security-gem 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 1887b65fa1934d3aaff48ec967805dd0f6221e569ef8155934b872905026806f
+  data.tar.gz: 8b736cf6c8820ff58e56cf5d4d942ae863e10ff021e5fa0283b253018ae95da1
+SHA512:
+  metadata.gz: 0cf8a70652fe3c7d26e0a91956392aaf30a8627e2155e36f4719bd2bbaff7d80bb73512d258360d54552f12dfc2fecd007e717d0af1f828df7dd84163cb3f728
+  data.tar.gz: bb9408d41e321fd8027e1f124d4a154bfb5cf80fda06c91b3ccdbf2eab0967c5de2cc9835525333b603bbe48bcdb08513c1d5c5381eccaff6f5626d23c06e1b9

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.gem

data/.rubocop.yml

@@ -0,0 +1,10 @@
+Style/StringLiterals:
+  Enabled: true
+  EnforcedStyle: double_quotes
+
+Style/StringLiteralsInInterpolation:
+  Enabled: true
+  EnforcedStyle: double_quotes
+
+Layout/LineLength:
+  Max: 120

data/Gemfile

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in security-gem.gemspec
+gemspec
+
+gem "rake", "~> 13.0"
+
+gem "rubocop", "~> 0.80"

data/Gemfile.lock

@@ -0,0 +1,40 @@
+PATH
+  remote: .
+  specs:
+    security-gem (0.1.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    ast (2.4.2)
+    parallel (1.22.1)
+    parser (3.1.2.0)
+      ast (~> 2.4.1)
+    rainbow (3.1.1)
+    rake (13.0.6)
+    regexp_parser (2.4.0)
+    rexml (3.2.5)
+    rubocop (0.93.1)
+      parallel (~> 1.10)
+      parser (>= 2.7.1.5)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8)
+      rexml
+      rubocop-ast (>= 0.6.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 2.0)
+    rubocop-ast (1.17.0)
+      parser (>= 3.1.1.0)
+    ruby-progressbar (1.11.0)
+    unicode-display_width (1.8.0)
+
+PLATFORMS
+  x86_64-darwin-20
+
+DEPENDENCIES
+  rake (~> 13.0)
+  rubocop (~> 0.80)
+  security-gem!
+
+BUNDLED WITH
+   2.2.3

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2022 tuckerweibell
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,39 @@
+# Security::Gem
+
+Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/security/gem`. To experiment with that code, run `bin/console` for an interactive prompt.
+
+TODO: Delete this and the text above, and describe your gem
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'security-gem'
+```
+
+And then execute:
+
+    $ bundle install
+
+Or install it yourself as:
+
+    $ gem install security-gem
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/security-gem.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rubocop/rake_task"
+
+RuboCop::RakeTask.new
+
+task default: :rubocop

data/bin/console

@@ -0,0 +1,15 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require "bundler/setup"
+require "security/gem"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/file.json

@@ -0,0 +1,2 @@
+# Logfile created on 2022-05-09 14:30:48 -0600 by logger.rb/v1.4.3
+{"level":"WARN","timestamp":"2022-05-09 14:30:48 -0600","app":null,"message":"\"{injection:SELECT -1 OR admin;, ip_address:192.168.1.113}\""}

data/lib/security/gem/builder.rb

@@ -0,0 +1,39 @@
+require 'json'
+require 'logger'
+require 'logger/formatter'
+require 'open-uri'
+
+
+module SecurityLogger
+
+    #Create logs used for SQL Injection detections
+    class Sql_Injection
+        def initialize
+            
+        end
+
+        def log(input)
+            logger = Logger.new(STDOUT)
+            logger.formatter = proc do |severity, datetime, progname, msg|
+                {
+                  severity: severity,
+                  timestamp: datetime.to_s,
+                  app: progname,
+                  message: msg
+                }.to_json + $/  
+            end
+
+            error = {:input => input}
+            logger.warn(JSON.parse(error.to_json))
+        end
+
+        def check_input(input)
+            File.foreach('payloads.txt') do |file|
+                if file.strip == input.strip
+                    self.log(input.strip)
+                    break
+                end
+              end
+        end
+    end
+end

data/lib/security/gem/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Security
+  module Gem
+    VERSION = "0.1.0"
+  end
+end

data/lib/security/gem.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+require_relative "gem/version"
+require_relative "gem/builder"
+require 'socket'
+
+module Security
+  module Gem
+    class Error < StandardError; end
+  end
+end
+
+input = "delete"
+
+SecurityLogger::Sql_Injection.new().check_input(input)
+