Module: Dawn::Kb::ComboCheck

Includes:

BasicCheck

Included in:

CVE_2008_4310, CVE_2010_2489, CVE_2011_0188, CVE_2011_0995, CVE_2013_0256, CVE_2013_1655, CVE_2013_6460, CVE_2013_6461, CVE_2014_2525, OwaspRorCheatsheet

Defined in:

lib/dawn/kb/combo_check.rb

Constant Summary

Constants included from BasicCheck

BasicCheck::ALLOWED_FAMILIES

Instance Attribute Summary

• #checks ⇒ Object readonly

  Returns the value of attribute checks.

• #options ⇒ Object

  Returns the value of attribute options.

• #vulnerable_checks ⇒ Object readonly

  Returns the value of attribute vulnerable_checks.

Attributes included from BasicCheck

#applies, #aux_links, #check_family, #cve, #cvss, #cwe, #debug, #evidences, #fixes_version, #kind, #message, #mitigated, #name, #osvdb, #owasp, #priority, #release_date, #remediation, #ruby_version, #ruby_vulnerable_versions, #severity, #status, #target_version, #title

Class Method Summary

• .find_vulnerable_checks_by_class(list = [], klass = Object) ⇒ Object

Instance Method Summary

• #dump_status ⇒ Object
• #initialize(options = {}) ⇒ Object
• #vuln? ⇒ Boolean

Methods included from BasicCheck

#applies_to?, #cve_link, #cvss_score, families, #family, #family=, #lint, #mitigated?, #nvd_link, #osvdb_link, #rubysec_advisories_link

Methods included from Utils

#__debug_me_and_return, #debug_me, #debug_me_and_return_false, #debug_me_and_return_true

Instance Attribute Details

#checks ⇒ Object (readonly)

Returns the value of attribute checks.

# File 'lib/dawn/kb/combo_check.rb', line 6

def checks
  @checks
end

#options ⇒ Object

Returns the value of attribute options.

# File 'lib/dawn/kb/combo_check.rb', line 7

def options
  @options
end

#vulnerable_checks ⇒ Object (readonly)

Returns the value of attribute vulnerable_checks.

# File 'lib/dawn/kb/combo_check.rb', line 8

def vulnerable_checks
  @vulnerable_checks
end

Class Method Details

.find_vulnerable_checks_by_class(list = [], klass = Object) ⇒ Object

# File 'lib/dawn/kb/combo_check.rb', line 53

def self.find_vulnerable_checks_by_class(list=[], klass=Object)
  list.each do |l|
    return l if l.instance_of?(klass)
  end
  nil
end

Instance Method Details

#dump_status ⇒ Object

# File 'lib/dawn/kb/combo_check.rb', line 45

def dump_status
  @checks.each do |check|
    debug_me("check name is #{check.name} and vulnerable status is #{check.status}")
  end

  true
end

#initialize(options = {}) ⇒ Object

# File 'lib/dawn/kb/combo_check.rb', line 11

def initialize(options={})
  super(options)
  @vuln_if_all_fails = true
  @vuln_if_all_fails = options[:vuln_if_all_fails] unless options[:vuln_if_all_fails].nil?
  @checks = options[:checks]
  @vulnerable_checks = []
  @options = options
end

#vuln? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dawn/kb/combo_check.rb', line 20

def vuln?
  ret = true
  at_least_one = false
  @checks.each do |check|
    check_vuln = false
    check.detected_ruby   = @options[:detected_ruby]    if check.kind == Dawn::KnowledgeBase::RUBY_VERSION_CHECK
    check.dependencies    = @options[:dependencies]     if check.kind == Dawn::KnowledgeBase::DEPENDENCY_CHECK
    check.root_dir        = @options[:root_dir]         if check.kind == Dawn::KnowledgeBase::PATTERN_MATCH_CHECK
    check.debug           = self.debug

    check_vuln = check.vuln? if check.respond_to?(:vuln?)

    ret = ret && check_vuln
    at_least_one = true if check_vuln
    @evidences << check.evidences if check_vuln
    @vulnerable_checks << check if check_vuln
    raise "A check class doesn't respond to vuln? in combo (#{check.class})" unless check.respond_to?(:vuln?)
  end

  dump_status
  debug_me("combo_check: is_vulnerable_if_all_checks_fail = #{@vuln_if_all_fails}, RET = #{ret}, at_least_one= #{at_least_one}")
  return ret if @vuln_if_all_fails
  return at_least_one unless @vuln_if_all_fails
end