pwn 0.5.448 → 0.5.449

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7c72e75c5db7f435844adfc184bf70aab0c85fe1c2a9e50e794c74ea6fa115e9
-  data.tar.gz: d5975feca9155c578de4745961abcc959b8986c225f9d10e193488d13c6b90ad
+  metadata.gz: 026f4db44d2df46a90735ae2a51c22ae0d990686d2dc3bdc51c73343ce5ce002
+  data.tar.gz: a6ef1a6d4b9ed9d8d3614272dc94d55a7fd41cd14d27f6c01b7e8906b86bce81
 SHA512:
-  metadata.gz: 22fca032a697591de30a5b98a4466181ac0ce4e3a6d90421f351a25019c2d5bd50888431adb04baccfcf3d97fb3483daaa3c40bb9c5fc9f67df9b2c9c87dff2f
-  data.tar.gz: 92b82824e9e1421e265e01553cd43a142f46ce3770dae6d1e7ffe71f456024d0c08506b5e8143bcf830567f245b353828c77857bc7a6596e9a69404ee5d833d2
+  metadata.gz: 4c61a6bb8c18a1b9c76d651c8122604f52c3a0af803f2f0261ade38a749f9e57df9ee1a2a59e7c0a57e5e7dcaac92598690341f97286c06a7d6a89abf3448fbd
+  data.tar.gz: 1ed45d4b0decc713199b3aaacb2ffa726a675e61a3efab194dccb4a80a070f91bb2697f63f434bf7a908366c4b97a7ba71f715ebb0b303e184cf760b886d2111

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.448]:001 >>> PWN.help
+pwn[v0.5.449]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.448]:001 >>> PWN.help
+pwn[v0.5.449]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.448]:001 >>> PWN.help
+pwn[v0.5.449]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/bin/pwn_sast

@@ -140,6 +140,7 @@ begin
       ThrowErrors
       Token
       TypeScriptTypeJuggling
+      UseAfterFree
       Version
       WindowLocationHash
     ].sort.uniq

data/lib/pwn/plugins/pwn_logger.rb

@@ -29,7 +29,7 @@ module PWN
           logger.level = Logger::INFO
         end
 
-        logger.datetime_format = '%Y-%m-%d %H:%M:%S.%N'
+        logger.datetime_format = '%Y-%m-%d %H:%M:%S.%N%z'
 
         logger.formatter = proc do |severity, _datetime, _progname, msg|
           # TODO: Include datetime & progname vars

data/lib/pwn/sast/test_case_engine.rb

@@ -148,7 +148,8 @@ module PWN
             end
           end
         end
-        logger_banner = "http://#{Socket.gethostname}:8808/doc_root/pwn-#{PWN::VERSION.to_s.scrub}/#{to_s.scrub.gsub('::', '/')}.html"
+        sast_module = security_references[:sast_module].to_s.scrub.gsub('::', '/')
+        logger_banner = "http://#{Socket.gethostname}:8808/doc_root/pwn-#{PWN::VERSION.to_s.scrub}/#{sast_module}.html"
         if logger_results.empty?
           @@logger.info("#{logger_banner}: No files applicable to this test case.\n")
         else

data/lib/pwn/sast/use_after_free.rb

@@ -0,0 +1,82 @@
+# frozen_string_literal: false
+
+require 'json'
+require 'socket'
+
+module PWN
+  module SAST
+    # SAST Module used to identify banned function
+    # calls in C & C++ code per:
+    # https://msdn.microsoft.com/en-us/library/bb288454.aspx
+    module UseAfterFree
+      # Supported Method Parameters::
+      # PWN::SAST::UseAfterFree.scan(
+      #   :dir_path => 'optional path to dir defaults to .'
+      #   :git_repo_root_uri => 'optional http uri of git repo scanned'
+      # )
+
+      public_class_method def self.scan(opts = {})
+        dir_path = opts[:dir_path]
+        git_repo_root_uri = opts[:git_repo_root_uri].to_s.scrub
+
+        test_case_filter = "
+          grep -Fn \
+          -e 'calloc(' \
+          -e 'free(' \
+          -e 'malloc(' \
+          -e 'realloc(' {PWN_SAST_SRC_TARGET} 2> /dev/null
+        "
+
+        include_extensions = %w[.c .cats .idc .cpp .cc .cxx .c++ .cp .CPP .C .cppm .ixx .h .hpp .hxx .hh .h++ .inc .inl .ipp .tcc .tpp .txx .i .s .asm .o .obj .a .so .lib .dll .exe .pdb .vcxproj .sln .dsp .dsw .cbp .cmake .make .mk]
+
+        PWN::SAST::TestCaseEngine.execute(
+          test_case_filter: test_case_filter,
+          security_references: security_references,
+          dir_path: dir_path,
+          include_extensions: include_extensions,
+          git_repo_root_uri: git_repo_root_uri
+        )
+      rescue StandardError => e
+        raise e
+      end
+
+      # Used primarily to map NIST 800-53 Revision 4 Security Controls
+      # https://web.nvd.nist.gov/view/800-53/Rev4/impact?impactName=HIGH
+      # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
+      # Determine the level of Testing Coverage w/ PWN.
+
+      public_class_method def self.security_references
+        {
+          sast_module: self,
+          section: 'MEMORY PROTECTION',
+          nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-16',
+          cwe_id: '416',
+          cwe_uri: 'https://cwe.mitre.org/data/definitions/416.html'
+        }
+      rescue StandardError => e
+        raise e
+      end
+
+      # Author(s):: 0day Inc. <support@0dayinc.com>
+
+      public_class_method def self.authors
+        "AUTHOR(S):
+          0day Inc. <support@0dayinc.com>
+        "
+      end
+
+      # Display Usage for this Module
+
+      public_class_method def self.help
+        puts "USAGE:
+          sast_arr = #{self}.scan(
+            :dir_path => 'optional path to dir defaults to .',
+            :git_repo_root_uri => 'optional http uri of git repo scanned'
+          )
+
+          #{self}.authors
+        "
+      end
+    end
+  end
+end

data/lib/pwn/sast.rb

@@ -54,6 +54,7 @@ module PWN
     autoload :ThrowErrors, 'pwn/sast/throw_errors'
     autoload :Token, 'pwn/sast/token'
     autoload :TypeScriptTypeJuggling, 'pwn/sast/type_script_type_juggling'
+    autoload :UseAfterFree, 'pwn/sast/use_after_free'
     autoload :Version, 'pwn/sast/version'
     autoload :WindowLocationHash, 'pwn/sast/window_location_hash'
 

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.448'
+  VERSION = '0.5.449'
 end

data/spec/lib/pwn/sast/use_after_free_spec.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe PWN::SAST::UseAfterFree do
+  it 'scan method should exist' do
+    scan_response = PWN::SAST::UseAfterFree
+    expect(scan_response).to respond_to :scan
+  end
+
+  it 'should display information for security_references' do
+    security_references_response = PWN::SAST::UseAfterFree
+    expect(security_references_response).to respond_to :security_references
+  end
+
+  it 'should display information for authors' do
+    authors_response = PWN::SAST::UseAfterFree
+    expect(authors_response).to respond_to :authors
+  end
+
+  it 'should display information for existing help method' do
+    help_response = PWN::SAST::UseAfterFree
+    expect(help_response).to respond_to :help
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.448
+  version: 0.5.449
 platform: ruby
 authors:
 - 0day Inc.
@@ -1974,6 +1974,7 @@ files:
 - lib/pwn/sast/throw_errors.rb
 - lib/pwn/sast/token.rb
 - lib/pwn/sast/type_script_type_juggling.rb
+- lib/pwn/sast/use_after_free.rb
 - lib/pwn/sast/version.rb
 - lib/pwn/sast/window_location_hash.rb
 - lib/pwn/version.rb
@@ -2325,6 +2326,7 @@ files:
 - spec/lib/pwn/sast/throw_errors_spec.rb
 - spec/lib/pwn/sast/token_spec.rb
 - spec/lib/pwn/sast/type_script_type_juggling_spec.rb
+- spec/lib/pwn/sast/use_after_free_spec.rb
 - spec/lib/pwn/sast/version_spec.rb
 - spec/lib/pwn/sast/window_location_hash_spec.rb
 - spec/lib/pwn/sast_spec.rb