pentest 1.0.0

data/lib/pentest/ruby_parser.rb

@@ -0,0 +1,21 @@
+require 'ruby_parser'
+
+module Pentest
+  module RubyParser
+    class << self
+      # Get S-expression of specified method. Return nil if something went wrong.
+      def get_sexp(method)
+        file, loc = method.source_location
+        ast = ::RubyParser.new.parse File.read(file), file
+        ast.each do |exp|
+          next unless Sexp === exp
+          next unless exp[0] == :defn
+          if exp.line == loc
+            return exp
+          end
+        end
+        nil
+      end
+    end
+  end
+end

data/lib/pentest/runner.rb

@@ -0,0 +1,58 @@
+require 'pentest/endpoint'
+
+module Pentest
+  class Runner
+    def initialize(app_path, hooks)
+      @app_path = app_path
+      @hooks = hooks
+      @routes = ::Rails.application.routes.routes
+
+      @ingredients = Set.new
+    end
+
+    def run
+      @endpoints = @routes.map do |route|
+        endpoint = Endpoint.new(route, @app_path, @hooks)
+      end.select(&:valid?)
+
+      Logger.debug "Fetched #{@endpoints.size} endpoints"
+      Logger.print_seperator
+
+      @hooks[:setups].each do |setup_proc|
+        self.instance_eval &setup_proc
+      end
+
+      # TODO: Add ingredients when not enough
+      Logger.debug "Registered Ingredients: #{@ingredients.to_a.inspect}"
+
+      payloads = []
+      @endpoints.each do |endpoint|
+        payloads += endpoint.scan!(@ingredients.to_a)
+        Logger.print_seperator
+      end
+
+      if payloads.empty?
+        Logger.info 'No vulnerabilities found'
+        return nil
+      end
+
+      Logger.error "#{payloads.size} vulnerabilities found!!"
+
+      payloads.each_with_index do |payload, index|
+        puts ''
+        puts ''
+        puts payload.to_s(index)
+      end
+
+      puts ''
+
+      :error
+    end
+
+    private
+
+    def add_ingredient(ingredient)
+      @ingredients << ingredient.to_s
+    end
+  end
+end

data/lib/pentest/sql_proxy.rb

@@ -0,0 +1,59 @@
+require 'arproxy'
+
+module Pentest
+  class SqlProxy < Arproxy::Base
+    @handlers = nil
+    @parser = nil
+
+    def self.enable!(handler)
+      Arproxy.configure do |config|
+        config.use self
+        config.adapter_class.class_eval do
+          attr_accessor :handler
+          @@handler = handler
+          def exec_query_proxy(*args)
+            sql, = args
+            unless @@handler.nil?
+              @@handler.call(sql)
+            end
+            self.exec_query_original(*args)
+          end
+          alias_method :exec_query_original, :exec_query
+          alias_method :exec_query, :exec_query_proxy
+        end
+      end
+      Arproxy.enable!
+      Arproxy.proxy_chain.head.register_handler(handler)
+    end
+
+    def self.disable!(handler)
+      Arproxy.configure do |config|
+        config.adapter_class.class_eval do
+          alias_method :exec_query, :exec_query_original
+        end
+      end
+      Arproxy.proxy_chain.head.unregister_handler(handler)
+      Arproxy.disable!
+    end
+
+    def initialize
+      @handler = nil
+    end
+
+    def register_handler(handler)
+      @handler = handler
+    end
+
+    def unregister_handler(handler)
+      @handler = nil
+    end
+
+    def execute(*args)
+      sql, = args
+      unless @handler.nil?
+        @handler.call(sql)
+      end
+      super(*args)
+    end
+  end
+end

data/lib/pentest/version.rb

@@ -0,0 +1,3 @@
+module Pentest
+  VERSION = "1.0.0"
+end

data/pentest.gemspec

@@ -0,0 +1,50 @@
+
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "pentest/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "pentest"
+  spec.version       = Pentest::VERSION
+  spec.authors       = ["Koki Takahashi"]
+  spec.email         = ["hakatasiloving@gmail.com"]
+
+  spec.summary       = %q{Penetration testing automation tool for Ruby on Rails application}
+  spec.description   = %q{}
+  spec.homepage      = "https://github.com/hakatashi/pentest"
+  spec.license       = "MIT"
+
+  # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
+  # to allow pushing to a single host or delete this section to allow pushing to any host.
+  if spec.respond_to?(:metadata)
+    spec.metadata["allowed_push_host"] = "https://rubygems.org"
+
+    spec.metadata["homepage_uri"] = spec.homepage
+    spec.metadata["source_code_uri"] = "https://github.com/hakatashi/pentest"
+    spec.metadata["changelog_uri"] = "https://github.com/hakatashi/pentest"
+  else
+    raise "RubyGems 2.0 or newer is required to protect against " \
+      "public gem pushes."
+  end
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "ruby_parser"
+  spec.add_dependency "term-ansicolor"
+  spec.add_dependency "pairwise"
+  spec.add_dependency "arproxy"
+  spec.add_dependency "callsite"
+  spec.add_dependency "gda"
+  spec.add_dependency "nokogiri"
+
+  spec.add_development_dependency "bundler", "~> 1.17"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+end

metadata

@@ -0,0 +1,218 @@
+--- !ruby/object:Gem::Specification
+name: pentest
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Koki Takahashi
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2019-08-28 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: ruby_parser
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: term-ansicolor
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pairwise
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: arproxy
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: callsite
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: gda
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.17'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.17'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: ''
+email:
+- hakatasiloving@gmail.com
+executables:
+- pentest
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- exe/pentest
+- lib/pentest.rb
+- lib/pentest/ast_utils.rb
+- lib/pentest/checkers.rb
+- lib/pentest/checkers/base_checker.rb
+- lib/pentest/checkers/sqli_checker.rb
+- lib/pentest/checkers/xss_checker.rb
+- lib/pentest/commandline.rb
+- lib/pentest/dsl.rb
+- lib/pentest/endpoint.rb
+- lib/pentest/fuzzers/sqli.txt
+- lib/pentest/fuzzers/xss.txt
+- lib/pentest/initializer.rb
+- lib/pentest/logger.rb
+- lib/pentest/payload.rb
+- lib/pentest/ruby_parser.rb
+- lib/pentest/runner.rb
+- lib/pentest/sql_proxy.rb
+- lib/pentest/version.rb
+- pentest.gemspec
+homepage: https://github.com/hakatashi/pentest
+licenses:
+- MIT
+metadata:
+  allowed_push_host: https://rubygems.org
+  homepage_uri: https://github.com/hakatashi/pentest
+  source_code_uri: https://github.com/hakatashi/pentest
+  changelog_uri: https://github.com/hakatashi/pentest
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.3
+signing_key: 
+specification_version: 4
+summary: Penetration testing automation tool for Ruby on Rails application
+test_files: []