scnr-introspector 0.2 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/scnr/introspector/execution_flow/point.rb +3 -1
- data/lib/scnr/introspector/version +1 -1
- data/lib/scnr/introspector.rb +31 -11
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8725bd56ebb19d4dc43d75c4c19a2fde62996e6b0df84ac074f7baf5049f95db
|
|
4
|
+
data.tar.gz: b5b35b5cd86bbb75554b2ba8b144f87606b17990c90351df37417f3ec79cd3f2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2ce2e0fa5215945851e1249a00f258a9ad542e090fe5f64402d2f804e1944f472c46438468a86b3fbf6cbb7d2e4aa2a092b89f5a7d50a90b92007b9a1bd1ca88
|
|
7
|
+
data.tar.gz: 5f281728c6423aa8222eb3b362dbac6a5715c60361a8d52666ea37a9b075542bac4fa4342e3b26e2aff80bb57bedaa7da44c8eb57ffc8e56cfb26467c3018b6d
|
|
@@ -29,6 +29,7 @@ class Point
|
|
|
29
29
|
attr_accessor :event
|
|
30
30
|
|
|
31
31
|
attr_accessor :source
|
|
32
|
+
attr_accessor :file_contents
|
|
32
33
|
|
|
33
34
|
# @param [Hash] options
|
|
34
35
|
def initialize( options = {} )
|
|
@@ -81,7 +82,8 @@ class Point
|
|
|
81
82
|
class_name: defined_class,
|
|
82
83
|
method_name: tp.method_id,
|
|
83
84
|
event: tp.event,
|
|
84
|
-
source: source_line( tp.path, tp.lineno )
|
|
85
|
+
source: source_line( tp.path, tp.lineno ),
|
|
86
|
+
file_contents: IO.read( tp.path )
|
|
85
87
|
})
|
|
86
88
|
end
|
|
87
89
|
|
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.3.0
|
data/lib/scnr/introspector.rb
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
require 'rbconfig'
|
|
2
2
|
require 'securerandom'
|
|
3
3
|
require 'rack/utils'
|
|
4
|
+
require 'base64'
|
|
4
5
|
require 'pp'
|
|
5
6
|
|
|
6
7
|
module SCNR
|
|
@@ -50,15 +51,15 @@ EORUBY
|
|
|
50
51
|
end
|
|
51
52
|
|
|
52
53
|
def taint_seed=( t )
|
|
53
|
-
|
|
54
|
+
Thread.current[:taint] = t
|
|
54
55
|
end
|
|
55
56
|
|
|
56
57
|
def taint_seed
|
|
57
|
-
|
|
58
|
+
Thread.current[:taint]
|
|
58
59
|
end
|
|
59
60
|
|
|
60
61
|
def data_flows
|
|
61
|
-
|
|
62
|
+
Thread.current[:data_flows] ||= {}
|
|
62
63
|
end
|
|
63
64
|
|
|
64
65
|
def synchronize( &block )
|
|
@@ -71,6 +72,12 @@ EORUBY
|
|
|
71
72
|
end
|
|
72
73
|
end
|
|
73
74
|
|
|
75
|
+
def flush_sinks( taint )
|
|
76
|
+
synchronize do
|
|
77
|
+
self.data_flows.delete taint
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
|
|
74
81
|
def filter_caller( a )
|
|
75
82
|
dir = File.dirname( __FILE__ )
|
|
76
83
|
a.reject do |c|
|
|
@@ -79,7 +86,7 @@ EORUBY
|
|
|
79
86
|
end
|
|
80
87
|
|
|
81
88
|
def find_and_log_taint( object, method, method_source_location, args )
|
|
82
|
-
taint =
|
|
89
|
+
taint = self.taint_seed
|
|
83
90
|
return if !taint
|
|
84
91
|
|
|
85
92
|
tainted = find_taint_in_arguments( taint, args )
|
|
@@ -204,10 +211,13 @@ EORUBY
|
|
|
204
211
|
info << :platforms
|
|
205
212
|
|
|
206
213
|
if env.delete( 'HTTP_X_SCNR_INTROSPECTOR_TRACE' )
|
|
207
|
-
info << :data_flow
|
|
208
214
|
info << :execution_flow
|
|
209
215
|
end
|
|
210
216
|
|
|
217
|
+
if env['HTTP_X_SCNR_INTROSPECTOR_TAINT']
|
|
218
|
+
info << :data_flow
|
|
219
|
+
end
|
|
220
|
+
|
|
211
221
|
inject( env, info )
|
|
212
222
|
|
|
213
223
|
rescue => e
|
|
@@ -217,7 +227,12 @@ EORUBY
|
|
|
217
227
|
|
|
218
228
|
def inject( env, info = [] )
|
|
219
229
|
self.class.taint_seed = env.delete( 'HTTP_X_SCNR_INTROSPECTOR_TAINT' )
|
|
220
|
-
|
|
230
|
+
if self.class.taint_seed
|
|
231
|
+
self.class.taint_seed = Base64.decode64( self.class.taint_seed )
|
|
232
|
+
self.class.taint_seed = nil if self.class.taint_seed.empty?
|
|
233
|
+
end
|
|
234
|
+
|
|
235
|
+
seed = env.delete( 'HTTP_X_SCNR_ENGINE_SCAN_SEED' )
|
|
221
236
|
|
|
222
237
|
data = {}
|
|
223
238
|
|
|
@@ -245,20 +260,25 @@ EORUBY
|
|
|
245
260
|
end
|
|
246
261
|
|
|
247
262
|
if info.include?( :data_flow ) && self.class.taint_seed
|
|
248
|
-
data['data_flow'] = self.class.
|
|
263
|
+
data['data_flow'] = self.class.flush_sinks( self.class.taint_seed )&.to_rpc_data
|
|
249
264
|
end
|
|
250
265
|
|
|
251
266
|
code = response.shift
|
|
252
267
|
headers = response.shift
|
|
253
268
|
body = response.shift
|
|
254
|
-
body = body.respond_to?( :body ) ? body.body : body
|
|
255
269
|
|
|
256
|
-
|
|
257
|
-
|
|
270
|
+
if headers['Content-Type'] && headers['Content-Type'].include?( 'html' )
|
|
271
|
+
body = body.respond_to?( :body ) ? body.body : body
|
|
272
|
+
body = [body].flatten
|
|
273
|
+
body << "<!-- #{seed}\n#{JSON.dump( data )}\n#{seed} -->"
|
|
258
274
|
|
|
259
|
-
|
|
275
|
+
headers['Content-Length'] = body.map(&:bytesize).inject(:+)
|
|
276
|
+
end
|
|
260
277
|
|
|
261
278
|
[code, headers, [body].flatten ]
|
|
279
|
+
rescue => e
|
|
280
|
+
pp e
|
|
281
|
+
pp e.backtrace
|
|
262
282
|
end
|
|
263
283
|
|
|
264
284
|
def platforms
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: scnr-introspector
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tasos Laskos
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2025-01-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|