muaddib-scanner 2.6.5 → 2.6.8

package/README.md

@@ -270,7 +270,7 @@ With pre-commit framework:
 ```yaml
 repos:
   - repo: https://github.com/DNSZLSK/muad-dib
-    rev: v2.6.2
+    rev: v2.6.6
     hooks:
       - id: muaddib-scan
 ```
@@ -286,7 +286,7 @@ repos:
 | **FPR** (Benign) | **12.1%** (64/529) | 529 npm packages, real source via `npm pack` |
 | **ADR** (Adversarial + Holdout) | **92.2%** (71/77) | 53 adversarial + 40 holdout (77 available on disk), global threshold=20 |
 
-**1974 tests** across 44 files, 86% code coverage. **129 rules** (124 RULES + 5 PARANOID).
+**2009 tests** across 46 files, 86% code coverage. **130 rules** (125 RULES + 5 PARANOID).
 
 > **Methodology caveats:**
 > - TPR measured on 49 Node.js attack samples (3 browser-only excluded from 51 total)
@@ -327,7 +327,7 @@ npm test
 
 ### Testing
 
-- **1974 tests** across 44 modular test files - 86% code coverage
+- **2009 tests** across 46 modular test files - 86% code coverage
 - **56 fuzz tests** - Malformed inputs, ReDoS, unicode, binary
 - **Datadog 17K benchmark** - 17,922 real malware samples
 - **Ground truth validation** - 51 real-world attacks (93.9% TPR)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "muaddib-scanner",
-  "version": "2.6.5",
+  "version": "2.6.8",
   "description": "Supply-chain threat detection & response for npm & PyPI/Python",
   "main": "src/index.js",
   "bin": {

package/src/index.js

@@ -34,10 +34,6 @@ const { buildIntentPairs } = require('./intent-graph.js');
 const { MAX_FILE_SIZE, safeParse } = require('./shared/constants.js');
 const walk = require('acorn-walk');
 
-// Timeout constants for scan safety
-const SCANNER_TIMEOUT = 15000;  // 15s per individual scanner
-const SCAN_TIMEOUT = 60000;     // 60s global scan timeout
-
 // Paranoid mode scanner
 function scanParanoid(targetPath) {
   const threats = [];
@@ -398,9 +394,10 @@ async function run(targetPath, options = {}) {
       const emitterFlows = await yieldThen(() => detectEventEmitterFlows(graph, tainted, sinkAnnotations, targetPath));
       crossFileFlows = crossFileFlows.concat(emitterFlows);
     };
-    const timeout = new Promise((_, reject) =>
-      setTimeout(() => reject(new Error('Module graph timeout')), MODULE_GRAPH_TIMEOUT_MS)
-    );
+    let graphTimerId;
+    const timeout = new Promise((_, reject) => {
+      graphTimerId = setTimeout(() => reject(new Error('Module graph timeout')), MODULE_GRAPH_TIMEOUT_MS);
+    });
     try {
       await Promise.race([moduleGraphWork(), timeout]);
     } catch (e) {
@@ -409,6 +406,8 @@ async function run(targetPath, options = {}) {
       if (e && e.message === 'Module graph timeout') {
         warnings.push(`Module graph analysis timed out (${MODULE_GRAPH_TIMEOUT_MS / 1000}s) — cross-file flows may be incomplete`);
       }
+    } finally {
+      clearTimeout(graphTimerId);
     }
   }
 

package/src/intent-graph.js

@@ -97,10 +97,6 @@ const COHERENCE_MATRIX = {
   },
 };
 
-// Kept for backward compatibility but no longer used in pairing
-// Cross-file detection is handled by module-graph.js (cross_file_dataflow)
-const CROSS_FILE_MULTIPLIER = 0.5;
-
 /**
  * Classify a threat as a source type.
  * Only high-confidence credential access patterns.
@@ -239,6 +235,5 @@ module.exports = {
   classifySource,
   classifySink,
   buildIntentPairs,
-  COHERENCE_MATRIX,
-  CROSS_FILE_MULTIPLIER
+  COHERENCE_MATRIX
 };

package/src/response/playbooks.js

@@ -180,6 +180,9 @@ const PLAYBOOKS = {
   workflow_injection:
     'Injection potentielle dans GitHub Actions via input non sanitise sur self-hosted runner. Supprimer ou corriger le workflow.',
 
+  workflow_pwn_request:
+    'CRITIQUE: Pwn request detecte — pull_request_target avec checkout du head de la PR permet l\'execution de code arbitraire. Remplacer par pull_request ou utiliser une strategie de checkout securisee (base ref uniquement).',
+
   sandbox_sensitive_file_read:
     'CRITIQUE: Package lit des fichiers sensibles (credentials) lors de l\'installation. Ne pas installer. Supprimer immediatement.',
   sandbox_sensitive_file_write:

package/src/rules/index.js

@@ -844,6 +844,18 @@ const RULES = {
     references: ['https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions'],
     mitre: 'T1195.002'
   },
+  workflow_pwn_request: {
+    id: 'MUADDIB-GHA-003',
+    name: 'GitHub Actions Pwn Request',
+    severity: 'CRITICAL',
+    confidence: 'high',
+    description: 'Workflow pull_request_target avec checkout du head ref/sha de la PR — permet execution de code arbitraire (pwn request)',
+    references: [
+      'https://securitylab.github.com/research/github-actions-preventing-pwn-requests/',
+      'https://attack.mitre.org/techniques/T1195/002/'
+    ],
+    mitre: 'T1195.002'
+  },
 
   // Sandbox detections
   sandbox_sensitive_file_read: {
@@ -1104,7 +1116,7 @@ const RULES = {
     description: 'Package inactif depuis 6+ mois avec une nouvelle version soudaine. Possible changement de mainteneur ou compromission.',
     references: [
       'https://blog.npmjs.org/post/180565383195/details-about-the-event-stream-incident',
-      'https://snyk.io/blog/a]]malicious-npm-packages-targeting-developers/'
+      'https://snyk.io/blog/malicious-npm-packages-targeting-developers/'
     ],
     mitre: 'T1195.002'
   },
@@ -1387,6 +1399,7 @@ const RULES = {
 function getRule(type) {
   if (RULES[type]) return RULES[type];
   if (PARANOID_RULES[type]) return PARANOID_RULES[type];
+  if (PARANOID_RULES_BY_ID[type]) return PARANOID_RULES_BY_ID[type];
   return {
     id: 'MUADDIB-UNK-001',
     name: 'Unknown Threat',
@@ -1437,4 +1450,10 @@ const PARANOID_RULES = {
   }
 };
 
+// Reverse-map: PARANOID rule ID → rule object (for scanParanoid threats)
+const PARANOID_RULES_BY_ID = {};
+for (const [, rule] of Object.entries(PARANOID_RULES)) {
+  PARANOID_RULES_BY_ID[rule.id] = rule;
+}
+
 module.exports = { RULES, getRule, PARANOID_RULES };

package/src/sandbox/index.js

@@ -273,7 +273,7 @@ async function runSingleSandbox(packageName, options = {}) {
       let report;
       try {
         const REPORT_DELIMITER = '---MUADDIB-REPORT-START---';
-        const delimIdx = stdout.indexOf(REPORT_DELIMITER);
+        const delimIdx = stdout.lastIndexOf(REPORT_DELIMITER);
         let jsonStr;
         if (delimIdx !== -1) {
           // Reliable: use delimiter to skip any package output before the report

package/src/scanner/entropy.js

@@ -232,7 +232,7 @@ function scanEntropy(targetPath, options = {}) {
       // B12: Windowed analysis for strings > MAX_STRING_LENGTH
       if (str.length > MAX_STRING_LENGTH) {
         if (SOURCE_MAP_REGEX.test(str) || SHA256_HEX_REGEX.test(str)) continue;
-        const WINDOW = 500, WIN_THRESHOLD = 6.0;
+        const WINDOW = 500, WIN_THRESHOLD = 5.5;
         for (let i = 0; i < str.length; i += WINDOW) {
           const w = str.slice(i, i + WINDOW);
           if (w.length < 20) continue;

package/src/scanner/github-actions.js

@@ -76,7 +76,7 @@ function scanDirRecursive(dirPath, targetPath, threats, depth = 0) {
 
       // GHA-002: Detect attacker-controlled context injection on ALL runners (not just self-hosted)
       const injectionPatterns = [
-        { regex: /\$\{\{\s*github\.event\.(comment\.body|issue\.body|issue\.title|pull_request\.body|pull_request\.title|discussion\.body|discussion\.title)/, msg: 'Attacker-controlled GitHub event context used in workflow' },
+        { regex: /\$\{\{\s*github\.event\.(comment\.body|issue\.body|issue\.title|pull_request\.body|pull_request\.title|discussion\.body|discussion\.title|pages\[\]\.html_url)/, msg: 'Attacker-controlled GitHub event context used in workflow' },
         { regex: /\$\{\{\s*github\.head_ref/, msg: 'github.head_ref is attacker-controlled in pull_request workflows' }
       ];
 
@@ -90,6 +90,18 @@ function scanDirRecursive(dirPath, targetPath, threats, depth = 0) {
           });
         }
       }
+
+      // GHA-003: Compound — pull_request_target + checkout of PR head (pwn request)
+      const hasPRTarget = /pull_request_target/m.test(activeContent);
+      const hasCheckoutPRHead = /actions\/checkout[\s\S]*?ref:\s*\$\{\{\s*github\.event\.pull_request\.head\.(ref|sha)\s*\}\}/m.test(activeContent);
+      if (hasPRTarget && hasCheckoutPRHead) {
+        threats.push({
+          type: 'workflow_pwn_request',
+          severity: 'CRITICAL',
+          message: 'Pwn request: pull_request_target with checkout of PR head ref/sha allows arbitrary code execution',
+          file: relFile
+        });
+      }
     }
 }
 

package/src/scanner/shell.js

@@ -1,6 +1,7 @@
 const fs = require('fs');
 const path = require('path');
 const { findFiles, forEachSafeFile } = require('../utils.js');
+const { MAX_FILE_SIZE } = require('../shared/constants.js');
 
 const SHELL_EXCLUDED_DIRS = ['node_modules', '.git', '.muaddib-cache'];
 
@@ -22,31 +23,75 @@ const MALICIOUS_PATTERNS = [
   { pattern: /wget\s+\S+.*&&.*base64\s+-d/m, name: 'wget_base64_decode', severity: 'HIGH' }
 ];
 
+const SHEBANG_RE = /^#!.*\b(?:ba)?sh\b/;
+
+function scanFileContent(file, content, targetPath, threats) {
+  // Strip comment lines to avoid false positives on documentation
+  const activeContent = content.split(/\r?\n/)
+    .filter(line => !line.trimStart().startsWith('#'))
+    .join('\n');
+
+  for (const { pattern, name, severity } of MALICIOUS_PATTERNS) {
+    if (pattern.test(activeContent)) {
+      threats.push({
+        type: name,
+        severity: severity,
+        message: `Pattern malveillant "${name}" detecte.`,
+        file: path.relative(targetPath, file)
+      });
+    }
+  }
+}
+
+/**
+ * Find extensionless files in a directory (non-recursive into excluded dirs).
+ * Used for shebang-based shell script detection.
+ */
+function findExtensionlessFiles(dir, excludedDirs, results = [], depth = 0) {
+  if (depth > 20) return results;
+  let items;
+  try { items = fs.readdirSync(dir); } catch { return results; }
+
+  for (const item of items) {
+    if (excludedDirs.includes(item)) continue;
+    const fullPath = path.join(dir, item);
+    try {
+      const lstat = fs.lstatSync(fullPath);
+      if (lstat.isSymbolicLink()) continue;
+      if (lstat.isDirectory()) {
+        findExtensionlessFiles(fullPath, excludedDirs, results, depth + 1);
+      } else if (lstat.isFile() && !path.extname(item) && lstat.size <= MAX_FILE_SIZE) {
+        results.push(fullPath);
+      }
+    } catch { /* permission error */ }
+  }
+  return results;
+}
+
 async function scanShellScripts(targetPath) {
   const threats = [];
-  
-  // Cherche les fichiers shell
+
+  // Pass 1: files with shell extensions
   const files = findFiles(targetPath, { extensions: ['.sh', '.bash', '.zsh', '.command'], excludedDirs: SHELL_EXCLUDED_DIRS });
 
   forEachSafeFile(files, (file, content) => {
-    // Strip comment lines to avoid false positives on documentation
-    const activeContent = content.split(/\r?\n/)
-      .filter(line => !line.trimStart().startsWith('#'))
-      .join('\n');
-
-    for (const { pattern, name, severity } of MALICIOUS_PATTERNS) {
-      if (pattern.test(activeContent)) {
-        threats.push({
-          type: name,
-          severity: severity,
-          message: `Pattern malveillant "${name}" detecte.`,
-          file: path.relative(targetPath, file)
-        });
-      }
-    }
+    scanFileContent(file, content, targetPath, threats);
   });
 
+  // Pass 2: extensionless files with sh/bash shebang
+  const extensionless = findExtensionlessFiles(targetPath, SHELL_EXCLUDED_DIRS);
+
+  for (const file of extensionless) {
+    try {
+      const content = fs.readFileSync(file, 'utf8');
+      const firstLine = content.split(/\r?\n/, 1)[0];
+      if (SHEBANG_RE.test(firstLine)) {
+        scanFileContent(file, content, targetPath, threats);
+      }
+    } catch { /* ignore unreadable files */ }
+  }
+
   return threats;
 }
 
-module.exports = { scanShellScripts };
+module.exports = { scanShellScripts };

package/src/scoring.js

@@ -164,7 +164,10 @@ const DIST_BUNDLER_ARTIFACT_TYPES = new Set([
   'js_obfuscation_pattern', 'vm_code_execution',
   'module_compile', 'module_compile_dynamic',
   // P7: env_access in dist/ is bundled SDK config reading, not credential theft
-  'env_access'
+  'env_access',
+  // P8: Proxy traps in dist/ are state management frameworks (MobX, Vue reactivity, Immer),
+  // not malicious data interception. Two-notch downgrade (CRITICAL→MEDIUM, HIGH→LOW).
+  'proxy_data_intercept'
 ]);
 
 // Types exempt from reachability downgrade — IOC matches, lifecycle, and package-level types.