dawnscanner 1.6.8 → 2.0.0.rc4

data/lib/dawn/gemfile_lock.rb

@@ -2,8 +2,8 @@ module Dawn
   class GemfileLock
     include Dawn::Engine
 
-    def initialize(dir = "./", filename = "", guessed_mvc)
-      super(dir, "Gemfile.lock", {:gemfile_name=>filename, :guessed_mvc=>guessed_mvc})
+    def initialize(dir = "./")
+      super(dir, "Gemfile.lock", {:gemfile_name=>"Gemfile.lock", :guessed_mvc=>Dawn::Core.guess_mvc(File.join(dir, "Gemfile.lock"))})
     end
 
   end

data/lib/dawn/kb/basic_check.rb

@@ -4,8 +4,6 @@ module Dawn
   module Kb
     module BasicCheck
 
-      include Dawn::Utils
-
       attr_reader :title
       attr_reader :name
       attr_reader :cve
@@ -239,6 +237,7 @@ module Dawn
 
         ret
       end
+
     end
   end
 end

data/lib/dawn/kb/combo_check.rb

@@ -1,6 +1,6 @@
 module Dawn
   module Kb
-    module ComboCheck
+    class ComboCheck
       include BasicCheck
 
       attr_reader   :checks

data/lib/dawn/kb/dependency_check.rb

@@ -1,6 +1,6 @@
 module Dawn
   module Kb
-    module DependencyCheck
+    class DependencyCheck
       include BasicCheck
 
       attr_accessor :dependencies

data/lib/dawn/kb/operating_system_check.rb

@@ -1,6 +1,6 @@
   module Dawn
     module Kb
-      module OperatingSystemCheck
+      class OperatingSystemCheck
         include BasicCheck
 
         # safe_os is an Hash with this form {:family=>"", :vendor=>"", :version=>""}

data/lib/dawn/kb/pattern_match_check.rb

@@ -2,7 +2,7 @@ require 'ptools'
 
 module Dawn
   module Kb
-    module PatternMatchCheck
+    class PatternMatchCheck
       include BasicCheck
 
 
@@ -25,7 +25,7 @@ module Dawn
 
       EXCLUSION_LIST = [
         "tags",
-        "vendor/bundle", 
+        "vendor/bundle",
         "features",
         "specs",
         "test"
@@ -38,10 +38,10 @@ module Dawn
         @attack_pattern_is_regex  = false
         @glob                     = "**"
         @attack_pattern           = options[:attack_pattern] unless options[:attack_pattern].nil?
-        @negative_search          = options[:negative_search] unless options[:negative_search].nil? 
-        @avoid_comments           = options[:avoid_comments] unless options[:avoid_comments].nil? 
-        @evidences                = options[:evidences] unless options[:evidences].nil? 
-        @attack_pattern_is_regex  = options[:attack_pattern_is_regex] unless options[:attack_pattern_is_regex].nil? 
+        @negative_search          = options[:negative_search] unless options[:negative_search].nil?
+        @avoid_comments           = options[:avoid_comments] unless options[:avoid_comments].nil?
+        @evidences                = options[:evidences] unless options[:evidences].nil?
+        @attack_pattern_is_regex  = options[:attack_pattern_is_regex] unless options[:attack_pattern_is_regex].nil?
         @glob                     = File.join(@glob, options[:glob]) unless options[:glob].nil?
         debug_me("EVIDENCES ARE #{@evidences.inspect}")
       end
@@ -60,6 +60,7 @@ module Dawn
         Dir.glob(File.join("#{root_dir}", @glob)).each do |filename|
           debug_me("#{File.basename(__FILE__)}@#{__LINE__}: analyzing #{filename}: search is #{@negative_search}")
           matches = []
+          raise ArgumentError.new("skipping empty file") if File.zero?(filename)
           begin
             matches = run(load_file(filename)) if File.exists?(filename) && File.file?(filename) && ! File.binary?(filename) && ! must_exclude?(filename)
             found = ! matches.empty?
@@ -84,17 +85,17 @@ module Dawn
         return ret_value
       end
 
-      private 
+      private
       def string_to_array(par)
         return par if par.class == Array
-        %w(par)  
+        %w(par)
       end
 
       def load_file(filename)
 
         f = File.open(filename)
         lines = f.readlines
-        f.close 
+        f.close
 
         lines
       end

data/lib/dawn/kb/ruby_version_check.rb

@@ -1,6 +1,6 @@
 module Dawn
   module Kb
-    module RubyVersionCheck
+    class RubyVersionCheck
       include BasicCheck
       # Array of hashes in the {:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"p342"} form
       attr_accessor   :safe_rubies
@@ -29,9 +29,9 @@ module Dawn
         ve = self.is_same_version?(detected_ruby[:version], vv_a)
         vp = is_vulnerable_patchlevel?(detected_ruby[:version], detected_ruby[:patchlevel])
 
-        debug_me("#{__FILE__}@#{__LINE__}: check: #{self.name}, engine is vulnerable?=#{vengine}, version is vulnerable?=#{vv}, is same version?=#{ve}, is_vulnerable_patchlevel?=#{vp}->#{vv && vengine}, #{(ve && vp && vengine )}")
-        debug_me("#{__FILE__}@#{__LINE__}: safe ruby is: #{@safe_rubies}")
-        debug_me("#{__FILE__}@#{__LINE__}: detected ruby is: #{@detected_ruby}")
+        debug_verbosely("#{__FILE__}@#{__LINE__}: check: #{self.name}, engine is vulnerable?=#{vengine}, version is vulnerable?=#{vv}, is same version?=#{ve}, is_vulnerable_patchlevel?=#{vp}->#{vv && vengine}, #{(ve && vp && vengine )}")
+        debug_verbosely("#{__FILE__}@#{__LINE__}: safe ruby is: #{@safe_rubies}")
+        debug_verbosely("#{__FILE__}@#{__LINE__}: detected ruby is: #{@detected_ruby}")
 
 
 
@@ -42,7 +42,7 @@ module Dawn
           @status = (ve && vp && vengine )
         end
 
-        debug_me("STATUS:#{@status}")
+        debug_verbosely("STATUS:#{@status}")
         self.evidences << "#{@detected_ruby[:engine]} v#{@detected_ruby[:version]}-#{@detected_ruby[:patchlevel]} detected" if @status
         return @status
 
@@ -58,7 +58,7 @@ module Dawn
 
       def is_same_version?(target, fixes = [])
         fixes.each do |f|
-          debug_me("F=#{f}, TARGET=#{target}")
+          debug_verbosely("F=#{f}, TARGET=#{target}")
           return true if f == target
         end
         false
@@ -66,23 +66,24 @@ module Dawn
 
       def is_vulnerable_patchlevel?(version, patchlevel)
         fixes = []
-        debug_me "is_vulnerable_patchlevel? called with VERSION=#{version} and PLEVEL=#{patchlevel}"
+        debug_verbosely "is_vulnerable_patchlevel? called with VERSION=#{version} and PLEVEL=#{patchlevel}"
         @safe_rubies.each do |ss|
           fixes << ss[:patchlevel].split("p")[1].to_i if ss[:version] == version
         end
 
-        debug_me "FIXES IS EMPTY" if fixes.empty?
-        debug_me "FIXES LIST IS #{fixes}" unless fixes.empty?
+        debug_verbosely "FIXES IS EMPTY" if fixes.empty?
+        debug_verbosely "FIXES LIST IS #{fixes}" unless fixes.empty?
         return true if fixes.empty?
 
         t = patchlevel.split("p")[1].to_i if patchlevel.include? 'p'
         t = patchlevel.to_i unless patchlevel.include? 'p'
         fixes.each do |f|
-          debug_me "PATCHLEVEL FIXES = #{f}, PATCHLEVEL TARGET = #{t}"
+          debug_verbosely "PATCHLEVEL FIXES = #{f}, PATCHLEVEL TARGET = #{t}"
           return true if f > t
         end
         false
       end
+
     end
   end
 end

data/lib/dawn/kb/{gem_check.rb → rubygem_check.rb}

@@ -1,7 +1,7 @@
 # This module handles security checks for RubyGems framework.
 module Dawn
   module Kb
-    module GemCheck
+    class RubygemCheck
       include BasicCheck
 
       attr_accessor :safe_versions

data/lib/dawn/kb/unsafe_depedency_check.rb

@@ -0,0 +1,44 @@
+module Dawn
+  module Kb
+    # While working on the KB rebase, fetching data from NVD API, I suddenly
+    # realize I must change the way a vulnerable dependency must be handled.
+    # Instead of changing what is working right now, I'll add a new dependency
+    # check ruby class
+    # NVD bulletins lists versions that are vulnerable and it would break
+    # automatism adding a post data fetching step to realize which is the first
+    # safe version.
+    #
+    # This class will handle a dependency name, the version found in
+    # Gemfile.lock and an array of vulnerable versions. If the version found is
+    # in the array, than the vuln? method returns true.
+    # This is an approach far more easy rathern than the one chosen in the past.
+    class UnsafeDependencyCheck
+      include BasicCheck
+
+      attr_accessor :dependencies
+      attr_accessor :vulnerable_version_array
+
+      def initialize(options)
+        super(options)
+      end
+
+      def vuln?
+        ret = false
+
+        # 20210325: I know... a single check handles a single dependency so,
+        # this should not be an array. This involves too many underlying
+        # changes one day I'll make.
+        @dependencies.each do |dep|
+          unless @vulnerable_version_array.nil? or @vulnerable_version_array.empty?
+            if dep[:name] == @vulnerable_version_array[0][:name]
+              return false if @vulnerable_version_array[0][:version].nil? or @vulnerable_version_array[0][:version].empty?
+              return true if @vulnerable_version_array[0][:version].include? dep[:version]
+            end
+          end
+        end
+
+        return false
+      end
+    end
+  end
+end

data/lib/dawn/kb/version_check.rb

@@ -23,16 +23,16 @@ module Dawn
         @save_major ||= options[:save_major]
         @debug      ||= options[:debug]
         @enable_warning ||= options[:enable_warning]
-        debug_me "VersionCheck initialized"
+        debug_verbosely "VersionCheck initialized"
       end
 
       def vuln?
-        debug_me "Detected version is #{@detected}"
-        debug_me "Safe versions array is #{@safe}"
-        debug_me "Deprecated versions array is #{@deprecated}. I'll mark them as vulnerable" unless @deprecated.nil?
-        debug_me "Excluded versions array is #{@excluded}. I'll mark them as not vulnerable" unless @excluded.nil?
-        debug_me "SAVE_MINOR FLAG = #{@save_minor}"
-        debug_me "SAVE_MAJOR FLAG = #{@save_major}"
+        debug_verbosely "Detected version is #{@detected}"
+        debug_verbosely "Safe versions array is #{@safe}"
+        debug_verbosely "Deprecated versions array is #{@deprecated}. I'll mark them as vulnerable" unless @deprecated.nil?
+        debug_verbosely "Excluded versions array is #{@excluded}. I'll mark them as not vulnerable" unless @excluded.nil?
+        debug_verbosely "SAVE_MINOR FLAG = #{@save_minor}"
+        debug_verbosely "SAVE_MAJOR FLAG = #{@save_major}"
 
         @status = :deprecated if is_detected_deprecated?
         return debug_me_and_return_false("detected version #{detected} is marked to be excluded for vulnerable ones")   if is_detected_excluded?
@@ -41,8 +41,25 @@ module Dawn
         return debug_me_and_return_false("detected version #{@detected} found as is in safe array")      if is_detected_in_safe?
         return debug_me_and_return_false("detected version #{@detected} is higher than all version marked safe")  if is_detected_highest?
 
-        @safe.sort.each do |s|
-          debug_me "vuln?: evaluating #{@detected} against save version: #{s}"
+        check_versions = nil
+        @safe.each do |safe_version|
+
+          sva = version_string_to_array(safe_version)
+          dva = version_string_to_array(@detected)
+
+          next unless is_same_version?(sva[:version], dva[:version], true)
+          next unless sva[:version].count == dva[:version].count || is_beta_check?(sva[:beta], dva[:beta]) || is_rc_check?(sva[:rc], dva[:rc]) || is_pre_check?(sva[:pre], dva[:pre])
+
+          check_versions = [safe_version]
+          break
+        end
+
+        debug_verbosely "vuln?: limited check_versions: #{check_versions.inspect}"
+        check_versions ||= @safe
+        debug_verbosely "vuln?: fallback check_versions: #{check_versions.inspect}"
+
+        check_versions.sort.each do |s|
+          debug_verbosely "vuln?: evaluating #{@detected} against save version: #{s}"
 
           @save_minor_fix   = save_minor_fix
           @save_major_fix   = save_major_fix
@@ -50,7 +67,7 @@ module Dawn
 
           vuln  = is_vulnerable_version?(s, @detected)
 
-          debug_me "DETECTED #{@detected} is marked VULN=#{vuln} against #{s} ( SAVE_MINOR_FIX=#{@save_minor_fix} SAVE_MAJOR_FIX=#{@save_major_fix})"
+          debug_verbosely "DETECTED #{@detected} is marked VULN=#{vuln} against #{s} ( SAVE_MINOR_FIX=#{@save_minor_fix} SAVE_MAJOR_FIX=#{@save_major_fix})"
           return true if vuln
         end
 
@@ -67,7 +84,7 @@ module Dawn
       def is_detected_highest?
         higher= @detected
         @safe.sort.each do |s|
-          debug_me("higher is #{higher}")
+          debug_verbosely("higher is #{higher}")
           higher=s if is_higher?(s, higher)
         end
         return (higher == @detected)
@@ -120,7 +137,7 @@ module Dawn
         ret = ver && beta && rc unless same
         ret = beta && rc if same
 
-        debug_me("is_higher? a=#{a}, b=#{b} VER=#{ver} - BETA=#{beta} - RC=#{rc} - SAME=#{same} - a>b? = (#{ret})")
+        debug_verbosely("is_higher? a=#{a}, b=#{b} VER=#{ver} - BETA=#{beta} - RC=#{rc} - SAME=#{same} - a>b? = (#{ret})")
         return ret
       end
 
@@ -129,7 +146,7 @@ module Dawn
         dva = version_string_to_array(@detected)[:version]
         @safe.sort.each do |s|
           sva = version_string_to_array(s)[:version]
-          debug_me "is_there_an_higher_major_version? DVA=#{dva} - SVA=#{sva}"
+          debug_verbosely "is_there_an_higher_major_version? DVA=#{dva} - SVA=#{sva}"
           return debug_me_and_return_true("is_there_an_higher_major_version? is returning true for #{@detected}") if dva[0] < sva[0]
         end
         return debug_me_and_return_false("is_there_an_higher_major_version? is returning false")
@@ -171,8 +188,8 @@ module Dawn
           sva = version_string_to_array(s)[:version]
           sM = is_same_major?(sva, dva)
           sm = is_same_minor?(sva, dva)
-          debug_me("save_minor_fix: SVA=#{sva};DVA=#{dva};SAME_MAJOR? = #{sM}; SAME_MINOR?=#{sm}; ( dva[2] >= sva[2] )=#{(dva[2] >= sva[2])}")
-          debug_me("save_minor_fix: is_there_higher_minor_version? = #{hm}")
+          debug_verbosely("save_minor_fix: SVA=#{sva};DVA=#{dva};SAME_MAJOR? = #{sM}; SAME_MINOR?=#{sm}; ( dva[2] >= sva[2] )=#{(dva[2] >= sva[2])}")
+          debug_verbosely("save_minor_fix: is_there_higher_minor_version? = #{hm}")
           return true if sM and sm and dva[2] >= sva[2] && hm
           return true if sM and hm
         end
@@ -212,7 +229,7 @@ module Dawn
         return (safe_version[2] > detected_version[2])
       end
       def is_vulnerable_aux_patch?(safe_version, detected_version)
-        debug_me "is_vulnerable_aux_patch?: SV[3]=#{safe_version[3]}, DV[3]=#{detected_version[3]}"
+        debug_verbosely "is_vulnerable_aux_patch?: SV[3]=#{safe_version[3]}, DV[3]=#{detected_version[3]}"
         return true if detected_version[3].nil? and ! safe_version[3].nil?
         return false if safe_version[3].nil? || detected_version[3].nil?
         return (safe_version[3] > detected_version[3])
@@ -255,11 +272,11 @@ module Dawn
           # eg. in case of a beta release, the array is [5,0,0,1] meaning
           # 5.0.0.beta1. Of course it must be handled in a different way than
           # 5.0.0.1 release that it will result in the same array
-          debug_me "is_same_version? with limit=TRUE"
+          debug_verbosely "is_same_version? with limit=TRUE"
           ret = true if (safe_version_array[0] == detected_version_array[0]) && (safe_version_array[1] == detected_version_array[1]) && (safe_version_array[2] == detected_version_array[2])
         end
 
-        debug_me "is_same_version? SVA=#{safe_version_array} DVA=#{detected_version_array} RET=#{ret}"
+        debug_verbosely "is_same_version? SVA=#{safe_version_array} DVA=#{detected_version_array} RET=#{ret}"
 
         return ret
       end
@@ -276,7 +293,7 @@ module Dawn
         # if the safe_version_beta is 0 then the detected_version_beta is
         # vulnerable by design, since the safe version is a stable and we
         # detected a beta.
-        debug_me("is_vulnerable_beta?: safe_version_beta=#{safe_version_beta} - detected_version_beta=#{detected_version_beta}")
+        debug_verbosely("is_vulnerable_beta?: safe_version_beta=#{safe_version_beta} - detected_version_beta=#{detected_version_beta}")
         return debug_me_and_return_false("is_vulnerable_beta? = FALSE") if safe_version_beta != -1 and detected_version_beta == -1
         return debug_me_and_return_true("is_vulnerable_beta? = TRUE") if safe_version_beta == -1 and detected_version_beta != -1
         return debug_me_and_return_true("is_vulnerable_beta? = TRUE") if safe_version_beta == 0 && detected_version_beta != -1
@@ -300,7 +317,7 @@ module Dawn
         # if the safe_version_rc is 0 then the detected_version_rc is
         # vulnerable by design, since the safe version is a stable and we
         # detected a rc.
-        debug_me "entering is_vulnerable_rc?: s=#{safe_version_rc}, d=#{detected_version_rc}"
+        debug_verbosely "entering is_vulnerable_rc?: s=#{safe_version_rc}, d=#{detected_version_rc}"
         return debug_me_and_return_false("is_vulnerable_rc? = FALSE") if detected_version_rc == -1
 
         return debug_me_and_return_false("is_vulnerable_rc? = FALSE") if safe_version_rc != -1 and detected_version_rc == -1
@@ -340,8 +357,8 @@ module Dawn
       def is_vulnerable_version?(safe_version, detected_version)
         sva = version_string_to_array(safe_version)
         dva = version_string_to_array(detected_version)
-        debug_me("SVA=#{sva.inspect}")
-        debug_me("DVA=#{dva.inspect}")
+        debug_verbosely("SVA=#{sva.inspect}")
+        debug_verbosely("DVA=#{dva.inspect}")
         safe_version_array = sva[:version]
         detected_version_array = dva[:version]
 
@@ -353,7 +370,7 @@ module Dawn
         patch = is_vulnerable_patch?(safe_version_array, detected_version_array)
         aux_patch = is_vulnerable_aux_patch?(safe_version_array, detected_version_array)
 
-        debug_me "is_vulnerable_version? SAVE_VERSION=#{safe_version},DETECTED=#{detected_version} -> IS_VULN_MAJOR?=#{major} IS_VULN_MINOR?=#{minor} IS_VULN_PATCH?=#{patch} IS_VULN_AUX_PATCH=#{aux_patch} SAVE_MINOR_FIX=#{@save_minor_fix} SAVE_MAJOR_FIX=#{@save_major_fix}"
+        debug_verbosely "is_vulnerable_version? SAVE_VERSION=#{safe_version},DETECTED=#{detected_version} -> IS_VULN_MAJOR?=#{major} IS_VULN_MINOR?=#{minor} IS_VULN_PATCH?=#{patch} IS_VULN_AUX_PATCH=#{aux_patch} SAVE_MINOR_FIX=#{@save_minor_fix} SAVE_MAJOR_FIX=#{@save_major_fix}"
 
         return debug_me_and_return_false("#{detected_version} doesn't have a vulnerable MAJOR number") if is_higher_major?(detected_version, safe_version) #and minor and patch
 
@@ -400,7 +417,7 @@ module Dawn
             # I'll support also nonsense checks.
 
             $logger.warn "Setting the predicate #{dep} will mark all versions as deprecated" unless self.enable_warning.nil?
-            debug_me "You kindly mark #{detected_version} as deprecated with this predicate #{dep}"
+            debug_verbosely "You kindly mark #{detected_version} as deprecated with this predicate #{dep}"
             return true
           end
 

data/lib/dawn/knowledge_base.rb

@@ -1,3 +1,16 @@
+require 'singleton'
+
+require 'rubygems/package'
+
+# For HTTPS communication to check for KB updates and to fetch them
+require 'net/http'
+require 'uri'
+
+require 'yaml'
+require 'digest'
+
+require 'date'
+
 # Core KB
 require "dawn/kb/basic_check"
 require "dawn/kb/pattern_match_check"
@@ -7,631 +20,222 @@ require "dawn/kb/operating_system_check"
 require "dawn/kb/combo_check"
 require "dawn/kb/version_check"
 require "dawn/kb/deprecation_check"
-require "dawn/kb/gem_check"
-
-# Q&A related checks
-## Not revised code
-require "dawn/kb/not_revised_code"
-
-## Owasp ROR Cheatsheet
-require 'dawn/kb/owasp_ror_cheatsheet/command_injection'
-require 'dawn/kb/owasp_ror_cheatsheet/csrf'
-require 'dawn/kb/owasp_ror_cheatsheet/session_stored_in_database'
-require 'dawn/kb/owasp_ror_cheatsheet/mass_assignment_in_model'
-require 'dawn/kb/owasp_ror_cheatsheet/security_related_headers'
-require 'dawn/kb/owasp_ror_cheatsheet/check_for_safe_redirect_and_forward'
-require 'dawn/kb/owasp_ror_cheatsheet/sensitive_files'
-
-# Security checks with no or pending CVE
-
-# A XSS issue on Simple Form gem reported by Rafael Mendonça França on
-# November, 29 2013
-#
-# https://groups.google.com/forum/#!topic/ruby-security-ann/flHbLMb07tE
-require "dawn/kb/simpleform_xss_20131129"
-
-# CVE - 2004
-require "dawn/kb/cve_2004_0755"
-require "dawn/kb/cve_2004_0983"
-
-# CVE - 2005
-require "dawn/kb/cve_2005_1992"
-require "dawn/kb/cve_2005_2337"
-
-# CVE - 2006
-require "dawn/kb/cve_2006_1931"
-require "dawn/kb/cve_2006_2582"
-require "dawn/kb/cve_2006_3694"
-require "dawn/kb/cve_2006_4112"
-require "dawn/kb/cve_2006_5467"
-require "dawn/kb/cve_2006_6303"
-require "dawn/kb/cve_2006_6852"
-require "dawn/kb/cve_2006_6979"
-
-# CVE - 2007
-require "dawn/kb/cve_2007_0469"
-require "dawn/kb/cve_2007_5162"
-require "dawn/kb/cve_2007_5379"
-require "dawn/kb/cve_2007_5380"
-require "dawn/kb/cve_2007_5770"
-require "dawn/kb/cve_2007_6077"
-require "dawn/kb/cve_2007_6612"
-
-# CVE - 2008
-
-require "dawn/kb/cve_2008_1145"
-require "dawn/kb/cve_2008_1891"
-require "dawn/kb/cve_2008_2376"
-require "dawn/kb/cve_2008_2662"
-require "dawn/kb/cve_2008_2663"
-require "dawn/kb/cve_2008_2664"
-require "dawn/kb/cve_2008_2725"
-require "dawn/kb/cve_2008_3655"
-require "dawn/kb/cve_2008_3657"
-require "dawn/kb/cve_2008_3790"
-require "dawn/kb/cve_2008_3905"
-require "dawn/kb/cve_2008_4094"
-require "dawn/kb/cve_2008_4310"
-require "dawn/kb/cve_2008_5189"
-require "dawn/kb/cve_2008_7248"
-
-# CVE - 2009
-require "dawn/kb/cve_2009_4078"
-require "dawn/kb/cve_2009_4124"
-require "dawn/kb/cve_2009_4214"
-
-# CVE - 2010
-require "dawn/kb/cve_2010_1330"
-require "dawn/kb/cve_2010_2489"
-require "dawn/kb/cve_2010_3933"
-
-# CVE - 2011
-require "dawn/kb/cve_2011_0188"
-require "dawn/kb/cve_2011_0446"
-require "dawn/kb/cve_2011_0447"
-require "dawn/kb/cve_2011_0739"
-require "dawn/kb/cve_2011_0995"
-require "dawn/kb/cve_2011_1004"
-require "dawn/kb/cve_2011_1005"
-require "dawn/kb/cve_2011_2197"
-require "dawn/kb/cve_2011_2686"
-require "dawn/kb/cve_2011_2705"
-require "dawn/kb/cve_2011_2929"
-require "dawn/kb/cve_2011_2930"
-require "dawn/kb/cve_2011_2931"
-require "dawn/kb/cve_2011_2932"
-require "dawn/kb/cve_2011_3009"
-require "dawn/kb/cve_2011_3186"
-require "dawn/kb/cve_2011_3187"
-require "dawn/kb/cve_2011_4319"
-require "dawn/kb/cve_2011_4815"
-require "dawn/kb/cve_2011_5036"
-
-# CVE - 2012
-require "dawn/kb/cve_2012_1098"
-require "dawn/kb/cve_2012_1099"
-require "dawn/kb/cve_2012_1241"
-require "dawn/kb/cve_2012_2139"
-require "dawn/kb/cve_2012_2140"
-require "dawn/kb/cve_2012_2660"
-require "dawn/kb/cve_2012_2661"
-require "dawn/kb/cve_2012_2671"
-require "dawn/kb/cve_2012_2694"
-require "dawn/kb/cve_2012_2695"
-require "dawn/kb/cve_2012_3424"
-require "dawn/kb/cve_2012_3463"
-require "dawn/kb/cve_2012_3464"
-require "dawn/kb/cve_2012_3465"
-require "dawn/kb/cve_2012_4464"
-require "dawn/kb/cve_2012_4466"
-require "dawn/kb/cve_2012_4481"
-require "dawn/kb/cve_2012_4522"
-require "dawn/kb/cve_2012_5370"
-require "dawn/kb/cve_2012_5371"
-require "dawn/kb/cve_2012_5380"
-require "dawn/kb/cve_2012_6109"
-require "dawn/kb/cve_2012_6134"
-require "dawn/kb/cve_2012_6496"
-require "dawn/kb/cve_2012_6497"
-require "dawn/kb/cve_2012_6684"
-
-# CVE - 2013
-require "dawn/kb/cve_2013_0155"
-require "dawn/kb/cve_2013_0156"
-require "dawn/kb/cve_2013_0162"
-require "dawn/kb/cve_2013_0175"
-require "dawn/kb/cve_2013_0183"
-require "dawn/kb/cve_2013_0184"
-require "dawn/kb/cve_2013_0233"
-require "dawn/kb/cve_2013_0256"
-require "dawn/kb/cve_2013_0262"
-require "dawn/kb/cve_2013_0263"
-require "dawn/kb/cve_2013_0269"
-require "dawn/kb/cve_2013_0276"
-require "dawn/kb/cve_2013_0277"
-require "dawn/kb/cve_2013_0284"
-require "dawn/kb/cve_2013_0285"
-require "dawn/kb/cve_2013_0333"
-require "dawn/kb/cve_2013_0334"
-require "dawn/kb/cve_2013_1607"
-require "dawn/kb/cve_2013_1655"
-require "dawn/kb/cve_2013_1656"
-require "dawn/kb/cve_2013_1756"
-require "dawn/kb/cve_2013_1800"
-require "dawn/kb/cve_2013_1801"
-require "dawn/kb/cve_2013_1802"
-require "dawn/kb/cve_2013_1812"
-require "dawn/kb/cve_2013_1821"
-require "dawn/kb/cve_2013_1854"
-require "dawn/kb/cve_2013_1855"
-require "dawn/kb/cve_2013_1856"
-require "dawn/kb/cve_2013_1857"
-require "dawn/kb/cve_2013_1875"
-require "dawn/kb/cve_2013_1898"
-require "dawn/kb/cve_2013_1911"
-require "dawn/kb/cve_2013_1933"
-require "dawn/kb/cve_2013_1947"
-require "dawn/kb/cve_2013_1948"
-require "dawn/kb/cve_2013_2065"
-require "dawn/kb/cve_2013_2090"
-require "dawn/kb/cve_2013_2105"
-require "dawn/kb/cve_2013_2119"
-require "dawn/kb/cve_2013_2512"
-require "dawn/kb/cve_2013_2513"
-require "dawn/kb/cve_2013_2516"
-require "dawn/kb/cve_2013_2615"
-require "dawn/kb/cve_2013_2616"
-require "dawn/kb/cve_2013_2617"
-require "dawn/kb/cve_2013_3221"
-require "dawn/kb/cve_2013_4164"
-require "dawn/kb/cve_2013_4203"
-require "dawn/kb/cve_2013_4389"
-require "dawn/kb/cve_2013_4413"
-require "dawn/kb/cve_2013_4457"
-require "dawn/kb/cve_2013_4478"
-require "dawn/kb/cve_2013_4479"
-require "dawn/kb/cve_2013_4489"
-require "dawn/kb/cve_2013_4491"
-require "dawn/kb/cve_2013_4492"
-require "dawn/kb/cve_2013_4562"
-require "dawn/kb/cve_2013_4593"
-require "dawn/kb/cve_2013_5647"
-require "dawn/kb/cve_2013_5671"
-require "dawn/kb/cve_2013_6414"
-require "dawn/kb/cve_2013_6415"
-require "dawn/kb/cve_2013_6416"
-require "dawn/kb/cve_2013_6417"
-require "dawn/kb/cve_2013_6421"
-require "dawn/kb/cve_2013_6459"
-require "dawn/kb/cve_2013_6460"
-require "dawn/kb/cve_2013_6461"
-require "dawn/kb/cve_2013_7086"
-
-# CVE - 2014
-
-require "dawn/kb/cve_2014_0036"
-require "dawn/kb/cve_2014_0080"
-require "dawn/kb/cve_2014_0081"
-require "dawn/kb/cve_2014_0082"
-require "dawn/kb/cve_2014_0130"
-require "dawn/kb/cve_2014_1233"
-require "dawn/kb/cve_2014_1234"
-require "dawn/kb/cve_2014_2322"
-require "dawn/kb/cve_2014_2525"
-require "dawn/kb/cve_2014_2538"
-require "dawn/kb/cve_2014_3482"
-require "dawn/kb/cve_2014_3483"
-require "dawn/kb/cve_2014_3916"
-require "dawn/kb/cve_2014_4975"
-require "dawn/kb/cve_2014_7818"
-require "dawn/kb/cve_2014_7819"
-require "dawn/kb/cve_2014_7829"
-require "dawn/kb/cve_2014_8090"
-require "dawn/kb/cve_2014_9490"
-
-# CVE - 2015
-
-
-require "dawn/kb/cve_2015_1819"
-# CVE-2015-1840 is spread in two classes because a single CVE is assigned to a
-# vulnerability affecting two differents but related gems.
-require "dawn/kb/cve_2015_1840/cve_2015_1840_a"
-require "dawn/kb/cve_2015_1840/cve_2015_1840_b"
-require "dawn/kb/cve_2015_2963"
-require "dawn/kb/cve_2015_3224"
-require "dawn/kb/cve_2015_3225"
-require "dawn/kb/cve_2015_3226"
-require "dawn/kb/cve_2015_3227"
-require "dawn/kb/cve_2015_3448"
-require "dawn/kb/cve_2015_4020"
-require "dawn/kb/cve_2015_5312"
-require "dawn/kb/cve_2015_7497"
-require "dawn/kb/cve_2015_7498"
-require "dawn/kb/cve_2015_7499"
-require "dawn/kb/cve_2015_7500"
-require "dawn/kb/cve_2015_7519"
-require "dawn/kb/cve_2015_7541"
-require "dawn/kb/cve_2015_7576"
-require "dawn/kb/cve_2015_7577"
-require "dawn/kb/cve_2015_7578"
-require "dawn/kb/cve_2015_7579"
-require "dawn/kb/cve_2015_7581"
-require "dawn/kb/cve_2015_8241"
-require "dawn/kb/cve_2015_8242"
-require "dawn/kb/cve_2015_8317"
-
-# CVE - 2016
-
-require "dawn/kb/cve_2016_0751"
-require "dawn/kb/cve_2016_0752"
-require "dawn/kb/cve_2016_0753"
-require "dawn/kb/cve_2016_2097"
-require "dawn/kb/cve_2016_2098"
-require "dawn/kb/cve_2016_5697"
-require "dawn/kb/cve_2016_6316"
-require "dawn/kb/cve_2016_6317"
-require "dawn/kb/cve_2016_6582"
-
-# OSVDB
-
-require "dawn/kb/osvdb_105971"
-require "dawn/kb/osvdb_108569"
-require "dawn/kb/osvdb_108570"
-require "dawn/kb/osvdb_108530"
-require "dawn/kb/osvdb_108563"
-require "dawn/kb/osvdb_115654"
-require "dawn/kb/osvdb_116010"
-require "dawn/kb/osvdb_117903"
-require "dawn/kb/osvdb_118579"
-require "dawn/kb/osvdb_118830"
-require "dawn/kb/osvdb_118954"
-require "dawn/kb/osvdb_119878"
-require "dawn/kb/osvdb_119927"
-require "dawn/kb/osvdb_120415"
-require "dawn/kb/osvdb_120857"
-require "dawn/kb/osvdb_121701"
-require "dawn/kb/osvdb_132234"
-
-
+require "dawn/kb/rubygem_check"
+require "dawn/kb/unsafe_depedency_check"
 
 module Dawn
-  # XXX: Check if it best using a singleton here
+  # This is the YAML powered knowledge base
+  #
+  # Dawnscanner KB will be a bunch of YAML file, stored in a hierachy of
+  # directories resembling security checks family. A digital signature will be
+  # also available to prevent KB tampering.
+  #
+  # This class will be accountable for:
+  #   + check for KB upgrade
+  #   + fetching the KB file from the Internet
+  #   + verifying the database signature
+  #   + reading YAML file, creating the security check array
+  #
+  # Another big change will be the MVC passed as constructor parameter, so only
+  # the checks regarding the particular app, will be loaded in the security
+  # check array. This should speed up BasicCheck internal routines.
+  #
+  # Class usage will be very simple. After getting the singleton instance, you
+  # will load the KB content. The load method will be also responsible about
+  # all relevant checks.
+  #
+  # Example
+  #
+  # require "dawn/knowledge_base"
+  #
+  # ...
+  #
+  # d = Dawn::KnowledgeBase.instance
+  # d.update if d.update?
+  # d.load
+  #
+  # Last update: Mon Mar 22 05:08:55 PM CET 2021
   class KnowledgeBase
+    include Singleton
+
+    @error = ""
+    @@enabled_checks = [:generic_check, :code_quality, :bulletin, :code_style, :owasp_top_10]
+
+
+    GEM_CHECK               = :rubygem_check
+    DEPENDENCY_CHECK        = :dependency_check
+    UNSAFE_DEPENDENCY_CHECK = :unsafe_dependency_check
+    PATTERN_MATCH_CHECK     = :pattern_match_check
+    RUBY_VERSION_CHECK      = :ruby_version_check
+    OS_CHECK                = :os_check
+    COMBO_CHECK             = :combo_check
+    CUSTOM_CHECK            = :custom_check
 
-    include Dawn::Utils
+    REMOTE_KB_URL_PREFIX  = "https://dawnscanner.org/data/"
+    FILES = %w(kb.yaml bulletin.tar.gz generic_check.tar.gz owasp_ror_cheatsheet.tar.gz code_style.tar.gz code_quality.tar.gz owasp_top_10.tar.gz signatures.tar.gz)
 
-    GEM_CHECK           = :rubygem_check
-    DEPENDENCY_CHECK    = :dependency_check
-    PATTERN_MATCH_CHECK = :pattern_match_check
-    RUBY_VERSION_CHECK  = :ruby_version_check
-    OS_CHECK            = :os_check
-    COMBO_CHECK         = :combo_check
-    CUSTOM_CHECK        = :custom_check
+    VERSION = "0.0.1"
+
+    attr_reader :security_checks
+    attr_reader :descriptor
+    attr_reader :path
+    attr_reader :error
 
     def initialize(options={})
-      @enabled_checks = Dawn::Kb::BasicCheck::ALLOWED_FAMILIES
-      @enabled_checks = options[:enabled_checks] unless options[:enabled_checks].nil?
+      if $logger.nil?
+        require 'dawn/logger'
+        $logger = Logger.new(STDOUT)
+        $logger.helo "knowledge-base-experimental", Dawn::VERSION
+      end
+      @path = default_path
+      @path = options[:path] if options[:path]
+      FileUtils.mkdir_p(@path)
+
+      @enabled_checks = @@enabled_checks
 
-      @security_checks = load_security_checks
+      debug_me "KB root path is #{@path}"
     end
 
-    def self.find(checks=nil, name)
-      return nil if name.nil? or name.empty?
-      checks = Dawn::KnowledgeBase.new.load_security_checks if checks.nil?
+    def self.enabled_checks= checks
+      @@enabled_checks=checks
+    end
 
-      checks.each do |sc|
-        return sc if sc.name == name
-      end
-      nil
+    def default_path
+      @path = File.join(Dir.home, 'dawnscanner', 'kb')
+      return @path
     end
 
-    def find(name)
-      Dawn::KnowledgeBase.find(@security_checks, name)
+    def self.path= path_name
+      @path=path_name
     end
 
-    def all
-      @security_checks
+    def is_packed?
+      return __packed?
     end
 
-    # TODO - next big refactoring will include also a change in this API.
-    #
-    # So to match Semantic Version, it must bring to a major version bump.
-    # MVC name should be passed as constructor option, so the all_by_mvc can
-    #
-    # be called without parameter, having a nice-to-read code.
-    # @checks = Dawn::KnowledgeBase.new({:enabled_checks=>@enabled_checks}).all_by_mvc(@name)
-    def all_by_mvc(mvc)
-      ret = []
-      @security_checks.each do |sc|
-        ret << sc if sc.applies_to?(mvc)
-      end
-      ret
+    def is_valid?
+      return __valid?
     end
 
-    def all_sinatra_checks
-      self.all_by_mvc("sinatra")
+
+    def find(name)
+      debug_me "I'm asked to find #{name}"
     end
 
-    def all_rails_checks
-      self.all_by_mvc("rails")
+    def unpack
+      # https://weblog.jamisbuck.org/2015/7/23/tar-gz-in-ruby.html
+      FILES.each do |f|
+        full_name = File.join(path,f)
+        if File.file?(full_name) and File.extname(full_name).eql?('.gz')
+          File.open(full_name, "rb") do |file|
+            Zlib::GzipReader.wrap(file) do |gz|
+              Gem::Package::TarReader.new(gz) do |tar|
+                tar.each do |entry|
+                  if entry.file?
+                    FileUtils.mkdir_p(File.dirname(File.join(path, entry.full_name)))
+                    File.open(File.join(path, entry.full_name), "wb") do |f|
+                      f.write(entry.read)
+                    end
+                    File.chmod(entry.header.mode, File.join(path,entry.full_name))
+                  end
+                end
+              end
+            end
+          end
+        else
+          $logger.warn("can't open " + f)
+        end
+      end
     end
 
-    def all_padrino_checks
-      self.all_by_mvc("padrino")
+    def self.kb_descriptor
+      {:kb=>{:version=>VERSION, :revision=>Time.now.strftime("%Y%m%d"), :api=>Dawn::VERSION}}.to_yaml
     end
 
-    def all_rack_checks
-      self.all_by_mvc("rack")
+    def update?
+      FileUtils.mkdir_p("tmp")
+      begin
+        response = Net::HTTP.get URI(REMOTE_KB_URL_PREFIX + "kb.yaml")
+        open("tmp/kb.yaml", "w") do |f|
+          f.puts(response)
+        end
+        response = Net::HTTP.get URI(REMOTE_KB_URL_PREFIX + "kb.yaml.sig")
+        open("tmp/kb.yaml.sig", "w") do |f|
+          f.puts(response)
+        end
+      rescue Exception => e
+        $logger.error e.to_s
+        return false
+      end
+
+      # Verify kb.yaml signature
+
+      YAML.load(response)
     end
 
-    def load_security_checks
-
-      # START @cve_security_checks array
-      @cve_security_checks =
-        [
-          Dawn::Kb::CVE_2004_0755.new,
-          Dawn::Kb::CVE_2004_0983.new,
-          Dawn::Kb::CVE_2005_1992.new,
-          Dawn::Kb::CVE_2005_2337.new,
-          Dawn::Kb::CVE_2006_1931.new,
-          Dawn::Kb::CVE_2006_2582.new,
-          Dawn::Kb::CVE_2006_3694.new,
-          Dawn::Kb::CVE_2006_4112.new,
-          Dawn::Kb::CVE_2006_5467.new,
-          Dawn::Kb::CVE_2006_6303.new,
-          Dawn::Kb::CVE_2006_6852.new,
-          Dawn::Kb::CVE_2006_6979.new,
-          Dawn::Kb::CVE_2007_0469.new,
-          Dawn::Kb::CVE_2007_5162.new,
-          Dawn::Kb::CVE_2007_5379.new,
-          Dawn::Kb::CVE_2007_5380.new,
-          Dawn::Kb::CVE_2007_5770.new,
-          Dawn::Kb::CVE_2007_6077.new,
-          Dawn::Kb::CVE_2007_6612.new,
-          Dawn::Kb::CVE_2008_1145.new,
-          Dawn::Kb::CVE_2008_1891.new,
-          Dawn::Kb::CVE_2008_2376.new,
-          Dawn::Kb::CVE_2008_2662.new,
-          Dawn::Kb::CVE_2008_2663.new,
-          Dawn::Kb::CVE_2008_2664.new,
-          Dawn::Kb::CVE_2008_2725.new,
-          Dawn::Kb::CVE_2008_3655.new,
-          Dawn::Kb::CVE_2008_3657.new,
-          Dawn::Kb::CVE_2008_3790.new,
-          Dawn::Kb::CVE_2008_3905.new,
-          Dawn::Kb::CVE_2008_4094.new,
-          Dawn::Kb::CVE_2008_4310.new,
-          Dawn::Kb::CVE_2008_5189.new,
-          Dawn::Kb::CVE_2008_7248.new,
-          Dawn::Kb::CVE_2009_4078.new,
-          Dawn::Kb::CVE_2009_4124.new,
-          Dawn::Kb::CVE_2009_4214.new,
-          Dawn::Kb::CVE_2010_1330.new,
-          Dawn::Kb::CVE_2010_2489.new,
-          Dawn::Kb::CVE_2010_3933.new,
-          Dawn::Kb::CVE_2011_0188.new,
-          Dawn::Kb::CVE_2011_0446.new,
-          Dawn::Kb::CVE_2011_0447.new,
-          Dawn::Kb::CVE_2011_0739.new,
-          Dawn::Kb::CVE_2011_0995.new,
-          Dawn::Kb::CVE_2011_1004.new,
-          Dawn::Kb::CVE_2011_1005.new,
-          Dawn::Kb::CVE_2011_2197.new,
-          Dawn::Kb::CVE_2011_2686.new,
-          Dawn::Kb::CVE_2011_2705.new,
-          Dawn::Kb::CVE_2011_2929.new,
-          Dawn::Kb::CVE_2011_2930.new,
-          Dawn::Kb::CVE_2011_2931.new,
-          Dawn::Kb::CVE_2011_2932.new,
-          Dawn::Kb::CVE_2011_3009.new,
-          Dawn::Kb::CVE_2011_3186.new,
-          Dawn::Kb::CVE_2011_3187.new,
-          Dawn::Kb::CVE_2011_4319.new,
-          Dawn::Kb::CVE_2011_4815.new,
-          Dawn::Kb::CVE_2011_5036.new,
-          Dawn::Kb::CVE_2012_1098.new,
-          Dawn::Kb::CVE_2012_1099.new,
-          Dawn::Kb::CVE_2012_1241.new,
-          Dawn::Kb::CVE_2012_2139.new,
-          Dawn::Kb::CVE_2012_2140.new,
-          Dawn::Kb::CVE_2012_2660.new,
-          Dawn::Kb::CVE_2012_2661.new,
-          Dawn::Kb::CVE_2012_2671.new,
-          Dawn::Kb::CVE_2012_2694.new,
-          Dawn::Kb::CVE_2012_2695.new,
-          Dawn::Kb::CVE_2012_3424.new,
-          Dawn::Kb::CVE_2012_3463.new,
-          Dawn::Kb::CVE_2012_3464.new,
-          Dawn::Kb::CVE_2012_3465.new,
-          Dawn::Kb::CVE_2012_4464.new,
-          Dawn::Kb::CVE_2012_4466.new,
-          Dawn::Kb::CVE_2012_4481.new,
-          Dawn::Kb::CVE_2012_4522.new,
-          Dawn::Kb::CVE_2012_5370.new,
-          Dawn::Kb::CVE_2012_5371.new,
-          Dawn::Kb::CVE_2012_5380.new,
-          Dawn::Kb::CVE_2012_6109.new,
-          Dawn::Kb::CVE_2012_6134.new,
-          Dawn::Kb::CVE_2012_6496.new,
-          Dawn::Kb::CVE_2012_6497.new,
-          Dawn::Kb::CVE_2012_6684.new,
-          Dawn::Kb::CVE_2013_0155.new,
-          Dawn::Kb::CVE_2013_0156.new,
-          Dawn::Kb::CVE_2013_0162.new,
-          Dawn::Kb::CVE_2013_0175.new,
-          Dawn::Kb::CVE_2013_0183.new,
-          Dawn::Kb::CVE_2013_0184.new,
-          Dawn::Kb::CVE_2013_0233.new,
-          Dawn::Kb::CVE_2013_0256.new,
-          Dawn::Kb::CVE_2013_0262.new,
-          Dawn::Kb::CVE_2013_0263.new,
-          Dawn::Kb::CVE_2013_0269.new,
-          Dawn::Kb::CVE_2013_0276.new,
-          Dawn::Kb::CVE_2013_0277.new,
-          Dawn::Kb::CVE_2013_0284.new,
-          Dawn::Kb::CVE_2013_0285.new,
-          Dawn::Kb::CVE_2013_0333.new,
-          Dawn::Kb::CVE_2013_0334.new,
-          Dawn::Kb::CVE_2013_1607.new,
-          Dawn::Kb::CVE_2013_1655.new,
-          Dawn::Kb::CVE_2013_1656.new,
-          Dawn::Kb::CVE_2013_1756.new,
-          Dawn::Kb::CVE_2013_1800.new,
-          Dawn::Kb::CVE_2013_1801.new,
-          Dawn::Kb::CVE_2013_1802.new,
-          Dawn::Kb::CVE_2013_1812.new,
-          Dawn::Kb::CVE_2013_1821.new,
-          Dawn::Kb::CVE_2013_1854.new,
-          Dawn::Kb::CVE_2013_1855.new,
-          Dawn::Kb::CVE_2013_1856.new,
-          Dawn::Kb::CVE_2013_1857.new,
-          Dawn::Kb::CVE_2013_1875.new,
-          Dawn::Kb::CVE_2013_1898.new,
-          Dawn::Kb::CVE_2013_1911.new,
-          Dawn::Kb::CVE_2013_1933.new,
-          Dawn::Kb::CVE_2013_1947.new,
-          Dawn::Kb::CVE_2013_1948.new,
-          Dawn::Kb::CVE_2013_2065.new,
-          Dawn::Kb::CVE_2013_2090.new,
-          Dawn::Kb::CVE_2013_2105.new,
-          Dawn::Kb::CVE_2013_2119.new,
-          Dawn::Kb::CVE_2013_2512.new,
-          Dawn::Kb::CVE_2013_2513.new,
-          Dawn::Kb::CVE_2013_2516.new,
-          Dawn::Kb::CVE_2013_2615.new,
-          Dawn::Kb::CVE_2013_2616.new,
-          Dawn::Kb::CVE_2013_2617.new,
-          Dawn::Kb::CVE_2013_3221.new,
-          Dawn::Kb::CVE_2013_4164.new,
-          Dawn::Kb::CVE_2013_4203.new,
-          Dawn::Kb::CVE_2013_4389.new,
-          Dawn::Kb::CVE_2013_4413.new,
-          Dawn::Kb::CVE_2013_4457.new,
-          Dawn::Kb::CVE_2013_4478.new,
-          Dawn::Kb::CVE_2013_4479.new,
-          Dawn::Kb::CVE_2013_4489.new,
-          Dawn::Kb::CVE_2013_4491.new,
-          Dawn::Kb::CVE_2013_4492.new,
-          Dawn::Kb::CVE_2013_4562.new,
-          Dawn::Kb::CVE_2013_4593.new,
-          Dawn::Kb::CVE_2013_5647.new,
-          Dawn::Kb::CVE_2013_5671.new,
-          Dawn::Kb::CVE_2013_6414.new,
-          Dawn::Kb::CVE_2013_6415.new,
-          Dawn::Kb::CVE_2013_6416.new,
-          Dawn::Kb::CVE_2013_6417.new,
-          Dawn::Kb::CVE_2013_6421.new,
-          Dawn::Kb::CVE_2013_6459.new,
-          Dawn::Kb::CVE_2013_6460.new,
-          Dawn::Kb::CVE_2013_6461.new,
-          Dawn::Kb::CVE_2013_7086.new,
-          Dawn::Kb::CVE_2014_0036.new,
-          Dawn::Kb::CVE_2014_0080.new,
-          Dawn::Kb::CVE_2014_0081.new,
-          Dawn::Kb::CVE_2014_0082.new,
-          Dawn::Kb::CVE_2014_0130.new,
-          Dawn::Kb::CVE_2014_1233.new,
-          Dawn::Kb::CVE_2014_1234.new,
-          Dawn::Kb::CVE_2014_2322.new,
-          Dawn::Kb::CVE_2014_2525.new,
-          Dawn::Kb::CVE_2014_2538.new,
-          Dawn::Kb::CVE_2014_3482.new,
-          Dawn::Kb::CVE_2014_3483.new,
-          Dawn::Kb::CVE_2014_3916.new,
-          Dawn::Kb::CVE_2014_4975.new,
-          Dawn::Kb::CVE_2014_7818.new,
-          Dawn::Kb::CVE_2014_7819.new,
-          Dawn::Kb::CVE_2014_7829.new,
-          Dawn::Kb::CVE_2014_8090.new,
-          Dawn::Kb::CVE_2014_9490.new,
-          Dawn::Kb::CVE_2015_1819.new,
-          Dawn::Kb::CVE_2015_1840_a.new,
-          Dawn::Kb::CVE_2015_1840_b.new,
-          Dawn::Kb::CVE_2015_2963.new,
-          Dawn::Kb::CVE_2015_3224.new,
-          Dawn::Kb::CVE_2015_3225.new,
-          Dawn::Kb::CVE_2015_3226.new,
-          Dawn::Kb::CVE_2015_3227.new,
-          Dawn::Kb::CVE_2015_3448.new,
-          Dawn::Kb::CVE_2015_4020.new,
-          Dawn::Kb::CVE_2015_5312.new,
-          Dawn::Kb::CVE_2015_7497.new,
-          Dawn::Kb::CVE_2015_7498.new,
-          Dawn::Kb::CVE_2015_7499.new,
-          Dawn::Kb::CVE_2015_7500.new,
-          Dawn::Kb::CVE_2015_7519.new,
-          Dawn::Kb::CVE_2015_7541.new,
-          Dawn::Kb::CVE_2015_7576.new,
-          Dawn::Kb::CVE_2015_7577.new,
-          Dawn::Kb::CVE_2015_7578.new,
-          Dawn::Kb::CVE_2015_7579.new,
-          Dawn::Kb::CVE_2015_7581.new,
-          Dawn::Kb::CVE_2015_8241.new,
-          Dawn::Kb::CVE_2015_8242.new,
-          Dawn::Kb::CVE_2015_8317.new,
-          Dawn::Kb::CVE_2016_0751.new,
-          Dawn::Kb::CVE_2016_0752.new,
-          Dawn::Kb::CVE_2016_0753.new,
-          Dawn::Kb::CVE_2016_2097.new,
-          Dawn::Kb::CVE_2016_2098.new,
-          Dawn::Kb::CVE_2016_5697.new,
-          Dawn::Kb::CVE_2016_6316.new,
-          Dawn::Kb::CVE_2016_6317.new,
-          Dawn::Kb::CVE_2016_6582.new,
-
-
-          # OSVDB Checks are still here since are all about dependencies
-          Dawn::Kb::OSVDB_105971.new,
-          Dawn::Kb::OSVDB_108569.new,
-          Dawn::Kb::OSVDB_108570.new,
-          Dawn::Kb::OSVDB_108530.new,
-          Dawn::Kb::OSVDB_108563.new,
-          Dawn::Kb::OSVDB_115654.new,
-          Dawn::Kb::OSVDB_116010.new,
-          Dawn::Kb::OSVDB_117903.new,
-          Dawn::Kb::OSVDB_118579.new,
-          Dawn::Kb::OSVDB_118830.new,
-          Dawn::Kb::OSVDB_118954.new,
-          Dawn::Kb::OSVDB_119878.new,
-          Dawn::Kb::OSVDB_119927.new,
-          Dawn::Kb::OSVDB_120415.new,
-          Dawn::Kb::OSVDB_120857.new,
-          Dawn::Kb::OSVDB_121701.new,
-          Dawn::Kb::OSVDB_132234.new,
-      ]
-        # END @cve_security_checks array
-        # START @owasp_ror_cheatsheet_checks array
-        @owasp_ror_cheatsheet_checks = [
-          Dawn::Kb::OwaspRorCheatSheet::CommandInjection.new,
-          Dawn::Kb::OwaspRorCheatSheet::Csrf.new,
-          Dawn::Kb::OwaspRorCheatSheet::SessionStoredInDatabase.new,
-          Dawn::Kb::OwaspRorCheatSheet::MassAssignmentInModel.new,
-          Dawn::Kb::OwaspRorCheatSheet::SecurityRelatedHeaders.new,
-          Dawn::Kb::OwaspRorCheatSheet::CheckForSafeRedirectAndForward.new,
-          Dawn::Kb::OwaspRorCheatSheet::SensitiveFiles.new,
-        ]
-        # END @owasp_ror_cheatsheet_checks array
-        @code_quality_checks = [
-          Dawn::Kb::NotRevisedCode.new,
-        ]
-        @aux_checks =
-          [
-            Dawn::Kb::SimpleForm_Xss_20131129.new,
-        ]
-
-          ret = []
-          ret += @aux_checks
-          ret += @cve_security_checks         if @enabled_checks.include?(:bulletin)
-          ret += @owasp_ror_cheatsheet_checks if @enabled_checks.include?(:owasp_ror_cheatsheet)
-          ret += @code_quality_checks         if @enabled_checks.include?(:code_quality)
-
-          ret
+    def all
+      @security_checks
     end
 
-    def self.dump(verbose=false)
+    # Load security checks from db/ folder.
+    #
+    # Returns an array of security checks, matching the mvc to be reviewed and
+    # the enabled check list or an empty array if an error occured.
+    def load(lint=false)
+      good    =0
+      invalid =0
+
+      @security_checks = []
+      # $path = File.join(Dir.pwd, "db")
+
+      unless __valid?
+        @error = "An invalid library it has been found. Please use --recovery flag to force fresh install from dawnscanner.org"
+        return []
+      end
+
+      unless __load?
+        @error = "The library must be consumed with dawnscanner up to v#{@descriptor[:kb][:api]}. You are using dawnscanner v#{Dawn::VERSION}"
+        return []
+      end
+
+      @enabled_checks.each do |d|
+
+        dir = File.join(@path, d.to_s)
+
+        # Please note that if we enter in this branch, it means someone
+        # tampered the KB between the previous __valid? check and this point.
+        # Of course this is a very rare situation, but we must handle it.
+        unless Dir.exists?(dir)
+          $logger.warn "Missing check directory #{dir}"
+        else
+          Dir.glob(dir+"/**/*.yml").each do |f|
+            begin
+              data = YAML.load_file(f)
+              @security_checks << data
+              good+=1
+              $logger.info("#{File.basename(f)} loaded") if lint
+            rescue Exception => e
+              $logger.error(e.message)
+              invalid+=1
+            end
+          end
+        end
+
+        if lint
+          $logger.info("#{invalid} invalid checks out of #{good+invalid}")
+        end
+
+
+      end
+
+      debug_me "#{@security_checks.count}"
+      return @security_checks
+    end
+
+    def dump(verbose=false)
       puts "Security checks currently supported:"
       i=0
-      self.new.all.each do |check|
+      KnowledgeBase.instance.all.each do |check|
         i+=1
         if verbose
           puts "Name: #{check.name}\tCVSS: #{check.cvss_score}\tReleased: #{check.release_date}"
@@ -644,6 +248,66 @@ module Dawn
       puts "-----\nTotal: #{i}"
 
     end
-  end
 
+    private
+
+    def __verify_hash(original, computed)
+      t=original.split(' ')
+      return false if t.length != 2
+      return (t[0] == computed)
+    end
+
+    def __valid?
+
+      lines = ""
+
+      unless File.exists?(File.join(@path, "kb.yaml"))
+        $logger.error  "Missing kb.yaml in #{path}. Giving up"
+        return false
+      end
+
+      unless File.exists?(File.join(@path, "kb.yaml.sig"))
+        $logger.error  "Missing kb.yaml signature in #{path}. Giving up"
+        return false
+      end
+
+      lines = File.read(File.join(@path, "kb.yaml"))
+      hash_file = Digest::SHA256.hexdigest lines
+      hash_orig = File.read(File.join(@path, "kb.yaml.sig"))
+
+      v = __verify_hash(hash_orig, hash_file)
+      if v
+        debug_me("good kb.yaml file found. Reading knowledge base descriptor")
+        @descriptor = YAML.load(lines)
+      else
+        $logger.error("kb.yaml signature mismatch. Found #{hash_file} while expecting #{hash_orig}. Giving up")
+        return false
+      end
+
+      return true
+    end
+
+    # Check if the local KB is packet or not.
+    #
+    # Returns true if at least one KB tarball file it has been found in the
+    # local DB path
+    def __packed?
+      FILES.each do |fn|
+        return true if fn.end_with? 'tar.gz' and File.exists?(File.join(@path, fn))
+      end
+      return false
+    end
+
+    def __load?
+      api = @descriptor[:kb][:api]
+      v = Dawn::VERSION
+      require "dawn/kb/version_check"
+
+      vc = Dawn::Kb::VersionCheck.new
+      return true if vc.is_higher?(v, api) # => true if v > api
+      return false
+    end
+
+
+  end
 end