += 1
|
222
255
|
|
223
|
-
|
256
|
+
check.ruby_version = @ruby_version[:version]
|
257
|
+
check.detected_ruby = @ruby_version if check.kind == Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK
|
258
|
+
check.dependencies = self.connected_gems if check.kind == Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK
|
259
|
+
check.root_dir = self.target if check.kind == Codesake::Dawn::KnowledgeBase::PATTERN_MATCH_CHECK
|
260
|
+
check.options = {:detected_ruby => self.ruby_version, :dependencies => self.connected_gems, :root_dir => self.target } if check.kind == Codesake::Dawn::KnowledgeBase::COMBO_CHECK
|
261
|
+
check_vuln = check.vuln?
|
262
|
+
|
263
|
+
@vulnerabilities << {:name=> check.name, :message=>check.message, :remediation=>check.remediation, :evidences=>check.evidences, :vulnerable_checks=>nil} if check_vuln && check.kind != Codesake::Dawn::KnowledgeBase::COMBO_CHECK
|
224
264
|
|
225
|
-
|
226
|
-
|
265
|
+
@vulnerabilities << {:name=> check.name, :message=>check.message, :remediation=>check.remediation, :evidences=>check.evidences, :vulnerable_checks=>check.vulnerable_checks} if check_vuln && check.kind == Codesake::Dawn::KnowledgeBase::COMBO_CHECK
|
266
|
+
@mitigated_issues << {:name=> check.name, :message=>check.message, :remediation=>check.remediation, :evidences=>check.evidences, :vulnerable_checks=>nil} if check.mitigated?
|
267
|
+
else
|
268
|
+
debug_me "skipping check #{check.name}"
|
269
|
+
@skipped_checks += 1
|
270
|
+
end
|
227
271
|
end
|
228
272
|
|
229
273
|
true
|
230
274
|
|
231
275
|
end
|
232
|
-
|
276
|
+
|
233
277
|
def is_applied?(name)
|
234
278
|
@applied.each do |a|
|
235
279
|
return true if a[:name] == name
|
@@ -3,8 +3,8 @@ module Codesake
|
|
3
3
|
class GemfileLock
|
4
4
|
include Codesake::Dawn::Engine
|
5
5
|
|
6
|
-
def initialize(dir = "./",
|
7
|
-
super(dir, "Gemfile.lock", {:
|
6
|
+
def initialize(dir = "./", filename = "", debug, guessed_mvc)
|
7
|
+
super(dir, "Gemfile.lock", {:gemfile_name=>filename, :debug=>debug, :guessed_mvc=>guessed_mvc})
|
8
8
|
end
|
9
9
|
|
10
10
|
end
|
@@ -6,7 +6,7 @@ module Codesake
|
|
6
6
|
include PatternMatchCheck
|
7
7
|
|
8
8
|
def initialize
|
9
|
-
message = "Ruby offers a function called
|
9
|
+
message = "Ruby offers a function called \"eval\" which will dynamically build new Ruby code based on Strings. It also has a number of ways to call system commands. While the power of these commands is quite useful, extreme care should be taken when using them in a Rails based application. Usually, its just a bad idea. If need be, a whitelist of possible values should be used and any input should be validated as thoroughly as possible. The Ruby Security Reviewer's Guide has a section on injection and there are a number of OWASP references for it, starting at the top: Command Injection."
|
10
10
|
|
11
11
|
super({
|
12
12
|
:name=>"Owasp Ror CheatSheet: Command Injection",
|
data/spec/spec_helper.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: codesake-dawn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 0.79.99
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Paolo Perego
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2013-
|
11
|
+
date: 2013-11-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: codesake-commons
|