dawnscanner 1.2.99

data/features/dawn_scan_a_vulnerable_sinatra_app.feature.disabled

@@ -0,0 +1,36 @@
+Feature: dawn reports security issues 
+  When it scans a sinatra application that it is not updated and it has XSS
+
+  Scenario: dawn detects the sinatra version
+    Given a vulnerable sinatra application exists
+    When I run `bundle exec dawn /tmp/sinatra-vulnerable`
+    Then the stdout should contain "1.2.6"
+
+  Scenario: dawn tells there are no vulnerabilities
+    Given a vulnerable sinatra application exists
+    When I run `bundle exec dawn /tmp/sinatra-vulnerable`
+    Then the stdout should contain "4 vulnerabilities found"
+    And the stdout should contain "Not revised code failed"
+    And the stdout should contain "CVE-2013-0269 failed"
+    And the stdout should contain "CVE-2013-1800 failed"
+    And the stdout should contain "1 reflected XSS found"
+    And the stdout should contain "request parameter \"name\""
+
+    # Test for --output json
+  Scenario: dawn can give a brief json output as well
+    Given a vulnerable sinatra application exists
+    When I run `bundle exec dawn -s /tmp/sinatra-vulnerable --output json`
+    Then the stdout should contain "{\"status\":"OK",\"target\":"/tmp/sinatra-vulnerable",\"mvc\":"sinatra",\"mvc_version\":"1.2.6",\"vulnerabilities_count\":4,\"vulnerabilities\":["Not revised code","CVE-2013-0269","CVE-2013-1800"],\"mitigated_vuln_count\":0,\"mitigated_vuln\":[],\"reflected_xss\":["request parameter \"name\""]}"
+
+
+    # Tests for --count-only option
+  Scenario: dawn can give just the number of issues found as output
+    Given a vulnerable sinatra application exists
+    When I run `bundle exec dawn --count-only -s /tmp/sinatra-vulnerable`
+    Then the stdout should contain "4"
+
+  Scenario: dawn can give just the number of issues found as output
+    Given a vulnerable sinatra application exists
+    When I run `bundle exec dawn --count-only -s /tmp/sinatra-vulnerable --output json`
+    Then the stdout should contain "{\"status\":"OK",\"vulnerabilities_count\":4}"
+

data/features/step_definition/dawn_steps.rb

@@ -0,0 +1,19 @@
+Given /^the generic project "(.*?)" doesn't exist$/ do |file|
+  FileUtils.rm(file) if File.exists?(file)
+end
+
+Given /^the hello world rails project does exist$/ do
+  system("rm -rf /tmp/hello_world_3.2.13")
+  system("cp -a ./spec/support/hello_world_3.2.13 /tmp") 
+end
+
+Given /^a safe sinatra application exists$/ do
+  system("rm -rf /tmp/sinatra-safe")
+  system("cp -a ./spec/support/sinatra-safe /tmp") 
+end
+
+Given /^a vulnerable sinatra application exists$/ do
+  system("rm -rf /tmp/sinatra-vulnerable")
+  system("cp -a ./spec/support/sinatra-vulnerable /tmp") 
+end
+

data/features/support/env.rb

@@ -0,0 +1 @@
+require 'aruba/cucumber'

data/lib/codesake-dawn.rb

@@ -0,0 +1,12 @@
+require "codesake/dawn/utils"
+require "codesake/dawn/core"
+require "codesake/dawn/version"
+require "codesake/dawn/knowledge_base"
+require "codesake/dawn/rails"
+require "codesake/dawn/sinatra"
+require "codesake/dawn/padrino"
+require "codesake/dawn/gemfile_lock"
+require "codesake/dawn/reporter"
+require "codesake-commons"
+
+require "date"

data/lib/codesake/dawn/core.rb

@@ -0,0 +1,175 @@
+require "yaml"
+
+module Codesake
+  module Dawn
+    class Core
+
+      # TODO.20140326
+      # All those methods must moved from here to Util class and a
+      # Codesake::Dawn::Core namespace must be created.
+      def self.help
+        puts "Usage: dawn [options] target_directory"
+        printf "\nExamples:\n"
+        puts "\t$ dawn a_sinatra_webapp_directory"
+        puts "\t$ dawn -C the_rails_blog_engine"
+        puts "\t$ dawn -C --json a_sinatra_webapp_directory"
+        puts "\t$ dawn --ascii-tabular-report my_rails_blog_ecommerce"
+        puts "\t$ dawn --html -F my_report.html my_rails_blog_ecommerce"
+        printf "\n   -r, --rails\t\t\t\t\tforce dawn to consider the target a rails application"
+        printf "\n   -s, --sinatra\t\t\t\tforce dawn to consider the target a sinatra application"
+        printf "\n   -p, --padrino\t\t\t\tforce dawn to consider the target a padrino application"
+        printf "\n   -G, --gem-lock\t\t\t\tforce dawn to scan only for vulnerabilities affecting dependencies in Gemfile.lock"
+        printf "\n   -a, --ascii-tabular-report\t\t\tcause dawn to format findings using table in ascii art"
+        printf "\n   -j, --json\t\t\t\t\tcause dawn to format findings using json"
+        printf "\n   -C, --count-only\t\t\t\tdawn will only count vulnerabilities (useful for scripts)"
+        printf "\n   -z, --exit-on-warn\t\t\t\tdawn will return number of found vulnerabilities as exit code"
+        printf "\n   -F, --file filename\t\t\t\ttells dawn to write output to filename"
+        printf "\n   -c, --config-file filename\t\t\ttells dawn to load configuration from filename"
+        printf "\n\nDisable security check family\n"
+        printf "\n       --disable-cve-bulletins\t\t\tdisable all CVE security checks"
+        printf "\n       --disable-code-quality\t\t\tdisable all code quality checks"
+        printf "\n       --disable-code-style\t\t\tdisable all code style checks"
+        printf "\n       --disable-owasp-ror-cheatsheet\t\tdisable all Owasp Ruby on Rails cheatsheet checks"
+        printf "\n       --disable-owasp-top-10\t\t\tdisable all Owasp Top 10 checks"
+        printf "\n\nFlags useful to query Codesake::Dawn\n"
+        printf "\n   -S, --search-knowledge-base [check_name]\tsearch check_name in the knowledge base"
+        printf "\n       --list-knowledge-base\t\t\tlist knowledge-base content"
+        printf "\n       --list-known-families\t\t\tlist security check families contained in dawn's knowledge base"
+        printf "\n       --list-known-framework\t\t\tlist ruby MVC frameworks supported by dawn"
+        printf "\n\nService flags\n"
+        printf "\n   -D, --debug\t\t\t\t\tenters dawn debug mode"
+        printf "\n   -V, --verbose\t\t\t\tthe output will be more verbose"
+        printf "\n   -v, --version\t\t\t\tshow version information"
+        printf "\n   -h, --help\t\t\t\t\tshow this help\n"
+
+        true
+      end
+
+      def self.dump_knowledge_base(verbose = false)
+        kb = Codesake::Dawn::KnowledgeBase.new
+        lines = []
+        lines << "Security checks currently supported:\n"
+
+        kb.all.each do |check|
+          if verbose
+            lines << "Name: #{check.name}\tCVSS: #{check.cvss_score}\tReleased: #{check.release_date}"
+            lines << "Description\n#{check.message}"
+            lines << "Remediation\n#{check.remediation}\n\n"
+          else
+            lines << "#{check.name}"
+          end
+        end
+        lines << "-----\nTotal: #{kb.all.count}"
+
+        lines.empty? ? 0 : lines.compact.join("\n")
+
+      end
+
+      # guess_mvc is very close to detect_mvc despite it accepts a
+      # filename as input and it tries to guess the mvc framework used from the
+      # gems it founds in Gemfile.lock without creating an engine.
+
+      def self.guess_mvc(gemfile_lock)
+        ret = {:name=>"", :version=>"", :connected_gems=>[]}
+
+        a = []
+        my_dir = Dir.pwd
+        Dir.chdir(File.dirname(gemfile_lock))
+        raise ArgumentError.new("can't read #{gemfile_lock}") unless File.readable?(File.basename(gemfile_lock))
+
+        lockfile = Bundler::LockfileParser.new(Bundler.read_file(File.basename(gemfile_lock)))
+        Dir.chdir(my_dir)
+        lockfile.specs.each do |s|
+          ret = {:name=>s.name, :version=>s.version.to_s} if s.name == "rails" || s.name == "sinatra"
+          a << {:name=>s.name, :version=>s.version.to_s}
+        end
+
+        ret[:connected_gems]=a
+        ret
+
+      end
+
+      def self.detect_mvc(target)
+
+        raise ArgumentError.new("you must set target directory") if target.nil?
+
+        my_dir = Dir.pwd
+        Dir.chdir(target)
+        raise ArgumentError.new("no Gemfile.lock in #{target}") unless File.exist?("Gemfile.lock")
+
+        lockfile = Bundler::LockfileParser.new(Bundler.read_file("Gemfile.lock"))
+        Dir.chdir(my_dir)
+        lockfile.specs.each do |s|
+          return Codesake::Dawn::Rails.new(target)    if s.name == "rails"
+          return Codesake::Dawn::Padrino.new(target)  if s.name == "padrino"
+        end
+
+        return Codesake::Dawn::Sinatra.new(target)
+      end
+
+      def self.is_good_target?(target)
+        (File.exist?(target) and File.directory?(target))
+      end
+
+      def self.find_conf(create_if_none = false)
+        conf_name  = 'codesake-dawn.yaml'
+        path_order = [
+          './',
+          '~/',
+          '/usr/local/etc/',
+        ]
+        path_order.each do |p|
+          fn = p + conf_name if p.start_with?('/')
+          # if outside $HOME the config file must be hidden
+          fn = File.expand_path(p) + '/.'+conf_name if ! p.start_with?('/')
+          return fn if File.exist?(fn)
+        end
+
+        # Codesake::Dawn didn't find a config file.
+        # If create_if_none flag is set to false, than I'll return nil so the
+        # read_conf method will return the default configuration
+        return nil unless create_if_none
+
+        # If create_if_none flag is set to true, than I'll create a config file
+        # on the current directory with the default configuration.
+        conf = {"config"=>{:verbose=>false, :output=>"console", :mvc=>"", :gemfile_scan=>false, :gemfile_name=>"", :filename=>nil, :debug=>false, :exit_on_warn => false, :enabled_checks=> Codesake::Dawn::Kb::BasicCheck::ALLOWED_FAMILIES}}
+
+        # Calculate the conf file path
+        conf_path = File.expand_path('~') +'/.'+conf_name
+
+        # Open the conf file and write our default config to it
+        File.open(conf_path, 'w') do |f|
+          rv = f.write(YAML.dump(conf))
+        end
+
+        conf_path
+      end
+
+      def self.read_conf(file=nil)
+        conf = {:verbose=>false, :output=>"console", :mvc=>"", :gemfile_scan=>false, :gemfile_name=>"", :filename=>nil, :debug=>false, :exit_on_warn => false, :enabled_checks=> Codesake::Dawn::Kb::BasicCheck::ALLOWED_FAMILIES}
+        begin
+          return conf if file.nil?
+          file = file.chop if (not file.nil? and file.end_with? '/')
+          return conf if ! File.exist?(file)
+        rescue => e
+          $logger.err "it seems you've found a bug in core.rb@#{__LINE__}: #{e.message}"
+          return conf
+        end
+
+        c = YAML.load_file(file)
+
+        cf = c["config"]
+        cc = cf[:enabled_checks]
+
+        # TODO
+        # I must add some sanity check here
+        conf[:verbose] = cf["verbose"] unless cf["verbose"].nil?
+        conf[:debug] = cf["debug"] unless cf["debug"].nil?
+        conf[:output] = cf["output"] unless cf["output"].nil?
+        conf[:enabled_checks] = cc unless cc.nil?
+
+        return conf
+      end
+    end
+  end
+end

data/lib/codesake/dawn/engine.rb

@@ -0,0 +1,380 @@
+require 'bundler'
+
+module Codesake
+  module Dawn
+    module Engine
+      include Codesake::Dawn::Utils
+
+      attr_reader :target
+      attr_reader :name
+      attr_reader :scan_start
+      attr_reader :scan_stop
+      # This attribute is used when @name == "Gemfile.lock" to force the
+      # loading of specific MVC checks
+      attr_reader :force
+      attr_reader :gemfile_lock
+      attr_reader :mvc_version
+      attr_reader :connected_gems
+      attr_reader :checks
+      attr_reader :vulnerabilities
+      attr_reader :mitigated_issues
+      attr_reader :ruby_version
+
+      attr_reader :engine_error
+
+      attr_reader :reflected_xss
+
+      # Typical MVC elements here
+
+      # Each view will be something like {:filename=>"target/views/index.haml", :language=>:haml}
+      attr_reader :views
+
+      # Each controller will be a little bit more complex. Of course for
+      # Sinatra, the controller filename will be the sole web application ruby
+      # file.
+      # {:filename=>"target/controllers/this_controller.rb", :actions=>[{:name=>"index", :method=>:get, :map=>"/"]}
+      attr_reader :controllers
+
+      # Models I don't know right now. Let them initialized as Array... we
+      # will see later 
+      attr_reader :models
+
+      attr_accessor :debug
+
+      attr_reader   :applied_checks
+      attr_reader   :skipped_checks
+
+      def initialize(dir=nil, name="", options={})
+        @name = name
+        @scan_start = Time.now
+        @scan_stop = @scan_start
+        @mvc_version = ""
+        @gemfile_lock = ""
+        @force = ""
+        @connected_gems = []
+        @checks = []
+        @vulnerabilities = []
+        @mitigated_issues = []
+        @applied = []
+        @reflected_xss = []
+        @engine_error = false
+        @debug = false
+        @debug = options[:debug] unless options[:debug].nil?
+        @applied_checks = 0
+        @skipped_checks = 0
+        @gemfile_lock_sudo = false
+
+        set_target(dir) unless dir.nil?
+        @ruby_version = get_ruby_version if dir.nil?
+        @gemfile_lock = options[:gemfile_name] unless options[:gemfile_name].nil? 
+
+        @views        = detect_views 
+        @controllers  = detect_controllers
+        @models       = detect_models
+
+        if $logger.nil?
+          $logger  = Codesake::Commons::Logging.instance
+          $logger.helo "dawn-engine", Codesake::Dawn::VERSION
+
+        end
+        $logger.warn "pattern matching security checks are disabled for Gemfile.lock scan" if @name == "Gemfile.lock"
+        $logger.warn "combo security checks are disabled for Gemfile.lock scan" if @name == "Gemfile.lock"
+        debug_me "engine is in debug mode" 
+        
+        if @name == "Gemfile.lock" && ! options[:guessed_mvc].nil?
+          # since all checks relies on @name a Gemfile.lock engine must
+          # impersonificate the engine for the mvc it was detected
+          debug_me "now I'm switching my name from #{@name} to #{options[:guessed_mvc][:name]}" 
+          $logger.err "there are no connected gems... it seems Gemfile.lock parsing failed" if options[:guessed_mvc][:connected_gems].empty?
+          @name = options[:guessed_mvc][:name] 
+          @mvc_version = options[:guessed_mvc][:version]
+          @connected_gems = options[:guessed_mvc][:connected_gems]
+          @gemfile_lock_sudo = true
+        end
+
+        # FIXME.20140325
+        #
+        # I comment out this call. knowledge base must be called explicitly
+        # since it's now possible to pass an array saying check families to be
+        # loaded.
+        #
+        # load_knowledge_base
+      end
+
+      def detect_views
+        []
+      end
+      def error!
+        @error = true
+      end
+      def error?
+        @error
+      end
+
+      def build_view_array(dir)
+
+        return [] unless File.exist?(dir) and File.directory?(dir) 
+
+        ret = []
+        Dir.glob(File.join("#{dir}", "*")).each do |filename| 
+          ret << {:filename=>filename, :language=>:haml} if File.extname(filename) == ".haml"
+        end
+
+        ret
+      end
+
+      def detect_controllers
+        []
+      end
+
+      def detect_models
+        []
+      end
+
+      def get_ruby_version
+        unless @target.nil?
+
+          # does target use rbenv?
+          ver = get_rbenv_ruby_ver
+          # does the target use rvm?
+          ver = get_rvm_ruby_ver if  ver[:version].empty? && ver[:patchlevel].empty?
+          # take the running ruby otherwise
+          ver = {:engine=>RUBY_ENGINE, :version=>RUBY_VERSION, :patchlevel=>"p#{RUBY_PATCHLEVEL}"} if ver[:version].empty? && ver[:patchlevel].empty? 
+        else
+          ver = {:engine=>RUBY_ENGINE, :version=>RUBY_VERSION, :patchlevel=>"p#{RUBY_PATCHLEVEL}"} 
+
+        end
+
+        ver
+      end
+
+      def set_target(dir)
+        @target = dir
+        @gemfile_lock = File.join(@target, "Gemfile.lock")
+        @mvc_version = set_mvc_version
+        @ruby_version = get_ruby_version
+      end
+
+      def target_is_dir?
+        File.directory?(@target)
+      end
+
+      def load_knowledge_base(enabled_checks=[])
+        debug_me("load_knowledge_base called. Enabled checks are: #{enabled_checks}")
+        if @name == "Gemfile.lock"
+          @checks = Codesake::Dawn::KnowledgeBase.new({:enabled_checks=>enabled_checks}).all if @force.empty?
+          @checks = Codesake::Dawn::KnowledgeBase.new({:enabled_checks=>enabled_checks}).all_by_mvc(@force) unless @force.empty? 
+        else
+          @checks = Codesake::Dawn::KnowledgeBase.new({:enabled_checks=>enabled_checks}).all_by_mvc(@name) 
+
+        end
+        debug_me("#{@checks.count} checks loaded")
+        @checks
+      end
+
+
+
+      def set_mvc_version
+        ver = ""
+        return ver unless target_is_dir?
+        return ver unless has_gemfile_lock?
+
+        my_dir = Dir.pwd
+        Dir.chdir(@target) 
+        lockfile = Bundler::LockfileParser.new(Bundler.read_file("Gemfile.lock"))
+        lockfile.specs.each do |s|
+          # detecting MVC version using @name in case of sinatra, padrino or rails engine
+          ver= s.version.to_s if s.name == @name && @name != "Gemfile.lock" 
+          # detecting MVC version using @force in case of Gemfile.lock engine
+          ver= s.version.to_s if s.name == @force.to_s && @name == "Gemfile.lock" 
+          @connected_gems << {:name=>s.name, :version=>s.version.to_s}
+        end
+        Dir.chdir(my_dir)
+        return ver
+      end
+
+      def has_gemfile_lock?
+        File.exist?(@gemfile_lock)
+      end
+
+      def is_good_mvc?
+        (@mvc_version != "")
+      end
+
+      def can_apply?
+        target_is_dir? && is_good_mvc?
+      end
+
+      def get_mvc_version
+        "#{@mvc_version}" if is_good_mvc? 
+      end
+
+      ## Security stuff applies here
+      #
+      # Public it applies a single security check given by its name
+      #
+      # name - the security check to be applied
+      #
+      # Examples
+      #   
+      #   engine.apply("CVE-2013-1800") 
+      #   # => boolean
+      #
+      # Returns a true value if the security check was successfully applied or false
+      # otherwise
+      def apply(name)
+
+        # FIXME.20140325
+        # Now if no checks are loaded because knowledge base was not previously called, apply and apply_all proudly refuse to run.
+        # Reason is simple, load_knowledge_base now needs enabled check array
+        # and I don't want to pollute engine API to propagate this value. It's
+        # a param to load_knowledge_base and then bin/dawn calls it
+        # accordingly.
+        # load_knowledge_base if @checks.nil?
+        if @checks.nil?
+          $logger.err "you must load knowledge base before trying to apply security checks"
+          return false
+        end
+
+        return false if @checks.empty?
+
+        @checks.each do |check|
+          if check.name == name
+            unless ((check.kind == Codesake::Dawn::KnowledgeBase::PATTERN_MATCH_CHECK || check.kind == Codesake::Dawn::KnowledgeBase::COMBO_CHECK ) && @name == "Gemfile.lock")
+              debug_me "applying check #{check.name}" 
+              @applied_checks += 1
+              @applied << { :name=>name }
+              check.ruby_version = @ruby_version[:version]
+              check.detected_ruby  = @ruby_version if check.kind == Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK
+              check.dependencies = self.connected_gems if check.kind == Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK
+              check.root_dir = self.target if check.kind  == Codesake::Dawn::KnowledgeBase::PATTERN_MATCH_CHECK
+              check.options = {:detected_ruby => self.ruby_version, :dependencies => self.connected_gems, :root_dir => self.target } if check.kind == Codesake::Dawn::KnowledgeBase::COMBO_CHECK
+
+              check_vuln = check.vuln?
+
+              @vulnerabilities  << {:name=> check.name, :severity=>check.severity, :priority=>check.priority, :kind=>check.check_family, :message=>check.message, :remediation=>check.remediation, :evidences=>check.evidences, :vulnerable_checks=>nil} if check_vuln && check.kind !=  Codesake::Dawn::KnowledgeBase::COMBO_CHECK
+
+              @vulnerabilities  << {:name=> check.name, :severity=>check.severity, :priority=>check.priority, :kind=>check.check_family, :message=>check.message, :remediation=>check.remediation, :evidences=>check.evidences, :vulnerable_checks=>check.vulnerable_checks} if check_vuln && check.kind ==  Codesake::Dawn::KnowledgeBase::COMBO_CHECK
+
+              @mitigated_issues << {:name=> check.name, :severity=>check.severity, :priority=>check.priority, :kind=>check.check_family, :message=>check.message, :remediation=>check.remediation, :evidences=>check.evidences, :vulnerable_checks=>nil} if check.mitigated?
+              return true
+            else
+              debug_me "skipping check #{check.name}"
+              @skipped_checks += 1
+            end
+          end
+        end
+
+        false
+      end
+
+      def apply_all
+        @scan_start = Time.now
+        debug_me("SCAN STARTED: #{@scan_start}")
+        # FIXME.20140325
+        # Now if no checks are loaded because knowledge base was not previously called, apply and apply_all proudly refuse to run.
+        # Reason is simple, load_knowledge_base now needs enabled check array
+        # and I don't want to pollute engine API to propagate this value. It's
+        # a param to load_knowledge_base and then bin/dawn calls it
+        # accordingly.
+        # load_knowledge_base if @checks.nil?
+        if @checks.nil?
+          $logger.err "you must load knowledge base before trying to apply security checks"
+          @scan_stop = Time.now
+          debug_me("SCAN STOPPED: #{@scan_stop}")
+          return false
+        end
+        if @checks.empty?
+          @scan_stop = Time.now
+          debug_me("SCAN STOPPED: #{@scan_stop}")
+          return false
+        end
+
+        @checks.each do |check|
+          unless ((check.kind == Codesake::Dawn::KnowledgeBase::PATTERN_MATCH_CHECK || check.kind == Codesake::Dawn::KnowledgeBase::COMBO_CHECK ) && @gemfile_lock_sudo)
+
+            @applied << { :name => name }
+            debug_me "applying check #{check.name}" 
+            @applied_checks += 1
+
+            check.ruby_version = @ruby_version[:version]
+            check.detected_ruby  = @ruby_version if check.kind == Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK
+            check.dependencies = self.connected_gems if check.kind == Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK
+            check.root_dir = self.target if check.kind  == Codesake::Dawn::KnowledgeBase::PATTERN_MATCH_CHECK 
+            check.options = {:detected_ruby => self.ruby_version, :dependencies => self.connected_gems, :root_dir => self.target } if check.kind == Codesake::Dawn::KnowledgeBase::COMBO_CHECK
+            check_vuln = check.vuln?
+
+            @vulnerabilities  << {:name=> check.name, :severity=>check.severity, :priority=>check.priority, :kind=>check.check_family, :message=>check.message, :remediation=>check.remediation, :evidences=>check.evidences, :vulnerable_checks=>nil} if check_vuln && check.kind !=  Codesake::Dawn::KnowledgeBase::COMBO_CHECK
+
+            @vulnerabilities  << {:name=> check.name, :severity=>check.severity, :priority=>check.priority, :kind=>check.check_family, :message=>check.message, :remediation=>check.remediation, :evidences=>check.evidences, :vulnerable_checks=>check.vulnerable_checks} if check_vuln && check.kind ==  Codesake::Dawn::KnowledgeBase::COMBO_CHECK
+
+            @mitigated_issues << {:name=> check.name, :severity=>check.severity, :priority=>check.priority, :kind=>check.check_family, :message=>check.message, :remediation=>check.remediation, :evidences=>check.evidences, :vulnerable_checks=>nil} if check.mitigated?
+          else
+            debug_me "skipping check #{check.name}"
+            @skipped_checks += 1
+          end
+        end
+        @scan_stop = Time.now
+        debug_me("SCAN STOPPED: #{@scan_stop}")
+
+        true
+
+      end
+
+      def scan_time
+        @scan_stop - @scan_start
+      end
+
+      def is_applied?(name)
+        @applied.each do |a|
+          return true if a[:name] == name
+        end
+        return false
+      end
+
+      def vulnerabilities
+        apply_all if @applied.empty?
+        @vulnerabilities
+      end
+
+      def find_vulnerability_by_name(name)
+        apply(name) unless is_applied?(name)
+        @vulnerabilities.each do |v|
+          return v if v[:name] == name
+        end
+
+        nil
+      end
+
+      def is_vulnerable_to?(name)
+        return (find_vulnerability_by_name(name) != nil)
+      end
+
+
+      def has_reflected_xss?
+        (@reflected_xss.count != 0) unless @reflected_xss.nil?
+      end
+
+      def count_vulnerabilities
+        ret = 0 
+        ret = @vulnerabilities.count unless @vulnerabilities.nil?
+        ret +=  @reflected_xss.count unless @reflected_xss.nil?
+
+        ret
+      end
+
+      private
+      def get_rbenv_ruby_ver
+        return {:version=>"", :patchlevel=>""} unless File.exist?(File.join(@target, ".rbenv-version"))
+        hash = File.read(File.join(@target, '.rbenv-version')).split('-')
+        return {:version=>hash[0], :patchlevel=>hash[1]}
+      end
+      def get_rvm_ruby_ver
+        return {:version=>"", :patchlevel=>""} unless File.exist?(File.join(@target, ".ruby-version"))
+        hash = File.read(File.join(@target, '.ruby-version')).split('-')
+        return {:version=>hash[0], :patchlevel=>hash[1]}
+      end
+
+    end
+  end
+end