contrast-agent 6.6.5 → 6.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (150) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +3 -0
  3. data/.gitmodules +0 -3
  4. data/ext/cs__scope/cs__scope.c +1 -1
  5. data/lib/contrast/agent/assess/contrast_event.rb +2 -24
  6. data/lib/contrast/agent/assess/events/source_event.rb +7 -61
  7. data/lib/contrast/agent/assess/finalizers/hash.rb +11 -0
  8. data/lib/contrast/agent/assess/policy/dynamic_source_factory.rb +0 -55
  9. data/lib/contrast/agent/assess/policy/policy_node.rb +3 -3
  10. data/lib/contrast/agent/assess/policy/policy_node_utils.rb +0 -1
  11. data/lib/contrast/agent/assess/policy/propagation_node.rb +4 -4
  12. data/lib/contrast/agent/assess/policy/source_method.rb +24 -1
  13. data/lib/contrast/agent/assess/policy/trigger/reflected_xss.rb +7 -5
  14. data/lib/contrast/agent/assess/policy/trigger/xpath.rb +6 -1
  15. data/lib/contrast/agent/assess/policy/trigger_method.rb +36 -132
  16. data/lib/contrast/agent/assess/policy/trigger_node.rb +3 -3
  17. data/lib/contrast/agent/assess/property/evented.rb +2 -12
  18. data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +42 -84
  19. data/lib/contrast/agent/assess/rule/response/base_rule.rb +11 -27
  20. data/lib/contrast/agent/assess/rule/response/body_rule.rb +1 -3
  21. data/lib/contrast/agent/assess/rule/response/cache_control_header_rule.rb +77 -62
  22. data/lib/contrast/agent/assess/rule/response/csp_header_insecure_rule.rb +1 -1
  23. data/lib/contrast/agent/assess/rule/response/framework/rails_support.rb +6 -1
  24. data/lib/contrast/agent/assess/rule/response/header_rule.rb +5 -5
  25. data/lib/contrast/agent/assess/rule/response/hsts_header_rule.rb +1 -1
  26. data/lib/contrast/agent/assess/rule/response/x_xss_protection_header_rule.rb +1 -1
  27. data/lib/contrast/agent/assess/tracker.rb +1 -7
  28. data/lib/contrast/agent/excluder.rb +206 -0
  29. data/lib/contrast/agent/exclusion_matcher.rb +6 -0
  30. data/lib/contrast/agent/inventory/database_config.rb +6 -10
  31. data/lib/contrast/agent/protect/policy/applies_command_injection_rule.rb +4 -0
  32. data/lib/contrast/agent/protect/policy/applies_sqli_rule.rb +1 -0
  33. data/lib/contrast/agent/protect/rule/base.rb +49 -5
  34. data/lib/contrast/agent/protect/rule/base_service.rb +1 -0
  35. data/lib/contrast/agent/protect/rule/cmd_injection.rb +18 -105
  36. data/lib/contrast/agent/protect/rule/cmdi/cmdi_backdoors.rb +129 -0
  37. data/lib/contrast/agent/protect/rule/cmdi/cmdi_base_rule.rb +169 -0
  38. data/lib/contrast/agent/protect/rule/deserialization.rb +2 -1
  39. data/lib/contrast/agent/protect/rule/sqli/sqli_base_rule.rb +51 -0
  40. data/lib/contrast/agent/protect/rule/sqli/sqli_semantic/sqli_dangerous_functions.rb +67 -0
  41. data/lib/contrast/agent/protect/rule/sqli.rb +6 -31
  42. data/lib/contrast/agent/protect/rule/xxe.rb +2 -0
  43. data/lib/contrast/agent/protect/rule.rb +3 -1
  44. data/lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb +6 -0
  45. data/lib/contrast/agent/reporting/details/sqli_dangerous_functions.rb +22 -0
  46. data/lib/contrast/agent/reporting/reporter.rb +1 -2
  47. data/lib/contrast/agent/reporting/reporting_events/agent_startup.rb +2 -2
  48. data/lib/contrast/agent/reporting/reporting_events/application_activity.rb +1 -4
  49. data/lib/contrast/agent/reporting/reporting_events/application_startup.rb +1 -1
  50. data/lib/contrast/agent/reporting/reporting_events/architecture_component.rb +0 -23
  51. data/lib/contrast/agent/reporting/reporting_events/finding.rb +19 -49
  52. data/lib/contrast/agent/reporting/reporting_events/finding_event.rb +12 -9
  53. data/lib/contrast/agent/reporting/reporting_events/finding_event_signature.rb +1 -1
  54. data/lib/contrast/agent/reporting/reporting_events/finding_event_source.rb +23 -21
  55. data/lib/contrast/agent/reporting/reporting_events/finding_event_stack.rb +5 -18
  56. data/lib/contrast/agent/reporting/reporting_events/finding_event_taint_range.rb +1 -0
  57. data/lib/contrast/{api/decorators/trace_taint_range_tags.rb → agent/reporting/reporting_events/finding_event_taint_range_tags.rb} +7 -6
  58. data/lib/contrast/agent/reporting/reporting_events/finding_request.rb +1 -1
  59. data/lib/contrast/agent/reporting/reporting_events/library_usage_observation.rb +1 -1
  60. data/lib/contrast/agent/reporting/reporting_events/observed_route.rb +2 -2
  61. data/lib/contrast/agent/reporting/reporting_events/preflight_message.rb +10 -14
  62. data/lib/contrast/agent/reporting/reporting_events/reporting_event.rb +11 -0
  63. data/lib/contrast/agent/reporting/reporting_events/route_coverage.rb +3 -1
  64. data/lib/contrast/agent/reporting/reporting_events/route_discovery.rb +11 -23
  65. data/lib/contrast/agent/reporting/reporting_events/route_discovery_observation.rb +8 -26
  66. data/lib/contrast/agent/reporting/reporting_utilities/audit.rb +1 -1
  67. data/lib/contrast/agent/reporting/reporting_utilities/build_preflight.rb +4 -7
  68. data/lib/contrast/agent/reporting/reporting_utilities/headers.rb +1 -1
  69. data/lib/contrast/agent/reporting/reporting_utilities/reporter_client_utils.rb +3 -3
  70. data/lib/contrast/agent/request.rb +2 -2
  71. data/lib/contrast/agent/request_context.rb +8 -20
  72. data/lib/contrast/agent/request_context_extend.rb +15 -36
  73. data/lib/contrast/agent/request_handler.rb +0 -8
  74. data/lib/contrast/agent/response.rb +0 -18
  75. data/lib/contrast/agent/telemetry/events/event.rb +1 -1
  76. data/lib/contrast/agent/telemetry/events/metric_event.rb +1 -1
  77. data/lib/contrast/agent/telemetry/events/startup_metrics_event.rb +3 -3
  78. data/lib/contrast/agent/version.rb +1 -1
  79. data/lib/contrast/api/communication/messaging_queue.rb +2 -3
  80. data/lib/contrast/api/communication/socket_client.rb +4 -4
  81. data/lib/contrast/api/communication/speedracer.rb +4 -8
  82. data/lib/contrast/api/decorators/agent_startup.rb +5 -6
  83. data/lib/contrast/api/decorators/application_settings.rb +2 -1
  84. data/lib/contrast/api/decorators/application_startup.rb +6 -6
  85. data/lib/contrast/api/decorators/message.rb +0 -4
  86. data/lib/contrast/api/decorators/rasp_rule_sample.rb +0 -6
  87. data/lib/contrast/api/decorators.rb +0 -6
  88. data/lib/contrast/api/dtm.pb.rb +0 -489
  89. data/lib/contrast/components/agent.rb +16 -12
  90. data/lib/contrast/components/api.rb +10 -10
  91. data/lib/contrast/components/app_context.rb +3 -3
  92. data/lib/contrast/components/app_context_extend.rb +1 -1
  93. data/lib/contrast/components/assess.rb +92 -38
  94. data/lib/contrast/components/assess_rules.rb +36 -0
  95. data/lib/contrast/components/config.rb +54 -12
  96. data/lib/contrast/components/contrast_service.rb +8 -8
  97. data/lib/contrast/components/heap_dump.rb +1 -1
  98. data/lib/contrast/components/protect.rb +5 -5
  99. data/lib/contrast/components/ruby_component.rb +81 -0
  100. data/lib/contrast/components/sampling.rb +1 -1
  101. data/lib/contrast/components/security_logger.rb +23 -0
  102. data/lib/contrast/components/service.rb +55 -0
  103. data/lib/contrast/components/settings.rb +12 -4
  104. data/lib/contrast/config/base_configuration.rb +1 -1
  105. data/lib/contrast/config/protect_rules_configuration.rb +17 -3
  106. data/lib/contrast/config/server_configuration.rb +1 -1
  107. data/lib/contrast/config.rb +0 -6
  108. data/lib/contrast/configuration.rb +81 -17
  109. data/lib/contrast/extension/assess/exec_trigger.rb +3 -1
  110. data/lib/contrast/extension/assess/marshal.rb +3 -2
  111. data/lib/contrast/extension/assess/string.rb +0 -1
  112. data/lib/contrast/extension/extension.rb +1 -1
  113. data/lib/contrast/framework/base_support.rb +0 -5
  114. data/lib/contrast/framework/grape/support.rb +1 -23
  115. data/lib/contrast/framework/manager.rb +0 -10
  116. data/lib/contrast/framework/rails/support.rb +5 -58
  117. data/lib/contrast/framework/sinatra/support.rb +2 -21
  118. data/lib/contrast/logger/cef_log.rb +21 -3
  119. data/lib/contrast/logger/log.rb +1 -11
  120. data/lib/contrast/tasks/config.rb +4 -2
  121. data/lib/contrast/utils/assess/event_limit_utils.rb +5 -8
  122. data/lib/contrast/utils/assess/trigger_method_utils.rb +10 -18
  123. data/lib/contrast/utils/findings.rb +6 -5
  124. data/lib/contrast/utils/hash_digest.rb +9 -24
  125. data/lib/contrast/utils/hash_digest_extend.rb +6 -6
  126. data/lib/contrast/utils/invalid_configuration_util.rb +21 -58
  127. data/lib/contrast/utils/log_utils.rb +32 -8
  128. data/lib/contrast/utils/net_http_base.rb +2 -2
  129. data/lib/contrast/utils/patching/policy/patch_utils.rb +3 -2
  130. data/lib/contrast/utils/stack_trace_utils.rb +0 -25
  131. data/lib/contrast/utils/string_utils.rb +9 -0
  132. data/lib/contrast/utils/telemetry_client.rb +13 -7
  133. data/lib/contrast.rb +5 -10
  134. metadata +22 -28
  135. data/lib/contrast/agent/reporting/reporting_events/trace_event_source.rb +0 -30
  136. data/lib/contrast/agent/reporting/reporting_utilities/dtm_message.rb +0 -36
  137. data/lib/contrast/api/decorators/activity.rb +0 -33
  138. data/lib/contrast/api/decorators/architecture_component.rb +0 -36
  139. data/lib/contrast/api/decorators/finding.rb +0 -29
  140. data/lib/contrast/api/decorators/route_coverage.rb +0 -91
  141. data/lib/contrast/api/decorators/trace_event.rb +0 -120
  142. data/lib/contrast/api/decorators/trace_event_object.rb +0 -63
  143. data/lib/contrast/api/decorators/trace_event_signature.rb +0 -69
  144. data/lib/contrast/api/decorators/trace_taint_range.rb +0 -52
  145. data/lib/contrast/config/assess_configuration.rb +0 -93
  146. data/lib/contrast/config/assess_rules_configuration.rb +0 -32
  147. data/lib/contrast/config/root_configuration.rb +0 -90
  148. data/lib/contrast/config/ruby_configuration.rb +0 -81
  149. data/lib/contrast/config/service_configuration.rb +0 -49
  150. data/lib/contrast/utils/preflight_util.rb +0 -13
@@ -24,12 +24,12 @@ module Contrast
24
24
  # @return [Contrast::Api::Dtm::ApplicationCreate]
25
25
  def build
26
26
  msg = new
27
- msg.code = Contrast::Utils::StringUtils.protobuf_format(::Contrast::CONFIG.root.application.code)
28
- msg.group = Contrast::Utils::StringUtils.protobuf_format(::Contrast::CONFIG.root.application.group)
29
- msg.metadata = Contrast::Utils::StringUtils.protobuf_format(::Contrast::CONFIG.root.application.metadata)
27
+ msg.code = Contrast::Utils::StringUtils.protobuf_format(::Contrast::CONFIG.application.code)
28
+ msg.group = Contrast::Utils::StringUtils.protobuf_format(::Contrast::CONFIG.application.group)
29
+ msg.metadata = Contrast::Utils::StringUtils.protobuf_format(::Contrast::CONFIG.application.metadata)
30
30
  msg.mode = Contrast::Api::Dtm::InstrumentationMode.build
31
31
  msg.app_version =
32
- Contrast::Utils::StringUtils.protobuf_format(::Contrast::CONFIG.root.application.version.to_s) # rubocop:disable Layout/AssignmentIndentation Layout/FirstArgumentIndentation:
32
+ Contrast::Utils::StringUtils.protobuf_format(::Contrast::CONFIG.application.version.to_s) # rubocop:disable Layout/AssignmentIndentation Layout/FirstArgumentIndentation:
33
33
  session!(msg)
34
34
  msg
35
35
  end
@@ -41,10 +41,10 @@ module Contrast
41
41
  # @param msg [Contrast::Api::Dtm::ApplicationCreate]
42
42
  def session! msg
43
43
  msg.session_id = Contrast::Utils::StringUtils.protobuf_format(
44
- ::Contrast::CONFIG.root.application.session_id,
44
+ ::Contrast::CONFIG.application.session_id,
45
45
  truncate: false)
46
46
  msg.session_metadata = Contrast::Utils::StringUtils.protobuf_format(
47
- ::Contrast::CONFIG.root.application.session_metadata,
47
+ ::Contrast::CONFIG.application.session_metadata,
48
48
  truncate: false)
49
49
  end
50
50
  end
@@ -23,12 +23,8 @@ module Contrast
23
23
  self.agent_startup = event
24
24
  when Contrast::Api::Dtm::ApplicationCreate
25
25
  self.application_create = event
26
- when Contrast::Api::Dtm::Activity
27
- self.activity = event
28
26
  when Contrast::Api::Dtm::HttpRequest
29
27
  self.prefilter = event
30
- when Contrast::Api::Dtm::HttpResponse
31
- self.postfilter = event
32
28
  when Contrast::Api::Dtm::Poll
33
29
  self.poll = event
34
30
  else
@@ -26,14 +26,9 @@ module Contrast
26
26
  {
27
27
  timestamp: Time.at(result.timestamp_ms).iso8601,
28
28
  user_input: result.user_input,
29
- brute_force: result.brute_force,
30
29
  bot_blocker: result.bot_blocker,
31
30
  cmdi: result.cmdi,
32
- csrf: result.csrf,
33
- cve: result.cve,
34
31
  untrusted_deserialization: result.untrusted_deserialization,
35
- el_injection: result.el_injection,
36
- mark_of_the_beast: result.mark_of_the_beast,
37
32
  padding_oracle: result.padding_oracle,
38
33
  path_traversal: result.path_traversal,
39
34
  re_dos: result.re_dos,
@@ -45,7 +40,6 @@ module Contrast
45
40
  no_sqli: result.no_sqli,
46
41
  method_tampering: result.method_tampering,
47
42
  path_traversal_semantic: result.path_traversal_semantic,
48
- ssjs: result.ssjs,
49
43
  ip_denylist: result.ip_denylist
50
44
  }
51
45
  end
@@ -12,15 +12,9 @@ end
12
12
  require 'contrast/api/decorators/message'
13
13
  require 'contrast/api/decorators/agent_startup'
14
14
  require 'contrast/api/decorators/application_startup'
15
- require 'contrast/api/decorators/architecture_component'
16
15
  require 'contrast/api/decorators/input_analysis'
17
16
  require 'contrast/api/decorators/application_settings'
18
17
  require 'contrast/api/decorators/server_features'
19
- require 'contrast/api/decorators/route_coverage'
20
- require 'contrast/api/decorators/trace_event_object'
21
- require 'contrast/api/decorators/trace_event_signature'
22
- require 'contrast/api/decorators/trace_taint_range'
23
- require 'contrast/api/decorators/trace_event'
24
18
  require 'contrast/api/decorators/rasp_rule_sample'
25
19
  require 'contrast/api/decorators/user_input'
26
20
  require 'contrast/api/decorators/address'
@@ -15,36 +15,12 @@ module Contrast
15
15
  #
16
16
  class Message < ::Protobuf::Message; end
17
17
  class Poll < ::Protobuf::Message; end
18
- class Noop < ::Protobuf::Message; end
19
- class ServerActivity < ::Protobuf::Message
20
- end
21
18
 
22
19
  class AgentStartup < ::Protobuf::Message; end
23
20
  class ApplicationCreate < ::Protobuf::Message; end
24
21
  class InstrumentationMode < ::Protobuf::Message; end
25
- class ApplicationUpdate < ::Protobuf::Message
26
- end
27
-
28
- class Activity < ::Protobuf::Message
29
- end
30
-
31
- class Finding < ::Protobuf::Message
32
- end
33
-
34
- class DynamicSource < ::Protobuf::Message
35
- end
36
-
37
- class PossibleSecurityControl < ::Protobuf::Message; end
38
- class View < ::Protobuf::Message; end
39
- class Platform < ::Protobuf::Message; end
40
- class ArchitectureComponent < ::Protobuf::Message; end
41
- class Library < ::Protobuf::Message; end
42
- class LibraryUsageUpdate < ::Protobuf::Message
43
- end
44
22
 
45
23
  class Address < ::Protobuf::Message; end
46
- class RawRequest < ::Protobuf::Message; end
47
- class RawResponse < ::Protobuf::Message; end
48
24
  class HttpRequest < ::Protobuf::Message
49
25
  class Authentication < ::Protobuf::Enum
50
26
  define :UNAUTHENTICATED, 0
@@ -62,27 +38,6 @@ module Contrast
62
38
 
63
39
  end
64
40
 
65
- class RpcStatus < ::Protobuf::Message
66
- class Code < ::Protobuf::Enum
67
- define :OK, 0
68
- define :UNKNOWN, 1
69
- end
70
-
71
- end
72
-
73
- class SqliSinkRequest < ::Protobuf::Message
74
- class Dialect < ::Protobuf::Enum
75
- define :MYSQL, 0
76
- define :POSTGRESQL, 1
77
- define :UNKNOWN, 99
78
- end
79
-
80
- end
81
-
82
- class SqliSinkResponse < ::Protobuf::Message; end
83
- class HttpResponse < ::Protobuf::Message
84
- end
85
-
86
41
  class SimplePair < ::Protobuf::Message; end
87
42
  class Pair < ::Protobuf::Message; end
88
43
  class AttackResult < ::Protobuf::Message
@@ -98,36 +53,13 @@ module Contrast
98
53
  end
99
54
 
100
55
  class RaspRuleSample < ::Protobuf::Message; end
101
- class EndpointBanDetails < ::Protobuf::Message; end
102
- class ModSecurityDetails < ::Protobuf::Message; end
103
- class ModSecurityLog < ::Protobuf::Message
104
- end
105
56
 
106
- class BruteForceDetails < ::Protobuf::Message; end
107
57
  class BotBlockerDetails < ::Protobuf::Message; end
108
58
  class CmdInjectionDetails < ::Protobuf::Message; end
109
- class CmdInjectionSemanticAnalysisDetails < ::Protobuf::Message
110
- class Finding < ::Protobuf::Enum
111
- define :CHAINING, 0
112
- define :BACKDOOR, 1
113
- define :DANGEROUS_PATH, 2
114
- end
115
-
116
- end
117
59
 
118
- class CsrfDetails < ::Protobuf::Message; end
119
- class CveDetails < ::Protobuf::Message; end
120
- class Cve20170898Details < ::Protobuf::Message; end
121
- class Cve201714033Details < ::Protobuf::Message; end
122
- class Cve201714064Details < ::Protobuf::Message; end
123
- class Cve201717405Details < ::Protobuf::Message; end
124
60
  class HttpMethodTamperingDetails < ::Protobuf::Message; end
125
61
  class UntrustedDeserializationDetails < ::Protobuf::Message; end
126
- class ElInjectionDetails < ::Protobuf::Message; end
127
- class IpBlacklistDetails < ::Protobuf::Message; end
128
62
  class IpDenylistDetails < ::Protobuf::Message; end
129
- class MarkOfTheBeastDetails < ::Protobuf::Message; end
130
- class PaddingOracleDetails < ::Protobuf::Message; end
131
63
  class PathTraversalDetails < ::Protobuf::Message; end
132
64
  class PathTraversalSemanticAnalysisDetails < ::Protobuf::Message
133
65
  class Finding < ::Protobuf::Enum
@@ -138,17 +70,7 @@ module Contrast
138
70
  end
139
71
 
140
72
  class ReDosDetails < ::Protobuf::Message; end
141
- class SsjsInjectionDetails < ::Protobuf::Message; end
142
73
  class SqlInjectionDetails < ::Protobuf::Message; end
143
- class SqlInjectionSemanticAnalysisDetails < ::Protobuf::Message
144
- class Finding < ::Protobuf::Enum
145
- define :CHAINING, 0
146
- define :SUSPICIOUS_UNION, 1
147
- define :DANGEROUS_FUNCTION, 2
148
- define :TAUTOLOGY, 3
149
- end
150
-
151
- end
152
74
 
153
75
  class NoSqlInjectionDetails < ::Protobuf::Message; end
154
76
  class SsrfDetails < ::Protobuf::Message; end
@@ -187,47 +109,6 @@ module Contrast
187
109
  end
188
110
 
189
111
  class StackTraceElement < ::Protobuf::Message; end
190
- class TraceEvent < ::Protobuf::Message
191
- class Action < ::Protobuf::Enum
192
- define :CREATION, 0
193
- define :PROPAGATION, 1
194
- define :TRIGGER, 2
195
- define :TAG, 3
196
- define :A2A, 4
197
- define :A2P, 5
198
- define :A2O, 6
199
- define :A2R, 7
200
- define :O2A, 8
201
- define :O2P, 9
202
- define :O2O, 10
203
- define :O2R, 11
204
- define :P2A, 12
205
- define :P2P, 13
206
- define :P2O, 14
207
- define :P2R, 15
208
- end
209
-
210
- class EventType < ::Protobuf::Enum
211
- define :TYPE_METHOD, 0
212
- define :TYPE_PROPAGATION, 1
213
- define :TYPE_TAG, 2
214
- end
215
-
216
- end
217
-
218
- class TraceEventSignature < ::Protobuf::Message; end
219
- class TraceEventSource < ::Protobuf::Message; end
220
- class TraceEventObject < ::Protobuf::Message; end
221
- class TraceTaintRange < ::Protobuf::Message; end
222
- class ParentObjectId < ::Protobuf::Message; end
223
- class TraceStack < ::Protobuf::Message; end
224
- class RouteCoverage < ::Protobuf::Message; end
225
- class ObservedRoute < ::Protobuf::Message; end
226
- class CmdiSinkRequest < ::Protobuf::Message; end
227
- class CmdiSinkResponse < ::Protobuf::Message; end
228
- class PtSinkRequest < ::Protobuf::Message; end
229
- class PtSinkResponse < ::Protobuf::Message; end
230
-
231
112
 
232
113
  ##
233
114
  # File Options
@@ -251,30 +132,8 @@ module Contrast
251
132
  optional :string, :app_path, 28
252
133
  optional ::Contrast::Api::Dtm::AgentStartup, :agent_startup, 11
253
134
  optional ::Contrast::Api::Dtm::ApplicationCreate, :application_create, 12
254
- optional ::Contrast::Api::Dtm::ServerActivity, :server_activity, 10
255
- optional ::Contrast::Api::Dtm::ApplicationUpdate, :application_update, 13
256
- optional ::Contrast::Api::Dtm::Activity, :activity, 14
257
- optional ::Contrast::Api::Dtm::ObservedRoute, :observed_route, 26
258
- optional ::Contrast::Api::Dtm::RawRequest, :request, 19
259
135
  optional ::Contrast::Api::Dtm::HttpRequest, :prefilter, 20
260
- optional ::Contrast::Api::Dtm::HttpResponse, :postfilter, 22
261
- optional ::Contrast::Api::Dtm::RawResponse, :response, 23
262
- optional ::Contrast::Api::Dtm::SqliSinkRequest, :sqli_sink, 25
263
136
  optional ::Contrast::Api::Dtm::Poll, :poll, 27
264
- optional ::Contrast::Api::Dtm::Noop, :noop, 24, :deprecated => true
265
- end
266
-
267
- class Noop
268
- # Message Options
269
- set_option :deprecated, true
270
-
271
- optional :int32, :flag, 1
272
- end
273
-
274
- class ServerActivity
275
- map :string, :int32, :log_enhancers, 16
276
- map :string, :int32, :ip_blacklists, 17, :deprecated => true
277
- map :string, :int32, :ip_denylists, 18
278
137
  end
279
138
 
280
139
  class AgentStartup
@@ -309,133 +168,12 @@ module Contrast
309
168
  optional :bool, :assess, 2
310
169
  end
311
170
 
312
- class ApplicationUpdate
313
- optional :int32, :coverage_loc, 2
314
- optional ::Contrast::Api::Dtm::Platform, :platform, 4
315
- optional ::Contrast::Api::Dtm::View, :view, 5
316
- map :string, :bool, :technologies, 6
317
- repeated ::Contrast::Api::Dtm::ArchitectureComponent, :components, 7
318
- map :string, ::Contrast::Api::Dtm::Library, :libraries, 8
319
- repeated ::Contrast::Api::Dtm::RouteCoverage, :routes, 9
320
- end
321
-
322
- class Activity
323
- optional ::Contrast::Api::Dtm::HttpRequest, :http_request, 1
324
- optional ::Contrast::Api::Dtm::HttpResponse, :http_response, 2
325
- optional :int64, :duration_ms, 3
326
- optional :int32, :query_count, 5
327
- map :string, :bool, :technologies, 7
328
- map :string, ::Contrast::Api::Dtm::LibraryUsageUpdate, :library_usages, 8
329
- repeated ::Contrast::Api::Dtm::ArchitectureComponent, :architectures, 9
330
- repeated ::Contrast::Api::Dtm::RouteCoverage, :routes, 19
331
- repeated ::Contrast::Api::Dtm::AttackResult, :results, 12
332
- repeated ::Contrast::Api::Dtm::Finding, :findings, 15
333
- repeated ::Contrast::Api::Dtm::PossibleSecurityControl, :controls, 16
334
- optional :string, :finding_tags, 17, :deprecated => true
335
- map :string, ::Contrast::Api::Dtm::DynamicSource, :dynamic_sources, 18
336
- end
337
-
338
- class Finding
339
- optional :string, :hash_code, 1
340
- optional :string, :platform, 2
341
- optional :string, :rule_id, 3
342
- optional :string, :evidence, 4
343
- map :string, :string, :properties, 6
344
- repeated ::Contrast::Api::Dtm::TraceEvent, :events, 7
345
- optional :string, :preflight, 8
346
- optional :string, :tags, 9, :deprecated => true
347
- optional :int64, :version, 10
348
- repeated ::Contrast::Api::Dtm::RouteCoverage, :routes, 11
349
- optional :string, :session_id, 12, :deprecated => true
350
- end
351
-
352
- class DynamicSource
353
- optional :string, :class_name, 1
354
- optional :string, :method_name, 2
355
- optional :bool, :instance_method, 3
356
- optional :string, :target, 4
357
- repeated ::Contrast::Api::Dtm::TraceEvent, :events, 5
358
- map :string, :string, :properties, 6
359
- end
360
-
361
- class PossibleSecurityControl
362
- optional :string, :api, 1
363
- optional :string, :type, 2
364
- optional :int64, :traits, 3
365
- end
366
-
367
- class View
368
- optional :int32, :accessible, 1
369
- optional :int32, :total_view_fields, 2
370
- optional :int32, :line_count, 3
371
- end
372
-
373
- class Platform
374
- optional :string, :major, 1
375
- optional :string, :minor, 2
376
- optional :string, :build, 3
377
- optional :string, :service_pack, 4
378
- repeated :string, :updates, 5
379
- end
380
-
381
- class ArchitectureComponent
382
- optional :string, :type, 1
383
- optional :string, :vendor, 2
384
- optional :string, :url, 3
385
- optional :string, :remote_host, 4
386
- optional :int32, :remote_port, 5
387
- end
388
-
389
- class Library
390
- optional :string, :hash_code, 1
391
- optional :string, :file_path, 2
392
- optional :string, :url, 3
393
- optional :string, :version, 4
394
- optional :int32, :tloc, 5
395
- optional :int32, :class_count, 6
396
- optional :int32, :used_class_count, 7
397
- optional :int64, :internal_ms, 8
398
- optional :int64, :external_ms, 9
399
- optional :string, :manifest, 10
400
- optional :string, :tags, 11, :deprecated => true
401
- end
402
-
403
- class LibraryUsageUpdate
404
- optional :int32, :count, 1
405
- optional :string, :hash_code, 2
406
- map :string, :bool, :class_names, 3
407
- end
408
-
409
171
  class Address
410
172
  optional :string, :ip, 1
411
173
  optional :string, :host, 2
412
174
  optional :int32, :port, 3
413
175
  end
414
176
 
415
- class RawRequest
416
- optional :string, :uuid, 1
417
- optional :int64, :timestamp_ms, 2
418
- optional :string, :request_line, 4
419
- optional :string, :normalized_uri, 5
420
- optional :string, :client_ip, 6
421
- optional :int32, :client_ip_version, 7
422
- optional :int32, :client_port, 8
423
- optional :string, :server_ip, 10
424
- optional :int32, :server_ip_version, 11
425
- optional :int32, :server_port, 12
426
- repeated ::Contrast::Api::Dtm::SimplePair, :request_headers, 14
427
- repeated ::Contrast::Api::Dtm::SimplePair, :multipart_headers, 17
428
- optional :bytes, :request_body, 16
429
- end
430
-
431
- class RawResponse
432
- optional :string, :uuid, 1
433
- optional :int64, :timestamp_ms, 2
434
- optional :int32, :response_code, 3
435
- repeated ::Contrast::Api::Dtm::SimplePair, :response_headers, 14
436
- optional :bytes, :response_body, 16
437
- end
438
-
439
177
  class HttpRequest
440
178
  optional :string, :uuid, 1
441
179
  optional :int64, :timestamp_ms, 2
@@ -466,37 +204,6 @@ module Contrast
466
204
  optional :string, :server_info, 50
467
205
  end
468
206
 
469
- class RpcStatus
470
- optional ::Contrast::Api::Dtm::RpcStatus::Code, :code, 1
471
- optional :string, :msg, 2
472
- end
473
-
474
- class SqliSinkRequest
475
- optional :string, :uuid, 1
476
- optional ::Contrast::Api::Dtm::SqliSinkRequest::Dialect, :dialect, 2
477
- optional :string, :query, 3
478
- end
479
-
480
- class SqliSinkResponse
481
- optional ::Contrast::Api::Dtm::RpcStatus, :status, 1
482
- optional ::Contrast::Api::Dtm::UserInput, :user_input, 3
483
- optional ::Contrast::Api::Dtm::SqlInjectionDetails, :sqli, 10
484
- optional ::Contrast::Api::Dtm::SqlInjectionSemanticAnalysisDetails, :sqli_semantic, 11
485
- end
486
-
487
- class HttpResponse
488
- optional :string, :uuid, 1
489
- optional :int64, :timestamp_ms, 2
490
- optional :int32, :response_code, 3
491
- map :string, :string, :response_headers, 4, :deprecated => true
492
- optional :bool, :parsed_response_headers, 5, :deprecated => true
493
- map :string, ::Contrast::Api::Dtm::Pair, :normalized_response_headers, 6
494
- optional :string, :response_body, 10, :deprecated => true
495
- optional :bool, :parsed_response_body, 11
496
- optional ::Contrast::Api::Dtm::HttpRequest::DocumentType, :document_type, 12
497
- optional :bytes, :response_body_binary, 13
498
- end
499
-
500
207
  class SimplePair
501
208
  optional :string, :key, 1
502
209
  optional :string, :value, 2
@@ -524,17 +231,10 @@ module Contrast
524
231
  optional :int64, :timestamp_ms, 2
525
232
  repeated ::Contrast::Api::Dtm::StackTraceElement, :stack_trace_elements, 4
526
233
  optional ::Contrast::Api::Dtm::UserInput, :user_input, 5
527
- optional ::Contrast::Api::Dtm::BruteForceDetails, :brute_force, 16
528
234
  optional ::Contrast::Api::Dtm::BotBlockerDetails, :bot_blocker, 17
529
235
  optional ::Contrast::Api::Dtm::CmdInjectionDetails, :cmdi, 18
530
- optional ::Contrast::Api::Dtm::CsrfDetails, :csrf, 19
531
- optional ::Contrast::Api::Dtm::CveDetails, :cve, 20, :deprecated => true
532
236
  optional ::Contrast::Api::Dtm::UntrustedDeserializationDetails, :untrusted_deserialization, 21
533
- optional ::Contrast::Api::Dtm::ElInjectionDetails, :el_injection, 22
534
- optional ::Contrast::Api::Dtm::IpBlacklistDetails, :ip_blacklist, 23, :deprecated => true
535
237
  optional ::Contrast::Api::Dtm::IpDenylistDetails, :ip_denylist, 45
536
- optional ::Contrast::Api::Dtm::MarkOfTheBeastDetails, :mark_of_the_beast, 24
537
- optional ::Contrast::Api::Dtm::PaddingOracleDetails, :padding_oracle, 25
538
238
  optional ::Contrast::Api::Dtm::PathTraversalDetails, :path_traversal, 26
539
239
  optional ::Contrast::Api::Dtm::ReDosDetails, :re_dos, 27
540
240
  optional ::Contrast::Api::Dtm::SqlInjectionDetails, :sqli, 28
@@ -544,37 +244,7 @@ module Contrast
544
244
  optional ::Contrast::Api::Dtm::XxeDetails, :xxe, 32
545
245
  optional ::Contrast::Api::Dtm::NoSqlInjectionDetails, :no_sqli, 33
546
246
  optional ::Contrast::Api::Dtm::HttpMethodTamperingDetails, :method_tampering, 34
547
- optional ::Contrast::Api::Dtm::Cve20170898Details, :cve_2017_0898, 35, :deprecated => true
548
- optional ::Contrast::Api::Dtm::Cve201714033Details, :cve_2017_14033, 36, :deprecated => true
549
- optional ::Contrast::Api::Dtm::Cve201714064Details, :cve_2017_14064, 37, :deprecated => true
550
- optional ::Contrast::Api::Dtm::Cve201717405Details, :cve_2017_17405, 38, :deprecated => true
551
- optional ::Contrast::Api::Dtm::ModSecurityDetails, :mod_security, 39
552
- optional ::Contrast::Api::Dtm::EndpointBanDetails, :endpoint, 40
553
- optional ::Contrast::Api::Dtm::SqlInjectionSemanticAnalysisDetails, :sqli_semantic, 41
554
- optional ::Contrast::Api::Dtm::CmdInjectionSemanticAnalysisDetails, :cmdi_semantic, 42
555
247
  optional ::Contrast::Api::Dtm::PathTraversalSemanticAnalysisDetails, :path_traversal_semantic, 43
556
- optional ::Contrast::Api::Dtm::SsjsInjectionDetails, :ssjs, 44
557
- end
558
-
559
- class EndpointBanDetails
560
- optional :string, :ip, 1
561
- optional :string, :request_uri, 2
562
- optional :int32, :response_code, 3
563
- end
564
-
565
- class ModSecurityDetails
566
- optional :string, :transaction_id, 1
567
- optional :int32, :status, 2
568
- repeated ::Contrast::Api::Dtm::ModSecurityLog, :logs, 3
569
- end
570
-
571
- class ModSecurityLog
572
- optional :string, :message, 2
573
- map :string, :string, :params, 3
574
- end
575
-
576
- class BruteForceDetails
577
- optional :int32, :count, 1
578
248
  end
579
249
 
580
250
  class BotBlockerDetails
@@ -588,50 +258,6 @@ module Contrast
588
258
  optional :int32, :end_idx, 3
589
259
  end
590
260
 
591
- class CmdInjectionSemanticAnalysisDetails
592
- optional :string, :command, 1
593
- repeated ::Contrast::Api::Dtm::CmdInjectionSemanticAnalysisDetails::Finding, :findings, 2
594
- end
595
-
596
- class CsrfDetails
597
- optional :string, :name, 1
598
- optional :string, :expected, 2
599
- optional :string, :presented, 3
600
- end
601
-
602
- class CveDetails
603
- optional :string, :name, 1
604
- optional :string, :value, 2
605
- optional :string, :cve, 3
606
- optional :string, :library, 4
607
- end
608
-
609
- class Cve20170898Details
610
- optional :string, :format_string, 1
611
- optional :string, :malicious_format_group, 2
612
- optional :string, :precision_argument, 3
613
- optional :string, :value_argument, 4
614
- optional :string, :arguments, 5
615
- optional :string, :ruby_version, 6
616
- end
617
-
618
- class Cve201714033Details
619
- optional :string, :asn1, 1
620
- optional :string, :ruby_version, 2
621
- end
622
-
623
- class Cve201714064Details
624
- optional :string, :space, 1
625
- optional :string, :ruby_version, 2
626
- optional :string, :json_version, 3
627
- end
628
-
629
- class Cve201717405Details
630
- optional :string, :method, 1
631
- optional :string, :file_name, 2
632
- optional :string, :ruby_version, 3
633
- end
634
-
635
261
  class HttpMethodTamperingDetails
636
262
  optional :string, :method, 1
637
263
  optional :int32, :response_code, 2
@@ -642,37 +268,11 @@ module Contrast
642
268
  optional :string, :deserializer, 2
643
269
  end
644
270
 
645
- class ElInjectionDetails
646
- optional :string, :attr_value, 1
647
- optional :string, :version, 2
648
- optional :string, :library_filename, 3
649
- end
650
-
651
- class IpBlacklistDetails
652
- # Message Options
653
- set_option :deprecated, true
654
-
655
- optional :string, :ip, 1
656
- optional :string, :uuid, 2
657
- end
658
-
659
271
  class IpDenylistDetails
660
272
  optional :string, :ip, 1
661
273
  optional :string, :uuid, 2
662
274
  end
663
275
 
664
- class MarkOfTheBeastDetails
665
- optional :string, :number, 1
666
- optional :string, :vendor, 2
667
- optional :string, :version, 3
668
- end
669
-
670
- class PaddingOracleDetails
671
- optional :string, :message, 1
672
- optional :int32, :period, 2
673
- optional :int32, :hits, 3
674
- end
675
-
676
276
  class PathTraversalDetails
677
277
  optional :string, :path, 1
678
278
  end
@@ -689,13 +289,6 @@ module Contrast
689
289
  optional :string, :offending_string, 4
690
290
  end
691
291
 
692
- class SsjsInjectionDetails
693
- optional :string, :code_string, 1
694
- optional :int32, :start_idx, 2
695
- optional :int32, :end_idx, 3
696
- optional :int32, :boundary_overrun_idx, 4
697
- end
698
-
699
292
  class SqlInjectionDetails
700
293
  optional :int32, :start_idx, 1
701
294
  optional :int32, :end_idx, 2
@@ -704,11 +297,6 @@ module Contrast
704
297
  optional :string, :query, 5
705
298
  end
706
299
 
707
- class SqlInjectionSemanticAnalysisDetails
708
- optional :string, :query, 1
709
- optional ::Contrast::Api::Dtm::SqlInjectionSemanticAnalysisDetails::Finding, :finding, 2
710
- end
711
-
712
300
  class NoSqlInjectionDetails
713
301
  optional :int32, :start_idx, 1
714
302
  optional :int32, :end_idx, 2
@@ -767,83 +355,6 @@ module Contrast
767
355
  optional :string, :file_name, 3
768
356
  optional :int32, :line_number, 4
769
357
  end
770
-
771
- class TraceEvent
772
- optional ::Contrast::Api::Dtm::TraceEvent::Action, :action, 1
773
- optional ::Contrast::Api::Dtm::TraceEvent::EventType, :type, 2
774
- optional :int64, :timestamp_ms, 3
775
- optional :string, :thread, 4
776
- optional ::Contrast::Api::Dtm::TraceEventSignature, :signature, 6
777
- optional :string, :field_name, 7
778
- optional :string, :context, 8
779
- optional :string, :code, 9
780
- optional ::Contrast::Api::Dtm::TraceEventObject, :object, 16
781
- optional ::Contrast::Api::Dtm::TraceEventObject, :ret, 17
782
- repeated ::Contrast::Api::Dtm::TraceEventObject, :args, 18
783
- repeated ::Contrast::Api::Dtm::TraceStack, :stack, 19
784
- repeated ::Contrast::Api::Dtm::TraceEventSource, :event_sources, 20
785
- optional :string, :source, 21
786
- optional :string, :target, 22
787
- repeated ::Contrast::Api::Dtm::TraceTaintRange, :taint_ranges, 23
788
- optional :int64, :object_id, 24
789
- repeated ::Contrast::Api::Dtm::ParentObjectId, :parent_object_ids, 25
790
- end
791
-
792
- class TraceEventSignature
793
- optional :string, :return_type, 1
794
- optional :string, :class_name, 2
795
- optional :string, :method_name, 3
796
- repeated :string, :arg_types, 4
797
- optional :bool, :constructor, 5
798
- optional :bool, :void_method, 6
799
- optional :int32, :flags, 7
800
- end
801
-
802
- class TraceEventSource
803
- optional :string, :type, 1
804
- optional :string, :name, 2
805
- end
806
-
807
- class TraceEventObject
808
- optional :bool, :tracked, 1
809
- optional :string, :value, 2
810
- repeated ::Contrast::Api::Dtm::TraceTaintRange, :ranges, 3
811
- end
812
-
813
- class TraceTaintRange
814
- optional :string, :tag, 1
815
- optional :string, :range, 2
816
- end
817
-
818
- class ParentObjectId
819
- optional :int64, :id, 1
820
- end
821
-
822
- class TraceStack
823
- optional :string, :signature, 1
824
- optional :string, :declaring_class, 2
825
- optional :string, :method_name, 3
826
- optional :string, :file_name, 4
827
- optional :int32, :line_number, 5
828
- optional :string, :type, 6
829
- optional :string, :eval, 7
830
- end
831
-
832
- class RouteCoverage
833
- optional :string, :verb, 1
834
- optional :string, :url, 2
835
- optional :string, :route, 3
836
- optional :int32, :count, 4
837
- end
838
-
839
- class ObservedRoute
840
- optional :string, :signature, 1
841
- optional :string, :url, 2
842
- optional :string, :verb, 3
843
- optional :string, :session_id, 4, :deprecated => true
844
- repeated ::Contrast::Api::Dtm::TraceEventSource, :sources, 5
845
- end
846
-
847
358
  end
848
359
 
849
360
  end