pwn 0.5.441 → 0.5.443

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (56) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -1
  3. data/README.md +3 -3
  4. data/lib/pwn/plugins/repl.rb +3 -5
  5. data/lib/pwn/sast/amqp_connect_as_guest.rb +12 -89
  6. data/lib/pwn/sast/apache_file_system_util_api.rb +11 -91
  7. data/lib/pwn/sast/aws.rb +13 -93
  8. data/lib/pwn/sast/banned_function_calls_c.rb +138 -218
  9. data/lib/pwn/sast/base64.rb +12 -90
  10. data/lib/pwn/sast/beef_hook.rb +10 -90
  11. data/lib/pwn/sast/cmd_execution_java.rb +12 -92
  12. data/lib/pwn/sast/cmd_execution_python.rb +14 -94
  13. data/lib/pwn/sast/cmd_execution_ruby.rb +22 -102
  14. data/lib/pwn/sast/cmd_execution_scala.rb +12 -92
  15. data/lib/pwn/sast/csrf.rb +10 -90
  16. data/lib/pwn/sast/deserial_java.rb +17 -97
  17. data/lib/pwn/sast/emoticon.rb +17 -98
  18. data/lib/pwn/sast/eval.rb +10 -90
  19. data/lib/pwn/sast/factory.rb +12 -92
  20. data/lib/pwn/sast/http_authorization_header.rb +20 -100
  21. data/lib/pwn/sast/inner_html.rb +10 -90
  22. data/lib/pwn/sast/keystore.rb +10 -90
  23. data/lib/pwn/sast/local_storage.rb +11 -91
  24. data/lib/pwn/sast/location_hash.rb +10 -90
  25. data/lib/pwn/sast/log4j.rb +10 -90
  26. data/lib/pwn/sast/logger.rb +24 -104
  27. data/lib/pwn/sast/md5.rb +10 -90
  28. data/lib/pwn/sast/outer_html.rb +10 -90
  29. data/lib/pwn/sast/padding_oracle.rb +11 -91
  30. data/lib/pwn/sast/password.rb +15 -95
  31. data/lib/pwn/sast/php_input_mechanisms.rb +16 -96
  32. data/lib/pwn/sast/php_type_juggling.rb +14 -94
  33. data/lib/pwn/sast/pom_version.rb +1 -1
  34. data/lib/pwn/sast/port.rb +16 -96
  35. data/lib/pwn/sast/post_message.rb +10 -90
  36. data/lib/pwn/sast/private_key.rb +10 -90
  37. data/lib/pwn/sast/redirect.rb +13 -93
  38. data/lib/pwn/sast/redos.rb +16 -96
  39. data/lib/pwn/sast/shell.rb +18 -98
  40. data/lib/pwn/sast/signature.rb +10 -90
  41. data/lib/pwn/sast/sql.rb +19 -93
  42. data/lib/pwn/sast/ssl.rb +14 -94
  43. data/lib/pwn/sast/sudo.rb +10 -90
  44. data/lib/pwn/sast/task_tag.rb +23 -103
  45. data/lib/pwn/sast/test_case_engine.rb +147 -0
  46. data/lib/pwn/sast/throw_errors.rb +14 -94
  47. data/lib/pwn/sast/token.rb +12 -92
  48. data/lib/pwn/sast/type_script_type_juggling.rb +14 -94
  49. data/lib/pwn/sast/version.rb +12 -92
  50. data/lib/pwn/sast/window_location_hash.rb +10 -90
  51. data/lib/pwn/sast.rb +4 -0
  52. data/lib/pwn/version.rb +1 -1
  53. data/lib/pwn.rb +0 -2
  54. data/spec/lib/pwn/sast/test_case_engine_spec.rb +20 -0
  55. data/third_party/pwn_rdoc.jsonl +1 -1
  56. metadata +5 -3
data/lib/pwn/sast/logger.rb CHANGED
@@ -20,112 +20,32 @@ module PWN
20
20
  public_class_method def self.scan(opts = {})
21
21
  dir_path = opts[:dir_path]
22
22
  git_repo_root_uri = opts[:git_repo_root_uri].to_s.scrub
23
- result_arr = []
24
- ai_introspection = PWN::Env[:ai][:introspection]
25
- logger_results = "AI Introspection => #{ai_introspection} => "
26
23
 
27
- PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
28
- if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && entry !~ /test/i
29
- line_no_and_contents_arr = []
30
- entry_beautified = false
31
-
32
- if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
33
- js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
34
- entry = "#{entry}.JS-BEAUTIFIED"
35
- entry_beautified = true
36
- end
37
-
38
- test_case_filter = "
39
- grep -Fin \
40
- -e '.warn' \
41
- -e '.info' \
42
- -e '.error' \
43
- -e '.debug' #{entry} > /dev/null | grep -i \
44
- -e log | grep -i \
45
- -e pass \
46
- -e pwd \
47
- -e saml \
48
- -e uri \
49
- -e url \
50
- -e auth \
51
- -e cred \
52
- -e token \
53
- -e session \
54
- -e key
55
- "
56
-
57
- str = `#{test_case_filter}`.to_s.scrub
58
-
59
- if str.to_s.empty?
60
- # If str length is >= 64 KB do not include results. (Due to Mongo Document Size Restrictions)
61
- logger_results = "#{logger_results}~" # Catching bugs is good :)
62
- else
63
- str = "1:Result larger than 64KB -> Size: #{str.to_s.length}. Please click the \"Path\" link for more details." if str.to_s.length >= 64_000
64
-
65
- hash_line = {
66
- timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
67
- security_references: security_references,
68
- filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
69
- line_no_and_contents: '',
70
- raw_content: str,
71
- test_case_filter: test_case_filter
72
- }
73
-
74
- # COMMMENT: Must be a better way to implement this (regex is kinda funky)
75
- line_contents_split = str.split(/^(\d{1,}):|\n(\d{1,}):/)[1..-1]
76
- line_no_count = line_contents_split.length # This should always be an even number
77
- current_count = 0
78
- while line_no_count > current_count
79
- line_no = line_contents_split[current_count]
80
- contents = line_contents_split[current_count + 1]
81
- if Dir.exist?('.git')
82
- repo_root = '.'
83
-
84
- author = PWN::Plugins::Git.get_author(
85
- repo_root: repo_root,
86
- from_line: line_no,
87
- to_line: line_no,
88
- target_file: entry,
89
- entry_beautified: entry_beautified
90
- )
91
- end
92
- author ||= 'N/A'
93
-
94
- ai_analysis = nil
95
- if ai_introspection
96
- request = {
97
- scm_uri: "#{hash_line[:filename][:git_repo_root_uri]}/#{hash_line[:filename][:entry]}",
98
- line_no: line_no,
99
- source_code_snippet: contents
100
- }.to_json
101
- response = PWN::AI::Introspection.reflect(request: request)
102
- if response.is_a?(Hash)
103
- ai_analysis = response[:choices].last[:text] if response[:choices].last.keys.include?(:text)
104
- ai_analysis = response[:choices].last[:content] if response[:choices].last.keys.include?(:content)
105
- end
106
- end
107
-
108
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
109
- line_no: line_no,
110
- contents: contents,
111
- author: author,
112
- ai_analysis: ai_analysis
113
- )
24
+ test_case_filter = "
25
+ grep -Fin \
26
+ -e '.warn' \
27
+ -e '.info' \
28
+ -e '.error' \
29
+ -e '.debug' {PWN_SAST_SRC_TARGET} > /dev/null | grep -i \
30
+ -e log | grep -i \
31
+ -e pass \
32
+ -e pwd \
33
+ -e saml \
34
+ -e uri \
35
+ -e url \
36
+ -e auth \
37
+ -e cred \
38
+ -e token \
39
+ -e session \
40
+ -e key
41
+ "
114
42
 
115
- current_count += 2
116
- end
117
- result_arr.push(hash_line)
118
- logger_results = "#{logger_results}x" # Seeing progress is good :)
119
- end
120
- end
121
- end
122
- logger_banner = "http://#{Socket.gethostname}:8808/doc_root/pwn-#{PWN::VERSION.to_s.scrub}/#{to_s.scrub.gsub('::', '/')}.html"
123
- if logger_results.empty?
124
- @@logger.info("#{logger_banner}: No files applicable to this test case.\n")
125
- else
126
- @@logger.info("#{logger_banner} => #{logger_results}complete.\n")
127
- end
128
- result_arr
43
+ PWN::SAST::TestCaseEngine.execute(
44
+ test_case_filter: test_case_filter,
45
+ security_references: security_references,
46
+ dir_path: dir_path,
47
+ git_repo_root_uri: git_repo_root_uri
48
+ )
129
49
  rescue StandardError => e
130
50
  raise e
131
51
  end
data/lib/pwn/sast/md5.rb CHANGED
@@ -19,98 +19,18 @@ module PWN
19
19
  public_class_method def self.scan(opts = {})
20
20
  dir_path = opts[:dir_path]
21
21
  git_repo_root_uri = opts[:git_repo_root_uri].to_s.scrub
22
- result_arr = []
23
- ai_introspection = PWN::Env[:ai][:introspection]
24
- logger_results = "AI Introspection => #{ai_introspection} => "
25
22
 
26
- PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
27
- if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
28
- line_no_and_contents_arr = []
29
- entry_beautified = false
30
-
31
- if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
32
- js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
33
- entry = "#{entry}.JS-BEAUTIFIED"
34
- entry_beautified = true
35
- end
36
-
37
- test_case_filter = "
38
- grep -in \
39
- -e 'md5' #{entry} 2> /dev/null
40
- "
41
-
42
- str = `#{test_case_filter}`.to_s.scrub
43
-
44
- if str.to_s.empty?
45
- # If str length is >= 64 KB do not include results. (Due to Mongo Document Size Restrictions)
46
- logger_results = "#{logger_results}~" # Catching bugs is good :)
47
- else
48
- str = "1:Result larger than 64KB -> Size: #{str.to_s.length}. Please click the \"Path\" link for more details." if str.to_s.length >= 64_000
49
-
50
- hash_line = {
51
- timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
52
- security_references: security_references,
53
- filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
54
- line_no_and_contents: '',
55
- raw_content: str,
56
- test_case_filter: test_case_filter
57
- }
58
-
59
- # COMMMENT: Must be a better way to implement this (regex is kinda funky)
60
- line_contents_split = str.split(/^(\d{1,}):|\n(\d{1,}):/)[1..-1]
61
- line_no_count = line_contents_split.length # This should always be an even number
62
- current_count = 0
63
- while line_no_count > current_count
64
- line_no = line_contents_split[current_count]
65
- contents = line_contents_split[current_count + 1]
66
- if Dir.exist?('.git')
67
- repo_root = '.'
68
-
69
- author = PWN::Plugins::Git.get_author(
70
- repo_root: repo_root,
71
- from_line: line_no,
72
- to_line: line_no,
73
- target_file: entry,
74
- entry_beautified: entry_beautified
75
- )
76
- end
77
- author ||= 'N/A'
78
-
79
- ai_analysis = nil
80
- if ai_introspection
81
- request = {
82
- scm_uri: "#{hash_line[:filename][:git_repo_root_uri]}/#{hash_line[:filename][:entry]}",
83
- line_no: line_no,
84
- source_code_snippet: contents
85
- }.to_json
86
- response = PWN::AI::Introspection.reflect(request: request)
87
- if response.is_a?(Hash)
88
- ai_analysis = response[:choices].last[:text] if response[:choices].last.keys.include?(:text)
89
- ai_analysis = response[:choices].last[:content] if response[:choices].last.keys.include?(:content)
90
- end
91
- end
92
-
93
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
94
- line_no: line_no,
95
- contents: contents,
96
- author: author,
97
- ai_analysis: ai_analysis
98
- )
23
+ test_case_filter = "
24
+ grep -in \
25
+ -e 'md5' {PWN_SAST_SRC_TARGET} 2> /dev/null
26
+ "
99
27
 
100
- current_count += 2
101
- end
102
- result_arr.push(hash_line)
103
- logger_results = "#{logger_results}x" # Seeing progress is good :)
104
- end
105
- end
106
- end
107
- logger_banner = "http://#{Socket.gethostname}:8808/doc_root/pwn-#{PWN::VERSION.to_s.scrub}/#{to_s.scrub.gsub('::', '/')}.html"
108
- if logger_results.empty?
109
- @@logger.info("#{logger_banner}: No files applicable to this test case.\n")
110
- else
111
- @@logger.info("#{logger_banner} => #{logger_results}complete.\n")
112
- end
113
- result_arr
28
+ PWN::SAST::TestCaseEngine.execute(
29
+ test_case_filter: test_case_filter,
30
+ security_references: security_references,
31
+ dir_path: dir_path,
32
+ git_repo_root_uri: git_repo_root_uri
33
+ )
114
34
  rescue StandardError => e
115
35
  raise e
116
36
  end
data/lib/pwn/sast/outer_html.rb CHANGED
@@ -20,98 +20,18 @@ module PWN
20
20
  public_class_method def self.scan(opts = {})
21
21
  dir_path = opts[:dir_path]
22
22
  git_repo_root_uri = opts[:git_repo_root_uri].to_s.scrub
23
- result_arr = []
24
- ai_introspection = PWN::Env[:ai][:introspection]
25
- logger_results = "AI Introspection => #{ai_introspection} => "
26
23
 
27
- PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
28
- if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
29
- line_no_and_contents_arr = []
30
- entry_beautified = false
31
-
32
- if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
33
- js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
34
- entry = "#{entry}.JS-BEAUTIFIED"
35
- entry_beautified = true
36
- end
37
-
38
- test_case_filter = "
39
- grep -n \
40
- -e 'outerHTML' #{entry} 2> /dev/null
41
- "
42
-
43
- str = `#{test_case_filter}`.to_s.scrub
44
-
45
- if str.to_s.empty?
46
- # If str length is >= 64 KB do not include results. (Due to Mongo Document Size Restrictions)
47
- logger_results = "#{logger_results}~" # Catching bugs is good :)
48
- else
49
- str = "1:Result larger than 64KB -> Size: #{str.to_s.length}. Please click the \"Path\" link for more details." if str.to_s.length >= 64_000
50
-
51
- hash_line = {
52
- timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
53
- security_references: security_references,
54
- filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
55
- line_no_and_contents: '',
56
- raw_content: str,
57
- test_case_filter: test_case_filter
58
- }
59
-
60
- # COMMMENT: Must be a better way to implement this (regex is kinda funky)
61
- line_contents_split = str.split(/^(\d{1,}):|\n(\d{1,}):/)[1..-1]
62
- line_no_count = line_contents_split.length # This should always be an even number
63
- current_count = 0
64
- while line_no_count > current_count
65
- line_no = line_contents_split[current_count]
66
- contents = line_contents_split[current_count + 1]
67
- if Dir.exist?('.git')
68
- repo_root = '.'
69
-
70
- author = PWN::Plugins::Git.get_author(
71
- repo_root: repo_root,
72
- from_line: line_no,
73
- to_line: line_no,
74
- target_file: entry,
75
- entry_beautified: entry_beautified
76
- )
77
- end
78
- author ||= 'N/A'
79
-
80
- ai_analysis = nil
81
- if ai_introspection
82
- request = {
83
- scm_uri: "#{hash_line[:filename][:git_repo_root_uri]}/#{hash_line[:filename][:entry]}",
84
- line_no: line_no,
85
- source_code_snippet: contents
86
- }.to_json
87
- response = PWN::AI::Introspection.reflect(request: request)
88
- if response.is_a?(Hash)
89
- ai_analysis = response[:choices].last[:text] if response[:choices].last.keys.include?(:text)
90
- ai_analysis = response[:choices].last[:content] if response[:choices].last.keys.include?(:content)
91
- end
92
- end
93
-
94
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
95
- line_no: line_no,
96
- contents: contents,
97
- author: author,
98
- ai_analysis: ai_analysis
99
- )
24
+ test_case_filter = "
25
+ grep -n \
26
+ -e 'outerHTML' {PWN_SAST_SRC_TARGET} 2> /dev/null
27
+ "
100
28
 
101
- current_count += 2
102
- end
103
- result_arr.push(hash_line)
104
- logger_results = "#{logger_results}x" # Seeing progress is good :)
105
- end
106
- end
107
- end
108
- logger_banner = "http://#{Socket.gethostname}:8808/doc_root/pwn-#{PWN::VERSION.to_s.scrub}/#{to_s.scrub.gsub('::', '/')}.html"
109
- if logger_results.empty?
110
- @@logger.info("#{logger_banner}: No files applicable to this test case.\n")
111
- else
112
- @@logger.info("#{logger_banner} => #{logger_results}complete.\n")
113
- end
114
- result_arr
29
+ PWN::SAST::TestCaseEngine.execute(
30
+ test_case_filter: test_case_filter,
31
+ security_references: security_references,
32
+ dir_path: dir_path,
33
+ git_repo_root_uri: git_repo_root_uri
34
+ )
115
35
  rescue StandardError => e
116
36
  raise e
117
37
  end
data/lib/pwn/sast/padding_oracle.rb CHANGED
@@ -18,99 +18,19 @@ module PWN
18
18
  public_class_method def self.scan(opts = {})
19
19
  dir_path = opts[:dir_path]
20
20
  git_repo_root_uri = opts[:git_repo_root_uri].to_s.scrub
21
- result_arr = []
22
- ai_introspection = PWN::Env[:ai][:introspection]
23
- logger_results = "AI Introspection => #{ai_introspection} => "
24
21
 
25
- PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
26
- if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
27
- line_no_and_contents_arr = []
28
- entry_beautified = false
29
-
30
- if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
31
- js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
32
- entry = "#{entry}.JS-BEAUTIFIED"
33
- entry_beautified = true
34
- end
35
-
36
- # TODO: Include regex to search for weak CBC block cipher padding
37
- test_case_filter = "
38
- grep -Ein \
39
- -e 'AES/CBC/PKCS' #{entry} 2> /dev/null
40
- "
41
-
42
- str = `#{test_case_filter}`.to_s.scrub
43
-
44
- if str.to_s.empty?
45
- # If str length is >= 64 KB do not include results. (Due to Mongo Document Size Restrictions)
46
- logger_results = "#{logger_results}~" # Catching bugs is good :)
47
- else
48
- str = "1:Result larger than 64KB -> Size: #{str.to_s.length}. Please click the \"Path\" link for more details." if str.to_s.length >= 64_000
49
-
50
- hash_line = {
51
- timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
52
- security_references: security_references,
53
- filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
54
- line_no_and_contents: '',
55
- raw_content: str,
56
- test_case_filter: test_case_filter
57
- }
58
-
59
- # COMMMENT: Must be a better way to implement this (regex is kinda funky)
60
- line_contents_split = str.split(/^(\d{1,}):|\n(\d{1,}):/)[1..-1]
61
- line_no_count = line_contents_split.length # This should always be an even number
62
- current_count = 0
63
- while line_no_count > current_count
64
- line_no = line_contents_split[current_count]
65
- contents = line_contents_split[current_count + 1]
66
- if Dir.exist?('.git')
67
- repo_root = '.'
68
-
69
- author = PWN::Plugins::Git.get_author(
70
- repo_root: repo_root,
71
- from_line: line_no,
72
- to_line: line_no,
73
- target_file: entry,
74
- entry_beautified: entry_beautified
75
- )
76
- end
77
- author ||= 'N/A'
78
-
79
- ai_analysis = nil
80
- if ai_introspection
81
- request = {
82
- scm_uri: "#{hash_line[:filename][:git_repo_root_uri]}/#{hash_line[:filename][:entry]}",
83
- line_no: line_no,
84
- source_code_snippet: contents
85
- }.to_json
86
- response = PWN::AI::Introspection.reflect(request: request)
87
- if response.is_a?(Hash)
88
- ai_analysis = response[:choices].last[:text] if response[:choices].last.keys.include?(:text)
89
- ai_analysis = response[:choices].last[:content] if response[:choices].last.keys.include?(:content)
90
- end
91
- end
92
-
93
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
94
- line_no: line_no,
95
- contents: contents,
96
- author: author,
97
- ai_analysis: ai_analysis
98
- )
22
+ # TODO: Include regex to search for weak CBC block cipher padding
23
+ test_case_filter = "
24
+ grep -Ein \
25
+ -e 'AES/CBC/PKCS' {PWN_SAST_SRC_TARGET} 2> /dev/null
26
+ "
99
27
 
100
- current_count += 2
101
- end
102
- result_arr.push(hash_line)
103
- logger_results = "#{logger_results}x" # Seeing progress is good :)
104
- end
105
- end
106
- end
107
- logger_banner = "http://#{Socket.gethostname}:8808/doc_root/pwn-#{PWN::VERSION.to_s.scrub}/#{to_s.scrub.gsub('::', '/')}.html"
108
- if logger_results.empty?
109
- @@logger.info("#{logger_banner}: No files applicable to this test case.\n")
110
- else
111
- @@logger.info("#{logger_banner} => #{logger_results}complete.\n")
112
- end
113
- result_arr
28
+ PWN::SAST::TestCaseEngine.execute(
29
+ test_case_filter: test_case_filter,
30
+ security_references: security_references,
31
+ dir_path: dir_path,
32
+ git_repo_root_uri: git_repo_root_uri
33
+ )
114
34
  rescue StandardError => e
115
35
  raise e
116
36
  end
data/lib/pwn/sast/password.rb CHANGED
@@ -19,102 +19,22 @@ module PWN
19
19
  public_class_method def self.scan(opts = {})
20
20
  dir_path = opts[:dir_path]
21
21
  git_repo_root_uri = opts[:git_repo_root_uri].to_s.scrub
22
- result_arr = []
23
- ai_introspection = PWN::Env[:ai][:introspection]
24
- logger_results = "AI Introspection => #{ai_introspection} => "
25
22
 
26
- PWN::Plugins::FileFu.recurse_in_dir(dir_path: dir_path) do |entry|
27
- if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
28
- line_no_and_contents_arr = []
29
- entry_beautified = false
30
-
31
- if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
32
- js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
33
- entry = "#{entry}.JS-BEAUTIFIED"
34
- entry_beautified = true
35
- end
36
-
37
- test_case_filter = %(
38
- grep -Ein \
39
- -e "password(\\s=|=)" \
40
- -e "passwd(\\s=|=)" \
41
- -e "pass(\\s=|=)" \
42
- -e "password:\\s" \
43
- -e "pwd(\\s=|=)" #{entry} 2> /dev/null
44
- )
45
-
46
- str = `#{test_case_filter}`.to_s.scrub
47
-
48
- if str.to_s.empty?
49
- # If str length is >= 64 KB do not include results. (Due to Mongo Document Size Restrictions)
50
- logger_results = "#{logger_results}~" # Catching bugs is good :)
51
- else
52
- str = "1:Result larger than 64KB -> Size: #{str.to_s.length}. Please click the \"Path\" link for more details." if str.to_s.length >= 64_000
53
-
54
- hash_line = {
55
- timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
56
- security_references: security_references,
57
- filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
58
- line_no_and_contents: '',
59
- raw_content: str,
60
- test_case_filter: test_case_filter
61
- }
62
-
63
- # COMMMENT: Must be a better way to implement this (regex is kinda funky)
64
- line_contents_split = str.split(/^(\d{1,}):|\n(\d{1,}):/)[1..-1]
65
- line_no_count = line_contents_split.length # This should always be an even number
66
- current_count = 0
67
- while line_no_count > current_count
68
- line_no = line_contents_split[current_count]
69
- contents = line_contents_split[current_count + 1]
70
- if Dir.exist?('.git')
71
- repo_root = '.'
72
-
73
- author = PWN::Plugins::Git.get_author(
74
- repo_root: repo_root,
75
- from_line: line_no,
76
- to_line: line_no,
77
- target_file: entry,
78
- entry_beautified: entry_beautified
79
- )
80
- end
81
- author ||= 'N/A'
82
-
83
- ai_analysis = nil
84
- if ai_introspection
85
- request = {
86
- scm_uri: "#{hash_line[:filename][:git_repo_root_uri]}/#{hash_line[:filename][:entry]}",
87
- line_no: line_no,
88
- source_code_snippet: contents
89
- }.to_json
90
- response = PWN::AI::Introspection.reflect(request: request)
91
- if response.is_a?(Hash)
92
- ai_analysis = response[:choices].last[:text] if response[:choices].last.keys.include?(:text)
93
- ai_analysis = response[:choices].last[:content] if response[:choices].last.keys.include?(:content)
94
- end
95
- end
96
-
97
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
98
- line_no: line_no,
99
- contents: contents,
100
- author: author,
101
- ai_analysis: ai_analysis
102
- )
103
-
104
- current_count += 2
105
- end
106
- result_arr.push(hash_line)
107
- logger_results = "#{logger_results}x" # Seeing progress is good :)
108
- end
109
- end
110
- end
111
- logger_banner = "http://#{Socket.gethostname}:8808/doc_root/pwn-#{PWN::VERSION.to_s.scrub}/#{to_s.scrub.gsub('::', '/')}.html"
112
- if logger_results.empty?
113
- @@logger.info("#{logger_banner}: No files applicable to this test case.\n")
114
- else
115
- @@logger.info("#{logger_banner} => #{logger_results}complete.\n")
116
- end
117
- result_arr
23
+ test_case_filter = %(
24
+ grep -Ein \
25
+ -e "password(\\s=|=)" \
26
+ -e "passwd(\\s=|=)" \
27
+ -e "pass(\\s=|=)" \
28
+ -e "password:\\s" \
29
+ -e "pwd(\\s=|=)" {PWN_SAST_SRC_TARGET} 2> /dev/null
30
+ )
31
+
32
+ PWN::SAST::TestCaseEngine.execute(
33
+ test_case_filter: test_case_filter,
34
+ security_references: security_references,
35
+ dir_path: dir_path,
36
+ git_repo_root_uri: git_repo_root_uri
37
+ )
118
38
  end
119
39
 
120
40
  # Used primarily to map NIST 800-53 Revision 4 Security Controls