Class: TCellAgent::AppSensor::InjectionsReporter

Inherits:

Object

Object
TCellAgent::AppSensor::InjectionsReporter

show all

Defined in:: lib/tcell_agent/appsensor/injections_reporter.rb

Constant Summary collapse

GET_PARAM =

TCellAgent::Utils::Params::GET_PARAM

POST_PARAM =

TCellAgent::Utils::Params::POST_PARAM

JSON_PARAM =

TCellAgent::Utils::Params::JSON_PARAM

COOKIE_PARAM =

TCellAgent::Utils::Params::COOKIE_PARAM

URI_PARAM =

TCellAgent::Utils::Params::URI_PARAM

PARAM_TYPE_TO_L =

{
  GET_PARAM => 'query',
  POST_PARAM => 'body',
  JSON_PARAM => 'body',
  URI_PARAM => 'uri',
  COOKIE_PARAM => 'cookie'
}

Instance Attribute Summary collapse

#injections_matcher ⇒ Object

Returns the value of attribute injections_matcher.
#payloads_policy ⇒ Object

Returns the value of attribute payloads_policy.

Class Method Summary collapse

.from_json(version, data_json, payloads_policy) ⇒ Object

Instance Method Summary collapse

#check(appsensor_meta) ⇒ Object
#initialize(injections_matcher, payloads_policy) ⇒ InjectionsReporter constructor

A new instance of InjectionsReporter.

Constructor Details

#initialize(injections_matcher, payloads_policy) ⇒ `InjectionsReporter`

Returns a new instance of InjectionsReporter.

# File 'lib/tcell_agent/appsensor/injections_reporter.rb', line 25

def initialize(injections_matcher, payloads_policy)
  @injections_matcher = injections_matcher
  @payloads_policy = payloads_policy
end

Instance Attribute Details

#injections_matcher ⇒ `Object`

Returns the value of attribute injections_matcher.



23
24
25

# File 'lib/tcell_agent/appsensor/injections_reporter.rb', line 23

def injections_matcher
  @injections_matcher
end

#payloads_policy ⇒ `Object`

Returns the value of attribute payloads_policy.



23
24
25

# File 'lib/tcell_agent/appsensor/injections_reporter.rb', line 23

def payloads_policy
  @payloads_policy
end

Class Method Details

.from_json(version, data_json, payloads_policy) ⇒ `Object`

# File 'lib/tcell_agent/appsensor/injections_reporter.rb', line 58

def self.from_json(version, data_json, payloads_policy)
  injections_matcher = InjectionsMatcher.from_json(version, data_json)

  InjectionsReporter.new(injections_matcher, payloads_policy)
end

Instance Method Details

#check(appsensor_meta) ⇒ `Object`

# File 'lib/tcell_agent/appsensor/injections_reporter.rb', line 30

def check(appsensor_meta)
  @injections_matcher.each_injection(appsensor_meta) do |injection_attempt|
    vuln_param = injection_attempt.param_name
    type_of_param = injection_attempt.type_of_param

    meta = {"l" => PARAM_TYPE_TO_L[type_of_param]}
    pattern = injection_attempt.pattern

    payload = @payloads_policy.apply(
      injection_attempt.detection_point,
      appsensor_meta,
      type_of_param,
      vuln_param,
      injection_attempt.param_value,
      meta,
      pattern
    )

    TCellAgent::AppSensor::Sensor.send_event(
      appsensor_meta,
      injection_attempt.detection_point,
      vuln_param,
      meta,
      payload,
      pattern)
  end
end