Class: Contrast::Agent::Protect::Rule::PathTraversal

Inherits:

BaseService

• Object
• Base
• BaseService
• Contrast::Agent::Protect::Rule::PathTraversal

Includes:

Components::Interface

Defined in:

lib/contrast/agent/protect/rule/path_traversal.rb

Overview

This class handles our implementation of the Path Traversal Protect rule.

Constant Summary

NAME =

'path-traversal'

SYSTEM_PATHS =

%w[
  /proc/self
  etc/passwd
  etc/shadow
  etc/hosts
  etc/groups
  etc/gshadow
  ntuser.dat
  /Windows/win.ini
  /windows/system32/
  /windows/repair/
].cs__freeze

Constants inherited from Base

Base::BLOCKING_MODES, Base::OFF, Base::POSTFILTER_MODES, Base::STACK_COLLECTION_RESULTS, Base::UNKNOWN_USER_INPUT

Instance Attribute Summary

Attributes inherited from Base

#mode

Instance Method Summary

• #infilter(context, method, path) ⇒ Object
• #name ⇒ Object

Methods included from Components::Interface

included

Methods inherited from BaseService

#block_message, #infilter?, #postfilter

Methods inherited from Base

#append_to_activity, #build_attack_with_match, #build_attack_without_match, #enabled?, #excluded?, #infilter?, #initialize, #postfilter, #prefilter, #stream_safe?

Constructor Details

This class inherits a constructor from Contrast::Agent::Protect::Rule::Base

Instance Method Details

#infilter(context, method, path) ⇒ Object

Raises:

• (Contrast::SecurityException)

# File 'lib/contrast/agent/protect/rule/path_traversal.rb', line 36

def infilter context, method, path
  return unless infilter?(context)

  result = find_attacker(context, path)
  return unless result

  append_to_activity(context, result)
  return unless blocked?

  raise Contrast::SecurityException.new(
      self,
      "Path Traversal rule triggered. Call to File.#{ method } blocked.")
end

#name ⇒ Object

# File 'lib/contrast/agent/protect/rule/path_traversal.rb', line 32

def name
  NAME
end