dradis-zap 3.0.0

data/templates/evidence.fields

@@ -0,0 +1,3 @@
+evidence.uri
+evidence.param
+evidence.attack

data/templates/evidence.sample

@@ -0,0 +1,14 @@
+<instance>
+  <uri>http://localhost:8080/bodgeit/advanced.jsp</uri>
+  <param>product</param>
+  <attack>POST http://localhost:8080/bodgeit/advanced.jsp HTTP/1.1
+User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0
+Pragma: no-cache
+Cache-Control: no-cache
+Content-Type: application/x-www-form-urlencoded
+Content-Length: 2143
+Referer: http://localhost:8080/bodgeit/advanced.jsp
+Host: localhost:8080
+
+</attack>
+</instance>

data/templates/evidence.template

@@ -0,0 +1,7 @@
+#[Description]#
+URI: %evidence.uri%
+Param: %evidence.param%
+
+Attack:
+
+bc.. %evidence.attack%

data/templates/issue.fields

@@ -0,0 +1,12 @@
+issue.pluginid
+issue.alert
+issue.riskcode
+issue.confidence
+issue.riskdesc
+issue.desc
+issue.count
+issue.solution
+issue.otherinfo
+issue.reference
+issue.cweid
+issue.wascid

data/templates/issue.sample

@@ -0,0 +1,21 @@
+<alertitem>
+  <pluginid>40018</pluginid>
+  <alert>SQL Injection</alert>
+  <riskcode>3</riskcode>
+  <confidence>2</confidence>
+  <riskdesc>High (Medium)</riskdesc>
+  <desc>&lt;p&gt;SQL injection may be possible.&lt;/p&gt;</desc>
+  <instances>
+    <instance>
+      <uri>http://localhost:8080/bodgeit/basket.jsp</uri>
+      <param>productid</param>
+      <attack>5-2</attack>
+    </instance>
+  </instances>
+  <count>1</count>
+  <solution>&lt;p&gt;Do not trust client side input, even if there is client side validation in place.  &lt;/p&gt;&lt;p&gt;In general, type check all data on the server side.&lt;/p&gt;&lt;p&gt;If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'&lt;/p&gt;&lt;p&gt;If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.&lt;/p&gt;&lt;p&gt;If database Stored Procedures can be used, use them.&lt;/p&gt;&lt;p&gt;Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!&lt;/p&gt;&lt;p&gt;Do not create dynamic SQL queries using simple string concatenation.&lt;/p&gt;&lt;p&gt;Escape all data received from the client.&lt;/p&gt;&lt;p&gt;Apply a 'whitelist' of allowed characters, or a 'blacklist' of disallowed characters in user input.&lt;/p&gt;&lt;p&gt;Apply the principle of least privilege by using the least privileged database user possible.&lt;/p&gt;&lt;p&gt;In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.&lt;/p&gt;&lt;p&gt;Grant the minimum database access that is necessary for the application.&lt;/p&gt;</solution>
+  <otherinfo>&lt;p&gt;The original page results were successfully replicated using the expression [5-2] as the parameter value&lt;/p&gt;&lt;p&gt;The parameter value being modified was NOT stripped from the HTML output for the purposes of the comparison&lt;/p&gt;</otherinfo>
+  <reference>&lt;p&gt;https://www.owasp.org/index.php/Top_10_2010-A1&lt;/p&gt;&lt;p&gt;https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet&lt;/p&gt;</reference>
+  <cweid>89</cweid>
+  <wascid>19</wascid>
+</alertitem>

data/templates/issue.template

@@ -0,0 +1,30 @@
+#[Title]#
+%issue.alert%
+
+
+#[Risk]#
+%issue.riskdesc%
+
+
+#[Confidence]#
+%issue.confidence%
+
+
+#[Description]#
+%issue.desc%
+
+
+#[Solution]#
+%issue.solution%
+
+
+
+#[OtherInfo]#
+%issue.otherinfo%
+
+
+#[References]#
+%issue.reference%
+
+CWE: %issue.cweid%
+WASC: %issue.wascid%

metadata

@@ -0,0 +1,153 @@
+--- !ruby/object:Gem::Specification
+name: dradis-zap
+version: !ruby/object:Gem::Version
+  version: 3.0.0
+platform: ruby
+authors:
+- Daniel Martin
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-11-09 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: dradis-plugins
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: combustion
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.5.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.5.2
+description: This add-on allows you to upload and parse output produced from the Zed
+  Attack Proxy (ZAP) into Dradis.
+email:
+- etd@nomejortu.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- CONTRIBUTING.md
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- dradis-zap.gemspec
+- lib/dradis-zap.rb
+- lib/dradis/plugins/zap.rb
+- lib/dradis/plugins/zap/engine.rb
+- lib/dradis/plugins/zap/field_processor.rb
+- lib/dradis/plugins/zap/gem_version.rb
+- lib/dradis/plugins/zap/importer.rb
+- lib/dradis/plugins/zap/version.rb
+- lib/tasks/thorfile.rb
+- spec/fixtures/files/ZAP_2.4.3_report-merged.xml
+- spec/fixtures/files/ZAP_2.4.3_report-unmerged.xml
+- templates/evidence.fields
+- templates/evidence.sample
+- templates/evidence.template
+- templates/issue.fields
+- templates/issue.sample
+- templates/issue.template
+homepage: http://dradisframework.org
+licenses:
+- GPL-2
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.3
+signing_key: 
+specification_version: 4
+summary: ZAP add-on for the Dradis Framework.
+test_files:
+- spec/fixtures/files/ZAP_2.4.3_report-merged.xml
+- spec/fixtures/files/ZAP_2.4.3_report-unmerged.xml