Module: Contrast::Agent::Protect::Rule::Builders

Included in:
Base
Defined in:
lib/contrast/agent/protect/rule/utils/builders.rb

Overview

Module to hold base builder methods used by Contrast::Agent::Protect::Rule::Base class.

Instance Method Summary collapse

Instance Method Details

#build_attack_result(_context) ⇒ Contrast::Agent::Reporting::AttackResult

Set up an attack result for the current rule

Parameters:

Returns:



67
68
69
70
71
 
# File 'lib/contrast/agent/protect/rule/utils/builders.rb', line 67

def build_attack_result _context
  result = Contrast::Agent::Reporting::AttackResult.new
  result.rule_id = rule_name
  result
end

#build_attack_with_match(context, ia_result, result, candidate_string, **kwargs) ⇒ Contrast::Agent::Reporting::AttackResult

A given input, candidate_string, was determined to violate a protect rule and did exploit the application, or at least made it to exploitable code in the case where we blocked the attack. As such, we need to build a result to report this violation to TeamServer.

Parameters:

  • context (Contrast::Agent::RequestContext)

    the context of the request in which this input is evaluated.

  • ia_result (Contrast::Agent::Reporting::InputAnalysis)

    the analysis of the input that was determined to be an attack

  • result (Contrast::Agent::Reporting::AttackResult, nil)

    previous attack result for this rule, if one exists, in the case of multiple inputs being found to violate the protection criteria

  • candidate_string (String)

    the value of the input which may be an attack

  • kwargs (Hash)

    key - value pairs of context individual rules need to build out details to send to the TeamServer to tell the story of the attack

Returns:



30
31
32
33
34
35
36
 
# File 'lib/contrast/agent/protect/rule/utils/builders.rb', line 30

def build_attack_with_match context, ia_result, result, candidate_string, **kwargs
  result ||= build_attack_result(context)
  append_sample(context, ia_result, result, candidate_string, **kwargs)
  update_successful_attack_response(context, ia_result, result, candidate_string)

  result
end

#build_attack_without_match(context, ia_result, result, **kwargs) ⇒ Contrast::Agent::Reporting::AttackResult

A given input, candidate_string, was determined to violate a protect rule but did not exploit the application. As such, we need to build a result to report this violation to TeamServer.

Parameters:

Returns:



54
55
56
57
58
59
60
 
# File 'lib/contrast/agent/protect/rule/utils/builders.rb', line 54

def build_attack_without_match context, ia_result, result, **kwargs
  result ||= build_attack_result(context)
  append_sample(context, ia_result, result, nil, **kwargs)
  update_perimeter_attack_response(context, ia_result, result)

  result
end

#build_base_sample(context, ia_result) ⇒ Contrast::Agent::Reporting::RaspRuleSample

Parameters:

  • context (Contrast::Agent::RequestContext)
  • ia_result (Contrast::Agent::Reporting::Settings::InputAnalysisResult)

    the analysis of the input that was determined to be an attack

Returns:



90
91
92
 
# File 'lib/contrast/agent/protect/rule/utils/builders.rb', line 90

def build_base_sample context, ia_result
  Contrast::Agent::Reporting::RaspRuleSample.build(context, ia_result)
end

#build_sample(context, ia_result, _candidate_string, **_kwargs) ⇒ Contrast::Agent::Reporting::RaspRuleSample

Override if rule can make use of the candidate string or kwargs to build rasp rule sample.

Parameters:

  • context (Contrast::Agent::RequestContext)
  • ia_result (Contrast::Agent::Reporting::Settings::InputAnalysisResult)

    the analysis of the input that was determined to be an attack

  • _candidate_string (String)

    potential attack value/ input containing attack value

  • _kwargs (Hash)

Returns:



82
83
84
 
# File 'lib/contrast/agent/protect/rule/utils/builders.rb', line 82

def build_sample context, ia_result, _candidate_string, **_kwargs
  build_base_sample(context, ia_result)
end

#build_violation(context, potential_attack_string) ⇒ Object

Used to build and report semantic rules.

Parameters:



98
99
100
101
102
103
104
105
 
# File 'lib/contrast/agent/protect/rule/utils/builders.rb', line 98

def build_violation context, potential_attack_string
  result = build_attack_result(context)
  append_sample(context, nil, result, potential_attack_string)
  update_successful_attack_response(context, nil, result, potential_attack_string)
  return unless result

  result
end