hakiri 0.2.1 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +1 -0
- data/Gemfile.lock +3 -1
- data/LICENSE +20 -0
- data/README.md +112 -19
- data/Rakefile +0 -0
- data/bin/hakiri +23 -13
- data/hakiri.gemspec +3 -2
- data/lib/hakiri.rb +2 -3
- data/lib/hakiri/cli/manifest.json +19 -0
- data/lib/hakiri/cli/manifest.rb +14 -0
- data/lib/hakiri/cli/system.rb +235 -0
- data/lib/hakiri/stack.rb +22 -22
- data/lib/hakiri/technologies/apache.rb +2 -2
- data/lib/hakiri/technologies/apache_tomcat.rb +2 -2
- data/lib/hakiri/technologies/java.rb +2 -2
- data/lib/hakiri/technologies/jruby.rb +2 -2
- data/lib/hakiri/technologies/linux_kernel.rb +2 -2
- data/lib/hakiri/technologies/memcached.rb +2 -2
- data/lib/hakiri/technologies/mongodb.rb +3 -3
- data/lib/hakiri/technologies/mysql.rb +2 -2
- data/lib/hakiri/technologies/nginx.rb +2 -2
- data/lib/hakiri/technologies/phusion_passenger.rb +2 -2
- data/lib/hakiri/technologies/postgres.rb +2 -2
- data/lib/hakiri/technologies/redis.rb +2 -2
- data/lib/hakiri/technologies/ruby.rb +2 -2
- data/lib/hakiri/technologies/ruby_on_rails.rb +2 -2
- data/lib/hakiri/technologies/technology.rb +4 -4
- data/lib/hakiri/technologies/thin.rb +2 -2
- data/lib/hakiri/technologies/trinidad.rb +2 -2
- data/lib/hakiri/technologies/unicorn.rb +2 -2
- data/lib/hakiri/version.rb +1 -1
- metadata +25 -8
- data/lib/hakiri/cli/system_scan.rb +0 -60
- data/lib/hakiri/cli/system_steps.rb +0 -90
- data/lib/hakiri/cli/system_sync.rb +0 -86
- data/technologies.json +0 -4
@@ -1,60 +0,0 @@
|
|
1
|
-
class Hakiri::SystemScan < Hakiri::Cli
|
2
|
-
#
|
3
|
-
# Walks the user through system scanning process.
|
4
|
-
#
|
5
|
-
def command
|
6
|
-
@stack.build_from_json_file(@options.stack)
|
7
|
-
@stack.fetch_versions
|
8
|
-
|
9
|
-
# GETTING VERSIONS
|
10
|
-
say '-----> Scanning system for software versions...'
|
11
|
-
|
12
|
-
if @stack.technologies.empty?
|
13
|
-
say '-----> No versions were found...'
|
14
|
-
else
|
15
|
-
@stack.technologies.each do |technology_slug, payload|
|
16
|
-
say "-----> Found #{payload[:name]} #{payload[:version]}"
|
17
|
-
end
|
18
|
-
|
19
|
-
# GETTING VULNERABILITIES
|
20
|
-
say '-----> Searching for vulnerabilities...'
|
21
|
-
params = ({ technologies: @stack.technologies }.to_param)
|
22
|
-
response = @http_client.get_issues(params)
|
23
|
-
|
24
|
-
if response[:errors]
|
25
|
-
response[:errors].each do |error|
|
26
|
-
say "! Server Error: #{error}"
|
27
|
-
end
|
28
|
-
else
|
29
|
-
authenticated = response[:meta][:authenticated]
|
30
|
-
|
31
|
-
if response[:technologies].empty?
|
32
|
-
say '-----> No vulnerabilities found. Keep it up!'
|
33
|
-
else
|
34
|
-
response[:technologies].each do |technology|
|
35
|
-
unless technology[:issues_count] == 0
|
36
|
-
say "-----> Found #{technology[:issues_count].to_i} #{'vulnerability'.pluralize if technology[:issues_count].to_i != 1} in #{technology[:technology][:name]} #{technology[:version]}"
|
37
|
-
puts ' '
|
38
|
-
end
|
39
|
-
end
|
40
|
-
|
41
|
-
if authenticated
|
42
|
-
if agree 'Show all of them? (yes or no) '
|
43
|
-
puts ' '
|
44
|
-
response[:technologies].each do |technology|
|
45
|
-
technology[:issues].each do |issue|
|
46
|
-
say issue[:name]
|
47
|
-
say issue[:description]
|
48
|
-
puts ' '
|
49
|
-
end
|
50
|
-
end
|
51
|
-
end
|
52
|
-
else
|
53
|
-
say '****** Signup on www.hakiriup.com and make your command line requests with an auth_token, so you can see issues that your technologies have.'
|
54
|
-
say '****** You will also receive notifications via email whenever new issues are found.'
|
55
|
-
end
|
56
|
-
end
|
57
|
-
end
|
58
|
-
end
|
59
|
-
end
|
60
|
-
end
|
@@ -1,90 +0,0 @@
|
|
1
|
-
class Hakiri::SystemSteps < Hakiri::Cli
|
2
|
-
#
|
3
|
-
# Walks the user through manual technologies selection.
|
4
|
-
#
|
5
|
-
def command
|
6
|
-
say 'Hakiri Walkthrough will help you configure your @stack step by step and show '
|
7
|
-
say 'you vulnerabilities at the end.'
|
8
|
-
puts ' '
|
9
|
-
say 'Step 1 of 5: Rails Server'
|
10
|
-
say '1. Unicorn'
|
11
|
-
say '2. Phusion Passenger'
|
12
|
-
say '3. Thin'
|
13
|
-
say '4. Trinidad'
|
14
|
-
say '5. None of the above'
|
15
|
-
|
16
|
-
server = ask('What do you use as your Rails server? (1, 2, 3, 4 or 5) ', Integer) { |q| q.in = 1..5 }
|
17
|
-
puts ' '
|
18
|
-
say 'Step 2 of 5: Secondary Server'
|
19
|
-
say '1. Apache'
|
20
|
-
say '2. nginx'
|
21
|
-
say '3. Both'
|
22
|
-
say '4. Neither'
|
23
|
-
|
24
|
-
extra_server = ask('Do you use Apache or nginx? (1, 2, 3 or 4) ', Integer) { |q| q.in = 1..4 }
|
25
|
-
puts ' '
|
26
|
-
say 'Step 3 of 5: Database'
|
27
|
-
say '1. MySQL'
|
28
|
-
say '2. Postgres'
|
29
|
-
say '3. MongoDB'
|
30
|
-
say '4. None of the above'
|
31
|
-
|
32
|
-
db = ask('What database do you use? (1, 2, 3 or 4) ', Integer) { |q| q.in = 1..4 }
|
33
|
-
puts ' '
|
34
|
-
redis = agree 'Step 4 of 5: do you use Redis? (yes or no) '
|
35
|
-
puts ' '
|
36
|
-
memcached = agree 'Step 5 of 5: do you use Memcached? (yes or no) '
|
37
|
-
|
38
|
-
say '-----> Retrieving software versions versions on your system...'
|
39
|
-
|
40
|
-
@stack.build_from_input(server, extra_server, db, redis, memcached)
|
41
|
-
@stack.fetch_versions
|
42
|
-
|
43
|
-
if @stack.technologies.empty?
|
44
|
-
say '-----> No versions were found...'
|
45
|
-
else
|
46
|
-
@stack.technologies.each do |technology_slug, payload|
|
47
|
-
say "-----> Found #{payload[:name]} #{payload[:version]}"
|
48
|
-
end
|
49
|
-
|
50
|
-
say '-----> Searching for vulnerabilities...'
|
51
|
-
params = ({ technologies: @stack.technologies }.to_param)
|
52
|
-
response = @http_client.get_issues(params)
|
53
|
-
|
54
|
-
if response[:errors]
|
55
|
-
response[:errors].each do |error|
|
56
|
-
say "! Server Error: #{error}"
|
57
|
-
end
|
58
|
-
else
|
59
|
-
authenticated = response[:meta][:authenticated]
|
60
|
-
|
61
|
-
if response[:technologies].empty?
|
62
|
-
say '-----> No vulnerabilities found. Keep it up!'
|
63
|
-
else
|
64
|
-
response[:technologies].each do |technology|
|
65
|
-
unless technology[:issues_count] == 0
|
66
|
-
say "-----> Found #{technology[:issues_count].to_i} #{'vulnerability'.pluralize if technology[:issues_count].to_i != 1} in #{technology[:name]} #{technology[:version]}"
|
67
|
-
puts ' '
|
68
|
-
end
|
69
|
-
end
|
70
|
-
|
71
|
-
if authenticated
|
72
|
-
if agree 'Show all of them? (yes or no) '
|
73
|
-
puts ' '
|
74
|
-
response[:technologies].each do |technology|
|
75
|
-
technology[:issues].each do |issue|
|
76
|
-
say issue[:name]
|
77
|
-
say issue[:description]
|
78
|
-
puts ' '
|
79
|
-
end
|
80
|
-
end
|
81
|
-
end
|
82
|
-
else
|
83
|
-
say '****** Signup on www.hakiriup.com and make your command line requests with an auth_token, so you can see issues that your technologies have.'
|
84
|
-
say '****** You will also receive notifications via email whenever new issues are found.'
|
85
|
-
end
|
86
|
-
end
|
87
|
-
end
|
88
|
-
end
|
89
|
-
end
|
90
|
-
end
|
@@ -1,86 +0,0 @@
|
|
1
|
-
class Hakiri::SystemSync < Hakiri::Cli
|
2
|
-
#
|
3
|
-
# Walks the user through the version syncing process.
|
4
|
-
#
|
5
|
-
def command
|
6
|
-
@stack.build_from_json_file(@options.stack)
|
7
|
-
@stack.fetch_versions
|
8
|
-
|
9
|
-
if @http_client.auth_token
|
10
|
-
# GETTING VERSIONS
|
11
|
-
say '-----> Scanning system for software versions...'
|
12
|
-
|
13
|
-
if @stack.technologies.empty?
|
14
|
-
say '-----> No versions were found...'
|
15
|
-
else
|
16
|
-
@stack.technologies.each do |technology_name, payload|
|
17
|
-
say "-----> Found #{technology_name} #{payload[:version]}"
|
18
|
-
end
|
19
|
-
|
20
|
-
# CHECK VERSIONS ON THE SERVER
|
21
|
-
params = ({ project_id: @options.project, technologies: @stack.technologies }.to_param)
|
22
|
-
say '-----> Checking software versions on www.hakiriup.com...'
|
23
|
-
response = @http_client.check_versions_diff(params)
|
24
|
-
|
25
|
-
if response[:errors]
|
26
|
-
response[:errors].each do |error|
|
27
|
-
say "! Server Error: #{error}"
|
28
|
-
end
|
29
|
-
else
|
30
|
-
if response[:diffs].any?
|
31
|
-
@stack.technologies = {}
|
32
|
-
response[:diffs].each do |diff|
|
33
|
-
if diff[:success]
|
34
|
-
if diff[:hakiri_version]
|
35
|
-
@stack.technologies[diff[:technology][:slug]] = { version: diff[:system_version] }
|
36
|
-
|
37
|
-
if diff[:system_version_newer]
|
38
|
-
say "-----> System version of #{diff[:technology][:name]} is newer (#{diff[:system_version]} > #{diff[:hakiri_version]})"
|
39
|
-
else
|
40
|
-
say "-----> System version of #{diff[:technology][:name]} is older (#{diff[:system_version]} < #{diff[:hakiri_version]})"
|
41
|
-
end
|
42
|
-
else
|
43
|
-
say "-----> New technology detected: #{diff[:technology][:name]} #{diff[:system_version]}"
|
44
|
-
end
|
45
|
-
else
|
46
|
-
say "! Error in #{diff[:technology][:name]}: #{diff[:errors][:value][0]}"
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
# UPDATE VERSIONS ON THE SERVER
|
51
|
-
if @stack.technologies.any?
|
52
|
-
update = agree "Do you want to update \"#{response[:project][:name]}\" with system versions? (yes or no) "
|
53
|
-
else
|
54
|
-
say '-----> Nothing to update.'
|
55
|
-
end
|
56
|
-
|
57
|
-
if update
|
58
|
-
params = ({ project_id: @options.project, technologies: @stack.technologies }.to_param)
|
59
|
-
response = @http_client.sync_project_versions(response[:project][:id], params)
|
60
|
-
|
61
|
-
if response[:errors]
|
62
|
-
response[:errors].each do |error|
|
63
|
-
say "! Server Error: #{error}"
|
64
|
-
end
|
65
|
-
else
|
66
|
-
if response[:updated].any?
|
67
|
-
response[:updated].each do |update|
|
68
|
-
if update[:success]
|
69
|
-
say "-----> #{update[:technology][:name]} was updated to #{update[:new_version]}"
|
70
|
-
else
|
71
|
-
say "! Error syncing #{update[:technology][:name]}: #{update[:errors][:value][0]}"
|
72
|
-
end
|
73
|
-
end
|
74
|
-
end
|
75
|
-
end
|
76
|
-
end
|
77
|
-
else
|
78
|
-
say '-----> No differences were found. Everything is up to date.'
|
79
|
-
end
|
80
|
-
end
|
81
|
-
end
|
82
|
-
else
|
83
|
-
say '! You have to setup HAKIRI_AUTH_TOKEN environmental variable with your Hakiri authentication token.'
|
84
|
-
end
|
85
|
-
end
|
86
|
-
end
|
data/technologies.json
DELETED