contrast-agent 5.3.0 → 6.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.simplecov +1 -1
- data/Rakefile +1 -1
- data/ext/build_funchook.rb +3 -3
- data/ext/cs__assess_array/cs__assess_array.c +7 -0
- data/ext/cs__assess_basic_object/cs__assess_basic_object.c +24 -6
- data/ext/cs__assess_fiber_track/cs__assess_fiber_track.c +1 -1
- data/ext/cs__assess_hash/cs__assess_hash.c +3 -4
- data/ext/cs__assess_kernel/cs__assess_kernel.c +1 -2
- data/ext/cs__assess_marshal_module/cs__assess_marshal_module.c +26 -12
- data/ext/cs__assess_module/cs__assess_module.c +1 -1
- data/ext/cs__assess_regexp/cs__assess_regexp.c +15 -2
- data/ext/cs__assess_regexp/cs__assess_regexp.h +2 -0
- data/ext/cs__assess_string/cs__assess_string.c +21 -1
- data/ext/cs__assess_test/cs__assess_test.h +9 -0
- data/ext/cs__assess_test/cs__assess_tests.c +22 -0
- data/ext/cs__assess_test/extconf.rb +5 -0
- data/ext/cs__common/cs__common.c +113 -11
- data/ext/cs__common/cs__common.h +29 -5
- data/ext/cs__contrast_patch/cs__contrast_patch.c +55 -44
- data/ext/cs__os_information/cs__os_information.c +13 -10
- data/ext/cs__scope/cs__scope.c +146 -97
- data/ext/cs__tests/cs__tests.c +12 -0
- data/ext/cs__tests/cs__tests.h +3 -0
- data/ext/cs__tests/extconf.rb +5 -0
- data/ext/extconf_common.rb +1 -1
- data/lib/contrast/agent/assess/contrast_object.rb +16 -16
- data/lib/contrast/agent/assess/events/source_event.rb +17 -19
- data/lib/contrast/agent/assess/finalizers/hash.rb +4 -2
- data/lib/contrast/agent/assess/policy/policy.rb +9 -10
- data/lib/contrast/agent/assess/policy/policy_node.rb +58 -36
- data/lib/contrast/agent/assess/policy/policy_node_utils.rb +51 -0
- data/lib/contrast/agent/assess/policy/policy_scanner.rb +2 -16
- data/lib/contrast/agent/assess/policy/preshift.rb +8 -2
- data/lib/contrast/agent/assess/policy/propagation_method.rb +48 -14
- data/lib/contrast/agent/assess/policy/propagation_node.rb +2 -3
- data/lib/contrast/agent/assess/policy/propagator/base.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/buffer.rb +119 -0
- data/lib/contrast/agent/assess/policy/propagator/database_write.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/keep.rb +19 -4
- data/lib/contrast/agent/assess/policy/propagator/remove.rb +18 -2
- data/lib/contrast/agent/assess/policy/propagator/splat.rb +17 -3
- data/lib/contrast/agent/assess/policy/propagator/split.rb +17 -21
- data/lib/contrast/agent/assess/policy/propagator/substitution.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/substitution_utils.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/trim.rb +2 -2
- data/lib/contrast/agent/assess/policy/propagator.rb +1 -0
- data/lib/contrast/agent/assess/policy/source_method.rb +7 -7
- data/lib/contrast/agent/assess/policy/source_node.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_method.rb +11 -17
- data/lib/contrast/agent/assess/policy/trigger_node.rb +16 -16
- data/lib/contrast/agent/assess/policy/trigger_validation/redos_validator.rb +1 -1
- data/lib/contrast/agent/assess/property/evented.rb +2 -2
- data/lib/contrast/agent/assess/property/tagged.rb +3 -3
- data/lib/contrast/agent/assess/rule/provider/hardcoded_key.rb +6 -8
- data/lib/contrast/agent/assess/rule/provider/hardcoded_password.rb +6 -7
- data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +12 -7
- data/lib/contrast/agent/assess/rule/response/auto_complete_rule.rb +1 -1
- data/lib/contrast/agent/assess/rule/response/base_rule.rb +13 -6
- data/lib/contrast/agent/assess/rule/response/body_rule.rb +3 -3
- data/lib/contrast/agent/assess/rule/response/cache_control_header_rule.rb +66 -43
- data/lib/contrast/agent/assess/rule/response/click_jacking_header_rule.rb +4 -4
- data/lib/contrast/agent/assess/rule/response/csp_header_insecure_rule.rb +6 -6
- data/lib/contrast/agent/assess/rule/response/csp_header_missing_rule.rb +4 -4
- data/lib/contrast/agent/assess/rule/response/hsts_header_rule.rb +4 -4
- data/lib/contrast/agent/assess/rule/response/parameters_pollution_rule.rb +1 -1
- data/lib/contrast/agent/assess/rule/response/x_content_type_header_rule.rb +4 -4
- data/lib/contrast/agent/assess/rule/response/x_xss_protection_header_rule.rb +3 -4
- data/lib/contrast/agent/assess/tag.rb +13 -14
- data/lib/contrast/agent/at_exit_hook.rb +12 -1
- data/lib/contrast/agent/deadzone/policy/deadzone_node.rb +0 -7
- data/lib/contrast/agent/deadzone/policy/policy.rb +0 -6
- data/lib/contrast/agent/exclusion_matcher.rb +3 -3
- data/lib/contrast/agent/inventory/database_config.rb +10 -3
- data/lib/contrast/agent/middleware.rb +10 -5
- data/lib/contrast/agent/patching/policy/after_load_patch.rb +3 -5
- data/lib/contrast/agent/patching/policy/after_load_patcher.rb +2 -2
- data/lib/contrast/agent/patching/policy/method_policy_extend.rb +4 -4
- data/lib/contrast/agent/patching/policy/patch.rb +20 -19
- data/lib/contrast/agent/patching/policy/patch_status.rb +10 -3
- data/lib/contrast/agent/patching/policy/patcher.rb +4 -4
- data/lib/contrast/agent/patching/policy/policy.rb +13 -15
- data/lib/contrast/agent/patching/policy/policy_node.rb +32 -21
- data/lib/contrast/agent/patching/policy/trigger_node.rb +1 -1
- data/lib/contrast/agent/protect/exploitable_collection.rb +38 -0
- data/lib/contrast/agent/protect/input_analyzer/input_analyzer.rb +132 -75
- data/lib/contrast/agent/protect/policy/applies_no_sqli_rule.rb +4 -3
- data/lib/contrast/agent/protect/policy/applies_path_traversal_rule.rb +3 -3
- data/lib/contrast/agent/protect/policy/applies_xxe_rule.rb +1 -1
- data/lib/contrast/agent/protect/policy/rule_applicator.rb +4 -4
- data/lib/contrast/agent/protect/rule/base.rb +53 -9
- data/lib/contrast/agent/protect/rule/base_service.rb +31 -12
- data/lib/contrast/agent/protect/rule/cmd_injection.rb +23 -3
- data/lib/contrast/agent/protect/rule/cmdi/cmdi_input_classification.rb +83 -0
- data/lib/contrast/agent/protect/rule/cmdi/cmdi_worth_watching.rb +64 -0
- data/lib/contrast/agent/protect/rule/default_scanner.rb +2 -1
- data/lib/contrast/agent/protect/rule/deserialization.rb +18 -7
- data/lib/contrast/agent/protect/rule/http_method_tampering/http_method_tampering_input_classification.rb +96 -0
- data/lib/contrast/agent/protect/rule/http_method_tampering.rb +72 -46
- data/lib/contrast/agent/protect/rule/no_sqli/no_sqli_input_classification.rb +231 -0
- data/lib/contrast/agent/protect/rule/no_sqli.rb +28 -2
- data/lib/contrast/agent/protect/rule/path_traversal.rb +13 -3
- data/lib/contrast/agent/protect/rule/sqli/sqli_input_classification.rb +18 -54
- data/lib/contrast/agent/protect/rule/sqli/sqli_worth_watching.rb +2 -5
- data/lib/contrast/agent/protect/rule/sqli.rb +16 -23
- data/lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_input_classification.rb +82 -0
- data/lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_matcher.rb +45 -0
- data/lib/contrast/agent/protect/rule/unsafe_file_upload.rb +42 -0
- data/lib/contrast/agent/protect/rule/xss.rb +17 -0
- data/lib/contrast/agent/protect/rule/xxe/entity_wrapper.rb +14 -13
- data/lib/contrast/agent/protect/rule/xxe.rb +25 -3
- data/lib/contrast/agent/reaction_processor.rb +1 -1
- data/lib/contrast/agent/reporting/attack_result/attack_result.rb +63 -0
- data/lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb +52 -0
- data/lib/contrast/agent/reporting/attack_result/response_type.rb +29 -0
- data/lib/contrast/agent/reporting/attack_result/user_input.rb +87 -0
- data/lib/contrast/agent/reporting/masker/masker.rb +243 -0
- data/lib/contrast/agent/reporting/masker/masker_utils.rb +62 -0
- data/lib/contrast/agent/reporting/report.rb +2 -0
- data/lib/contrast/agent/reporting/reporter.rb +29 -22
- data/lib/contrast/agent/reporting/reporter_heartbeat.rb +49 -0
- data/lib/contrast/agent/reporting/reporting_events/agent_startup.rb +34 -0
- data/lib/contrast/agent/reporting/reporting_events/application_activity.rb +51 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_activity.rb +96 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_activity.rb +70 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb +182 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample_activity.rb +56 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample_stack.rb +22 -0
- data/lib/contrast/agent/reporting/reporting_events/application_defend_attacker_activity.rb +70 -0
- data/lib/contrast/agent/reporting/reporting_events/application_inventory.rb +13 -5
- data/lib/contrast/agent/reporting/reporting_events/application_inventory_activity.rb +60 -0
- data/lib/contrast/agent/reporting/reporting_events/application_reporting_event.rb +27 -0
- data/lib/contrast/agent/reporting/reporting_events/application_startup.rb +44 -0
- data/lib/contrast/agent/reporting/reporting_events/application_startup_instrumentation.rb +27 -0
- data/lib/contrast/agent/reporting/reporting_events/application_update.rb +7 -12
- data/lib/contrast/agent/reporting/reporting_events/discovered_route.rb +1 -1
- data/lib/contrast/agent/reporting/reporting_events/finding.rb +10 -4
- data/lib/contrast/agent/reporting/reporting_events/finding_event.rb +2 -4
- data/lib/contrast/agent/reporting/reporting_events/finding_event_object.rb +3 -3
- data/lib/contrast/agent/reporting/reporting_events/library_usage_observation.rb +5 -5
- data/lib/contrast/agent/reporting/reporting_events/observed_library_usage.rb +6 -2
- data/lib/contrast/agent/reporting/reporting_events/observed_route.rb +16 -12
- data/lib/contrast/agent/reporting/reporting_events/poll.rb +6 -2
- data/lib/contrast/agent/reporting/reporting_events/preflight.rb +10 -8
- data/lib/contrast/agent/reporting/reporting_events/preflight_message.rb +8 -11
- data/lib/contrast/agent/reporting/reporting_events/reporting_event.rb +2 -1
- data/lib/contrast/agent/reporting/reporting_events/route_coverage.rb +8 -6
- data/lib/contrast/agent/reporting/reporting_events/server_activity.rb +12 -20
- data/lib/contrast/agent/reporting/reporting_events/server_reporting_event.rb +27 -0
- data/lib/contrast/agent/reporting/reporting_utilities/audit.rb +17 -27
- data/lib/contrast/agent/reporting/reporting_utilities/build_preflight.rb +38 -0
- data/lib/contrast/agent/reporting/reporting_utilities/dtm_message.rb +8 -0
- data/lib/contrast/agent/reporting/reporting_utilities/endpoints.rb +6 -0
- data/lib/contrast/agent/reporting/reporting_utilities/headers.rb +1 -2
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb +29 -13
- data/lib/contrast/agent/reporting/reporting_utilities/reporter_client_utils.rb +64 -76
- data/lib/contrast/agent/reporting/reporting_utilities/reporting_storage.rb +1 -1
- data/lib/contrast/agent/reporting/reporting_utilities/response.rb +17 -7
- data/lib/contrast/agent/reporting/reporting_utilities/response_extractor.rb +100 -0
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler.rb +75 -13
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler_mode.rb +63 -0
- data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb +163 -122
- data/lib/contrast/agent/reporting/settings/application_settings.rb +10 -1
- data/lib/contrast/agent/reporting/settings/assess.rb +5 -5
- data/lib/contrast/agent/reporting/settings/assess_server_feature.rb +7 -35
- data/lib/contrast/agent/reporting/settings/exclusions.rb +3 -3
- data/lib/contrast/agent/reporting/settings/protect.rb +21 -6
- data/lib/contrast/agent/reporting/settings/protect_server_feature.rb +6 -6
- data/lib/contrast/agent/reporting/settings/reaction.rb +3 -3
- data/lib/contrast/agent/reporting/settings/sampling.rb +36 -0
- data/lib/contrast/agent/reporting/settings/sensitive_data_masking.rb +110 -0
- data/lib/contrast/agent/reporting/settings/sensitive_data_masking_rule.rb +58 -0
- data/lib/contrast/agent/reporting/settings/server_features.rb +2 -2
- data/lib/contrast/agent/request.rb +5 -5
- data/lib/contrast/agent/request_context.rb +25 -21
- data/lib/contrast/agent/request_context_extend.rb +12 -25
- data/lib/contrast/agent/request_handler.rb +7 -3
- data/lib/contrast/agent/response.rb +2 -0
- data/lib/contrast/agent/rule_set.rb +2 -2
- data/lib/contrast/agent/scope.rb +1 -1
- data/lib/contrast/agent/service_heartbeat.rb +6 -48
- data/lib/contrast/agent/static_analysis.rb +1 -1
- data/lib/contrast/agent/telemetry/base.rb +155 -0
- data/lib/contrast/agent/telemetry/events/event.rb +35 -0
- data/lib/contrast/agent/telemetry/events/exceptions/obfuscate.rb +119 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_base.rb +59 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_event.rb +44 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_message.rb +115 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_message_exception.rb +83 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_stack_frame.rb +64 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exceptions.rb +20 -0
- data/lib/contrast/agent/telemetry/events/exceptions/telemetry_exceptions_report.rb +30 -0
- data/lib/contrast/agent/telemetry/events/metric_event.rb +28 -0
- data/lib/contrast/agent/telemetry/events/startup_metrics_event.rb +123 -0
- data/lib/contrast/agent/thread_watcher.rb +52 -68
- data/lib/contrast/agent/version.rb +1 -1
- data/lib/contrast/agent/worker_thread.rb +8 -0
- data/lib/contrast/agent.rb +4 -3
- data/lib/contrast/api/communication/messaging_queue.rb +29 -12
- data/lib/contrast/api/communication/response_processor.rb +7 -10
- data/lib/contrast/api/communication/service_lifecycle.rb +1 -1
- data/lib/contrast/api/communication/socket.rb +1 -1
- data/lib/contrast/api/communication/socket_client.rb +1 -1
- data/lib/contrast/api/communication/speedracer.rb +3 -3
- data/lib/contrast/api/decorators/activity.rb +33 -0
- data/lib/contrast/api/decorators/address.rb +1 -1
- data/lib/contrast/api/decorators/agent_startup.rb +10 -9
- data/lib/contrast/api/decorators/application_settings.rb +1 -1
- data/lib/contrast/api/decorators/application_startup.rb +4 -4
- data/lib/contrast/api/decorators/http_request.rb +1 -1
- data/lib/contrast/api/decorators/response_type.rb +17 -0
- data/lib/contrast/api/decorators.rb +1 -0
- data/lib/contrast/components/agent.rb +1 -1
- data/lib/contrast/components/app_context.rb +0 -4
- data/lib/contrast/components/assess.rb +14 -0
- data/lib/contrast/components/base.rb +1 -1
- data/lib/contrast/components/config.rb +19 -28
- data/lib/contrast/components/contrast_service.rb +13 -1
- data/lib/contrast/components/protect.rb +2 -2
- data/lib/contrast/components/sampling.rb +8 -12
- data/lib/contrast/components/settings.rb +151 -19
- data/lib/contrast/config/agent_configuration.rb +34 -41
- data/lib/contrast/config/api_configuration.rb +16 -75
- data/lib/contrast/config/api_proxy_configuration.rb +9 -48
- data/lib/contrast/config/application_configuration.rb +24 -95
- data/lib/contrast/config/assess_configuration.rb +21 -76
- data/lib/contrast/config/assess_rules_configuration.rb +13 -38
- data/lib/contrast/config/base_configuration.rb +11 -76
- data/lib/contrast/config/certification_configuration.rb +15 -68
- data/lib/contrast/config/exception_configuration.rb +15 -59
- data/lib/contrast/config/heap_dump_configuration.rb +19 -73
- data/lib/contrast/config/inventory_configuration.rb +11 -55
- data/lib/contrast/config/logger_configuration.rb +8 -41
- data/lib/contrast/config/protect_configuration.rb +23 -10
- data/lib/contrast/config/protect_rule_configuration.rb +23 -37
- data/lib/contrast/config/protect_rules_configuration.rb +39 -43
- data/lib/contrast/config/request_audit_configuration.rb +16 -55
- data/lib/contrast/config/root_configuration.rb +71 -14
- data/lib/contrast/config/ruby_configuration.rb +14 -47
- data/lib/contrast/config/sampling_configuration.rb +12 -65
- data/lib/contrast/config/server_configuration.rb +13 -45
- data/lib/contrast/config/service_configuration.rb +18 -54
- data/lib/contrast/configuration.rb +25 -17
- data/lib/contrast/extension/assess/array.rb +1 -1
- data/lib/contrast/extension/assess/erb.rb +1 -1
- data/lib/contrast/extension/assess/marshal.rb +1 -1
- data/lib/contrast/extension/assess/string.rb +20 -1
- data/lib/contrast/extension/extension.rb +2 -2
- data/lib/contrast/extension/module.rb +0 -1
- data/lib/contrast/framework/base_support.rb +8 -8
- data/lib/contrast/framework/grape/support.rb +3 -3
- data/lib/contrast/framework/manager.rb +7 -7
- data/lib/contrast/framework/manager_extend.rb +1 -1
- data/lib/contrast/framework/rack/patch/session_cookie.rb +1 -1
- data/lib/contrast/framework/rails/patch/action_controller_live_buffer.rb +14 -3
- data/lib/contrast/framework/rails/patch/assess_configuration.rb +3 -3
- data/lib/contrast/framework/rails/patch/rails_application_configuration.rb +1 -1
- data/lib/contrast/framework/rails/patch/support.rb +14 -46
- data/lib/contrast/framework/rails/support.rb +2 -2
- data/lib/contrast/framework/sinatra/support.rb +1 -1
- data/lib/contrast/logger/aliased_logging.rb +94 -0
- data/lib/contrast/logger/application.rb +1 -5
- data/lib/contrast/logger/cef_log.rb +15 -15
- data/lib/contrast/logger/format.rb +1 -1
- data/lib/contrast/logger/log.rb +8 -8
- data/lib/contrast/tasks/config.rb +100 -4
- data/lib/contrast/tasks/service.rb +2 -2
- data/lib/contrast/utils/assess/object_store.rb +36 -0
- data/lib/contrast/utils/assess/propagation_method_utils.rb +6 -0
- data/lib/contrast/utils/assess/tracking_util.rb +4 -4
- data/lib/contrast/utils/class_util.rb +9 -22
- data/lib/contrast/utils/findings.rb +3 -3
- data/lib/contrast/utils/hash_digest.rb +6 -7
- data/lib/contrast/utils/head_dump_utils_extend.rb +1 -1
- data/lib/contrast/utils/input_classification.rb +73 -0
- data/lib/contrast/utils/invalid_configuration_util.rb +2 -2
- data/lib/contrast/utils/log_utils.rb +7 -5
- data/lib/contrast/utils/lru_cache.rb +1 -1
- data/lib/contrast/utils/metrics_hash.rb +1 -1
- data/lib/contrast/utils/middleware_utils.rb +15 -14
- data/lib/contrast/utils/net_http_base.rb +5 -5
- data/lib/contrast/utils/object_share.rb +2 -1
- data/lib/contrast/utils/os.rb +1 -6
- data/lib/contrast/utils/patching/policy/patch_utils.rb +6 -7
- data/lib/contrast/utils/request_utils.rb +2 -2
- data/lib/contrast/utils/response_utils.rb +18 -33
- data/lib/contrast/utils/sha256_builder.rb +4 -4
- data/lib/contrast/utils/stack_trace_utils.rb +31 -13
- data/lib/contrast/utils/telemetry.rb +22 -7
- data/lib/contrast/utils/telemetry_client.rb +28 -16
- data/lib/contrast/utils/telemetry_hash.rb +41 -0
- data/lib/contrast/utils/telemetry_identifier.rb +18 -3
- data/lib/contrast/utils/timer.rb +1 -1
- data/lib/contrast.rb +9 -0
- data/resources/assess/policy.json +99 -1
- data/resources/deadzone/policy.json +0 -86
- data/ruby-agent.gemspec +10 -9
- data/service_executables/VERSION +1 -1
- data/service_executables/linux/contrast-service +0 -0
- data/service_executables/mac/contrast-service +0 -0
- metadata +99 -29
- data/lib/contrast/agent/metric_telemetry_event.rb +0 -26
- data/lib/contrast/agent/startup_metrics_telemetry_event.rb +0 -121
- data/lib/contrast/agent/telemetry.rb +0 -137
- data/lib/contrast/agent/telemetry_event.rb +0 -33
- data/lib/contrast/utils/exclude_key.rb +0 -20
@@ -0,0 +1,70 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/api/dtm.pb'
|
5
|
+
require 'contrast/api/decorators/response_type'
|
6
|
+
require 'contrast/components/logger'
|
7
|
+
require 'contrast/agent/reporting/reporting_events/application_defend_attack_sample_activity'
|
8
|
+
|
9
|
+
module Contrast
|
10
|
+
module Agent
|
11
|
+
module Reporting
|
12
|
+
# This is the new ApplicationDefendAttackActivity class which will include the attacks sent by the source.
|
13
|
+
class ApplicationDefendAttackActivity
|
14
|
+
# @return [Contrast::Agent::Reporting::ApplicationDefendAttackSampleActivity]
|
15
|
+
attr_accessor :blocked
|
16
|
+
# @return [Contrast::Agent::Reporting::ApplicationDefendAttackSampleActivity]
|
17
|
+
attr_accessor :exploited
|
18
|
+
# @return [Contrast::Agent::Reporting::ApplicationDefendAttackSampleActivity]
|
19
|
+
attr_accessor :ineffective
|
20
|
+
# @return [Contrast::Agent::Reporting::ApplicationDefendAttackSampleActivity]
|
21
|
+
attr_accessor :suspicious
|
22
|
+
|
23
|
+
class << self
|
24
|
+
# @param attack_result [Contrast::Api::Dtm::AttackResult]
|
25
|
+
def convert attack_result
|
26
|
+
activity = new
|
27
|
+
activity.attach_data(attack_result)
|
28
|
+
activity
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
def initialize
|
33
|
+
@start_time = start_time
|
34
|
+
super
|
35
|
+
end
|
36
|
+
|
37
|
+
def to_controlled_hash
|
38
|
+
{
|
39
|
+
startTime: @start_time,
|
40
|
+
blocked: blocked&.to_controlled_hash || Contrast::Utils::ObjectShare::EMPTY_HASH,
|
41
|
+
exploited: exploited&.to_controlled_hash || Contrast::Utils::ObjectShare::EMPTY_HASH,
|
42
|
+
ineffective: ineffective&.to_controlled_hash || Contrast::Utils::ObjectShare::EMPTY_HASH,
|
43
|
+
suspicious: suspicious&.to_controlled_hash || Contrast::Utils::ObjectShare::EMPTY_HASH
|
44
|
+
}
|
45
|
+
end
|
46
|
+
|
47
|
+
# @param attack_result [Contrast::Api::Dtm::AttackResult]
|
48
|
+
# @return [Contrast::Agent::Reporting::Defend::AttackSampleActivity]
|
49
|
+
def attach_data attack_result
|
50
|
+
attack_sample_activity =
|
51
|
+
Contrast::Agent::Reporting::ApplicationDefendAttackSampleActivity.convert(attack_result)
|
52
|
+
case attack_result.response
|
53
|
+
when ::Contrast::Api::Dtm::AttackResult::ResponseType::BLOCKED
|
54
|
+
@blocked = attack_sample_activity
|
55
|
+
when ::Contrast::Api::Dtm::AttackResult::ResponseType::MONITORED
|
56
|
+
@exploited = attack_sample_activity
|
57
|
+
when ::Contrast::Api::Dtm::AttackResult::ResponseType::PROBED
|
58
|
+
@ineffective = attack_sample_activity
|
59
|
+
when ::Contrast::Api::Dtm::AttackResult::ResponseType::SUSPICIOUS
|
60
|
+
@suspicious = attack_sample_activity
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
def start_time
|
65
|
+
Contrast::Agent::REQUEST_TRACKER.current&.timer&.start_ms
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
@@ -0,0 +1,182 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/agent/protect/rule/cmd_injection'
|
5
|
+
require 'contrast/agent/protect/rule/deserialization'
|
6
|
+
require 'contrast/agent/protect/rule/http_method_tampering'
|
7
|
+
require 'contrast/agent/protect/rule/no_sqli'
|
8
|
+
require 'contrast/api/dtm.pb'
|
9
|
+
require 'contrast/components/logger'
|
10
|
+
|
11
|
+
module Contrast
|
12
|
+
module Agent
|
13
|
+
module Reporting
|
14
|
+
# This is the new ApplicationDefendAttackSample class which includes a samples of an attack for the given rule of
|
15
|
+
# the given result observed in the activity period.
|
16
|
+
class ApplicationDefendAttackSample
|
17
|
+
include Contrast::Agent::Reporting::InputType
|
18
|
+
|
19
|
+
# @return [Hash]
|
20
|
+
attr_reader :time_stamp
|
21
|
+
|
22
|
+
class << self
|
23
|
+
# @param attack_result [Contrast::Api::Dtm::AttackResult]
|
24
|
+
# @param attack_sample [Contrast::Api::Dtm::RaspRuleSample]
|
25
|
+
def convert attack_result, attack_sample
|
26
|
+
activity = new
|
27
|
+
activity.attach_data(attack_result, attack_sample)
|
28
|
+
activity
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
def initialize
|
33
|
+
@blocked = false
|
34
|
+
@event_type = :application_defend_attack_sample
|
35
|
+
end
|
36
|
+
|
37
|
+
def to_controlled_hash
|
38
|
+
{
|
39
|
+
blocked: @blocked,
|
40
|
+
input: @input,
|
41
|
+
details: @details,
|
42
|
+
request: @request&.to_controlled_hash,
|
43
|
+
stack: @stack&.map(&:to_controlled_hash),
|
44
|
+
timestamp: time_stamp
|
45
|
+
}
|
46
|
+
end
|
47
|
+
|
48
|
+
# @param attack_result [Contrast::Api::Dtm::AttackResult]
|
49
|
+
# @param attack_sample [Contrast::Api::Dtm::RaspRuleSample]
|
50
|
+
def attach_data attack_result, attack_sample
|
51
|
+
@blocked = attack_result.response == ::Contrast::Api::Dtm::AttackResult::ResponseType::BLOCKED
|
52
|
+
@input = build_input(attack_sample)
|
53
|
+
@details = build_details(attack_result.rule_id, attack_sample)
|
54
|
+
@time_stamp = build_time_stamp(attack_sample.timestamp_ms)
|
55
|
+
@request = FindingRequest.convert(Contrast::Agent::REQUEST_TRACKER.current&.request)
|
56
|
+
@stack = Contrast::Utils::StackTraceUtils.build_protect_report_stack_array
|
57
|
+
end
|
58
|
+
|
59
|
+
# @param start [Integer]
|
60
|
+
# @return [Hash]
|
61
|
+
def build_time_stamp start
|
62
|
+
{
|
63
|
+
start: start,
|
64
|
+
elapsed: Contrast::Utils::Timer.now_ms - start
|
65
|
+
}
|
66
|
+
end
|
67
|
+
|
68
|
+
# @param attack_sample [Contrast::Api::Dtm::RaspRuleSample]
|
69
|
+
def build_input attack_sample
|
70
|
+
user_input = attack_sample.user_input
|
71
|
+
{
|
72
|
+
documentPath: user_input.path,
|
73
|
+
documentType: build_document_type(user_input.document_type),
|
74
|
+
filters: user_input.matcher_ids,
|
75
|
+
name: user_input.key,
|
76
|
+
time: attack_sample.timestamp_ms,
|
77
|
+
type: build_input_type(user_input.input_type),
|
78
|
+
value: user_input.value
|
79
|
+
}
|
80
|
+
end
|
81
|
+
|
82
|
+
# Convert the document type api enum to a String constant TeamServer can understand.
|
83
|
+
#
|
84
|
+
# @param type_enum [::Contrast::Api::Dtm::HttpRequest::DocumentType]
|
85
|
+
# @return [String]
|
86
|
+
def build_document_type type_enum
|
87
|
+
case type_enum
|
88
|
+
when ::Contrast::Api::Dtm::HttpRequest::DocumentType::JSON
|
89
|
+
'JSON'
|
90
|
+
when ::Contrast::Api::Dtm::HttpRequest::DocumentType::XML
|
91
|
+
'XML'
|
92
|
+
else
|
93
|
+
'NORMAL'
|
94
|
+
end
|
95
|
+
end
|
96
|
+
|
97
|
+
# Convert the input type api enum to a String constant TeamServer can understand.
|
98
|
+
#
|
99
|
+
# @param type_enum [when ::Contrast::Api::Dtm::UserInput::InputType]
|
100
|
+
# @return [String]
|
101
|
+
def build_input_type type_enum
|
102
|
+
case type_enum
|
103
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::UNDEFINED_TYPE
|
104
|
+
'UNDEFINED_TYPE'
|
105
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::BODY
|
106
|
+
'BODY'
|
107
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::COOKIE_NAME
|
108
|
+
'COOKIE_NAME'
|
109
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::COOKIE_VALUE
|
110
|
+
'COOKIE_VALUE'
|
111
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::HEADER
|
112
|
+
'HEADER'
|
113
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::PARAMETER_NAME
|
114
|
+
'PARAMETER_NAME'
|
115
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::PARAMETER_VALUE
|
116
|
+
'PARAMETER_VALUE'
|
117
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::QUERYSTRING
|
118
|
+
'QUERYSTRING'
|
119
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::URI
|
120
|
+
'URI'
|
121
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::SOCKET
|
122
|
+
'SOCKET'
|
123
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::JSON_VALUE
|
124
|
+
'JSON_VALUE'
|
125
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::JSON_ARRAYED_VALUE
|
126
|
+
'JSON_ARRAYED_VALUE'
|
127
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::MULTIPART_CONTENT_TYPE
|
128
|
+
'MULTIPART_CONTENT_TYPE'
|
129
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::MULTIPART_VALUE
|
130
|
+
'MULTIPART_VALUE'
|
131
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::MULTIPART_FIELD_NAME
|
132
|
+
'MULTIPART_FIELD_NAME'
|
133
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::MULTIPART_NAME
|
134
|
+
'MULTIPART_NAME'
|
135
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::XML_VALUE
|
136
|
+
'XML_VALUE'
|
137
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::DWR_VALUE
|
138
|
+
'DWR_VALUE'
|
139
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::METHOD
|
140
|
+
'METHOD'
|
141
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::REQUEST
|
142
|
+
'REQUEST'
|
143
|
+
when ::Contrast::Api::Dtm::UserInput::InputType::URL_PARAMETER
|
144
|
+
'URL_PARAMETER'
|
145
|
+
else # ::Contrast::Api::Dtm::UserInput::InputType::UNKNOWN
|
146
|
+
'UNKNOWN'
|
147
|
+
end
|
148
|
+
end
|
149
|
+
|
150
|
+
# This is a temporary method to facilitate the translation of API details to Reporting details. As we move off
|
151
|
+
# of protobuf, this responsibility should shift from this class to the individual rules, as they do today when
|
152
|
+
# they populate their details in Contrast::Api::Dtm::RaspRuleSample
|
153
|
+
#
|
154
|
+
# @param rule_id [String]
|
155
|
+
# @param attack_sample [Contrast::Api::Dtm::RaspRuleSample]
|
156
|
+
# @return [Hash] the details for this specific rule
|
157
|
+
def build_details rule_id, attack_sample
|
158
|
+
case rule_id
|
159
|
+
when Contrast::Agent::Protect::Rule::CmdInjection::NAME
|
160
|
+
Contrast::Agent::Protect::Rule::CmdInjection.extract_details(attack_sample)
|
161
|
+
when Contrast::Agent::Protect::Rule::Deserialization::NAME
|
162
|
+
Contrast::Agent::Protect::Rule::Deserialization.extract_details(attack_sample)
|
163
|
+
when Contrast::Agent::Protect::Rule::HttpMethodTampering::NAME
|
164
|
+
Contrast::Agent::Protect::Rule::HttpMethodTampering.extract_details(attack_sample)
|
165
|
+
when Contrast::Agent::Protect::Rule::NoSqli::NAME
|
166
|
+
Contrast::Agent::Protect::Rule::NoSqli.extract_details(attack_sample)
|
167
|
+
when Contrast::Agent::Protect::Rule::PathTraversal::NAME
|
168
|
+
Contrast::Agent::Protect::Rule::PathTraversal.extract_details(attack_sample)
|
169
|
+
when Contrast::Agent::Protect::Rule::Sqli::NAME
|
170
|
+
Contrast::Agent::Protect::Rule::Sqli.extract_details(attack_sample)
|
171
|
+
when Contrast::Agent::Protect::Rule::Xss::NAME
|
172
|
+
Contrast::Agent::Protect::Rule::Xss.extract_details(attack_sample)
|
173
|
+
when Contrast::Agent::Protect::Rule::Xxe::NAME
|
174
|
+
Contrast::Agent::Protect::Rule::Xxe.extract_details(attack_sample)
|
175
|
+
else # something unknown or Contrast::Agent::Protect::Rule::UnsafeFileUpload::NAME
|
176
|
+
Contrast::Utils::ObjectShare::EMPTY_HASH
|
177
|
+
end
|
178
|
+
end
|
179
|
+
end
|
180
|
+
end
|
181
|
+
end
|
182
|
+
end
|
data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample_activity.rb
ADDED
@@ -0,0 +1,56 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/components/logger'
|
5
|
+
require 'contrast/agent/reporting/reporting_events/application_defend_attack_sample'
|
6
|
+
|
7
|
+
module Contrast
|
8
|
+
module Agent
|
9
|
+
module Reporting
|
10
|
+
# This is the new AttackerSampleActivity class which will include Sample of the given attacks in the activity
|
11
|
+
# period.
|
12
|
+
class ApplicationDefendAttackSampleActivity
|
13
|
+
# @return [Array<Contrast::Agent::Reporting::ApplicationDefendAttackSample>]
|
14
|
+
attr_reader :samples
|
15
|
+
# @return [Hash<Integer,Integer>] map of time from start in seconds to number of attacks in that second
|
16
|
+
attr_reader :time_map
|
17
|
+
|
18
|
+
class << self
|
19
|
+
# @param attack_result [Contrast::Api::Dtm::AttackResult]
|
20
|
+
def convert attack_result
|
21
|
+
activity = new
|
22
|
+
activity.attach_data(attack_result)
|
23
|
+
activity
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
def initialize
|
28
|
+
@samples = []
|
29
|
+
@start_time = (Contrast::Agent::REQUEST_TRACKER.current&.timer&.start_ms || 0) / 1000
|
30
|
+
@event_type = :application_defend_attack_sample_activity
|
31
|
+
@time_map = Hash.new { |h, k| h[k] = 0 }
|
32
|
+
super
|
33
|
+
end
|
34
|
+
|
35
|
+
def to_controlled_hash
|
36
|
+
{
|
37
|
+
attackTimeMap: time_map,
|
38
|
+
samples: samples.map(&:to_controlled_hash),
|
39
|
+
startTime: @start_time,
|
40
|
+
total: 1 # there will only ever be 1 attack sample, until batching is done
|
41
|
+
}
|
42
|
+
end
|
43
|
+
|
44
|
+
# @param attack_result [Contrast::Api::Dtm::AttackResult]
|
45
|
+
def attach_data attack_result
|
46
|
+
attack_result.samples.each do |attack_sample|
|
47
|
+
converted = Contrast::Agent::Reporting::ApplicationDefendAttackSample.convert(attack_result, attack_sample)
|
48
|
+
samples << converted
|
49
|
+
attack_second = converted.time_stamp[:elapsed] / 1000
|
50
|
+
time_map[attack_second] += 1
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
module Contrast
|
5
|
+
module Agent
|
6
|
+
module Reporting
|
7
|
+
# This is the new ApplicationDefendAttackSample class which includes a samples of an attack for the given rule of
|
8
|
+
# the given result observed in the activity period.
|
9
|
+
class ApplicationDefendAttackSampleStack
|
10
|
+
# @return [String]
|
11
|
+
attr_accessor :file_name
|
12
|
+
# @return [String]
|
13
|
+
attr_accessor :method_name
|
14
|
+
|
15
|
+
# @return [Hash]
|
16
|
+
def to_controlled_hash
|
17
|
+
{ fileName: @file_name, methodName: @method_name }.compact
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,70 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/components/logger'
|
5
|
+
require 'contrast/agent/reporting/reporting_events/application_defend_attack_activity'
|
6
|
+
|
7
|
+
module Contrast
|
8
|
+
module Agent
|
9
|
+
module Reporting
|
10
|
+
# This is the new AttackerActivity class which will includes the attacker information discovered during this
|
11
|
+
# activity period.
|
12
|
+
class ApplicationDefendAttackerActivity
|
13
|
+
# @return [Hash<String,Contrast::Agent::Reporting::ApplicationDefendAttackActivity>] map of rule-id to violated
|
14
|
+
# samples for that rule
|
15
|
+
attr_reader :protection_rules
|
16
|
+
# @return [String, nil] the IP address of the request from which the attack originated; used to identify unique
|
17
|
+
# attackers
|
18
|
+
attr_reader :source_ip
|
19
|
+
# @return [String, nil] the X-Forwarded-For Header of the request from which the attack originated; used to
|
20
|
+
# identify unique attackers
|
21
|
+
attr_reader :source_forwarded_for
|
22
|
+
|
23
|
+
class << self
|
24
|
+
# @param attack_result_dtm [Contrast::Api::Dtm::AttackResult]
|
25
|
+
# @return [Contrast::Agent::Reporting::ApplicationDefendAttackerActivity]
|
26
|
+
def convert attack_result_dtm
|
27
|
+
activity = new
|
28
|
+
activity.attach_data(attack_result_dtm)
|
29
|
+
activity
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
def initialize
|
34
|
+
@protection_rules = {}
|
35
|
+
req = Contrast::Agent::REQUEST_TRACKER.current.activity.http_request
|
36
|
+
if req
|
37
|
+
@source_ip = req.sender.ip
|
38
|
+
@source_forwarded_for = req.request_headers['X-Forwarded-For']
|
39
|
+
end
|
40
|
+
@event_type = :application_defend_attacker_activity
|
41
|
+
super
|
42
|
+
end
|
43
|
+
|
44
|
+
def to_controlled_hash
|
45
|
+
{
|
46
|
+
protectionRules: process_protection_rules,
|
47
|
+
source: {
|
48
|
+
ip: source_ip,
|
49
|
+
xForwardedFor: source_forwarded_for
|
50
|
+
}
|
51
|
+
}
|
52
|
+
end
|
53
|
+
|
54
|
+
# @param attack_result [Contrast::Api::Dtm::AttackResult]
|
55
|
+
def attach_data attack_result
|
56
|
+
@protection_rules[attack_result.rule_id] =
|
57
|
+
Contrast::Agent::Reporting::ApplicationDefendAttackActivity.convert(attack_result)
|
58
|
+
end
|
59
|
+
|
60
|
+
def process_protection_rules
|
61
|
+
hsh = {}
|
62
|
+
@protection_rules.each_pair do |rule_id, attack_activity|
|
63
|
+
hsh[rule_id] = attack_activity.to_controlled_hash
|
64
|
+
end
|
65
|
+
hsh
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
@@ -9,14 +9,18 @@ module Contrast
|
|
9
9
|
module Agent
|
10
10
|
module Reporting
|
11
11
|
# This is the new ApplicationInventory class which will include all the needed information
|
12
|
-
# for the new reporting system to report
|
13
|
-
|
14
|
-
|
12
|
+
# for the new reporting system to report. Reporting those components or details discovered at
|
13
|
+
# startup, or as soon as possible, but not necessarily seen used by the application. Each of
|
14
|
+
# these messages should only be sent once per application.
|
15
|
+
class ApplicationInventory < Contrast::Agent::Reporting::ApplicationReportingEvent
|
16
|
+
# @param [Array<Contrast::Agent::Reporting::DiscoveredRoute>] the routes registered to this application, as
|
17
|
+
# discovered during first request processing.
|
18
|
+
attr_reader :routes
|
15
19
|
|
16
20
|
class << self
|
17
21
|
def convert app_update_dtm
|
18
22
|
app_inventory = new
|
19
|
-
app_inventory.attach_data
|
23
|
+
app_inventory.attach_data(app_update_dtm)
|
20
24
|
app_inventory
|
21
25
|
end
|
22
26
|
end
|
@@ -29,9 +33,13 @@ module Contrast
|
|
29
33
|
super
|
30
34
|
end
|
31
35
|
|
36
|
+
def file_name
|
37
|
+
'applications-inventory'
|
38
|
+
end
|
39
|
+
|
32
40
|
def to_controlled_hash
|
33
41
|
{
|
34
|
-
session_id: agent_session_id_value,
|
42
|
+
session_id: @agent_session_id_value,
|
35
43
|
routes: routes.map(&:to_controlled_hash)
|
36
44
|
}
|
37
45
|
end
|
@@ -0,0 +1,60 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/components/logger'
|
5
|
+
require 'contrast/agent/reporting/reporting_events/application_reporting_event'
|
6
|
+
require 'contrast/agent/reporting/reporting_events/architecture_component'
|
7
|
+
require 'contrast/utils/object_share'
|
8
|
+
|
9
|
+
module Contrast
|
10
|
+
module Agent
|
11
|
+
module Reporting
|
12
|
+
# This is the new ApplicationInventoryActivity class which will include all the information
|
13
|
+
# about the inventory of the application which was discovered during exercise of the application
|
14
|
+
# during this activity period.
|
15
|
+
class ApplicationInventoryActivity < Contrast::Agent::Reporting::ApplicationReportingEvent
|
16
|
+
# return [Contrast::Agent::Reporting::ArchitectureComponent]
|
17
|
+
attr_reader :components
|
18
|
+
# @ return [Array<String>, nil] - User-Agent Header value
|
19
|
+
attr_reader :browsers
|
20
|
+
|
21
|
+
class << self
|
22
|
+
# @param activity_dtm [Contrast::Api::Dtm::ApplicationActivity]
|
23
|
+
# @return [Contrast::Agent::Reporting::ApplicationInventoryActivity]
|
24
|
+
def convert activity_dtm
|
25
|
+
inventory = new
|
26
|
+
inventory.attach_data(activity_dtm)
|
27
|
+
inventory
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
def initialize
|
32
|
+
@event_type = :application_inventory_activity
|
33
|
+
@browsers = []
|
34
|
+
@components = []
|
35
|
+
super
|
36
|
+
end
|
37
|
+
|
38
|
+
def to_controlled_hash
|
39
|
+
{
|
40
|
+
activityDuration: duration,
|
41
|
+
browsers: browsers,
|
42
|
+
components: components.map(&:to_controlled_hash)
|
43
|
+
}
|
44
|
+
end
|
45
|
+
|
46
|
+
def attach_data activity
|
47
|
+
activity.architectures.each do |architecture|
|
48
|
+
@components << Contrast::Agent::Reporting::ArchitectureComponent.convert(architecture)
|
49
|
+
end
|
50
|
+
request_headers = activity.http_request&.request_headers
|
51
|
+
@browsers << request_headers['USER_AGENT'] if request_headers
|
52
|
+
end
|
53
|
+
|
54
|
+
def duration
|
55
|
+
Contrast::Utils::Timer.now_ms - (Contrast::Agent::REQUEST_TRACKER.current&.timer&.start_ms || 0)
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/agent/reporting/reporting_events/reporting_event'
|
5
|
+
require 'contrast/utils/timer'
|
6
|
+
|
7
|
+
module Contrast
|
8
|
+
module Agent
|
9
|
+
module Reporting
|
10
|
+
# This is the new ApplicationReportingEvent class which will include all the needed and mutual information for
|
11
|
+
# those events which correspond to Applications, such as Application Activity or Application Update
|
12
|
+
#
|
13
|
+
# @abstract
|
14
|
+
class ApplicationReportingEvent < Contrast::Agent::Reporting::ReportingEvent
|
15
|
+
protected
|
16
|
+
|
17
|
+
# The timestamp field is a bit of a misnomer. It's really the time, in ms, since the settings for this
|
18
|
+
# application have been updated. If I've never updated, then it's been 0ms since then.
|
19
|
+
#
|
20
|
+
# @return [Integer]
|
21
|
+
def since_last_update
|
22
|
+
(update_time = Contrast::SETTINGS.last_app_update_ms) ? Contrast::Utils::Timer.now_ms - update_time : 0
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/agent/reporting/reporting_events/application_reporting_event'
|
5
|
+
require 'contrast/agent/reporting/reporting_events/application_startup_instrumentation'
|
6
|
+
require 'contrast/config'
|
7
|
+
|
8
|
+
module Contrast
|
9
|
+
module Agent
|
10
|
+
module Reporting
|
11
|
+
# This is the new ApplicationStartup class which will include all the needed information for the new reporting
|
12
|
+
# system to report an Application has started; creating a new one or marking an existing one as online in the
|
13
|
+
# Contrast UI
|
14
|
+
class ApplicationStartup < Contrast::Agent::Reporting::ApplicationReportingEvent
|
15
|
+
def initialize
|
16
|
+
@event_method = :PUT
|
17
|
+
@event_endpoint = Contrast::Agent::Reporting::Endpoints::NG_ENDPOINTS[:application_create]
|
18
|
+
super
|
19
|
+
end
|
20
|
+
|
21
|
+
def file_name
|
22
|
+
'applications-create'
|
23
|
+
end
|
24
|
+
|
25
|
+
# Convert the instance variables on the class, and other information, into the identifiers required for
|
26
|
+
# TeamServer to process the JSON form of this message.
|
27
|
+
#
|
28
|
+
# @return [Hash]
|
29
|
+
def to_controlled_hash
|
30
|
+
app_config = ::Contrast::CONFIG.root.application
|
31
|
+
{
|
32
|
+
code: app_config.code,
|
33
|
+
group: app_config.group,
|
34
|
+
instrumentation: Contrast::Agent::Reporting::ApplicationStartupInstrumentation.new.to_controlled_hash,
|
35
|
+
metadata: app_config.metadata,
|
36
|
+
session_id: ::Contrast::CONFIG.session_id,
|
37
|
+
session_metadata: ::Contrast::CONFIG.session_metadata,
|
38
|
+
tags: app_config.tags
|
39
|
+
}.compact
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'contrast/components/protect'
|
5
|
+
|
6
|
+
module Contrast
|
7
|
+
module Agent
|
8
|
+
module Reporting
|
9
|
+
# This is the new ApplicationStartupInstrumentation class which will include all the needed information for the
|
10
|
+
# system to report the instrumentation mode to which the agent was set by local configuration.
|
11
|
+
class ApplicationStartupInstrumentation
|
12
|
+
# Convert the instance variables on the class, and other information, into the identifiers required for
|
13
|
+
# TeamServer to process the JSON form of this message.
|
14
|
+
#
|
15
|
+
# @return [Hash]
|
16
|
+
# @raise [ArgumentError]
|
17
|
+
def to_controlled_hash
|
18
|
+
{
|
19
|
+
protect: {
|
20
|
+
enable: ::Contrast::PROTECT.enabled?
|
21
|
+
}
|
22
|
+
}
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
@@ -2,6 +2,7 @@
|
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
4
|
require 'contrast/agent/reporting/reporting_events/architecture_component'
|
5
|
+
require 'contrast/agent/reporting/reporting_events/application_reporting_event'
|
5
6
|
require 'contrast/agent/reporting/reporting_events/library_discovery'
|
6
7
|
require 'contrast/agent/reporting/reporting_events/reporting_event'
|
7
8
|
require 'contrast/agent/reporting/reporting_events/route_discovery'
|
@@ -17,7 +18,7 @@ module Contrast
|
|
17
18
|
#
|
18
19
|
# @attr_reader components [Array<Contrast::Agent::Reporting::ArchitectureComponent>]
|
19
20
|
# @attr_reader libraries [Array<Contrast::Agent::Reporting::LibraryDiscovery>]
|
20
|
-
class ApplicationUpdate < Contrast::Agent::Reporting::
|
21
|
+
class ApplicationUpdate < Contrast::Agent::Reporting::ApplicationReportingEvent
|
21
22
|
attr_reader :components, :libraries
|
22
23
|
|
23
24
|
class << self
|
@@ -36,6 +37,10 @@ module Contrast
|
|
36
37
|
super
|
37
38
|
end
|
38
39
|
|
40
|
+
def file_name
|
41
|
+
'update-application'
|
42
|
+
end
|
43
|
+
|
39
44
|
# Attach the data from the protobuf models to this reporter so that it can be sent to TeamServer directly.
|
40
45
|
#
|
41
46
|
# @param app_update_dtm [Contrast::Api::Dtm::ApplicationUpdate]
|
@@ -58,7 +63,7 @@ module Contrast
|
|
58
63
|
{
|
59
64
|
components: components.map(&:to_controlled_hash),
|
60
65
|
libraries: libraries.map(&:to_controlled_hash),
|
61
|
-
timestamp:
|
66
|
+
timestamp: since_last_update
|
62
67
|
}
|
63
68
|
end
|
64
69
|
|
@@ -66,16 +71,6 @@ module Contrast
|
|
66
71
|
#
|
67
72
|
# @raise [ArgumentError]
|
68
73
|
def validate; end
|
69
|
-
|
70
|
-
private
|
71
|
-
|
72
|
-
# The timestamp field is a bit of a misnomer. It's really the time, in ms, since the settings for this
|
73
|
-
# application have been updated.
|
74
|
-
#
|
75
|
-
# @return [Integer]
|
76
|
-
def timestamp
|
77
|
-
Contrast::Utils::Timer.now_ms - (Contrast::Agent.reporter&.client&.response_handler&.last_app_update_ms || 0)
|
78
|
-
end
|
79
74
|
end
|
80
75
|
end
|
81
76
|
end
|