Module: Dawn::Kb::PatternMatchCheck

Includes:

BasicCheck

Included in:

NotRevisedCode, OwaspRorCheatSheet::CheckForSafeRedirectAndForward, OwaspRorCheatSheet::CommandInjection, OwaspRorCheatSheet::Csrf, OwaspRorCheatSheet::MassAssignmentInModel, OwaspRorCheatSheet::SecurityRelatedHeaders, OwaspRorCheatSheet::SensitiveFiles, OwaspRorCheatSheet::SessionStoredInDatabase

Defined in:

lib/dawn/kb/pattern_match_check.rb

Constant Summary

EXCLUSION_LIST =

[
  "tags",
  "vendor/bundle", 
  "features",
  "specs",
  "test"
]

Constants included from BasicCheck

BasicCheck::ALLOWED_FAMILIES

Instance Attribute Summary

• #attack_pattern ⇒ Object readonly

  Returns the value of attribute attack_pattern.

• #attack_pattern_is_regex ⇒ Object readonly

  This attribute is false by default.

• #avoid_comments ⇒ Object readonly

  This attribute is false by default.

• #negative_search ⇒ Object readonly

  This attribute is false by default.

• #root_dir ⇒ Object

  Returns the value of attribute root_dir.

Attributes included from BasicCheck

#applies, #aux_links, #check_family, #cve, #cvss, #cwe, #debug, #evidences, #fixes_version, #kind, #message, #mitigated, #name, #osvdb, #owasp, #priority, #release_date, #remediation, #ruby_version, #ruby_vulnerable_versions, #severity, #status, #target_version, #title

Instance Method Summary

• #initialize(options = {}) ⇒ Object
• #must_exclude?(filename) ⇒ Boolean
• #vuln? ⇒ Boolean

Methods included from BasicCheck

#applies_to?, #cve_link, #cvss_score, families, #family, #family=, #lint, #mitigated?, #nvd_link, #osvdb_link, #rubysec_advisories_link

Methods included from Utils

#__debug_me_and_return, #debug_me, #debug_me_and_return_false, #debug_me_and_return_true

Instance Attribute Details

#attack_pattern ⇒ Object (readonly)

Returns the value of attribute attack_pattern.

# File 'lib/dawn/kb/pattern_match_check.rb', line 9

def attack_pattern
  @attack_pattern
end

#attack_pattern_is_regex ⇒ Object (readonly)

This attribute is false by default. If true, it tells pattern matching check that the attack pattern is already a regular expression.

# File 'lib/dawn/kb/pattern_match_check.rb', line 24

def attack_pattern_is_regex
  @attack_pattern_is_regex
end

#avoid_comments ⇒ Object (readonly)

This attribute is false by default. If true, it tells pattern matching check to ignore strings starting with the ruby single line comment separator, ‘#’.

# File 'lib/dawn/kb/pattern_match_check.rb', line 19

def avoid_comments
  @avoid_comments
end

#negative_search ⇒ Object (readonly)

This attribute is false by default. If true, the vuln? method check if pattern attack is nor present.

# File 'lib/dawn/kb/pattern_match_check.rb', line 14

def negative_search
  @negative_search
end

#root_dir ⇒ Object

Returns the value of attribute root_dir.

# File 'lib/dawn/kb/pattern_match_check.rb', line 10

def root_dir
  @root_dir
end

Instance Method Details

#initialize(options = {}) ⇒ Object

# File 'lib/dawn/kb/pattern_match_check.rb', line 34

def initialize(options={})
  super(options)
  @negative_search          = false
  @avoid_comments           = false
  @attack_pattern_is_regex  = false
  @glob                     = "**"
  @attack_pattern           = options[:attack_pattern] unless options[:attack_pattern].nil?
  @negative_search          = options[:negative_search] unless options[:negative_search].nil? 
  @avoid_comments           = options[:avoid_comments] unless options[:avoid_comments].nil? 
  @evidences                = options[:evidences] unless options[:evidences].nil? 
  @attack_pattern_is_regex  = options[:attack_pattern_is_regex] unless options[:attack_pattern_is_regex].nil? 
  @glob                     = File.join(@glob, options[:glob]) unless options[:glob].nil?
  debug_me("EVIDENCES ARE #{@evidences.inspect}")
end

#must_exclude?(filename) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dawn/kb/pattern_match_check.rb', line 49

def must_exclude?(filename)
  EXCLUSION_LIST.each do |ex|
    debug_me "skipping #{filename}" if filename.start_with?(ex)
    return true if filename.start_with?(ex)
  end
  return false
end

#vuln? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dawn/kb/pattern_match_check.rb', line 57

def vuln?
  found = false
  matches = nil
  Dir.glob(File.join("#{root_dir}", @glob)).each do |filename|
    debug_me("#{File.basename(__FILE__)}@#{__LINE__}: analyzing #{filename}: search is #{@negative_search}")
    matches = []
    begin
      matches = run(load_file(filename)) if File.exists?(filename) && File.file?(filename) && ! File.binary?(filename) && ! must_exclude?(filename)
      found = ! matches.empty?
    rescue ArgumentError => e
      puts "Skipping pattern match check for #{filename}: #{e.message}"
    end
    @evidences << {:filename=>filename, :matches=>matches} unless found
  end

  debug_me("FOUND IS: #{found}")
  debug_me("EVIDENCES ARE: #{@evidences.inspect}")
  debug_me("MATCHES: #{matches}")

  ret_value = found unless @negative_search
  ret_value = ! found if @negative_search

  debug_me("#{File.basename(__FILE__)}@#{__LINE__}: evidences #=> #{@evidences}")
  debug_me("#{File.basename(__FILE__)}@#{__LINE__}: ret_value #=> #{ret_value}")

  @status = ret_value

  return ret_value
end