Module: SastBox::Cwe
- Included in:
- Scanner
- Defined in:
- lib/sastbox-sdk/cwe_detector.rb,
lib/sastbox-sdk/cwe_constants.rb
Constant Summary collapse
- UNDEF =
0
- IMPROPER_INPUT_VALIDATION =
20
- PATH_TRAVERSAL =
22
- EXTERNAL_CONTROL_FILE_NAME =
73
- OS_COMMAND_INJECTION =
78
- XSS =
79
- BASIC_XSS =
80
- SQL_INJECTION =
89
- LDAP_INJECTION =
90
- CODE_INJECTION =
94
- EVAL_INJECTION =
95
- PHP_REMOTE_FILE_INCLUSION =
98
- RESPONSE_SPLITTING =
113
- IMPROPER_RESTRICTION_MEMORY_BOUNDS =
119
- USE_OF_EXTERNALLY_CONTROLLED_FORMAT_STRING =
134
- IMPROPER_WILDCARD_NEUTRALIZATION =
155
- INCORRECT_REGEX =
185
- INTEGER_OVERFLOW =
190
- EXPOSURE_SENSITIVE_INFO =
200
- TIMING_DISCREPANCY =
208
- ERROR_CONTAINING_SENSITIVE_INFO =
209
- UNPROTECTED_STORAGE_OF_CREDENTIALS =
256
- HARD_CODED_PASSWORD =
259
- IMPROPER_ACCESS_CONTROL =
284
- IMPROPER_AUTHORIZATION =
285
- IMPROPER_AUTHENTICATION =
287
- IMPROPER_CERT_VALIDATION =
295
- CLEARTEXT_STORAGE_OF_SENSITIVE_INFORMATION =
312
- CLEARTEXT_TRANSMISSION =
319
- INADEQUATE_ENCRYPTION_STRENGTH =
326
- BROKEN_CRYPTO =
327
- INSUFFICIENT_RANDOM_VALUES =
330
- INSUFFICIENT_ENTROPY =
331
- WEAK_PRNG =
338
- IMPROPER_VERIFICATION_OF_SIGNATURE =
347
- CSRF =
352
- TOCTOU =
367
- DIVIDE_BY_ZERO =
369
- INSECURE_TEMP_FILE =
377
- SESSION_FIXATION =
384
- ERROR_CONDITION_WITHOUT_ACTION =
390
- RESOURCE_CONSUMPTION =
400
- IMPROPER_RESOURCE_SHUTDOWN_OR_RELEASE =
404
- UNRESTRICTED_UPLOAD_OF_FILE_WITH_DANGEROUS_TYPE =
434
- UNINITIALIZED_VARIABLE =
457
- UNSAFE_REFLECTION =
470
- NULL_POINTER_DEREFERENCE =
476
- OBSOLETE_FUNCTION =
477
- DATA_LEAK_BETWEEN_SESSIONS =
488
- ACTIVE_DEBUG_CODE =
489
- DOWNLOAD_OF_CODE_WITHOUT_INTEGRITY_CHECK =
494
- EXPOSURE_OF_SYSTEM_DATA =
497
- DESERIALIZATION_OF_UNTRUSTED_DATA =
502
- WEAK_PASSWORD_REQUIREMENT =
521
- SENSITIVE_INFO_LOG_FILE =
532
- USE_OF_PERSISTENT_COOKIES =
539
- SUSPICIOUS_COMMENT =
546
- OPEN_REDIRECT =
601
- MULTIPLE_BINDS =
605
- IMPROPER_RESTRICTION_OF_XML_EXTERNAL_ENTITY_REFERENCE =
611
- SENSITIVE_INFO_IN_SOURCE_CODE_COMMENTS =
615
- AUTHORIZATION_BYPASS_THROUGH_KEY =
639
- XPATH_INJECTION =
643
- XQUERY_INJECTION =
652
- EXPOSURE_RESOURCE_WRONG_SPHERE =
668
- USE_OF_POTENTIALLY_DANGEROUS_FUNCTION =
676
- PROTECTION_MECHANISM_FAILURE =
693
- IMPROPER_CHECK_OF_EXCEPT_COND =
703
- INCORRECT_PERMISSION_ASSIGNMENT =
732
- EXPOSED_DANGEROUS_METHOD_OR_FUNCTION =
749
- SELECTION_OF_LESS_SECURE_ALGORITHM_DURING_NEGOTIATION =
757
- UNSALTED_ONE_WAY_HASH =
759
- REGEX_WITHOUT_ANCHORS =
777
- RELIANCE_ON_UNTRUSTED_INPUTS_IN_A_SECURITY_DECISION =
807
- INCLUSION_FUNCTIONALITY_UNTRUSTED_SPHERE =
829
- IMPROPER_CONTROL_DYNAMIC_ATTR =
915
- SSRF =
918
- USING_COMPONENTS_WITH_KNOWN_VULNERABILITIES =
937
- SENSITIVE_COOKIE_WITHOUT_HTTPONLY_FLAG =
1004
- IMPROPER_RESTRICTION_OF_RENDERED_UI_LAYERS_OF_FRAMES =
1021
- USE_OF_WEB_LINK_TO_UNTRUSTED_TARGET =
1022
- SECURITY_MISCONFIGURATION =
1032
- USE_OF_UNMAINTAINED_THIRD_PARTY_COMPONENTS =
1104
Instance Method Summary collapse
- #alternative_titles(issue) ⇒ Object
- #cwe_found?(issue, patterns, cwe) ⇒ Boolean
- #cwe_start_heuristics(issue) ⇒ Object
- #detected_broken_crypto?(issue) ⇒ Boolean
- #detected_cmd_injection?(issue) ⇒ Boolean
- #detected_code_injection?(issue) ⇒ Boolean
- #detected_csrf?(issue) ⇒ Boolean
- #detected_deserialization?(issue) ⇒ Boolean
- #detected_hardcoded_password?(issue) ⇒ Boolean
- #detected_improper_authentication?(issue) ⇒ Boolean
- #detected_improper_authorization?(issue) ⇒ Boolean
- #detected_improper_input_validation?(issue) ⇒ Boolean
- #detected_null_ptr_deref?(issue) ⇒ Boolean
- #detected_path_traversal?(issue) ⇒ Boolean
- #detected_session_fixation?(issue) ⇒ Boolean
- #detected_sql_injection?(issue) ⇒ Boolean
- #detected_unrestricted_file_upload?(issue) ⇒ Boolean
- #detected_xss?(issue) ⇒ Boolean
- #guess_cwe(issue) ⇒ Object
Instance Method Details
#alternative_titles(issue) ⇒ Object
182 183 184 185 186 187 188 189 190 191 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 182 def alternative_titles(issue) @alternative_titles = Set.new @alternative_titles << issue[:title].downcase @alternative_titles << @alternative_titles.first.split('_').join(' ') @alternative_titles << @alternative_titles.first.split('-').join(' ') @alternative_titles << @alternative_titles.first.gsub("hard coded", "hard-coded") @alternative_titles << @alternative_titles.first.gsub("hardcoded", "hard-coded") @alternative_titles end |
#cwe_found?(issue, patterns, cwe) ⇒ Boolean
6 7 8 9 10 11 12 13 14 15 16 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 6 def cwe_found?(issue, patterns, cwe) patterns.each do |pattern| @alternative_titles.each do |title| if title.include? pattern issue[:cwe_id] = cwe return true end end end return false end |
#cwe_start_heuristics(issue) ⇒ Object
162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 162 def cwe_start_heuristics(issue) alternative_titles(issue) issue[:cwe_id] = SastBox::Cwe::UNDEF return if detected_sql_injection?(issue) return if detected_xss?(issue) return if detected_cmd_injection?(issue) return if detected_code_injection?(issue) return if detected_session_fixation?(issue) return if detected_csrf?(issue) return if detected_deserialization?(issue) return if detected_path_traversal?(issue) return if detected_hardcoded_password?(issue) return if detected_null_ptr_deref?(issue) return if detected_broken_crypto?(issue) return if (issue) return if detected_improper_authentication?(issue) return if detected_improper_input_validation?(issue) return if detected_unrestricted_file_upload?(issue) end |
#detected_broken_crypto?(issue) ⇒ Boolean
112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 112 def detected_broken_crypto?(issue) patterns = [ 'weak cipher', 'weak crypto', 'insecure cipher', 'insecure crypto', 'insecure encryption', 'broken cipher', 'broken crypto', 'weak hash', 'insecure hash', 'broken hash', ] cwe_found?(issue, patterns, SastBox::Cwe::BROKEN_CRYPTO) end |
#detected_cmd_injection?(issue) ⇒ Boolean
38 39 40 41 42 43 44 45 46 47 48 49 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 38 def detected_cmd_injection?(issue) patterns = [ 'command injection', 'command execution', 'cmd injection', 'cmd execution', 'cmd exec', 'shell injection', 'shell metacharacters' ] cwe_found?(issue, patterns, SastBox::Cwe::OS_COMMAND_INJECTION) end |
#detected_code_injection?(issue) ⇒ Boolean
51 52 53 54 55 56 57 58 59 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 51 def detected_code_injection?(issue) patterns = [ 'code injection', 'code execution', 'code exec', 'code inj' ] cwe_found?(issue, patterns, SastBox::Cwe::CODE_INJECTION) end |
#detected_csrf?(issue) ⇒ Boolean
68 69 70 71 72 73 74 75 76 77 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 68 def detected_csrf?(issue) patterns = [ 'csrf', 'xsrf', 'cross site request forgery', 'session riding', 'cross site reference forgery', ] cwe_found?(issue, patterns, SastBox::Cwe::CSRF) end |
#detected_deserialization?(issue) ⇒ Boolean
79 80 81 82 83 84 85 86 87 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 79 def detected_deserialization?(issue) patterns = [ 'deserializ', 'unmarshaling', 'unpickling', 'php object injection' ] cwe_found?(issue, patterns, SastBox::Cwe::DESERIALIZATION_OF_UNTRUSTED_DATA) end |
#detected_hardcoded_password?(issue) ⇒ Boolean
98 99 100 101 102 103 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 98 def detected_hardcoded_password?(issue) patterns = [ 'hard-coded' ] cwe_found?(issue, patterns, SastBox::Cwe::HARD_CODED_PASSWORD) end |
#detected_improper_authentication?(issue) ⇒ Boolean
137 138 139 140 141 142 143 144 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 137 def detected_improper_authentication?(issue) patterns = [ 'improper authentication', 'no authentication', 'broken authentication', ] cwe_found?(issue, patterns, SastBox::Cwe::IMPROPER_AUTHENTICATION) end |
#detected_improper_authorization?(issue) ⇒ Boolean
128 129 130 131 132 133 134 135 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 128 def (issue) patterns = [ 'improper authorization', 'no authorization', 'broken authorization', ] cwe_found?(issue, patterns, SastBox::Cwe::IMPROPER_AUTHORIZATION) end |
#detected_improper_input_validation?(issue) ⇒ Boolean
146 147 148 149 150 151 152 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 146 def detected_improper_input_validation?(issue) patterns = [ 'input validation', 'data validation', ] cwe_found?(issue, patterns, SastBox::Cwe::IMPROPER_INPUT_VALIDATION) end |
#detected_null_ptr_deref?(issue) ⇒ Boolean
105 106 107 108 109 110 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 105 def detected_null_ptr_deref?(issue) patterns = [ 'null pointer deref' ] cwe_found?(issue, patterns, SastBox::Cwe::NULL_POINTER_DEREFERENCE) end |
#detected_path_traversal?(issue) ⇒ Boolean
89 90 91 92 93 94 95 96 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 89 def detected_path_traversal?(issue) patterns = [ 'path traversal', 'traversal', 'pathtraversal' ] cwe_found?(issue, patterns, SastBox::Cwe::PATH_TRAVERSAL) end |
#detected_session_fixation?(issue) ⇒ Boolean
61 62 63 64 65 66 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 61 def detected_session_fixation?(issue) patterns = [ 'session fixation', ] cwe_found?(issue, patterns, SastBox::Cwe::SESSION_FIXATION) end |
#detected_sql_injection?(issue) ⇒ Boolean
18 19 20 21 22 23 24 25 26 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 18 def detected_sql_injection?(issue) patterns = [ 'sql injection', 'sqlinj', 'sqli', 'sql inj' ] cwe_found?(issue, patterns, SastBox::Cwe::SQL_INJECTION) end |
#detected_unrestricted_file_upload?(issue) ⇒ Boolean
154 155 156 157 158 159 160 |
# File 'lib/sastbox-sdk/cwe_detector.rb', line 154 def detected_unrestricted_file_upload?(issue) patterns = [ 'unrestricted upload', 'unrestricted file upload', ] cwe_found?(issue, patterns, SastBox::Cwe::UNRESTRICTED_UPLOAD_OF_FILE_WITH_DANGEROUS_TYPE) end |