hakiri 0.2.1 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +1 -0
- data/Gemfile.lock +3 -1
- data/LICENSE +20 -0
- data/README.md +112 -19
- data/Rakefile +0 -0
- data/bin/hakiri +23 -13
- data/hakiri.gemspec +3 -2
- data/lib/hakiri.rb +2 -3
- data/lib/hakiri/cli/manifest.json +19 -0
- data/lib/hakiri/cli/manifest.rb +14 -0
- data/lib/hakiri/cli/system.rb +235 -0
- data/lib/hakiri/stack.rb +22 -22
- data/lib/hakiri/technologies/apache.rb +2 -2
- data/lib/hakiri/technologies/apache_tomcat.rb +2 -2
- data/lib/hakiri/technologies/java.rb +2 -2
- data/lib/hakiri/technologies/jruby.rb +2 -2
- data/lib/hakiri/technologies/linux_kernel.rb +2 -2
- data/lib/hakiri/technologies/memcached.rb +2 -2
- data/lib/hakiri/technologies/mongodb.rb +3 -3
- data/lib/hakiri/technologies/mysql.rb +2 -2
- data/lib/hakiri/technologies/nginx.rb +2 -2
- data/lib/hakiri/technologies/phusion_passenger.rb +2 -2
- data/lib/hakiri/technologies/postgres.rb +2 -2
- data/lib/hakiri/technologies/redis.rb +2 -2
- data/lib/hakiri/technologies/ruby.rb +2 -2
- data/lib/hakiri/technologies/ruby_on_rails.rb +2 -2
- data/lib/hakiri/technologies/technology.rb +4 -4
- data/lib/hakiri/technologies/thin.rb +2 -2
- data/lib/hakiri/technologies/trinidad.rb +2 -2
- data/lib/hakiri/technologies/unicorn.rb +2 -2
- data/lib/hakiri/version.rb +1 -1
- metadata +25 -8
- data/lib/hakiri/cli/system_scan.rb +0 -60
- data/lib/hakiri/cli/system_steps.rb +0 -90
- data/lib/hakiri/cli/system_sync.rb +0 -86
- data/technologies.json +0 -4
@@ -1,60 +0,0 @@
|
|
1
|
-
class Hakiri::SystemScan < Hakiri::Cli
|
2
|
-
#
|
3
|
-
# Walks the user through system scanning process.
|
4
|
-
#
|
5
|
-
def command
|
6
|
-
@stack.build_from_json_file(@options.stack)
|
7
|
-
@stack.fetch_versions
|
8
|
-
|
9
|
-
# GETTING VERSIONS
|
10
|
-
say '-----> Scanning system for software versions...'
|
11
|
-
|
12
|
-
if @stack.technologies.empty?
|
13
|
-
say '-----> No versions were found...'
|
14
|
-
else
|
15
|
-
@stack.technologies.each do |technology_slug, payload|
|
16
|
-
say "-----> Found #{payload[:name]} #{payload[:version]}"
|
17
|
-
end
|
18
|
-
|
19
|
-
# GETTING VULNERABILITIES
|
20
|
-
say '-----> Searching for vulnerabilities...'
|
21
|
-
params = ({ technologies: @stack.technologies }.to_param)
|
22
|
-
response = @http_client.get_issues(params)
|
23
|
-
|
24
|
-
if response[:errors]
|
25
|
-
response[:errors].each do |error|
|
26
|
-
say "! Server Error: #{error}"
|
27
|
-
end
|
28
|
-
else
|
29
|
-
authenticated = response[:meta][:authenticated]
|
30
|
-
|
31
|
-
if response[:technologies].empty?
|
32
|
-
say '-----> No vulnerabilities found. Keep it up!'
|
33
|
-
else
|
34
|
-
response[:technologies].each do |technology|
|
35
|
-
unless technology[:issues_count] == 0
|
36
|
-
say "-----> Found #{technology[:issues_count].to_i} #{'vulnerability'.pluralize if technology[:issues_count].to_i != 1} in #{technology[:technology][:name]} #{technology[:version]}"
|
37
|
-
puts ' '
|
38
|
-
end
|
39
|
-
end
|
40
|
-
|
41
|
-
if authenticated
|
42
|
-
if agree 'Show all of them? (yes or no) '
|
43
|
-
puts ' '
|
44
|
-
response[:technologies].each do |technology|
|
45
|
-
technology[:issues].each do |issue|
|
46
|
-
say issue[:name]
|
47
|
-
say issue[:description]
|
48
|
-
puts ' '
|
49
|
-
end
|
50
|
-
end
|
51
|
-
end
|
52
|
-
else
|
53
|
-
say '****** Signup on www.hakiriup.com and make your command line requests with an auth_token, so you can see issues that your technologies have.'
|
54
|
-
say '****** You will also receive notifications via email whenever new issues are found.'
|
55
|
-
end
|
56
|
-
end
|
57
|
-
end
|
58
|
-
end
|
59
|
-
end
|
60
|
-
end
|
@@ -1,90 +0,0 @@
|
|
1
|
-
class Hakiri::SystemSteps < Hakiri::Cli
|
2
|
-
#
|
3
|
-
# Walks the user through manual technologies selection.
|
4
|
-
#
|
5
|
-
def command
|
6
|
-
say 'Hakiri Walkthrough will help you configure your @stack step by step and show '
|
7
|
-
say 'you vulnerabilities at the end.'
|
8
|
-
puts ' '
|
9
|
-
say 'Step 1 of 5: Rails Server'
|
10
|
-
say '1. Unicorn'
|
11
|
-
say '2. Phusion Passenger'
|
12
|
-
say '3. Thin'
|
13
|
-
say '4. Trinidad'
|
14
|
-
say '5. None of the above'
|
15
|
-
|
16
|
-
server = ask('What do you use as your Rails server? (1, 2, 3, 4 or 5) ', Integer) { |q| q.in = 1..5 }
|
17
|
-
puts ' '
|
18
|
-
say 'Step 2 of 5: Secondary Server'
|
19
|
-
say '1. Apache'
|
20
|
-
say '2. nginx'
|
21
|
-
say '3. Both'
|
22
|
-
say '4. Neither'
|
23
|
-
|
24
|
-
extra_server = ask('Do you use Apache or nginx? (1, 2, 3 or 4) ', Integer) { |q| q.in = 1..4 }
|
25
|
-
puts ' '
|
26
|
-
say 'Step 3 of 5: Database'
|
27
|
-
say '1. MySQL'
|
28
|
-
say '2. Postgres'
|
29
|
-
say '3. MongoDB'
|
30
|
-
say '4. None of the above'
|
31
|
-
|
32
|
-
db = ask('What database do you use? (1, 2, 3 or 4) ', Integer) { |q| q.in = 1..4 }
|
33
|
-
puts ' '
|
34
|
-
redis = agree 'Step 4 of 5: do you use Redis? (yes or no) '
|
35
|
-
puts ' '
|
36
|
-
memcached = agree 'Step 5 of 5: do you use Memcached? (yes or no) '
|
37
|
-
|
38
|
-
say '-----> Retrieving software versions versions on your system...'
|
39
|
-
|
40
|
-
@stack.build_from_input(server, extra_server, db, redis, memcached)
|
41
|
-
@stack.fetch_versions
|
42
|
-
|
43
|
-
if @stack.technologies.empty?
|
44
|
-
say '-----> No versions were found...'
|
45
|
-
else
|
46
|
-
@stack.technologies.each do |technology_slug, payload|
|
47
|
-
say "-----> Found #{payload[:name]} #{payload[:version]}"
|
48
|
-
end
|
49
|
-
|
50
|
-
say '-----> Searching for vulnerabilities...'
|
51
|
-
params = ({ technologies: @stack.technologies }.to_param)
|
52
|
-
response = @http_client.get_issues(params)
|
53
|
-
|
54
|
-
if response[:errors]
|
55
|
-
response[:errors].each do |error|
|
56
|
-
say "! Server Error: #{error}"
|
57
|
-
end
|
58
|
-
else
|
59
|
-
authenticated = response[:meta][:authenticated]
|
60
|
-
|
61
|
-
if response[:technologies].empty?
|
62
|
-
say '-----> No vulnerabilities found. Keep it up!'
|
63
|
-
else
|
64
|
-
response[:technologies].each do |technology|
|
65
|
-
unless technology[:issues_count] == 0
|
66
|
-
say "-----> Found #{technology[:issues_count].to_i} #{'vulnerability'.pluralize if technology[:issues_count].to_i != 1} in #{technology[:name]} #{technology[:version]}"
|
67
|
-
puts ' '
|
68
|
-
end
|
69
|
-
end
|
70
|
-
|
71
|
-
if authenticated
|
72
|
-
if agree 'Show all of them? (yes or no) '
|
73
|
-
puts ' '
|
74
|
-
response[:technologies].each do |technology|
|
75
|
-
technology[:issues].each do |issue|
|
76
|
-
say issue[:name]
|
77
|
-
say issue[:description]
|
78
|
-
puts ' '
|
79
|
-
end
|
80
|
-
end
|
81
|
-
end
|
82
|
-
else
|
83
|
-
say '****** Signup on www.hakiriup.com and make your command line requests with an auth_token, so you can see issues that your technologies have.'
|
84
|
-
say '****** You will also receive notifications via email whenever new issues are found.'
|
85
|
-
end
|
86
|
-
end
|
87
|
-
end
|
88
|
-
end
|
89
|
-
end
|
90
|
-
end
|
@@ -1,86 +0,0 @@
|
|
1
|
-
class Hakiri::SystemSync < Hakiri::Cli
|
2
|
-
#
|
3
|
-
# Walks the user through the version syncing process.
|
4
|
-
#
|
5
|
-
def command
|
6
|
-
@stack.build_from_json_file(@options.stack)
|
7
|
-
@stack.fetch_versions
|
8
|
-
|
9
|
-
if @http_client.auth_token
|
10
|
-
# GETTING VERSIONS
|
11
|
-
say '-----> Scanning system for software versions...'
|
12
|
-
|
13
|
-
if @stack.technologies.empty?
|
14
|
-
say '-----> No versions were found...'
|
15
|
-
else
|
16
|
-
@stack.technologies.each do |technology_name, payload|
|
17
|
-
say "-----> Found #{technology_name} #{payload[:version]}"
|
18
|
-
end
|
19
|
-
|
20
|
-
# CHECK VERSIONS ON THE SERVER
|
21
|
-
params = ({ project_id: @options.project, technologies: @stack.technologies }.to_param)
|
22
|
-
say '-----> Checking software versions on www.hakiriup.com...'
|
23
|
-
response = @http_client.check_versions_diff(params)
|
24
|
-
|
25
|
-
if response[:errors]
|
26
|
-
response[:errors].each do |error|
|
27
|
-
say "! Server Error: #{error}"
|
28
|
-
end
|
29
|
-
else
|
30
|
-
if response[:diffs].any?
|
31
|
-
@stack.technologies = {}
|
32
|
-
response[:diffs].each do |diff|
|
33
|
-
if diff[:success]
|
34
|
-
if diff[:hakiri_version]
|
35
|
-
@stack.technologies[diff[:technology][:slug]] = { version: diff[:system_version] }
|
36
|
-
|
37
|
-
if diff[:system_version_newer]
|
38
|
-
say "-----> System version of #{diff[:technology][:name]} is newer (#{diff[:system_version]} > #{diff[:hakiri_version]})"
|
39
|
-
else
|
40
|
-
say "-----> System version of #{diff[:technology][:name]} is older (#{diff[:system_version]} < #{diff[:hakiri_version]})"
|
41
|
-
end
|
42
|
-
else
|
43
|
-
say "-----> New technology detected: #{diff[:technology][:name]} #{diff[:system_version]}"
|
44
|
-
end
|
45
|
-
else
|
46
|
-
say "! Error in #{diff[:technology][:name]}: #{diff[:errors][:value][0]}"
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
# UPDATE VERSIONS ON THE SERVER
|
51
|
-
if @stack.technologies.any?
|
52
|
-
update = agree "Do you want to update \"#{response[:project][:name]}\" with system versions? (yes or no) "
|
53
|
-
else
|
54
|
-
say '-----> Nothing to update.'
|
55
|
-
end
|
56
|
-
|
57
|
-
if update
|
58
|
-
params = ({ project_id: @options.project, technologies: @stack.technologies }.to_param)
|
59
|
-
response = @http_client.sync_project_versions(response[:project][:id], params)
|
60
|
-
|
61
|
-
if response[:errors]
|
62
|
-
response[:errors].each do |error|
|
63
|
-
say "! Server Error: #{error}"
|
64
|
-
end
|
65
|
-
else
|
66
|
-
if response[:updated].any?
|
67
|
-
response[:updated].each do |update|
|
68
|
-
if update[:success]
|
69
|
-
say "-----> #{update[:technology][:name]} was updated to #{update[:new_version]}"
|
70
|
-
else
|
71
|
-
say "! Error syncing #{update[:technology][:name]}: #{update[:errors][:value][0]}"
|
72
|
-
end
|
73
|
-
end
|
74
|
-
end
|
75
|
-
end
|
76
|
-
end
|
77
|
-
else
|
78
|
-
say '-----> No differences were found. Everything is up to date.'
|
79
|
-
end
|
80
|
-
end
|
81
|
-
end
|
82
|
-
else
|
83
|
-
say '! You have to setup HAKIRI_AUTH_TOKEN environmental variable with your Hakiri authentication token.'
|
84
|
-
end
|
85
|
-
end
|
86
|
-
end
|
data/technologies.json
DELETED