dradis-zap 3.0.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,3 @@
1
+ evidence.uri
2
+ evidence.param
3
+ evidence.attack
@@ -0,0 +1,14 @@
1
+ <instance>
2
+ <uri>http://localhost:8080/bodgeit/advanced.jsp</uri>
3
+ <param>product</param>
4
+ <attack>POST http://localhost:8080/bodgeit/advanced.jsp HTTP/1.1
5
+ User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0
6
+ Pragma: no-cache
7
+ Cache-Control: no-cache
8
+ Content-Type: application/x-www-form-urlencoded
9
+ Content-Length: 2143
10
+ Referer: http://localhost:8080/bodgeit/advanced.jsp
11
+ Host: localhost:8080
12
+
13
+ </attack>
14
+ </instance>
@@ -0,0 +1,7 @@
1
+ #[Description]#
2
+ URI: %evidence.uri%
3
+ Param: %evidence.param%
4
+
5
+ Attack:
6
+
7
+ bc.. %evidence.attack%
@@ -0,0 +1,12 @@
1
+ issue.pluginid
2
+ issue.alert
3
+ issue.riskcode
4
+ issue.confidence
5
+ issue.riskdesc
6
+ issue.desc
7
+ issue.count
8
+ issue.solution
9
+ issue.otherinfo
10
+ issue.reference
11
+ issue.cweid
12
+ issue.wascid
@@ -0,0 +1,21 @@
1
+ <alertitem>
2
+ <pluginid>40018</pluginid>
3
+ <alert>SQL Injection</alert>
4
+ <riskcode>3</riskcode>
5
+ <confidence>2</confidence>
6
+ <riskdesc>High (Medium)</riskdesc>
7
+ <desc>&lt;p&gt;SQL injection may be possible.&lt;/p&gt;</desc>
8
+ <instances>
9
+ <instance>
10
+ <uri>http://localhost:8080/bodgeit/basket.jsp</uri>
11
+ <param>productid</param>
12
+ <attack>5-2</attack>
13
+ </instance>
14
+ </instances>
15
+ <count>1</count>
16
+ <solution>&lt;p&gt;Do not trust client side input, even if there is client side validation in place. &lt;/p&gt;&lt;p&gt;In general, type check all data on the server side.&lt;/p&gt;&lt;p&gt;If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'&lt;/p&gt;&lt;p&gt;If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.&lt;/p&gt;&lt;p&gt;If database Stored Procedures can be used, use them.&lt;/p&gt;&lt;p&gt;Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!&lt;/p&gt;&lt;p&gt;Do not create dynamic SQL queries using simple string concatenation.&lt;/p&gt;&lt;p&gt;Escape all data received from the client.&lt;/p&gt;&lt;p&gt;Apply a 'whitelist' of allowed characters, or a 'blacklist' of disallowed characters in user input.&lt;/p&gt;&lt;p&gt;Apply the principle of least privilege by using the least privileged database user possible.&lt;/p&gt;&lt;p&gt;In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.&lt;/p&gt;&lt;p&gt;Grant the minimum database access that is necessary for the application.&lt;/p&gt;</solution>
17
+ <otherinfo>&lt;p&gt;The original page results were successfully replicated using the expression [5-2] as the parameter value&lt;/p&gt;&lt;p&gt;The parameter value being modified was NOT stripped from the HTML output for the purposes of the comparison&lt;/p&gt;</otherinfo>
18
+ <reference>&lt;p&gt;https://www.owasp.org/index.php/Top_10_2010-A1&lt;/p&gt;&lt;p&gt;https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet&lt;/p&gt;</reference>
19
+ <cweid>89</cweid>
20
+ <wascid>19</wascid>
21
+ </alertitem>
@@ -0,0 +1,30 @@
1
+ #[Title]#
2
+ %issue.alert%
3
+
4
+
5
+ #[Risk]#
6
+ %issue.riskdesc%
7
+
8
+
9
+ #[Confidence]#
10
+ %issue.confidence%
11
+
12
+
13
+ #[Description]#
14
+ %issue.desc%
15
+
16
+
17
+ #[Solution]#
18
+ %issue.solution%
19
+
20
+
21
+
22
+ #[OtherInfo]#
23
+ %issue.otherinfo%
24
+
25
+
26
+ #[References]#
27
+ %issue.reference%
28
+
29
+ CWE: %issue.cweid%
30
+ WASC: %issue.wascid%
metadata ADDED
@@ -0,0 +1,153 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: dradis-zap
3
+ version: !ruby/object:Gem::Version
4
+ version: 3.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Daniel Martin
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2016-11-09 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: dradis-plugins
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '3.2'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '3.2'
27
+ - !ruby/object:Gem::Dependency
28
+ name: nokogiri
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '1.3'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '1.3'
41
+ - !ruby/object:Gem::Dependency
42
+ name: bundler
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '1.6'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '1.6'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rake
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '10.0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '10.0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: rspec-rails
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: combustion
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: 0.5.2
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: 0.5.2
97
+ description: This add-on allows you to upload and parse output produced from the Zed
98
+ Attack Proxy (ZAP) into Dradis.
99
+ email:
100
+ - etd@nomejortu.com
101
+ executables: []
102
+ extensions: []
103
+ extra_rdoc_files: []
104
+ files:
105
+ - CONTRIBUTING.md
106
+ - Gemfile
107
+ - LICENSE
108
+ - README.md
109
+ - Rakefile
110
+ - dradis-zap.gemspec
111
+ - lib/dradis-zap.rb
112
+ - lib/dradis/plugins/zap.rb
113
+ - lib/dradis/plugins/zap/engine.rb
114
+ - lib/dradis/plugins/zap/field_processor.rb
115
+ - lib/dradis/plugins/zap/gem_version.rb
116
+ - lib/dradis/plugins/zap/importer.rb
117
+ - lib/dradis/plugins/zap/version.rb
118
+ - lib/tasks/thorfile.rb
119
+ - spec/fixtures/files/ZAP_2.4.3_report-merged.xml
120
+ - spec/fixtures/files/ZAP_2.4.3_report-unmerged.xml
121
+ - templates/evidence.fields
122
+ - templates/evidence.sample
123
+ - templates/evidence.template
124
+ - templates/issue.fields
125
+ - templates/issue.sample
126
+ - templates/issue.template
127
+ homepage: http://dradisframework.org
128
+ licenses:
129
+ - GPL-2
130
+ metadata: {}
131
+ post_install_message:
132
+ rdoc_options: []
133
+ require_paths:
134
+ - lib
135
+ required_ruby_version: !ruby/object:Gem::Requirement
136
+ requirements:
137
+ - - ">="
138
+ - !ruby/object:Gem::Version
139
+ version: '0'
140
+ required_rubygems_version: !ruby/object:Gem::Requirement
141
+ requirements:
142
+ - - ">="
143
+ - !ruby/object:Gem::Version
144
+ version: '0'
145
+ requirements: []
146
+ rubyforge_project:
147
+ rubygems_version: 2.2.3
148
+ signing_key:
149
+ specification_version: 4
150
+ summary: ZAP add-on for the Dradis Framework.
151
+ test_files:
152
+ - spec/fixtures/files/ZAP_2.4.3_report-merged.xml
153
+ - spec/fixtures/files/ZAP_2.4.3_report-unmerged.xml