dawnscanner 1.6.8 → 2.0.0.rc4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (387) hide show
  1. checksums.yaml +5 -5
  2. data/.gitignore +1 -0
  3. data/.ruby-version +1 -1
  4. data/Changelog.md +27 -1
  5. data/LICENSE.txt +1 -1
  6. data/README.md +59 -57
  7. data/Rakefile +10 -242
  8. data/Roadmap.md +15 -23
  9. data/VERSION +1 -1
  10. data/bin/dawn +17 -273
  11. data/checksum/dawnscanner-1.6.8.gem.sha1 +1 -0
  12. data/checksum/dawnscanner-2.0.0.rc1.gem.sha1 +1 -0
  13. data/checksum/dawnscanner-2.0.0.rc2.gem.sha1 +1 -0
  14. data/checksum/dawnscanner-2.0.0.rc3.gem.sha1 +1 -0
  15. data/dawnscanner.gemspec +10 -9
  16. data/doc/change.sh +13 -0
  17. data/doc/kickstart_kb.tar.gz +0 -0
  18. data/doc/knowledge_base.rb +650 -0
  19. data/docs/.placeholder +0 -0
  20. data/docs/CNAME +1 -0
  21. data/docs/_config.yml +1 -0
  22. data/lib/dawn/cli/dawn_cli.rb +139 -0
  23. data/lib/dawn/core.rb +8 -7
  24. data/lib/dawn/engine.rb +93 -34
  25. data/lib/dawn/gemfile_lock.rb +2 -2
  26. data/lib/dawn/kb/basic_check.rb +1 -2
  27. data/lib/dawn/kb/combo_check.rb +1 -1
  28. data/lib/dawn/kb/dependency_check.rb +1 -1
  29. data/lib/dawn/kb/operating_system_check.rb +1 -1
  30. data/lib/dawn/kb/pattern_match_check.rb +10 -9
  31. data/lib/dawn/kb/ruby_version_check.rb +11 -10
  32. data/lib/dawn/kb/{gem_check.rb → rubygem_check.rb} +1 -1
  33. data/lib/dawn/kb/unsafe_depedency_check.rb +44 -0
  34. data/lib/dawn/kb/version_check.rb +41 -24
  35. data/lib/dawn/knowledge_base.rb +259 -595
  36. data/lib/dawn/reporter.rb +2 -1
  37. data/lib/dawn/utils.rb +5 -2
  38. data/lib/dawn/version.rb +5 -5
  39. data/lib/dawnscanner.rb +7 -6
  40. data/spec/lib/kb/codesake_unsafe_dependency_check_spec.rb +29 -0
  41. data/spec/lib/kb/dependency_check.yml +29 -0
  42. metadata +30 -496
  43. checksums.yaml.gz.sig +0 -0
  44. data.tar.gz.sig +0 -0
  45. data/certs/paolo_at_dawnscanner_dot_org.pem +0 -21
  46. data/lib/dawn/kb/cve_2004_0755.rb +0 -33
  47. data/lib/dawn/kb/cve_2004_0983.rb +0 -31
  48. data/lib/dawn/kb/cve_2005_1992.rb +0 -31
  49. data/lib/dawn/kb/cve_2005_2337.rb +0 -33
  50. data/lib/dawn/kb/cve_2006_1931.rb +0 -30
  51. data/lib/dawn/kb/cve_2006_2582.rb +0 -28
  52. data/lib/dawn/kb/cve_2006_3694.rb +0 -31
  53. data/lib/dawn/kb/cve_2006_4112.rb +0 -27
  54. data/lib/dawn/kb/cve_2006_5467.rb +0 -28
  55. data/lib/dawn/kb/cve_2006_6303.rb +0 -28
  56. data/lib/dawn/kb/cve_2006_6852.rb +0 -27
  57. data/lib/dawn/kb/cve_2006_6979.rb +0 -29
  58. data/lib/dawn/kb/cve_2007_0469.rb +0 -29
  59. data/lib/dawn/kb/cve_2007_5162.rb +0 -28
  60. data/lib/dawn/kb/cve_2007_5379.rb +0 -27
  61. data/lib/dawn/kb/cve_2007_5380.rb +0 -29
  62. data/lib/dawn/kb/cve_2007_5770.rb +0 -30
  63. data/lib/dawn/kb/cve_2007_6077.rb +0 -31
  64. data/lib/dawn/kb/cve_2007_6612.rb +0 -30
  65. data/lib/dawn/kb/cve_2008_1145.rb +0 -38
  66. data/lib/dawn/kb/cve_2008_1891.rb +0 -38
  67. data/lib/dawn/kb/cve_2008_2376.rb +0 -30
  68. data/lib/dawn/kb/cve_2008_2662.rb +0 -33
  69. data/lib/dawn/kb/cve_2008_2663.rb +0 -32
  70. data/lib/dawn/kb/cve_2008_2664.rb +0 -33
  71. data/lib/dawn/kb/cve_2008_2725.rb +0 -31
  72. data/lib/dawn/kb/cve_2008_3655.rb +0 -37
  73. data/lib/dawn/kb/cve_2008_3657.rb +0 -37
  74. data/lib/dawn/kb/cve_2008_3790.rb +0 -30
  75. data/lib/dawn/kb/cve_2008_3905.rb +0 -36
  76. data/lib/dawn/kb/cve_2008_4094.rb +0 -27
  77. data/lib/dawn/kb/cve_2008_4310.rb +0 -100
  78. data/lib/dawn/kb/cve_2008_5189.rb +0 -27
  79. data/lib/dawn/kb/cve_2008_7248.rb +0 -27
  80. data/lib/dawn/kb/cve_2009_4078.rb +0 -29
  81. data/lib/dawn/kb/cve_2009_4124.rb +0 -30
  82. data/lib/dawn/kb/cve_2009_4214.rb +0 -27
  83. data/lib/dawn/kb/cve_2010_1330.rb +0 -28
  84. data/lib/dawn/kb/cve_2010_2489.rb +0 -60
  85. data/lib/dawn/kb/cve_2010_3933.rb +0 -27
  86. data/lib/dawn/kb/cve_2011_0188.rb +0 -67
  87. data/lib/dawn/kb/cve_2011_0446.rb +0 -28
  88. data/lib/dawn/kb/cve_2011_0447.rb +0 -28
  89. data/lib/dawn/kb/cve_2011_0739.rb +0 -28
  90. data/lib/dawn/kb/cve_2011_0995.rb +0 -61
  91. data/lib/dawn/kb/cve_2011_1004.rb +0 -34
  92. data/lib/dawn/kb/cve_2011_1005.rb +0 -31
  93. data/lib/dawn/kb/cve_2011_2197.rb +0 -27
  94. data/lib/dawn/kb/cve_2011_2686.rb +0 -29
  95. data/lib/dawn/kb/cve_2011_2705.rb +0 -32
  96. data/lib/dawn/kb/cve_2011_2929.rb +0 -27
  97. data/lib/dawn/kb/cve_2011_2930.rb +0 -28
  98. data/lib/dawn/kb/cve_2011_2931.rb +0 -30
  99. data/lib/dawn/kb/cve_2011_2932.rb +0 -27
  100. data/lib/dawn/kb/cve_2011_3009.rb +0 -28
  101. data/lib/dawn/kb/cve_2011_3186.rb +0 -29
  102. data/lib/dawn/kb/cve_2011_3187.rb +0 -29
  103. data/lib/dawn/kb/cve_2011_4319.rb +0 -30
  104. data/lib/dawn/kb/cve_2011_4815.rb +0 -28
  105. data/lib/dawn/kb/cve_2011_5036.rb +0 -26
  106. data/lib/dawn/kb/cve_2012_1098.rb +0 -30
  107. data/lib/dawn/kb/cve_2012_1099.rb +0 -27
  108. data/lib/dawn/kb/cve_2012_1241.rb +0 -27
  109. data/lib/dawn/kb/cve_2012_2139.rb +0 -26
  110. data/lib/dawn/kb/cve_2012_2140.rb +0 -27
  111. data/lib/dawn/kb/cve_2012_2660.rb +0 -28
  112. data/lib/dawn/kb/cve_2012_2661.rb +0 -27
  113. data/lib/dawn/kb/cve_2012_2671.rb +0 -28
  114. data/lib/dawn/kb/cve_2012_2694.rb +0 -30
  115. data/lib/dawn/kb/cve_2012_2695.rb +0 -27
  116. data/lib/dawn/kb/cve_2012_3424.rb +0 -29
  117. data/lib/dawn/kb/cve_2012_3463.rb +0 -27
  118. data/lib/dawn/kb/cve_2012_3464.rb +0 -27
  119. data/lib/dawn/kb/cve_2012_3465.rb +0 -26
  120. data/lib/dawn/kb/cve_2012_4464.rb +0 -27
  121. data/lib/dawn/kb/cve_2012_4466.rb +0 -27
  122. data/lib/dawn/kb/cve_2012_4481.rb +0 -26
  123. data/lib/dawn/kb/cve_2012_4522.rb +0 -27
  124. data/lib/dawn/kb/cve_2012_5370.rb +0 -27
  125. data/lib/dawn/kb/cve_2012_5371.rb +0 -27
  126. data/lib/dawn/kb/cve_2012_5380.rb +0 -28
  127. data/lib/dawn/kb/cve_2012_6109.rb +0 -25
  128. data/lib/dawn/kb/cve_2012_6134.rb +0 -27
  129. data/lib/dawn/kb/cve_2012_6496.rb +0 -28
  130. data/lib/dawn/kb/cve_2012_6497.rb +0 -28
  131. data/lib/dawn/kb/cve_2012_6684.rb +0 -28
  132. data/lib/dawn/kb/cve_2013_0155.rb +0 -29
  133. data/lib/dawn/kb/cve_2013_0156.rb +0 -27
  134. data/lib/dawn/kb/cve_2013_0162.rb +0 -28
  135. data/lib/dawn/kb/cve_2013_0175.rb +0 -27
  136. data/lib/dawn/kb/cve_2013_0183.rb +0 -25
  137. data/lib/dawn/kb/cve_2013_0184.rb +0 -25
  138. data/lib/dawn/kb/cve_2013_0233.rb +0 -26
  139. data/lib/dawn/kb/cve_2013_0256.rb +0 -59
  140. data/lib/dawn/kb/cve_2013_0262.rb +0 -26
  141. data/lib/dawn/kb/cve_2013_0263.rb +0 -26
  142. data/lib/dawn/kb/cve_2013_0269.rb +0 -27
  143. data/lib/dawn/kb/cve_2013_0276.rb +0 -28
  144. data/lib/dawn/kb/cve_2013_0277.rb +0 -25
  145. data/lib/dawn/kb/cve_2013_0284.rb +0 -27
  146. data/lib/dawn/kb/cve_2013_0285.rb +0 -27
  147. data/lib/dawn/kb/cve_2013_0333.rb +0 -28
  148. data/lib/dawn/kb/cve_2013_0334.rb +0 -25
  149. data/lib/dawn/kb/cve_2013_1607.rb +0 -25
  150. data/lib/dawn/kb/cve_2013_1655.rb +0 -65
  151. data/lib/dawn/kb/cve_2013_1656.rb +0 -28
  152. data/lib/dawn/kb/cve_2013_1756.rb +0 -26
  153. data/lib/dawn/kb/cve_2013_1800.rb +0 -26
  154. data/lib/dawn/kb/cve_2013_1801.rb +0 -27
  155. data/lib/dawn/kb/cve_2013_1802.rb +0 -27
  156. data/lib/dawn/kb/cve_2013_1812.rb +0 -27
  157. data/lib/dawn/kb/cve_2013_1821.rb +0 -28
  158. data/lib/dawn/kb/cve_2013_1854.rb +0 -26
  159. data/lib/dawn/kb/cve_2013_1855.rb +0 -25
  160. data/lib/dawn/kb/cve_2013_1856.rb +0 -26
  161. data/lib/dawn/kb/cve_2013_1857.rb +0 -27
  162. data/lib/dawn/kb/cve_2013_1875.rb +0 -27
  163. data/lib/dawn/kb/cve_2013_1898.rb +0 -27
  164. data/lib/dawn/kb/cve_2013_1911.rb +0 -28
  165. data/lib/dawn/kb/cve_2013_1933.rb +0 -27
  166. data/lib/dawn/kb/cve_2013_1947.rb +0 -27
  167. data/lib/dawn/kb/cve_2013_1948.rb +0 -27
  168. data/lib/dawn/kb/cve_2013_2065.rb +0 -29
  169. data/lib/dawn/kb/cve_2013_2090.rb +0 -28
  170. data/lib/dawn/kb/cve_2013_2105.rb +0 -26
  171. data/lib/dawn/kb/cve_2013_2119.rb +0 -27
  172. data/lib/dawn/kb/cve_2013_2512.rb +0 -26
  173. data/lib/dawn/kb/cve_2013_2513.rb +0 -25
  174. data/lib/dawn/kb/cve_2013_2516.rb +0 -26
  175. data/lib/dawn/kb/cve_2013_2615.rb +0 -27
  176. data/lib/dawn/kb/cve_2013_2616.rb +0 -27
  177. data/lib/dawn/kb/cve_2013_2617.rb +0 -28
  178. data/lib/dawn/kb/cve_2013_3221.rb +0 -27
  179. data/lib/dawn/kb/cve_2013_4164.rb +0 -30
  180. data/lib/dawn/kb/cve_2013_4203.rb +0 -25
  181. data/lib/dawn/kb/cve_2013_4389.rb +0 -26
  182. data/lib/dawn/kb/cve_2013_4413.rb +0 -27
  183. data/lib/dawn/kb/cve_2013_4457.rb +0 -29
  184. data/lib/dawn/kb/cve_2013_4478.rb +0 -26
  185. data/lib/dawn/kb/cve_2013_4479.rb +0 -26
  186. data/lib/dawn/kb/cve_2013_4489.rb +0 -28
  187. data/lib/dawn/kb/cve_2013_4491.rb +0 -29
  188. data/lib/dawn/kb/cve_2013_4492.rb +0 -29
  189. data/lib/dawn/kb/cve_2013_4562.rb +0 -27
  190. data/lib/dawn/kb/cve_2013_4593.rb +0 -27
  191. data/lib/dawn/kb/cve_2013_5647.rb +0 -29
  192. data/lib/dawn/kb/cve_2013_5671.rb +0 -26
  193. data/lib/dawn/kb/cve_2013_6414.rb +0 -30
  194. data/lib/dawn/kb/cve_2013_6415.rb +0 -29
  195. data/lib/dawn/kb/cve_2013_6416.rb +0 -29
  196. data/lib/dawn/kb/cve_2013_6417.rb +0 -30
  197. data/lib/dawn/kb/cve_2013_6421.rb +0 -28
  198. data/lib/dawn/kb/cve_2013_6459.rb +0 -28
  199. data/lib/dawn/kb/cve_2013_6460.rb +0 -53
  200. data/lib/dawn/kb/cve_2013_6461.rb +0 -57
  201. data/lib/dawn/kb/cve_2013_7086.rb +0 -27
  202. data/lib/dawn/kb/cve_2014_0036.rb +0 -27
  203. data/lib/dawn/kb/cve_2014_0080.rb +0 -29
  204. data/lib/dawn/kb/cve_2014_0081.rb +0 -27
  205. data/lib/dawn/kb/cve_2014_0082.rb +0 -27
  206. data/lib/dawn/kb/cve_2014_0130.rb +0 -27
  207. data/lib/dawn/kb/cve_2014_1233.rb +0 -27
  208. data/lib/dawn/kb/cve_2014_1234.rb +0 -26
  209. data/lib/dawn/kb/cve_2014_2322.rb +0 -28
  210. data/lib/dawn/kb/cve_2014_2525.rb +0 -59
  211. data/lib/dawn/kb/cve_2014_2538.rb +0 -26
  212. data/lib/dawn/kb/cve_2014_3482.rb +0 -28
  213. data/lib/dawn/kb/cve_2014_3483.rb +0 -28
  214. data/lib/dawn/kb/cve_2014_3916.rb +0 -29
  215. data/lib/dawn/kb/cve_2014_4975.rb +0 -28
  216. data/lib/dawn/kb/cve_2014_7818.rb +0 -27
  217. data/lib/dawn/kb/cve_2014_7819.rb +0 -31
  218. data/lib/dawn/kb/cve_2014_7829.rb +0 -30
  219. data/lib/dawn/kb/cve_2014_8090.rb +0 -30
  220. data/lib/dawn/kb/cve_2014_9490.rb +0 -29
  221. data/lib/dawn/kb/cve_2015_1819.rb +0 -34
  222. data/lib/dawn/kb/cve_2015_1840/cve_2015_1840_a.rb +0 -28
  223. data/lib/dawn/kb/cve_2015_1840/cve_2015_1840_b.rb +0 -28
  224. data/lib/dawn/kb/cve_2015_2963.rb +0 -27
  225. data/lib/dawn/kb/cve_2015_3224.rb +0 -26
  226. data/lib/dawn/kb/cve_2015_3225.rb +0 -28
  227. data/lib/dawn/kb/cve_2015_3226.rb +0 -27
  228. data/lib/dawn/kb/cve_2015_3227.rb +0 -28
  229. data/lib/dawn/kb/cve_2015_3448.rb +0 -29
  230. data/lib/dawn/kb/cve_2015_4020.rb +0 -34
  231. data/lib/dawn/kb/cve_2015_5312.rb +0 -30
  232. data/lib/dawn/kb/cve_2015_7497.rb +0 -32
  233. data/lib/dawn/kb/cve_2015_7498.rb +0 -32
  234. data/lib/dawn/kb/cve_2015_7499.rb +0 -32
  235. data/lib/dawn/kb/cve_2015_7500.rb +0 -32
  236. data/lib/dawn/kb/cve_2015_7519.rb +0 -31
  237. data/lib/dawn/kb/cve_2015_7541.rb +0 -31
  238. data/lib/dawn/kb/cve_2015_7576.rb +0 -35
  239. data/lib/dawn/kb/cve_2015_7577.rb +0 -34
  240. data/lib/dawn/kb/cve_2015_7578.rb +0 -30
  241. data/lib/dawn/kb/cve_2015_7579.rb +0 -30
  242. data/lib/dawn/kb/cve_2015_7581.rb +0 -33
  243. data/lib/dawn/kb/cve_2015_8241.rb +0 -32
  244. data/lib/dawn/kb/cve_2015_8242.rb +0 -32
  245. data/lib/dawn/kb/cve_2015_8317.rb +0 -32
  246. data/lib/dawn/kb/cve_2016_0751.rb +0 -32
  247. data/lib/dawn/kb/cve_2016_0752.rb +0 -35
  248. data/lib/dawn/kb/cve_2016_0753.rb +0 -31
  249. data/lib/dawn/kb/cve_2016_2097.rb +0 -35
  250. data/lib/dawn/kb/cve_2016_2098.rb +0 -35
  251. data/lib/dawn/kb/cve_2016_5697.rb +0 -30
  252. data/lib/dawn/kb/cve_2016_6316.rb +0 -33
  253. data/lib/dawn/kb/cve_2016_6317.rb +0 -32
  254. data/lib/dawn/kb/cve_2016_6582.rb +0 -43
  255. data/lib/dawn/kb/not_revised_code.rb +0 -22
  256. data/lib/dawn/kb/osvdb_105971.rb +0 -29
  257. data/lib/dawn/kb/osvdb_108530.rb +0 -27
  258. data/lib/dawn/kb/osvdb_108563.rb +0 -28
  259. data/lib/dawn/kb/osvdb_108569.rb +0 -28
  260. data/lib/dawn/kb/osvdb_108570.rb +0 -27
  261. data/lib/dawn/kb/osvdb_115654.rb +0 -33
  262. data/lib/dawn/kb/osvdb_116010.rb +0 -30
  263. data/lib/dawn/kb/osvdb_117903.rb +0 -30
  264. data/lib/dawn/kb/osvdb_118579.rb +0 -31
  265. data/lib/dawn/kb/osvdb_118830.rb +0 -32
  266. data/lib/dawn/kb/osvdb_118954.rb +0 -33
  267. data/lib/dawn/kb/osvdb_119878.rb +0 -32
  268. data/lib/dawn/kb/osvdb_119927.rb +0 -33
  269. data/lib/dawn/kb/osvdb_120415.rb +0 -31
  270. data/lib/dawn/kb/osvdb_120857.rb +0 -34
  271. data/lib/dawn/kb/osvdb_121701.rb +0 -30
  272. data/lib/dawn/kb/osvdb_132234.rb +0 -34
  273. data/lib/dawn/kb/owasp_ror_cheatsheet.rb +0 -33
  274. data/lib/dawn/kb/owasp_ror_cheatsheet/check_for_backup_files.rb +0 -18
  275. data/lib/dawn/kb/owasp_ror_cheatsheet/check_for_safe_redirect_and_forward.rb +0 -57
  276. data/lib/dawn/kb/owasp_ror_cheatsheet/command_injection.rb +0 -28
  277. data/lib/dawn/kb/owasp_ror_cheatsheet/csrf.rb +0 -29
  278. data/lib/dawn/kb/owasp_ror_cheatsheet/mass_assignment_in_model.rb +0 -33
  279. data/lib/dawn/kb/owasp_ror_cheatsheet/security_related_headers.rb +0 -35
  280. data/lib/dawn/kb/owasp_ror_cheatsheet/sensitive_files.rb +0 -29
  281. data/lib/dawn/kb/owasp_ror_cheatsheet/session_stored_in_database.rb +0 -31
  282. data/lib/dawn/kb/simpleform_xss_20131129.rb +0 -28
  283. data/lib/dawn/knowledge_base_experimental.rb +0 -245
  284. data/spec/lib/kb/cve_2011_2705_spec.rb +0 -35
  285. data/spec/lib/kb/cve_2011_2930_spec.rb +0 -31
  286. data/spec/lib/kb/cve_2011_3009_spec.rb +0 -25
  287. data/spec/lib/kb/cve_2011_3187_spec.rb +0 -24
  288. data/spec/lib/kb/cve_2011_4319_spec.rb +0 -44
  289. data/spec/lib/kb/cve_2011_5036_spec.rb +0 -95
  290. data/spec/lib/kb/cve_2012_1098_spec.rb +0 -36
  291. data/spec/lib/kb/cve_2012_2139_spec.rb +0 -20
  292. data/spec/lib/kb/cve_2012_2671_spec.rb +0 -23
  293. data/spec/lib/kb/cve_2012_6109_spec.rb +0 -112
  294. data/spec/lib/kb/cve_2012_6684_spec.rb +0 -16
  295. data/spec/lib/kb/cve_2013_0162_spec.rb +0 -23
  296. data/spec/lib/kb/cve_2013_0183_spec.rb +0 -54
  297. data/spec/lib/kb/cve_2013_0184_spec.rb +0 -115
  298. data/spec/lib/kb/cve_2013_0256_spec.rb +0 -34
  299. data/spec/lib/kb/cve_2013_0262_spec.rb +0 -44
  300. data/spec/lib/kb/cve_2013_0263_spec.rb +0 -11
  301. data/spec/lib/kb/cve_2013_0334_spec.rb +0 -35
  302. data/spec/lib/kb/cve_2013_1607_spec.rb +0 -15
  303. data/spec/lib/kb/cve_2013_1655_spec.rb +0 -31
  304. data/spec/lib/kb/cve_2013_1756_spec.rb +0 -23
  305. data/spec/lib/kb/cve_2013_2090_spec.rb +0 -15
  306. data/spec/lib/kb/cve_2013_2105_spec.rb +0 -11
  307. data/spec/lib/kb/cve_2013_2119_spec.rb +0 -27
  308. data/spec/lib/kb/cve_2013_2512_spec.rb +0 -15
  309. data/spec/lib/kb/cve_2013_2513_spec.rb +0 -15
  310. data/spec/lib/kb/cve_2013_2516_spec.rb +0 -15
  311. data/spec/lib/kb/cve_2013_4203_spec.rb +0 -15
  312. data/spec/lib/kb/cve_2013_4413_spec.rb +0 -16
  313. data/spec/lib/kb/cve_2013_4489_spec.rb +0 -63
  314. data/spec/lib/kb/cve_2013_4491_spec.rb +0 -16
  315. data/spec/lib/kb/cve_2013_4593_spec.rb +0 -16
  316. data/spec/lib/kb/cve_2013_5647_spec.rb +0 -19
  317. data/spec/lib/kb/cve_2013_5671_spec.rb +0 -27
  318. data/spec/lib/kb/cve_2013_6414_spec.rb +0 -26
  319. data/spec/lib/kb/cve_2013_6416_spec.rb +0 -31
  320. data/spec/lib/kb/cve_2013_6459_spec.rb +0 -15
  321. data/spec/lib/kb/cve_2013_7086_spec.rb +0 -22
  322. data/spec/lib/kb/cve_2014_0036_spec.rb +0 -15
  323. data/spec/lib/kb/cve_2014_0080_spec.rb +0 -33
  324. data/spec/lib/kb/cve_2014_0081_spec.rb +0 -50
  325. data/spec/lib/kb/cve_2014_0082_spec.rb +0 -52
  326. data/spec/lib/kb/cve_2014_0130_spec.rb +0 -19
  327. data/spec/lib/kb/cve_2014_1233_spec.rb +0 -15
  328. data/spec/lib/kb/cve_2014_1234_spec.rb +0 -16
  329. data/spec/lib/kb/cve_2014_2322_spec.rb +0 -15
  330. data/spec/lib/kb/cve_2014_2538_spec.rb +0 -15
  331. data/spec/lib/kb/cve_2014_3482_spec.rb +0 -15
  332. data/spec/lib/kb/cve_2014_3483_spec.rb +0 -27
  333. data/spec/lib/kb/cve_2014_7818_spec.rb +0 -42
  334. data/spec/lib/kb/cve_2014_7819_spec.rb +0 -139
  335. data/spec/lib/kb/cve_2014_7829_spec.rb +0 -50
  336. data/spec/lib/kb/cve_2014_9490_spec.rb +0 -17
  337. data/spec/lib/kb/cve_2015_1819_spec.rb +0 -16
  338. data/spec/lib/kb/cve_2015_1840_spec.rb +0 -39
  339. data/spec/lib/kb/cve_2015_2963_spec.rb +0 -17
  340. data/spec/lib/kb/cve_2015_3224_spec.rb +0 -16
  341. data/spec/lib/kb/cve_2015_3225_spec.rb +0 -27
  342. data/spec/lib/kb/cve_2015_3226_spec.rb +0 -35
  343. data/spec/lib/kb/cve_2015_3227_spec.rb +0 -31
  344. data/spec/lib/kb/cve_2015_3448_spec.rb +0 -16
  345. data/spec/lib/kb/cve_2015_4020_spec.rb +0 -24
  346. data/spec/lib/kb/cve_2015_5312_spec.rb +0 -31
  347. data/spec/lib/kb/cve_2015_7497_spec.rb +0 -31
  348. data/spec/lib/kb/cve_2015_7498_spec.rb +0 -31
  349. data/spec/lib/kb/cve_2015_7499_spec.rb +0 -31
  350. data/spec/lib/kb/cve_2015_7500_spec.rb +0 -31
  351. data/spec/lib/kb/cve_2015_7519_spec.rb +0 -23
  352. data/spec/lib/kb/cve_2015_7541_spec.rb +0 -15
  353. data/spec/lib/kb/cve_2015_7576_spec.rb +0 -51
  354. data/spec/lib/kb/cve_2015_7577_spec.rb +0 -63
  355. data/spec/lib/kb/cve_2015_7578_spec.rb +0 -15
  356. data/spec/lib/kb/cve_2015_7579_spec.rb +0 -23
  357. data/spec/lib/kb/cve_2015_7581_spec.rb +0 -51
  358. data/spec/lib/kb/cve_2015_8241_spec.rb +0 -31
  359. data/spec/lib/kb/cve_2015_8242_spec.rb +0 -31
  360. data/spec/lib/kb/cve_2015_8317_spec.rb +0 -31
  361. data/spec/lib/kb/cve_2016_0751_spec.rb +0 -55
  362. data/spec/lib/kb/cve_2016_0752_spec.rb +0 -51
  363. data/spec/lib/kb/cve_2016_0753_spec.rb +0 -51
  364. data/spec/lib/kb/cve_2016_2097_spec.rb +0 -35
  365. data/spec/lib/kb/cve_2016_2098_spec.rb +0 -55
  366. data/spec/lib/kb/cve_2016_5697_spec.rb +0 -15
  367. data/spec/lib/kb/cve_2016_6316_spec.rb +0 -44
  368. data/spec/lib/kb/cve_2016_6317_spec.rb +0 -35
  369. data/spec/lib/kb/cve_2016_6582_spec.rb +0 -29
  370. data/spec/lib/kb/osvdb_105971_spec.rb +0 -15
  371. data/spec/lib/kb/osvdb_108530_spec.rb +0 -22
  372. data/spec/lib/kb/osvdb_108563_spec.rb +0 -18
  373. data/spec/lib/kb/osvdb_108569_spec.rb +0 -17
  374. data/spec/lib/kb/osvdb_108570_spec.rb +0 -17
  375. data/spec/lib/kb/osvdb_115654_spec.rb +0 -15
  376. data/spec/lib/kb/osvdb_116010_spec.rb +0 -15
  377. data/spec/lib/kb/osvdb_117903_spec.rb +0 -23
  378. data/spec/lib/kb/osvdb_118579_spec.rb +0 -8
  379. data/spec/lib/kb/osvdb_118830_spec.rb +0 -16
  380. data/spec/lib/kb/osvdb_118954_spec.rb +0 -20
  381. data/spec/lib/kb/osvdb_119878_spec.rb +0 -92
  382. data/spec/lib/kb/osvdb_119927_spec.rb +0 -16
  383. data/spec/lib/kb/osvdb_120415_spec.rb +0 -16
  384. data/spec/lib/kb/osvdb_120857_spec.rb +0 -32
  385. data/spec/lib/kb/osvdb_121701_spec.rb +0 -15
  386. data/spec/lib/kb/osvdb_132234_spec.rb +0 -15
  387. metadata.gz.sig +0 -0
@@ -2,8 +2,8 @@ module Dawn
2
2
  class GemfileLock
3
3
  include Dawn::Engine
4
4
 
5
- def initialize(dir = "./", filename = "", guessed_mvc)
6
- super(dir, "Gemfile.lock", {:gemfile_name=>filename, :guessed_mvc=>guessed_mvc})
5
+ def initialize(dir = "./")
6
+ super(dir, "Gemfile.lock", {:gemfile_name=>"Gemfile.lock", :guessed_mvc=>Dawn::Core.guess_mvc(File.join(dir, "Gemfile.lock"))})
7
7
  end
8
8
 
9
9
  end
@@ -4,8 +4,6 @@ module Dawn
4
4
  module Kb
5
5
  module BasicCheck
6
6
 
7
- include Dawn::Utils
8
-
9
7
  attr_reader :title
10
8
  attr_reader :name
11
9
  attr_reader :cve
@@ -239,6 +237,7 @@ module Dawn
239
237
 
240
238
  ret
241
239
  end
240
+
242
241
  end
243
242
  end
244
243
  end
@@ -1,6 +1,6 @@
1
1
  module Dawn
2
2
  module Kb
3
- module ComboCheck
3
+ class ComboCheck
4
4
  include BasicCheck
5
5
 
6
6
  attr_reader :checks
@@ -1,6 +1,6 @@
1
1
  module Dawn
2
2
  module Kb
3
- module DependencyCheck
3
+ class DependencyCheck
4
4
  include BasicCheck
5
5
 
6
6
  attr_accessor :dependencies
@@ -1,6 +1,6 @@
1
1
  module Dawn
2
2
  module Kb
3
- module OperatingSystemCheck
3
+ class OperatingSystemCheck
4
4
  include BasicCheck
5
5
 
6
6
  # safe_os is an Hash with this form {:family=>"", :vendor=>"", :version=>""}
@@ -2,7 +2,7 @@ require 'ptools'
2
2
 
3
3
  module Dawn
4
4
  module Kb
5
- module PatternMatchCheck
5
+ class PatternMatchCheck
6
6
  include BasicCheck
7
7
 
8
8
 
@@ -25,7 +25,7 @@ module Dawn
25
25
 
26
26
  EXCLUSION_LIST = [
27
27
  "tags",
28
- "vendor/bundle",
28
+ "vendor/bundle",
29
29
  "features",
30
30
  "specs",
31
31
  "test"
@@ -38,10 +38,10 @@ module Dawn
38
38
  @attack_pattern_is_regex = false
39
39
  @glob = "**"
40
40
  @attack_pattern = options[:attack_pattern] unless options[:attack_pattern].nil?
41
- @negative_search = options[:negative_search] unless options[:negative_search].nil?
42
- @avoid_comments = options[:avoid_comments] unless options[:avoid_comments].nil?
43
- @evidences = options[:evidences] unless options[:evidences].nil?
44
- @attack_pattern_is_regex = options[:attack_pattern_is_regex] unless options[:attack_pattern_is_regex].nil?
41
+ @negative_search = options[:negative_search] unless options[:negative_search].nil?
42
+ @avoid_comments = options[:avoid_comments] unless options[:avoid_comments].nil?
43
+ @evidences = options[:evidences] unless options[:evidences].nil?
44
+ @attack_pattern_is_regex = options[:attack_pattern_is_regex] unless options[:attack_pattern_is_regex].nil?
45
45
  @glob = File.join(@glob, options[:glob]) unless options[:glob].nil?
46
46
  debug_me("EVIDENCES ARE #{@evidences.inspect}")
47
47
  end
@@ -60,6 +60,7 @@ module Dawn
60
60
  Dir.glob(File.join("#{root_dir}", @glob)).each do |filename|
61
61
  debug_me("#{File.basename(__FILE__)}@#{__LINE__}: analyzing #{filename}: search is #{@negative_search}")
62
62
  matches = []
63
+ raise ArgumentError.new("skipping empty file") if File.zero?(filename)
63
64
  begin
64
65
  matches = run(load_file(filename)) if File.exists?(filename) && File.file?(filename) && ! File.binary?(filename) && ! must_exclude?(filename)
65
66
  found = ! matches.empty?
@@ -84,17 +85,17 @@ module Dawn
84
85
  return ret_value
85
86
  end
86
87
 
87
- private
88
+ private
88
89
  def string_to_array(par)
89
90
  return par if par.class == Array
90
- %w(par)
91
+ %w(par)
91
92
  end
92
93
 
93
94
  def load_file(filename)
94
95
 
95
96
  f = File.open(filename)
96
97
  lines = f.readlines
97
- f.close
98
+ f.close
98
99
 
99
100
  lines
100
101
  end
@@ -1,6 +1,6 @@
1
1
  module Dawn
2
2
  module Kb
3
- module RubyVersionCheck
3
+ class RubyVersionCheck
4
4
  include BasicCheck
5
5
  # Array of hashes in the {:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"p342"} form
6
6
  attr_accessor :safe_rubies
@@ -29,9 +29,9 @@ module Dawn
29
29
  ve = self.is_same_version?(detected_ruby[:version], vv_a)
30
30
  vp = is_vulnerable_patchlevel?(detected_ruby[:version], detected_ruby[:patchlevel])
31
31
 
32
- debug_me("#{__FILE__}@#{__LINE__}: check: #{self.name}, engine is vulnerable?=#{vengine}, version is vulnerable?=#{vv}, is same version?=#{ve}, is_vulnerable_patchlevel?=#{vp}->#{vv && vengine}, #{(ve && vp && vengine )}")
33
- debug_me("#{__FILE__}@#{__LINE__}: safe ruby is: #{@safe_rubies}")
34
- debug_me("#{__FILE__}@#{__LINE__}: detected ruby is: #{@detected_ruby}")
32
+ debug_verbosely("#{__FILE__}@#{__LINE__}: check: #{self.name}, engine is vulnerable?=#{vengine}, version is vulnerable?=#{vv}, is same version?=#{ve}, is_vulnerable_patchlevel?=#{vp}->#{vv && vengine}, #{(ve && vp && vengine )}")
33
+ debug_verbosely("#{__FILE__}@#{__LINE__}: safe ruby is: #{@safe_rubies}")
34
+ debug_verbosely("#{__FILE__}@#{__LINE__}: detected ruby is: #{@detected_ruby}")
35
35
 
36
36
 
37
37
 
@@ -42,7 +42,7 @@ module Dawn
42
42
  @status = (ve && vp && vengine )
43
43
  end
44
44
 
45
- debug_me("STATUS:#{@status}")
45
+ debug_verbosely("STATUS:#{@status}")
46
46
  self.evidences << "#{@detected_ruby[:engine]} v#{@detected_ruby[:version]}-#{@detected_ruby[:patchlevel]} detected" if @status
47
47
  return @status
48
48
 
@@ -58,7 +58,7 @@ module Dawn
58
58
 
59
59
  def is_same_version?(target, fixes = [])
60
60
  fixes.each do |f|
61
- debug_me("F=#{f}, TARGET=#{target}")
61
+ debug_verbosely("F=#{f}, TARGET=#{target}")
62
62
  return true if f == target
63
63
  end
64
64
  false
@@ -66,23 +66,24 @@ module Dawn
66
66
 
67
67
  def is_vulnerable_patchlevel?(version, patchlevel)
68
68
  fixes = []
69
- debug_me "is_vulnerable_patchlevel? called with VERSION=#{version} and PLEVEL=#{patchlevel}"
69
+ debug_verbosely "is_vulnerable_patchlevel? called with VERSION=#{version} and PLEVEL=#{patchlevel}"
70
70
  @safe_rubies.each do |ss|
71
71
  fixes << ss[:patchlevel].split("p")[1].to_i if ss[:version] == version
72
72
  end
73
73
 
74
- debug_me "FIXES IS EMPTY" if fixes.empty?
75
- debug_me "FIXES LIST IS #{fixes}" unless fixes.empty?
74
+ debug_verbosely "FIXES IS EMPTY" if fixes.empty?
75
+ debug_verbosely "FIXES LIST IS #{fixes}" unless fixes.empty?
76
76
  return true if fixes.empty?
77
77
 
78
78
  t = patchlevel.split("p")[1].to_i if patchlevel.include? 'p'
79
79
  t = patchlevel.to_i unless patchlevel.include? 'p'
80
80
  fixes.each do |f|
81
- debug_me "PATCHLEVEL FIXES = #{f}, PATCHLEVEL TARGET = #{t}"
81
+ debug_verbosely "PATCHLEVEL FIXES = #{f}, PATCHLEVEL TARGET = #{t}"
82
82
  return true if f > t
83
83
  end
84
84
  false
85
85
  end
86
+
86
87
  end
87
88
  end
88
89
  end
@@ -1,7 +1,7 @@
1
1
  # This module handles security checks for RubyGems framework.
2
2
  module Dawn
3
3
  module Kb
4
- module GemCheck
4
+ class RubygemCheck
5
5
  include BasicCheck
6
6
 
7
7
  attr_accessor :safe_versions
@@ -0,0 +1,44 @@
1
+ module Dawn
2
+ module Kb
3
+ # While working on the KB rebase, fetching data from NVD API, I suddenly
4
+ # realize I must change the way a vulnerable dependency must be handled.
5
+ # Instead of changing what is working right now, I'll add a new dependency
6
+ # check ruby class
7
+ # NVD bulletins lists versions that are vulnerable and it would break
8
+ # automatism adding a post data fetching step to realize which is the first
9
+ # safe version.
10
+ #
11
+ # This class will handle a dependency name, the version found in
12
+ # Gemfile.lock and an array of vulnerable versions. If the version found is
13
+ # in the array, than the vuln? method returns true.
14
+ # This is an approach far more easy rathern than the one chosen in the past.
15
+ class UnsafeDependencyCheck
16
+ include BasicCheck
17
+
18
+ attr_accessor :dependencies
19
+ attr_accessor :vulnerable_version_array
20
+
21
+ def initialize(options)
22
+ super(options)
23
+ end
24
+
25
+ def vuln?
26
+ ret = false
27
+
28
+ # 20210325: I know... a single check handles a single dependency so,
29
+ # this should not be an array. This involves too many underlying
30
+ # changes one day I'll make.
31
+ @dependencies.each do |dep|
32
+ unless @vulnerable_version_array.nil? or @vulnerable_version_array.empty?
33
+ if dep[:name] == @vulnerable_version_array[0][:name]
34
+ return false if @vulnerable_version_array[0][:version].nil? or @vulnerable_version_array[0][:version].empty?
35
+ return true if @vulnerable_version_array[0][:version].include? dep[:version]
36
+ end
37
+ end
38
+ end
39
+
40
+ return false
41
+ end
42
+ end
43
+ end
44
+ end
@@ -23,16 +23,16 @@ module Dawn
23
23
  @save_major ||= options[:save_major]
24
24
  @debug ||= options[:debug]
25
25
  @enable_warning ||= options[:enable_warning]
26
- debug_me "VersionCheck initialized"
26
+ debug_verbosely "VersionCheck initialized"
27
27
  end
28
28
 
29
29
  def vuln?
30
- debug_me "Detected version is #{@detected}"
31
- debug_me "Safe versions array is #{@safe}"
32
- debug_me "Deprecated versions array is #{@deprecated}. I'll mark them as vulnerable" unless @deprecated.nil?
33
- debug_me "Excluded versions array is #{@excluded}. I'll mark them as not vulnerable" unless @excluded.nil?
34
- debug_me "SAVE_MINOR FLAG = #{@save_minor}"
35
- debug_me "SAVE_MAJOR FLAG = #{@save_major}"
30
+ debug_verbosely "Detected version is #{@detected}"
31
+ debug_verbosely "Safe versions array is #{@safe}"
32
+ debug_verbosely "Deprecated versions array is #{@deprecated}. I'll mark them as vulnerable" unless @deprecated.nil?
33
+ debug_verbosely "Excluded versions array is #{@excluded}. I'll mark them as not vulnerable" unless @excluded.nil?
34
+ debug_verbosely "SAVE_MINOR FLAG = #{@save_minor}"
35
+ debug_verbosely "SAVE_MAJOR FLAG = #{@save_major}"
36
36
 
37
37
  @status = :deprecated if is_detected_deprecated?
38
38
  return debug_me_and_return_false("detected version #{detected} is marked to be excluded for vulnerable ones") if is_detected_excluded?
@@ -41,8 +41,25 @@ module Dawn
41
41
  return debug_me_and_return_false("detected version #{@detected} found as is in safe array") if is_detected_in_safe?
42
42
  return debug_me_and_return_false("detected version #{@detected} is higher than all version marked safe") if is_detected_highest?
43
43
 
44
- @safe.sort.each do |s|
45
- debug_me "vuln?: evaluating #{@detected} against save version: #{s}"
44
+ check_versions = nil
45
+ @safe.each do |safe_version|
46
+
47
+ sva = version_string_to_array(safe_version)
48
+ dva = version_string_to_array(@detected)
49
+
50
+ next unless is_same_version?(sva[:version], dva[:version], true)
51
+ next unless sva[:version].count == dva[:version].count || is_beta_check?(sva[:beta], dva[:beta]) || is_rc_check?(sva[:rc], dva[:rc]) || is_pre_check?(sva[:pre], dva[:pre])
52
+
53
+ check_versions = [safe_version]
54
+ break
55
+ end
56
+
57
+ debug_verbosely "vuln?: limited check_versions: #{check_versions.inspect}"
58
+ check_versions ||= @safe
59
+ debug_verbosely "vuln?: fallback check_versions: #{check_versions.inspect}"
60
+
61
+ check_versions.sort.each do |s|
62
+ debug_verbosely "vuln?: evaluating #{@detected} against save version: #{s}"
46
63
 
47
64
  @save_minor_fix = save_minor_fix
48
65
  @save_major_fix = save_major_fix
@@ -50,7 +67,7 @@ module Dawn
50
67
 
51
68
  vuln = is_vulnerable_version?(s, @detected)
52
69
 
53
- debug_me "DETECTED #{@detected} is marked VULN=#{vuln} against #{s} ( SAVE_MINOR_FIX=#{@save_minor_fix} SAVE_MAJOR_FIX=#{@save_major_fix})"
70
+ debug_verbosely "DETECTED #{@detected} is marked VULN=#{vuln} against #{s} ( SAVE_MINOR_FIX=#{@save_minor_fix} SAVE_MAJOR_FIX=#{@save_major_fix})"
54
71
  return true if vuln
55
72
  end
56
73
 
@@ -67,7 +84,7 @@ module Dawn
67
84
  def is_detected_highest?
68
85
  higher= @detected
69
86
  @safe.sort.each do |s|
70
- debug_me("higher is #{higher}")
87
+ debug_verbosely("higher is #{higher}")
71
88
  higher=s if is_higher?(s, higher)
72
89
  end
73
90
  return (higher == @detected)
@@ -120,7 +137,7 @@ module Dawn
120
137
  ret = ver && beta && rc unless same
121
138
  ret = beta && rc if same
122
139
 
123
- debug_me("is_higher? a=#{a}, b=#{b} VER=#{ver} - BETA=#{beta} - RC=#{rc} - SAME=#{same} - a>b? = (#{ret})")
140
+ debug_verbosely("is_higher? a=#{a}, b=#{b} VER=#{ver} - BETA=#{beta} - RC=#{rc} - SAME=#{same} - a>b? = (#{ret})")
124
141
  return ret
125
142
  end
126
143
 
@@ -129,7 +146,7 @@ module Dawn
129
146
  dva = version_string_to_array(@detected)[:version]
130
147
  @safe.sort.each do |s|
131
148
  sva = version_string_to_array(s)[:version]
132
- debug_me "is_there_an_higher_major_version? DVA=#{dva} - SVA=#{sva}"
149
+ debug_verbosely "is_there_an_higher_major_version? DVA=#{dva} - SVA=#{sva}"
133
150
  return debug_me_and_return_true("is_there_an_higher_major_version? is returning true for #{@detected}") if dva[0] < sva[0]
134
151
  end
135
152
  return debug_me_and_return_false("is_there_an_higher_major_version? is returning false")
@@ -171,8 +188,8 @@ module Dawn
171
188
  sva = version_string_to_array(s)[:version]
172
189
  sM = is_same_major?(sva, dva)
173
190
  sm = is_same_minor?(sva, dva)
174
- debug_me("save_minor_fix: SVA=#{sva};DVA=#{dva};SAME_MAJOR? = #{sM}; SAME_MINOR?=#{sm}; ( dva[2] >= sva[2] )=#{(dva[2] >= sva[2])}")
175
- debug_me("save_minor_fix: is_there_higher_minor_version? = #{hm}")
191
+ debug_verbosely("save_minor_fix: SVA=#{sva};DVA=#{dva};SAME_MAJOR? = #{sM}; SAME_MINOR?=#{sm}; ( dva[2] >= sva[2] )=#{(dva[2] >= sva[2])}")
192
+ debug_verbosely("save_minor_fix: is_there_higher_minor_version? = #{hm}")
176
193
  return true if sM and sm and dva[2] >= sva[2] && hm
177
194
  return true if sM and hm
178
195
  end
@@ -212,7 +229,7 @@ module Dawn
212
229
  return (safe_version[2] > detected_version[2])
213
230
  end
214
231
  def is_vulnerable_aux_patch?(safe_version, detected_version)
215
- debug_me "is_vulnerable_aux_patch?: SV[3]=#{safe_version[3]}, DV[3]=#{detected_version[3]}"
232
+ debug_verbosely "is_vulnerable_aux_patch?: SV[3]=#{safe_version[3]}, DV[3]=#{detected_version[3]}"
216
233
  return true if detected_version[3].nil? and ! safe_version[3].nil?
217
234
  return false if safe_version[3].nil? || detected_version[3].nil?
218
235
  return (safe_version[3] > detected_version[3])
@@ -255,11 +272,11 @@ module Dawn
255
272
  # eg. in case of a beta release, the array is [5,0,0,1] meaning
256
273
  # 5.0.0.beta1. Of course it must be handled in a different way than
257
274
  # 5.0.0.1 release that it will result in the same array
258
- debug_me "is_same_version? with limit=TRUE"
275
+ debug_verbosely "is_same_version? with limit=TRUE"
259
276
  ret = true if (safe_version_array[0] == detected_version_array[0]) && (safe_version_array[1] == detected_version_array[1]) && (safe_version_array[2] == detected_version_array[2])
260
277
  end
261
278
 
262
- debug_me "is_same_version? SVA=#{safe_version_array} DVA=#{detected_version_array} RET=#{ret}"
279
+ debug_verbosely "is_same_version? SVA=#{safe_version_array} DVA=#{detected_version_array} RET=#{ret}"
263
280
 
264
281
  return ret
265
282
  end
@@ -276,7 +293,7 @@ module Dawn
276
293
  # if the safe_version_beta is 0 then the detected_version_beta is
277
294
  # vulnerable by design, since the safe version is a stable and we
278
295
  # detected a beta.
279
- debug_me("is_vulnerable_beta?: safe_version_beta=#{safe_version_beta} - detected_version_beta=#{detected_version_beta}")
296
+ debug_verbosely("is_vulnerable_beta?: safe_version_beta=#{safe_version_beta} - detected_version_beta=#{detected_version_beta}")
280
297
  return debug_me_and_return_false("is_vulnerable_beta? = FALSE") if safe_version_beta != -1 and detected_version_beta == -1
281
298
  return debug_me_and_return_true("is_vulnerable_beta? = TRUE") if safe_version_beta == -1 and detected_version_beta != -1
282
299
  return debug_me_and_return_true("is_vulnerable_beta? = TRUE") if safe_version_beta == 0 && detected_version_beta != -1
@@ -300,7 +317,7 @@ module Dawn
300
317
  # if the safe_version_rc is 0 then the detected_version_rc is
301
318
  # vulnerable by design, since the safe version is a stable and we
302
319
  # detected a rc.
303
- debug_me "entering is_vulnerable_rc?: s=#{safe_version_rc}, d=#{detected_version_rc}"
320
+ debug_verbosely "entering is_vulnerable_rc?: s=#{safe_version_rc}, d=#{detected_version_rc}"
304
321
  return debug_me_and_return_false("is_vulnerable_rc? = FALSE") if detected_version_rc == -1
305
322
 
306
323
  return debug_me_and_return_false("is_vulnerable_rc? = FALSE") if safe_version_rc != -1 and detected_version_rc == -1
@@ -340,8 +357,8 @@ module Dawn
340
357
  def is_vulnerable_version?(safe_version, detected_version)
341
358
  sva = version_string_to_array(safe_version)
342
359
  dva = version_string_to_array(detected_version)
343
- debug_me("SVA=#{sva.inspect}")
344
- debug_me("DVA=#{dva.inspect}")
360
+ debug_verbosely("SVA=#{sva.inspect}")
361
+ debug_verbosely("DVA=#{dva.inspect}")
345
362
  safe_version_array = sva[:version]
346
363
  detected_version_array = dva[:version]
347
364
 
@@ -353,7 +370,7 @@ module Dawn
353
370
  patch = is_vulnerable_patch?(safe_version_array, detected_version_array)
354
371
  aux_patch = is_vulnerable_aux_patch?(safe_version_array, detected_version_array)
355
372
 
356
- debug_me "is_vulnerable_version? SAVE_VERSION=#{safe_version},DETECTED=#{detected_version} -> IS_VULN_MAJOR?=#{major} IS_VULN_MINOR?=#{minor} IS_VULN_PATCH?=#{patch} IS_VULN_AUX_PATCH=#{aux_patch} SAVE_MINOR_FIX=#{@save_minor_fix} SAVE_MAJOR_FIX=#{@save_major_fix}"
373
+ debug_verbosely "is_vulnerable_version? SAVE_VERSION=#{safe_version},DETECTED=#{detected_version} -> IS_VULN_MAJOR?=#{major} IS_VULN_MINOR?=#{minor} IS_VULN_PATCH?=#{patch} IS_VULN_AUX_PATCH=#{aux_patch} SAVE_MINOR_FIX=#{@save_minor_fix} SAVE_MAJOR_FIX=#{@save_major_fix}"
357
374
 
358
375
  return debug_me_and_return_false("#{detected_version} doesn't have a vulnerable MAJOR number") if is_higher_major?(detected_version, safe_version) #and minor and patch
359
376
 
@@ -400,7 +417,7 @@ module Dawn
400
417
  # I'll support also nonsense checks.
401
418
 
402
419
  $logger.warn "Setting the predicate #{dep} will mark all versions as deprecated" unless self.enable_warning.nil?
403
- debug_me "You kindly mark #{detected_version} as deprecated with this predicate #{dep}"
420
+ debug_verbosely "You kindly mark #{detected_version} as deprecated with this predicate #{dep}"
404
421
  return true
405
422
  end
406
423
 
@@ -1,3 +1,16 @@
1
+ require 'singleton'
2
+
3
+ require 'rubygems/package'
4
+
5
+ # For HTTPS communication to check for KB updates and to fetch them
6
+ require 'net/http'
7
+ require 'uri'
8
+
9
+ require 'yaml'
10
+ require 'digest'
11
+
12
+ require 'date'
13
+
1
14
  # Core KB
2
15
  require "dawn/kb/basic_check"
3
16
  require "dawn/kb/pattern_match_check"
@@ -7,631 +20,222 @@ require "dawn/kb/operating_system_check"
7
20
  require "dawn/kb/combo_check"
8
21
  require "dawn/kb/version_check"
9
22
  require "dawn/kb/deprecation_check"
10
- require "dawn/kb/gem_check"
11
-
12
- # Q&A related checks
13
- ## Not revised code
14
- require "dawn/kb/not_revised_code"
15
-
16
- ## Owasp ROR Cheatsheet
17
- require 'dawn/kb/owasp_ror_cheatsheet/command_injection'
18
- require 'dawn/kb/owasp_ror_cheatsheet/csrf'
19
- require 'dawn/kb/owasp_ror_cheatsheet/session_stored_in_database'
20
- require 'dawn/kb/owasp_ror_cheatsheet/mass_assignment_in_model'
21
- require 'dawn/kb/owasp_ror_cheatsheet/security_related_headers'
22
- require 'dawn/kb/owasp_ror_cheatsheet/check_for_safe_redirect_and_forward'
23
- require 'dawn/kb/owasp_ror_cheatsheet/sensitive_files'
24
-
25
- # Security checks with no or pending CVE
26
-
27
- # A XSS issue on Simple Form gem reported by Rafael Mendonça França on
28
- # November, 29 2013
29
- #
30
- # https://groups.google.com/forum/#!topic/ruby-security-ann/flHbLMb07tE
31
- require "dawn/kb/simpleform_xss_20131129"
32
-
33
- # CVE - 2004
34
- require "dawn/kb/cve_2004_0755"
35
- require "dawn/kb/cve_2004_0983"
36
-
37
- # CVE - 2005
38
- require "dawn/kb/cve_2005_1992"
39
- require "dawn/kb/cve_2005_2337"
40
-
41
- # CVE - 2006
42
- require "dawn/kb/cve_2006_1931"
43
- require "dawn/kb/cve_2006_2582"
44
- require "dawn/kb/cve_2006_3694"
45
- require "dawn/kb/cve_2006_4112"
46
- require "dawn/kb/cve_2006_5467"
47
- require "dawn/kb/cve_2006_6303"
48
- require "dawn/kb/cve_2006_6852"
49
- require "dawn/kb/cve_2006_6979"
50
-
51
- # CVE - 2007
52
- require "dawn/kb/cve_2007_0469"
53
- require "dawn/kb/cve_2007_5162"
54
- require "dawn/kb/cve_2007_5379"
55
- require "dawn/kb/cve_2007_5380"
56
- require "dawn/kb/cve_2007_5770"
57
- require "dawn/kb/cve_2007_6077"
58
- require "dawn/kb/cve_2007_6612"
59
-
60
- # CVE - 2008
61
-
62
- require "dawn/kb/cve_2008_1145"
63
- require "dawn/kb/cve_2008_1891"
64
- require "dawn/kb/cve_2008_2376"
65
- require "dawn/kb/cve_2008_2662"
66
- require "dawn/kb/cve_2008_2663"
67
- require "dawn/kb/cve_2008_2664"
68
- require "dawn/kb/cve_2008_2725"
69
- require "dawn/kb/cve_2008_3655"
70
- require "dawn/kb/cve_2008_3657"
71
- require "dawn/kb/cve_2008_3790"
72
- require "dawn/kb/cve_2008_3905"
73
- require "dawn/kb/cve_2008_4094"
74
- require "dawn/kb/cve_2008_4310"
75
- require "dawn/kb/cve_2008_5189"
76
- require "dawn/kb/cve_2008_7248"
77
-
78
- # CVE - 2009
79
- require "dawn/kb/cve_2009_4078"
80
- require "dawn/kb/cve_2009_4124"
81
- require "dawn/kb/cve_2009_4214"
82
-
83
- # CVE - 2010
84
- require "dawn/kb/cve_2010_1330"
85
- require "dawn/kb/cve_2010_2489"
86
- require "dawn/kb/cve_2010_3933"
87
-
88
- # CVE - 2011
89
- require "dawn/kb/cve_2011_0188"
90
- require "dawn/kb/cve_2011_0446"
91
- require "dawn/kb/cve_2011_0447"
92
- require "dawn/kb/cve_2011_0739"
93
- require "dawn/kb/cve_2011_0995"
94
- require "dawn/kb/cve_2011_1004"
95
- require "dawn/kb/cve_2011_1005"
96
- require "dawn/kb/cve_2011_2197"
97
- require "dawn/kb/cve_2011_2686"
98
- require "dawn/kb/cve_2011_2705"
99
- require "dawn/kb/cve_2011_2929"
100
- require "dawn/kb/cve_2011_2930"
101
- require "dawn/kb/cve_2011_2931"
102
- require "dawn/kb/cve_2011_2932"
103
- require "dawn/kb/cve_2011_3009"
104
- require "dawn/kb/cve_2011_3186"
105
- require "dawn/kb/cve_2011_3187"
106
- require "dawn/kb/cve_2011_4319"
107
- require "dawn/kb/cve_2011_4815"
108
- require "dawn/kb/cve_2011_5036"
109
-
110
- # CVE - 2012
111
- require "dawn/kb/cve_2012_1098"
112
- require "dawn/kb/cve_2012_1099"
113
- require "dawn/kb/cve_2012_1241"
114
- require "dawn/kb/cve_2012_2139"
115
- require "dawn/kb/cve_2012_2140"
116
- require "dawn/kb/cve_2012_2660"
117
- require "dawn/kb/cve_2012_2661"
118
- require "dawn/kb/cve_2012_2671"
119
- require "dawn/kb/cve_2012_2694"
120
- require "dawn/kb/cve_2012_2695"
121
- require "dawn/kb/cve_2012_3424"
122
- require "dawn/kb/cve_2012_3463"
123
- require "dawn/kb/cve_2012_3464"
124
- require "dawn/kb/cve_2012_3465"
125
- require "dawn/kb/cve_2012_4464"
126
- require "dawn/kb/cve_2012_4466"
127
- require "dawn/kb/cve_2012_4481"
128
- require "dawn/kb/cve_2012_4522"
129
- require "dawn/kb/cve_2012_5370"
130
- require "dawn/kb/cve_2012_5371"
131
- require "dawn/kb/cve_2012_5380"
132
- require "dawn/kb/cve_2012_6109"
133
- require "dawn/kb/cve_2012_6134"
134
- require "dawn/kb/cve_2012_6496"
135
- require "dawn/kb/cve_2012_6497"
136
- require "dawn/kb/cve_2012_6684"
137
-
138
- # CVE - 2013
139
- require "dawn/kb/cve_2013_0155"
140
- require "dawn/kb/cve_2013_0156"
141
- require "dawn/kb/cve_2013_0162"
142
- require "dawn/kb/cve_2013_0175"
143
- require "dawn/kb/cve_2013_0183"
144
- require "dawn/kb/cve_2013_0184"
145
- require "dawn/kb/cve_2013_0233"
146
- require "dawn/kb/cve_2013_0256"
147
- require "dawn/kb/cve_2013_0262"
148
- require "dawn/kb/cve_2013_0263"
149
- require "dawn/kb/cve_2013_0269"
150
- require "dawn/kb/cve_2013_0276"
151
- require "dawn/kb/cve_2013_0277"
152
- require "dawn/kb/cve_2013_0284"
153
- require "dawn/kb/cve_2013_0285"
154
- require "dawn/kb/cve_2013_0333"
155
- require "dawn/kb/cve_2013_0334"
156
- require "dawn/kb/cve_2013_1607"
157
- require "dawn/kb/cve_2013_1655"
158
- require "dawn/kb/cve_2013_1656"
159
- require "dawn/kb/cve_2013_1756"
160
- require "dawn/kb/cve_2013_1800"
161
- require "dawn/kb/cve_2013_1801"
162
- require "dawn/kb/cve_2013_1802"
163
- require "dawn/kb/cve_2013_1812"
164
- require "dawn/kb/cve_2013_1821"
165
- require "dawn/kb/cve_2013_1854"
166
- require "dawn/kb/cve_2013_1855"
167
- require "dawn/kb/cve_2013_1856"
168
- require "dawn/kb/cve_2013_1857"
169
- require "dawn/kb/cve_2013_1875"
170
- require "dawn/kb/cve_2013_1898"
171
- require "dawn/kb/cve_2013_1911"
172
- require "dawn/kb/cve_2013_1933"
173
- require "dawn/kb/cve_2013_1947"
174
- require "dawn/kb/cve_2013_1948"
175
- require "dawn/kb/cve_2013_2065"
176
- require "dawn/kb/cve_2013_2090"
177
- require "dawn/kb/cve_2013_2105"
178
- require "dawn/kb/cve_2013_2119"
179
- require "dawn/kb/cve_2013_2512"
180
- require "dawn/kb/cve_2013_2513"
181
- require "dawn/kb/cve_2013_2516"
182
- require "dawn/kb/cve_2013_2615"
183
- require "dawn/kb/cve_2013_2616"
184
- require "dawn/kb/cve_2013_2617"
185
- require "dawn/kb/cve_2013_3221"
186
- require "dawn/kb/cve_2013_4164"
187
- require "dawn/kb/cve_2013_4203"
188
- require "dawn/kb/cve_2013_4389"
189
- require "dawn/kb/cve_2013_4413"
190
- require "dawn/kb/cve_2013_4457"
191
- require "dawn/kb/cve_2013_4478"
192
- require "dawn/kb/cve_2013_4479"
193
- require "dawn/kb/cve_2013_4489"
194
- require "dawn/kb/cve_2013_4491"
195
- require "dawn/kb/cve_2013_4492"
196
- require "dawn/kb/cve_2013_4562"
197
- require "dawn/kb/cve_2013_4593"
198
- require "dawn/kb/cve_2013_5647"
199
- require "dawn/kb/cve_2013_5671"
200
- require "dawn/kb/cve_2013_6414"
201
- require "dawn/kb/cve_2013_6415"
202
- require "dawn/kb/cve_2013_6416"
203
- require "dawn/kb/cve_2013_6417"
204
- require "dawn/kb/cve_2013_6421"
205
- require "dawn/kb/cve_2013_6459"
206
- require "dawn/kb/cve_2013_6460"
207
- require "dawn/kb/cve_2013_6461"
208
- require "dawn/kb/cve_2013_7086"
209
-
210
- # CVE - 2014
211
-
212
- require "dawn/kb/cve_2014_0036"
213
- require "dawn/kb/cve_2014_0080"
214
- require "dawn/kb/cve_2014_0081"
215
- require "dawn/kb/cve_2014_0082"
216
- require "dawn/kb/cve_2014_0130"
217
- require "dawn/kb/cve_2014_1233"
218
- require "dawn/kb/cve_2014_1234"
219
- require "dawn/kb/cve_2014_2322"
220
- require "dawn/kb/cve_2014_2525"
221
- require "dawn/kb/cve_2014_2538"
222
- require "dawn/kb/cve_2014_3482"
223
- require "dawn/kb/cve_2014_3483"
224
- require "dawn/kb/cve_2014_3916"
225
- require "dawn/kb/cve_2014_4975"
226
- require "dawn/kb/cve_2014_7818"
227
- require "dawn/kb/cve_2014_7819"
228
- require "dawn/kb/cve_2014_7829"
229
- require "dawn/kb/cve_2014_8090"
230
- require "dawn/kb/cve_2014_9490"
231
-
232
- # CVE - 2015
233
-
234
-
235
- require "dawn/kb/cve_2015_1819"
236
- # CVE-2015-1840 is spread in two classes because a single CVE is assigned to a
237
- # vulnerability affecting two differents but related gems.
238
- require "dawn/kb/cve_2015_1840/cve_2015_1840_a"
239
- require "dawn/kb/cve_2015_1840/cve_2015_1840_b"
240
- require "dawn/kb/cve_2015_2963"
241
- require "dawn/kb/cve_2015_3224"
242
- require "dawn/kb/cve_2015_3225"
243
- require "dawn/kb/cve_2015_3226"
244
- require "dawn/kb/cve_2015_3227"
245
- require "dawn/kb/cve_2015_3448"
246
- require "dawn/kb/cve_2015_4020"
247
- require "dawn/kb/cve_2015_5312"
248
- require "dawn/kb/cve_2015_7497"
249
- require "dawn/kb/cve_2015_7498"
250
- require "dawn/kb/cve_2015_7499"
251
- require "dawn/kb/cve_2015_7500"
252
- require "dawn/kb/cve_2015_7519"
253
- require "dawn/kb/cve_2015_7541"
254
- require "dawn/kb/cve_2015_7576"
255
- require "dawn/kb/cve_2015_7577"
256
- require "dawn/kb/cve_2015_7578"
257
- require "dawn/kb/cve_2015_7579"
258
- require "dawn/kb/cve_2015_7581"
259
- require "dawn/kb/cve_2015_8241"
260
- require "dawn/kb/cve_2015_8242"
261
- require "dawn/kb/cve_2015_8317"
262
-
263
- # CVE - 2016
264
-
265
- require "dawn/kb/cve_2016_0751"
266
- require "dawn/kb/cve_2016_0752"
267
- require "dawn/kb/cve_2016_0753"
268
- require "dawn/kb/cve_2016_2097"
269
- require "dawn/kb/cve_2016_2098"
270
- require "dawn/kb/cve_2016_5697"
271
- require "dawn/kb/cve_2016_6316"
272
- require "dawn/kb/cve_2016_6317"
273
- require "dawn/kb/cve_2016_6582"
274
-
275
- # OSVDB
276
-
277
- require "dawn/kb/osvdb_105971"
278
- require "dawn/kb/osvdb_108569"
279
- require "dawn/kb/osvdb_108570"
280
- require "dawn/kb/osvdb_108530"
281
- require "dawn/kb/osvdb_108563"
282
- require "dawn/kb/osvdb_115654"
283
- require "dawn/kb/osvdb_116010"
284
- require "dawn/kb/osvdb_117903"
285
- require "dawn/kb/osvdb_118579"
286
- require "dawn/kb/osvdb_118830"
287
- require "dawn/kb/osvdb_118954"
288
- require "dawn/kb/osvdb_119878"
289
- require "dawn/kb/osvdb_119927"
290
- require "dawn/kb/osvdb_120415"
291
- require "dawn/kb/osvdb_120857"
292
- require "dawn/kb/osvdb_121701"
293
- require "dawn/kb/osvdb_132234"
294
-
295
-
23
+ require "dawn/kb/rubygem_check"
24
+ require "dawn/kb/unsafe_depedency_check"
296
25
 
297
26
  module Dawn
298
- # XXX: Check if it best using a singleton here
27
+ # This is the YAML powered knowledge base
28
+ #
29
+ # Dawnscanner KB will be a bunch of YAML file, stored in a hierachy of
30
+ # directories resembling security checks family. A digital signature will be
31
+ # also available to prevent KB tampering.
32
+ #
33
+ # This class will be accountable for:
34
+ # + check for KB upgrade
35
+ # + fetching the KB file from the Internet
36
+ # + verifying the database signature
37
+ # + reading YAML file, creating the security check array
38
+ #
39
+ # Another big change will be the MVC passed as constructor parameter, so only
40
+ # the checks regarding the particular app, will be loaded in the security
41
+ # check array. This should speed up BasicCheck internal routines.
42
+ #
43
+ # Class usage will be very simple. After getting the singleton instance, you
44
+ # will load the KB content. The load method will be also responsible about
45
+ # all relevant checks.
46
+ #
47
+ # Example
48
+ #
49
+ # require "dawn/knowledge_base"
50
+ #
51
+ # ...
52
+ #
53
+ # d = Dawn::KnowledgeBase.instance
54
+ # d.update if d.update?
55
+ # d.load
56
+ #
57
+ # Last update: Mon Mar 22 05:08:55 PM CET 2021
299
58
  class KnowledgeBase
59
+ include Singleton
60
+
61
+ @error = ""
62
+ @@enabled_checks = [:generic_check, :code_quality, :bulletin, :code_style, :owasp_top_10]
63
+
64
+
65
+ GEM_CHECK = :rubygem_check
66
+ DEPENDENCY_CHECK = :dependency_check
67
+ UNSAFE_DEPENDENCY_CHECK = :unsafe_dependency_check
68
+ PATTERN_MATCH_CHECK = :pattern_match_check
69
+ RUBY_VERSION_CHECK = :ruby_version_check
70
+ OS_CHECK = :os_check
71
+ COMBO_CHECK = :combo_check
72
+ CUSTOM_CHECK = :custom_check
300
73
 
301
- include Dawn::Utils
74
+ REMOTE_KB_URL_PREFIX = "https://dawnscanner.org/data/"
75
+ FILES = %w(kb.yaml bulletin.tar.gz generic_check.tar.gz owasp_ror_cheatsheet.tar.gz code_style.tar.gz code_quality.tar.gz owasp_top_10.tar.gz signatures.tar.gz)
302
76
 
303
- GEM_CHECK = :rubygem_check
304
- DEPENDENCY_CHECK = :dependency_check
305
- PATTERN_MATCH_CHECK = :pattern_match_check
306
- RUBY_VERSION_CHECK = :ruby_version_check
307
- OS_CHECK = :os_check
308
- COMBO_CHECK = :combo_check
309
- CUSTOM_CHECK = :custom_check
77
+ VERSION = "0.0.1"
78
+
79
+ attr_reader :security_checks
80
+ attr_reader :descriptor
81
+ attr_reader :path
82
+ attr_reader :error
310
83
 
311
84
  def initialize(options={})
312
- @enabled_checks = Dawn::Kb::BasicCheck::ALLOWED_FAMILIES
313
- @enabled_checks = options[:enabled_checks] unless options[:enabled_checks].nil?
85
+ if $logger.nil?
86
+ require 'dawn/logger'
87
+ $logger = Logger.new(STDOUT)
88
+ $logger.helo "knowledge-base-experimental", Dawn::VERSION
89
+ end
90
+ @path = default_path
91
+ @path = options[:path] if options[:path]
92
+ FileUtils.mkdir_p(@path)
93
+
94
+ @enabled_checks = @@enabled_checks
314
95
 
315
- @security_checks = load_security_checks
96
+ debug_me "KB root path is #{@path}"
316
97
  end
317
98
 
318
- def self.find(checks=nil, name)
319
- return nil if name.nil? or name.empty?
320
- checks = Dawn::KnowledgeBase.new.load_security_checks if checks.nil?
99
+ def self.enabled_checks= checks
100
+ @@enabled_checks=checks
101
+ end
321
102
 
322
- checks.each do |sc|
323
- return sc if sc.name == name
324
- end
325
- nil
103
+ def default_path
104
+ @path = File.join(Dir.home, 'dawnscanner', 'kb')
105
+ return @path
326
106
  end
327
107
 
328
- def find(name)
329
- Dawn::KnowledgeBase.find(@security_checks, name)
108
+ def self.path= path_name
109
+ @path=path_name
330
110
  end
331
111
 
332
- def all
333
- @security_checks
112
+ def is_packed?
113
+ return __packed?
334
114
  end
335
115
 
336
- # TODO - next big refactoring will include also a change in this API.
337
- #
338
- # So to match Semantic Version, it must bring to a major version bump.
339
- # MVC name should be passed as constructor option, so the all_by_mvc can
340
- #
341
- # be called without parameter, having a nice-to-read code.
342
- # @checks = Dawn::KnowledgeBase.new({:enabled_checks=>@enabled_checks}).all_by_mvc(@name)
343
- def all_by_mvc(mvc)
344
- ret = []
345
- @security_checks.each do |sc|
346
- ret << sc if sc.applies_to?(mvc)
347
- end
348
- ret
116
+ def is_valid?
117
+ return __valid?
349
118
  end
350
119
 
351
- def all_sinatra_checks
352
- self.all_by_mvc("sinatra")
120
+
121
+ def find(name)
122
+ debug_me "I'm asked to find #{name}"
353
123
  end
354
124
 
355
- def all_rails_checks
356
- self.all_by_mvc("rails")
125
+ def unpack
126
+ # https://weblog.jamisbuck.org/2015/7/23/tar-gz-in-ruby.html
127
+ FILES.each do |f|
128
+ full_name = File.join(path,f)
129
+ if File.file?(full_name) and File.extname(full_name).eql?('.gz')
130
+ File.open(full_name, "rb") do |file|
131
+ Zlib::GzipReader.wrap(file) do |gz|
132
+ Gem::Package::TarReader.new(gz) do |tar|
133
+ tar.each do |entry|
134
+ if entry.file?
135
+ FileUtils.mkdir_p(File.dirname(File.join(path, entry.full_name)))
136
+ File.open(File.join(path, entry.full_name), "wb") do |f|
137
+ f.write(entry.read)
138
+ end
139
+ File.chmod(entry.header.mode, File.join(path,entry.full_name))
140
+ end
141
+ end
142
+ end
143
+ end
144
+ end
145
+ else
146
+ $logger.warn("can't open " + f)
147
+ end
148
+ end
357
149
  end
358
150
 
359
- def all_padrino_checks
360
- self.all_by_mvc("padrino")
151
+ def self.kb_descriptor
152
+ {:kb=>{:version=>VERSION, :revision=>Time.now.strftime("%Y%m%d"), :api=>Dawn::VERSION}}.to_yaml
361
153
  end
362
154
 
363
- def all_rack_checks
364
- self.all_by_mvc("rack")
155
+ def update?
156
+ FileUtils.mkdir_p("tmp")
157
+ begin
158
+ response = Net::HTTP.get URI(REMOTE_KB_URL_PREFIX + "kb.yaml")
159
+ open("tmp/kb.yaml", "w") do |f|
160
+ f.puts(response)
161
+ end
162
+ response = Net::HTTP.get URI(REMOTE_KB_URL_PREFIX + "kb.yaml.sig")
163
+ open("tmp/kb.yaml.sig", "w") do |f|
164
+ f.puts(response)
165
+ end
166
+ rescue Exception => e
167
+ $logger.error e.to_s
168
+ return false
169
+ end
170
+
171
+ # Verify kb.yaml signature
172
+
173
+ YAML.load(response)
365
174
  end
366
175
 
367
- def load_security_checks
368
-
369
- # START @cve_security_checks array
370
- @cve_security_checks =
371
- [
372
- Dawn::Kb::CVE_2004_0755.new,
373
- Dawn::Kb::CVE_2004_0983.new,
374
- Dawn::Kb::CVE_2005_1992.new,
375
- Dawn::Kb::CVE_2005_2337.new,
376
- Dawn::Kb::CVE_2006_1931.new,
377
- Dawn::Kb::CVE_2006_2582.new,
378
- Dawn::Kb::CVE_2006_3694.new,
379
- Dawn::Kb::CVE_2006_4112.new,
380
- Dawn::Kb::CVE_2006_5467.new,
381
- Dawn::Kb::CVE_2006_6303.new,
382
- Dawn::Kb::CVE_2006_6852.new,
383
- Dawn::Kb::CVE_2006_6979.new,
384
- Dawn::Kb::CVE_2007_0469.new,
385
- Dawn::Kb::CVE_2007_5162.new,
386
- Dawn::Kb::CVE_2007_5379.new,
387
- Dawn::Kb::CVE_2007_5380.new,
388
- Dawn::Kb::CVE_2007_5770.new,
389
- Dawn::Kb::CVE_2007_6077.new,
390
- Dawn::Kb::CVE_2007_6612.new,
391
- Dawn::Kb::CVE_2008_1145.new,
392
- Dawn::Kb::CVE_2008_1891.new,
393
- Dawn::Kb::CVE_2008_2376.new,
394
- Dawn::Kb::CVE_2008_2662.new,
395
- Dawn::Kb::CVE_2008_2663.new,
396
- Dawn::Kb::CVE_2008_2664.new,
397
- Dawn::Kb::CVE_2008_2725.new,
398
- Dawn::Kb::CVE_2008_3655.new,
399
- Dawn::Kb::CVE_2008_3657.new,
400
- Dawn::Kb::CVE_2008_3790.new,
401
- Dawn::Kb::CVE_2008_3905.new,
402
- Dawn::Kb::CVE_2008_4094.new,
403
- Dawn::Kb::CVE_2008_4310.new,
404
- Dawn::Kb::CVE_2008_5189.new,
405
- Dawn::Kb::CVE_2008_7248.new,
406
- Dawn::Kb::CVE_2009_4078.new,
407
- Dawn::Kb::CVE_2009_4124.new,
408
- Dawn::Kb::CVE_2009_4214.new,
409
- Dawn::Kb::CVE_2010_1330.new,
410
- Dawn::Kb::CVE_2010_2489.new,
411
- Dawn::Kb::CVE_2010_3933.new,
412
- Dawn::Kb::CVE_2011_0188.new,
413
- Dawn::Kb::CVE_2011_0446.new,
414
- Dawn::Kb::CVE_2011_0447.new,
415
- Dawn::Kb::CVE_2011_0739.new,
416
- Dawn::Kb::CVE_2011_0995.new,
417
- Dawn::Kb::CVE_2011_1004.new,
418
- Dawn::Kb::CVE_2011_1005.new,
419
- Dawn::Kb::CVE_2011_2197.new,
420
- Dawn::Kb::CVE_2011_2686.new,
421
- Dawn::Kb::CVE_2011_2705.new,
422
- Dawn::Kb::CVE_2011_2929.new,
423
- Dawn::Kb::CVE_2011_2930.new,
424
- Dawn::Kb::CVE_2011_2931.new,
425
- Dawn::Kb::CVE_2011_2932.new,
426
- Dawn::Kb::CVE_2011_3009.new,
427
- Dawn::Kb::CVE_2011_3186.new,
428
- Dawn::Kb::CVE_2011_3187.new,
429
- Dawn::Kb::CVE_2011_4319.new,
430
- Dawn::Kb::CVE_2011_4815.new,
431
- Dawn::Kb::CVE_2011_5036.new,
432
- Dawn::Kb::CVE_2012_1098.new,
433
- Dawn::Kb::CVE_2012_1099.new,
434
- Dawn::Kb::CVE_2012_1241.new,
435
- Dawn::Kb::CVE_2012_2139.new,
436
- Dawn::Kb::CVE_2012_2140.new,
437
- Dawn::Kb::CVE_2012_2660.new,
438
- Dawn::Kb::CVE_2012_2661.new,
439
- Dawn::Kb::CVE_2012_2671.new,
440
- Dawn::Kb::CVE_2012_2694.new,
441
- Dawn::Kb::CVE_2012_2695.new,
442
- Dawn::Kb::CVE_2012_3424.new,
443
- Dawn::Kb::CVE_2012_3463.new,
444
- Dawn::Kb::CVE_2012_3464.new,
445
- Dawn::Kb::CVE_2012_3465.new,
446
- Dawn::Kb::CVE_2012_4464.new,
447
- Dawn::Kb::CVE_2012_4466.new,
448
- Dawn::Kb::CVE_2012_4481.new,
449
- Dawn::Kb::CVE_2012_4522.new,
450
- Dawn::Kb::CVE_2012_5370.new,
451
- Dawn::Kb::CVE_2012_5371.new,
452
- Dawn::Kb::CVE_2012_5380.new,
453
- Dawn::Kb::CVE_2012_6109.new,
454
- Dawn::Kb::CVE_2012_6134.new,
455
- Dawn::Kb::CVE_2012_6496.new,
456
- Dawn::Kb::CVE_2012_6497.new,
457
- Dawn::Kb::CVE_2012_6684.new,
458
- Dawn::Kb::CVE_2013_0155.new,
459
- Dawn::Kb::CVE_2013_0156.new,
460
- Dawn::Kb::CVE_2013_0162.new,
461
- Dawn::Kb::CVE_2013_0175.new,
462
- Dawn::Kb::CVE_2013_0183.new,
463
- Dawn::Kb::CVE_2013_0184.new,
464
- Dawn::Kb::CVE_2013_0233.new,
465
- Dawn::Kb::CVE_2013_0256.new,
466
- Dawn::Kb::CVE_2013_0262.new,
467
- Dawn::Kb::CVE_2013_0263.new,
468
- Dawn::Kb::CVE_2013_0269.new,
469
- Dawn::Kb::CVE_2013_0276.new,
470
- Dawn::Kb::CVE_2013_0277.new,
471
- Dawn::Kb::CVE_2013_0284.new,
472
- Dawn::Kb::CVE_2013_0285.new,
473
- Dawn::Kb::CVE_2013_0333.new,
474
- Dawn::Kb::CVE_2013_0334.new,
475
- Dawn::Kb::CVE_2013_1607.new,
476
- Dawn::Kb::CVE_2013_1655.new,
477
- Dawn::Kb::CVE_2013_1656.new,
478
- Dawn::Kb::CVE_2013_1756.new,
479
- Dawn::Kb::CVE_2013_1800.new,
480
- Dawn::Kb::CVE_2013_1801.new,
481
- Dawn::Kb::CVE_2013_1802.new,
482
- Dawn::Kb::CVE_2013_1812.new,
483
- Dawn::Kb::CVE_2013_1821.new,
484
- Dawn::Kb::CVE_2013_1854.new,
485
- Dawn::Kb::CVE_2013_1855.new,
486
- Dawn::Kb::CVE_2013_1856.new,
487
- Dawn::Kb::CVE_2013_1857.new,
488
- Dawn::Kb::CVE_2013_1875.new,
489
- Dawn::Kb::CVE_2013_1898.new,
490
- Dawn::Kb::CVE_2013_1911.new,
491
- Dawn::Kb::CVE_2013_1933.new,
492
- Dawn::Kb::CVE_2013_1947.new,
493
- Dawn::Kb::CVE_2013_1948.new,
494
- Dawn::Kb::CVE_2013_2065.new,
495
- Dawn::Kb::CVE_2013_2090.new,
496
- Dawn::Kb::CVE_2013_2105.new,
497
- Dawn::Kb::CVE_2013_2119.new,
498
- Dawn::Kb::CVE_2013_2512.new,
499
- Dawn::Kb::CVE_2013_2513.new,
500
- Dawn::Kb::CVE_2013_2516.new,
501
- Dawn::Kb::CVE_2013_2615.new,
502
- Dawn::Kb::CVE_2013_2616.new,
503
- Dawn::Kb::CVE_2013_2617.new,
504
- Dawn::Kb::CVE_2013_3221.new,
505
- Dawn::Kb::CVE_2013_4164.new,
506
- Dawn::Kb::CVE_2013_4203.new,
507
- Dawn::Kb::CVE_2013_4389.new,
508
- Dawn::Kb::CVE_2013_4413.new,
509
- Dawn::Kb::CVE_2013_4457.new,
510
- Dawn::Kb::CVE_2013_4478.new,
511
- Dawn::Kb::CVE_2013_4479.new,
512
- Dawn::Kb::CVE_2013_4489.new,
513
- Dawn::Kb::CVE_2013_4491.new,
514
- Dawn::Kb::CVE_2013_4492.new,
515
- Dawn::Kb::CVE_2013_4562.new,
516
- Dawn::Kb::CVE_2013_4593.new,
517
- Dawn::Kb::CVE_2013_5647.new,
518
- Dawn::Kb::CVE_2013_5671.new,
519
- Dawn::Kb::CVE_2013_6414.new,
520
- Dawn::Kb::CVE_2013_6415.new,
521
- Dawn::Kb::CVE_2013_6416.new,
522
- Dawn::Kb::CVE_2013_6417.new,
523
- Dawn::Kb::CVE_2013_6421.new,
524
- Dawn::Kb::CVE_2013_6459.new,
525
- Dawn::Kb::CVE_2013_6460.new,
526
- Dawn::Kb::CVE_2013_6461.new,
527
- Dawn::Kb::CVE_2013_7086.new,
528
- Dawn::Kb::CVE_2014_0036.new,
529
- Dawn::Kb::CVE_2014_0080.new,
530
- Dawn::Kb::CVE_2014_0081.new,
531
- Dawn::Kb::CVE_2014_0082.new,
532
- Dawn::Kb::CVE_2014_0130.new,
533
- Dawn::Kb::CVE_2014_1233.new,
534
- Dawn::Kb::CVE_2014_1234.new,
535
- Dawn::Kb::CVE_2014_2322.new,
536
- Dawn::Kb::CVE_2014_2525.new,
537
- Dawn::Kb::CVE_2014_2538.new,
538
- Dawn::Kb::CVE_2014_3482.new,
539
- Dawn::Kb::CVE_2014_3483.new,
540
- Dawn::Kb::CVE_2014_3916.new,
541
- Dawn::Kb::CVE_2014_4975.new,
542
- Dawn::Kb::CVE_2014_7818.new,
543
- Dawn::Kb::CVE_2014_7819.new,
544
- Dawn::Kb::CVE_2014_7829.new,
545
- Dawn::Kb::CVE_2014_8090.new,
546
- Dawn::Kb::CVE_2014_9490.new,
547
- Dawn::Kb::CVE_2015_1819.new,
548
- Dawn::Kb::CVE_2015_1840_a.new,
549
- Dawn::Kb::CVE_2015_1840_b.new,
550
- Dawn::Kb::CVE_2015_2963.new,
551
- Dawn::Kb::CVE_2015_3224.new,
552
- Dawn::Kb::CVE_2015_3225.new,
553
- Dawn::Kb::CVE_2015_3226.new,
554
- Dawn::Kb::CVE_2015_3227.new,
555
- Dawn::Kb::CVE_2015_3448.new,
556
- Dawn::Kb::CVE_2015_4020.new,
557
- Dawn::Kb::CVE_2015_5312.new,
558
- Dawn::Kb::CVE_2015_7497.new,
559
- Dawn::Kb::CVE_2015_7498.new,
560
- Dawn::Kb::CVE_2015_7499.new,
561
- Dawn::Kb::CVE_2015_7500.new,
562
- Dawn::Kb::CVE_2015_7519.new,
563
- Dawn::Kb::CVE_2015_7541.new,
564
- Dawn::Kb::CVE_2015_7576.new,
565
- Dawn::Kb::CVE_2015_7577.new,
566
- Dawn::Kb::CVE_2015_7578.new,
567
- Dawn::Kb::CVE_2015_7579.new,
568
- Dawn::Kb::CVE_2015_7581.new,
569
- Dawn::Kb::CVE_2015_8241.new,
570
- Dawn::Kb::CVE_2015_8242.new,
571
- Dawn::Kb::CVE_2015_8317.new,
572
- Dawn::Kb::CVE_2016_0751.new,
573
- Dawn::Kb::CVE_2016_0752.new,
574
- Dawn::Kb::CVE_2016_0753.new,
575
- Dawn::Kb::CVE_2016_2097.new,
576
- Dawn::Kb::CVE_2016_2098.new,
577
- Dawn::Kb::CVE_2016_5697.new,
578
- Dawn::Kb::CVE_2016_6316.new,
579
- Dawn::Kb::CVE_2016_6317.new,
580
- Dawn::Kb::CVE_2016_6582.new,
581
-
582
-
583
- # OSVDB Checks are still here since are all about dependencies
584
- Dawn::Kb::OSVDB_105971.new,
585
- Dawn::Kb::OSVDB_108569.new,
586
- Dawn::Kb::OSVDB_108570.new,
587
- Dawn::Kb::OSVDB_108530.new,
588
- Dawn::Kb::OSVDB_108563.new,
589
- Dawn::Kb::OSVDB_115654.new,
590
- Dawn::Kb::OSVDB_116010.new,
591
- Dawn::Kb::OSVDB_117903.new,
592
- Dawn::Kb::OSVDB_118579.new,
593
- Dawn::Kb::OSVDB_118830.new,
594
- Dawn::Kb::OSVDB_118954.new,
595
- Dawn::Kb::OSVDB_119878.new,
596
- Dawn::Kb::OSVDB_119927.new,
597
- Dawn::Kb::OSVDB_120415.new,
598
- Dawn::Kb::OSVDB_120857.new,
599
- Dawn::Kb::OSVDB_121701.new,
600
- Dawn::Kb::OSVDB_132234.new,
601
- ]
602
- # END @cve_security_checks array
603
- # START @owasp_ror_cheatsheet_checks array
604
- @owasp_ror_cheatsheet_checks = [
605
- Dawn::Kb::OwaspRorCheatSheet::CommandInjection.new,
606
- Dawn::Kb::OwaspRorCheatSheet::Csrf.new,
607
- Dawn::Kb::OwaspRorCheatSheet::SessionStoredInDatabase.new,
608
- Dawn::Kb::OwaspRorCheatSheet::MassAssignmentInModel.new,
609
- Dawn::Kb::OwaspRorCheatSheet::SecurityRelatedHeaders.new,
610
- Dawn::Kb::OwaspRorCheatSheet::CheckForSafeRedirectAndForward.new,
611
- Dawn::Kb::OwaspRorCheatSheet::SensitiveFiles.new,
612
- ]
613
- # END @owasp_ror_cheatsheet_checks array
614
- @code_quality_checks = [
615
- Dawn::Kb::NotRevisedCode.new,
616
- ]
617
- @aux_checks =
618
- [
619
- Dawn::Kb::SimpleForm_Xss_20131129.new,
620
- ]
621
-
622
- ret = []
623
- ret += @aux_checks
624
- ret += @cve_security_checks if @enabled_checks.include?(:bulletin)
625
- ret += @owasp_ror_cheatsheet_checks if @enabled_checks.include?(:owasp_ror_cheatsheet)
626
- ret += @code_quality_checks if @enabled_checks.include?(:code_quality)
627
-
628
- ret
176
+ def all
177
+ @security_checks
629
178
  end
630
179
 
631
- def self.dump(verbose=false)
180
+ # Load security checks from db/ folder.
181
+ #
182
+ # Returns an array of security checks, matching the mvc to be reviewed and
183
+ # the enabled check list or an empty array if an error occured.
184
+ def load(lint=false)
185
+ good =0
186
+ invalid =0
187
+
188
+ @security_checks = []
189
+ # $path = File.join(Dir.pwd, "db")
190
+
191
+ unless __valid?
192
+ @error = "An invalid library it has been found. Please use --recovery flag to force fresh install from dawnscanner.org"
193
+ return []
194
+ end
195
+
196
+ unless __load?
197
+ @error = "The library must be consumed with dawnscanner up to v#{@descriptor[:kb][:api]}. You are using dawnscanner v#{Dawn::VERSION}"
198
+ return []
199
+ end
200
+
201
+ @enabled_checks.each do |d|
202
+
203
+ dir = File.join(@path, d.to_s)
204
+
205
+ # Please note that if we enter in this branch, it means someone
206
+ # tampered the KB between the previous __valid? check and this point.
207
+ # Of course this is a very rare situation, but we must handle it.
208
+ unless Dir.exists?(dir)
209
+ $logger.warn "Missing check directory #{dir}"
210
+ else
211
+ Dir.glob(dir+"/**/*.yml").each do |f|
212
+ begin
213
+ data = YAML.load_file(f)
214
+ @security_checks << data
215
+ good+=1
216
+ $logger.info("#{File.basename(f)} loaded") if lint
217
+ rescue Exception => e
218
+ $logger.error(e.message)
219
+ invalid+=1
220
+ end
221
+ end
222
+ end
223
+
224
+ if lint
225
+ $logger.info("#{invalid} invalid checks out of #{good+invalid}")
226
+ end
227
+
228
+
229
+ end
230
+
231
+ debug_me "#{@security_checks.count}"
232
+ return @security_checks
233
+ end
234
+
235
+ def dump(verbose=false)
632
236
  puts "Security checks currently supported:"
633
237
  i=0
634
- self.new.all.each do |check|
238
+ KnowledgeBase.instance.all.each do |check|
635
239
  i+=1
636
240
  if verbose
637
241
  puts "Name: #{check.name}\tCVSS: #{check.cvss_score}\tReleased: #{check.release_date}"
@@ -644,6 +248,66 @@ module Dawn
644
248
  puts "-----\nTotal: #{i}"
645
249
 
646
250
  end
647
- end
648
251
 
252
+ private
253
+
254
+ def __verify_hash(original, computed)
255
+ t=original.split(' ')
256
+ return false if t.length != 2
257
+ return (t[0] == computed)
258
+ end
259
+
260
+ def __valid?
261
+
262
+ lines = ""
263
+
264
+ unless File.exists?(File.join(@path, "kb.yaml"))
265
+ $logger.error "Missing kb.yaml in #{path}. Giving up"
266
+ return false
267
+ end
268
+
269
+ unless File.exists?(File.join(@path, "kb.yaml.sig"))
270
+ $logger.error "Missing kb.yaml signature in #{path}. Giving up"
271
+ return false
272
+ end
273
+
274
+ lines = File.read(File.join(@path, "kb.yaml"))
275
+ hash_file = Digest::SHA256.hexdigest lines
276
+ hash_orig = File.read(File.join(@path, "kb.yaml.sig"))
277
+
278
+ v = __verify_hash(hash_orig, hash_file)
279
+ if v
280
+ debug_me("good kb.yaml file found. Reading knowledge base descriptor")
281
+ @descriptor = YAML.load(lines)
282
+ else
283
+ $logger.error("kb.yaml signature mismatch. Found #{hash_file} while expecting #{hash_orig}. Giving up")
284
+ return false
285
+ end
286
+
287
+ return true
288
+ end
289
+
290
+ # Check if the local KB is packet or not.
291
+ #
292
+ # Returns true if at least one KB tarball file it has been found in the
293
+ # local DB path
294
+ def __packed?
295
+ FILES.each do |fn|
296
+ return true if fn.end_with? 'tar.gz' and File.exists?(File.join(@path, fn))
297
+ end
298
+ return false
299
+ end
300
+
301
+ def __load?
302
+ api = @descriptor[:kb][:api]
303
+ v = Dawn::VERSION
304
+ require "dawn/kb/version_check"
305
+
306
+ vc = Dawn::Kb::VersionCheck.new
307
+ return true if vc.is_higher?(v, api) # => true if v > api
308
+ return false
309
+ end
310
+
311
+
312
+ end
649
313
  end