Module: Dawn::Engine

Includes:

Utils

Included in:

GemfileLock, Padrino, Rails, Sinatra

Defined in:

lib/dawn/engine.rb

Instance Attribute Summary

• #applied_checks ⇒ Object readonly

  Returns the value of attribute applied_checks.

• #checks ⇒ Object readonly

  Returns the value of attribute checks.

• #connected_gems ⇒ Object readonly

  Returns the value of attribute connected_gems.

• #controllers ⇒ Object readonly

  Each controller will be a little bit more complex.

• #debug ⇒ Object

  Returns the value of attribute debug.

• #engine_error ⇒ Object readonly

  Returns the value of attribute engine_error.

• #force ⇒ Object readonly

  This attribute is used when @name == “Gemfile.lock” to force the loading of specific MVC checks.

• #gemfile_lock ⇒ Object readonly

  Returns the value of attribute gemfile_lock.

• #mitigated_issues ⇒ Object readonly

  Returns the value of attribute mitigated_issues.

• #models ⇒ Object readonly

  Models I don’t know right now.

• #mvc_version ⇒ Object readonly

  Returns the value of attribute mvc_version.

• #name ⇒ Object readonly

  Returns the value of attribute name.

• #output_dir_name ⇒ Object readonly

  Returns the value of attribute output_dir_name.

• #reflected_xss ⇒ Object readonly

  Returns the value of attribute reflected_xss.

• #ruby_version ⇒ Object readonly

  Returns the value of attribute ruby_version.

• #scan_start ⇒ Object readonly

  Returns the value of attribute scan_start.

• #scan_stop ⇒ Object readonly

  Returns the value of attribute scan_stop.

• #skipped_checks ⇒ Object readonly

  Returns the value of attribute skipped_checks.

• #stats ⇒ Object readonly

  Returns the value of attribute stats.

• #target ⇒ Object readonly

  Returns the value of attribute target.

• #views ⇒ Object readonly

  Each view will be something like :language=>:haml.

• #vulnerabilities ⇒ Object readonly

  Returns the value of attribute vulnerabilities.

Instance Method Summary

• #apply(name) ⇒ Object

  Security stuff applies here.

• #apply_all ⇒ Object
• #build_view_array(dir) ⇒ Object
• #can_apply? ⇒ Boolean
• #count_vulnerabilities ⇒ Object
• #create_output_dir ⇒ Object

  Creates the directory.

• #detect_controllers ⇒ Object
• #detect_models ⇒ Object
• #detect_views ⇒ Object
• #error! ⇒ Object
• #error? ⇒ Boolean
• #find_vulnerability_by_name(name) ⇒ Object
• #get_mvc_version ⇒ Object
• #get_ruby_version ⇒ Object
• #has_gemfile_lock? ⇒ Boolean
• #has_reflected_xss? ⇒ Boolean
• #initialize(dir = nil, name = "", options = {}) ⇒ Object
• #is_applied?(name) ⇒ Boolean
• #is_good_mvc? ⇒ Boolean
• #is_vulnerable_to?(name) ⇒ Boolean
• #load_knowledge_base(enabled_checks = []) ⇒ Object
• #output_dir ⇒ Object

  Creates the directory name where dawnscanner results will be saved.

• #scan_time ⇒ Object
• #set_mvc_version ⇒ Object
• #set_target(dir) ⇒ Object
• #target_is_dir? ⇒ Boolean

Methods included from Utils

#__debug_me_and_return, #debug_me, #debug_me_and_return_false, #debug_me_and_return_true

Instance Attribute Details

#applied_checks ⇒ Object (readonly)

Returns the value of attribute applied_checks.

# File 'lib/dawn/engine.rb', line 45

def applied_checks
  @applied_checks
end

#checks ⇒ Object (readonly)

Returns the value of attribute checks.

# File 'lib/dawn/engine.rb', line 18

def checks
  @checks
end

#connected_gems ⇒ Object (readonly)

Returns the value of attribute connected_gems.

# File 'lib/dawn/engine.rb', line 17

def connected_gems
  @connected_gems
end

#controllers ⇒ Object (readonly)

Each controller will be a little bit more complex. Of course for Sinatra, the controller filename will be the sole web application ruby file. :actions=>[{:name=>“index”, :method=>:get, :map=>“/”]

# File 'lib/dawn/engine.rb', line 37

def controllers
  @controllers
end

#debug ⇒ Object

Returns the value of attribute debug.

# File 'lib/dawn/engine.rb', line 43

def debug
  @debug
end

#engine_error ⇒ Object (readonly)

Returns the value of attribute engine_error.

# File 'lib/dawn/engine.rb', line 23

def engine_error
  @engine_error
end

#force ⇒ Object (readonly)

This attribute is used when @name == “Gemfile.lock” to force the loading of specific MVC checks

# File 'lib/dawn/engine.rb', line 14

def force
  @force
end

#gemfile_lock ⇒ Object (readonly)

Returns the value of attribute gemfile_lock.

# File 'lib/dawn/engine.rb', line 15

def gemfile_lock
  @gemfile_lock
end

#mitigated_issues ⇒ Object (readonly)

Returns the value of attribute mitigated_issues.

# File 'lib/dawn/engine.rb', line 20

def mitigated_issues
  @mitigated_issues
end

#models ⇒ Object (readonly)

Models I don’t know right now. Let them initialized as Array… we will see later

# File 'lib/dawn/engine.rb', line 41

def models
  @models
end

#mvc_version ⇒ Object (readonly)

Returns the value of attribute mvc_version.

# File 'lib/dawn/engine.rb', line 16

def mvc_version
  @mvc_version
end

#name ⇒ Object (readonly)

Returns the value of attribute name.

# File 'lib/dawn/engine.rb', line 9

def name
  @name
end

#output_dir_name ⇒ Object (readonly)

Returns the value of attribute output_dir_name.

# File 'lib/dawn/engine.rb', line 48

def output_dir_name
  @output_dir_name
end

#reflected_xss ⇒ Object (readonly)

Returns the value of attribute reflected_xss.

# File 'lib/dawn/engine.rb', line 26

def reflected_xss
  @reflected_xss
end

#ruby_version ⇒ Object (readonly)

Returns the value of attribute ruby_version.

# File 'lib/dawn/engine.rb', line 21

def ruby_version
  @ruby_version
end

#scan_start ⇒ Object (readonly)

Returns the value of attribute scan_start.

# File 'lib/dawn/engine.rb', line 10

def scan_start
  @scan_start
end

#scan_stop ⇒ Object (readonly)

Returns the value of attribute scan_stop.

# File 'lib/dawn/engine.rb', line 11

def scan_stop
  @scan_stop
end

#skipped_checks ⇒ Object (readonly)

Returns the value of attribute skipped_checks.

# File 'lib/dawn/engine.rb', line 46

def skipped_checks
  @skipped_checks
end

#stats ⇒ Object (readonly)

Returns the value of attribute stats.

# File 'lib/dawn/engine.rb', line 24

def stats
  @stats
end

#target ⇒ Object (readonly)

Returns the value of attribute target.

# File 'lib/dawn/engine.rb', line 8

def target
  @target
end

#views ⇒ Object (readonly)

Each view will be something like :language=>:haml

# File 'lib/dawn/engine.rb', line 31

def views
  @views
end

#vulnerabilities ⇒ Object (readonly)

Returns the value of attribute vulnerabilities.

# File 'lib/dawn/engine.rb', line 19

def vulnerabilities
  @vulnerabilities
end

Instance Method Details

#apply(name) ⇒ Object

Security stuff applies here

Public it applies a single security check given by its name

name - the security check to be applied

Examples

engine.apply("CVE-2013-1800")
# => boolean

Returns a true value if the security check was successfully applied or false otherwise

# File 'lib/dawn/engine.rb', line 268

def apply(name)

  # FIXME.20140325
  # Now if no checks are loaded because knowledge base was not previously called, apply and apply_all proudly refuse to run.
  # Reason is simple, load_knowledge_base now needs enabled check array
  # and I don't want to pollute engine API to propagate this value. It's
  # a param to load_knowledge_base and then bin/dawn calls it
  # accordingly.
  # load_knowledge_base if @checks.nil?
  if @checks.nil?
    $logger.err "you must load knowledge base before trying to apply security checks"
    return false
  end

  return false if @checks.empty?

  @checks.each do |check|
    _do_apply(check) if check.name == name
  end

  false
end

#apply_all ⇒ Object

# File 'lib/dawn/engine.rb', line 291

def apply_all
  @scan_start = Time.now
  debug_me("SCAN STARTED: #{@scan_start}")

  # FIXME.20140325
  # Now if no checks are loaded because knowledge base was not previously called, apply and apply_all proudly refuse to run.
  # Reason is simple, load_knowledge_base now needs enabled check array
  # and I don't want to pollute engine API to propagate this value. It's
  # a param to load_knowledge_base and then bin/dawn calls it
  # accordingly.
  # load_knowledge_base if @checks.nil?
  if @checks.nil?
    $logger.err "you must load knowledge base before trying to apply security checks"
    @scan_stop = Time.now
    debug_me("SCAN STOPPED: #{@scan_stop}")
    return false
  end
  if @checks.empty?
    @scan_stop = Time.now
    debug_me("SCAN STOPPED: #{@scan_stop}")
    return false
  end

  @checks.each do |check|
    _do_apply(check)
  end

  @scan_stop = Time.now
  debug_me("SCAN STOPPED: #{@scan_stop}")

  true

end

#build_view_array(dir) ⇒ Object

# File 'lib/dawn/engine.rb', line 122

def build_view_array(dir)

  return [] unless File.exist?(dir) and File.directory?(dir) 

  ret = []
  Dir.glob(File.join("#{dir}", "*")).each do |filename| 
    ret << {:filename=>filename, :language=>:haml} if File.extname(filename) == ".haml"
  end

  ret
end

#can_apply? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dawn/engine.rb', line 212

def can_apply?
  target_is_dir? && is_good_mvc?
end

#count_vulnerabilities ⇒ Object

# File 'lib/dawn/engine.rb', line 359

def count_vulnerabilities
  ret = 0
  ret = @vulnerabilities.count unless @vulnerabilities.nil?
  ret +=  @reflected_xss.count unless @reflected_xss.nil?

  ret
end

#create_output_dir ⇒ Object

Creates the directory

# File 'lib/dawn/engine.rb', line 244

def create_output_dir
  FileUtils.mkdir_p(@output_dir_name)
  @output_dir_name
end

#detect_controllers ⇒ Object

# File 'lib/dawn/engine.rb', line 134

def detect_controllers
  []
end

#detect_models ⇒ Object

# File 'lib/dawn/engine.rb', line 138

def detect_models
  []
end

#detect_views ⇒ Object

# File 'lib/dawn/engine.rb', line 112

def detect_views
  []
end

#error! ⇒ Object

# File 'lib/dawn/engine.rb', line 115

def error!
  @error = true
end

#error? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dawn/engine.rb', line 118

def error?
  @error
end

#find_vulnerability_by_name(name) ⇒ Object

# File 'lib/dawn/engine.rb', line 341

def find_vulnerability_by_name(name)
  apply(name) unless is_applied?(name)
  @vulnerabilities.each do |v|
    return v if v[:name] == name
  end

  nil
end

#get_mvc_version ⇒ Object

# File 'lib/dawn/engine.rb', line 216

def get_mvc_version
  "#{@mvc_version}" if is_good_mvc?
end

#get_ruby_version ⇒ Object

# File 'lib/dawn/engine.rb', line 142

def get_ruby_version
  unless @target.nil?

    # does target use rbenv?
    ver = get_rbenv_ruby_ver
    # does the target use rvm?
    ver = get_rvm_ruby_ver if  ver[:version].empty? && ver[:patchlevel].empty?
    # take the running ruby otherwise
    ver = {:engine=>RUBY_ENGINE, :version=>RUBY_VERSION, :patchlevel=>"p#{RUBY_PATCHLEVEL}"} if ver[:version].empty? && ver[:patchlevel].empty? 
  else
    ver = {:engine=>RUBY_ENGINE, :version=>RUBY_VERSION, :patchlevel=>"p#{RUBY_PATCHLEVEL}"} 

  end

  ver
end

#has_gemfile_lock? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dawn/engine.rb', line 204

def has_gemfile_lock?
  File.exist?(@gemfile_lock)
end

#has_reflected_xss? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dawn/engine.rb', line 355

def has_reflected_xss?
  (@reflected_xss.count != 0) unless @reflected_xss.nil?
end

#initialize(dir = nil, name = "", options = {}) ⇒ Object

# File 'lib/dawn/engine.rb', line 50

def initialize(dir=nil, name="", options={})
  @name = name
  @scan_start = Time.now
  @scan_stop = @scan_start
  @mvc_version = ""
  @gemfile_lock = ""
  @force = ""
  @connected_gems = []
  @checks = []
  @vulnerabilities = []
  @mitigated_issues = []
  @applied = []
  @reflected_xss = []
  @engine_error = false
  @debug = false
  @debug = options[:debug] unless options[:debug].nil?
  @applied_checks = 0
  @skipped_checks = 0
  @gemfile_lock_sudo = false

  set_target(dir) unless dir.nil?
  @ruby_version = get_ruby_version if dir.nil?
  @gemfile_lock = options[:gemfile_name] unless options[:gemfile_name].nil? 

  # @stats        = gather_statistics

  @views        = detect_views
  @controllers  = detect_controllers
  @models       = detect_models

  @output_dir_name = output_dir

  if $logger.nil?
    require 'logger'
    $logger = Logger.new(STDOUT)
    $logger.helo "dawn-engine", Dawn::VERSION

  end
  $logger.warn "pattern matching security checks are disabled for Gemfile.lock scan" if @name == "Gemfile.lock"
  $logger.warn "combo security checks are disabled for Gemfile.lock scan" if @name == "Gemfile.lock"
  debug_me "engine is in debug mode" 

  if @name == "Gemfile.lock" && ! options[:guessed_mvc].nil?
    # since all checks relies on @name a Gemfile.lock engine must
    # impersonificate the engine for the mvc it was detected
    debug_me "now I'm switching my name from #{@name} to #{options[:guessed_mvc][:name]}" 
    $logger.err "there are no connected gems... it seems Gemfile.lock parsing failed" if options[:guessed_mvc][:connected_gems].empty?
    @name = options[:guessed_mvc][:name]
    @mvc_version = options[:guessed_mvc][:version]
    @connected_gems = options[:guessed_mvc][:connected_gems]
    @gemfile_lock_sudo = true
  end

  # FIXME.20140325
  #
  # I comment out this call. knowledge base must be called explicitly
  # since it's now possible to pass an array saying check families to be
  # loaded.
  #
  # load_knowledge_base
end

#is_applied?(name) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dawn/engine.rb', line 329

def is_applied?(name)
  @applied.each do |a|
    return true if a[:name] == name
  end
  return false
end

#is_good_mvc? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dawn/engine.rb', line 208

def is_good_mvc?
  (@mvc_version != "")
end

#is_vulnerable_to?(name) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dawn/engine.rb', line 350

def is_vulnerable_to?(name)
  return (find_vulnerability_by_name(name) != nil)
end

#load_knowledge_base(enabled_checks = []) ⇒ Object

# File 'lib/dawn/engine.rb', line 170

def load_knowledge_base(enabled_checks=[])
  debug_me("load_knowledge_base called. Enabled checks are: #{enabled_checks}")
  if @name == "Gemfile.lock"
    @checks = Dawn::KnowledgeBase.new({:enabled_checks=>enabled_checks}).all if @force.empty?
    @checks = Dawn::KnowledgeBase.new({:enabled_checks=>enabled_checks}).all_by_mvc(@force) unless @force.empty? 
  else
    @checks = Dawn::KnowledgeBase.new({:enabled_checks=>enabled_checks}).all_by_mvc(@name) 

  end
  debug_me("#{@checks.count} checks loaded")
  @checks
end

#output_dir ⇒ Object

Creates the directory name where dawnscanner results will be saved

Examples

engine.create_output_dir
# => /Users/thesp0nge/dawnscanner/results/railsgoat/20151123
# => /Users/thesp0nge/dawnscanner/results/railsgoat/20151123_1 (if
            previous directory name exists)

# File 'lib/dawn/engine.rb', line 231

def output_dir
  @output_dir_name = File.join(Dir.home, 'dawnscanner', 'results', File.basename(@target), Time.now.strftime('%Y%m%d'))
  if Dir.exist?(@output_dir_name)
    i=1
    while (Dir.exist?(@output_dir_name)) do
      @output_dir_name = File.join(Dir.home, 'dawnscanner', 'results', File.basename(@target), "#{Time.now.strftime('%Y%m%d')}_#{i}")
      i+=1
    end
  end
  @output_dir_name
end

#scan_time ⇒ Object

# File 'lib/dawn/engine.rb', line 325

def scan_time
  @scan_stop - @scan_start
end

#set_mvc_version ⇒ Object

# File 'lib/dawn/engine.rb', line 185

def set_mvc_version
  ver = ""
  return ver unless target_is_dir?
  return ver unless has_gemfile_lock?

  my_dir = Dir.pwd
  Dir.chdir(@target) 
  lockfile = Bundler::LockfileParser.new(Bundler.read_file("Gemfile.lock"))
  lockfile.specs.each do |s|
    # detecting MVC version using @name in case of sinatra, padrino or rails engine
    ver= s.version.to_s if s.name == @name && @name != "Gemfile.lock" 
    # detecting MVC version using @force in case of Gemfile.lock engine
    ver= s.version.to_s if s.name == @force.to_s && @name == "Gemfile.lock" 
    @connected_gems << {:name=>s.name, :version=>s.version.to_s}
  end
  Dir.chdir(my_dir)
  return ver
end

#set_target(dir) ⇒ Object

# File 'lib/dawn/engine.rb', line 159

def set_target(dir)
  @target = dir
  @gemfile_lock = File.join(@target, "Gemfile.lock")
  @mvc_version = set_mvc_version
  @ruby_version = get_ruby_version
end

#target_is_dir? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dawn/engine.rb', line 166

def target_is_dir?
  File.directory?(@target)
end