Class: ScaBox::Scanner
Constant Summary
collapse
- DEFAULT_SOLUTION =
'Update to the latest stable version or apply patches.'
Instance Attribute Summary collapse
Instance Method Summary
collapse
Methods included from Runner
#command?, #run_cmd, #run_cmd_with_timeout
Methods included from Printer
#coloring, included, #print_debug, #print_error, #print_normal, #print_success, #print_title, #print_with_label, #suppress_output?
Constructor Details
#initialize(params) ⇒ Scanner
Returns a new instance of Scanner.
18
19
20
21
22
23
24
25
|
# File 'lib/scabox_sdk/scanner.rb', line 18
def initialize(params)
@name = params[:name]
@description = params[:description]
@support = params[:support]
@issues = []
@timeout = 200 * 60
enable_color(true)
end
|
Instance Attribute Details
#description ⇒ Object
Returns the value of attribute description.
16
17
18
|
# File 'lib/scabox_sdk/scanner.rb', line 16
def description
@description
end
|
#issues ⇒ Object
Returns the value of attribute issues.
16
17
18
|
# File 'lib/scabox_sdk/scanner.rb', line 16
def issues
@issues
end
|
#name ⇒ Object
Returns the value of attribute name.
16
17
18
|
# File 'lib/scabox_sdk/scanner.rb', line 16
def name
@name
end
|
#support ⇒ Object
Returns the value of attribute support.
16
17
18
|
# File 'lib/scabox_sdk/scanner.rb', line 16
def support
@support
end
|
#timeout ⇒ Object
Returns the value of attribute timeout.
16
17
18
|
# File 'lib/scabox_sdk/scanner.rb', line 16
def timeout
@timeout
end
|
Instance Method Details
#add_issue(issue) ⇒ Object
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
# File 'lib/scabox_sdk/scanner.rb', line 67
def add_issue(issue)
issue[:plugin] = name
issue[:cve] = [] if issue[:cve].nil?
issue[:cve] = [issue[:cve]] if issue[:cve].kind_of?(String)
issue[:references] = [] if issue[:references].nil?
issue[:title] = build_title(issue) if issue[:title].nil?
issue[:discovery_method] = '' if issue[:discovery_method].nil?
issue[:description] = issue[:title] if issue[:description].nil?
issue[:severity] = "undefined" if issue[:severity].nil?
issue[:references] = [issue[:references]] if issue[:references].kind_of?(String)
issue[:solution] = DEFAULT_SOLUTION if issue[:solution].nil?
hash_data = [
issue[:path],
issue[:component],
issue[:version],
issue[:title],
issue[:description],
issue[:cve].sort.join(":")
]
issue[:hash_issue] = Digest::SHA256.hexdigest(hash_data.join(':'))
@issues << issue
end
|
#build_title(issue) ⇒ Object
93
94
95
96
97
98
99
|
# File 'lib/scabox_sdk/scanner.rb', line 93
def build_title(issue)
title = "Vulnerability"
if issue[:cve].length > 0
title = issue[:cve].sort.join(',')
end
title
end
|
#check_info_flag ⇒ Object
27
28
29
30
31
32
|
# File 'lib/scabox_sdk/scanner.rb', line 27
def check_info_flag
if @opts.info
puts info
exit 0
end
end
|
#check_output_flag ⇒ Object
34
35
36
37
38
39
|
# File 'lib/scabox_sdk/scanner.rb', line 34
def check_output_flag
if @opts.output.nil? and @opts.output_stdout == false
print_error("Neither -o nor --output-stdout passed")
exit 1
end
end
|
#enable_color(enabled = true) ⇒ Object
55
56
57
|
# File 'lib/scabox_sdk/scanner.rb', line 55
def enable_color(enabled=true)
@color = enabled
end
|
#filename_for_plugin(suffix = '.json') ⇒ Object
173
174
175
176
177
|
# File 'lib/scabox_sdk/scanner.rb', line 173
def filename_for_plugin(suffix='.json')
time_s = Time.now.strftime("%Y%m%d%H%M%S")
filename = "#{name}_#{time_s}#{suffix}"
filename
end
|
#gen_random_tmp_filename(suffix = '') ⇒ Object
198
199
200
|
# File 'lib/scabox_sdk/scanner.rb', line 198
def gen_random_tmp_filename(suffix = '')
File.join(Dir.tmpdir, "#{SecureRandom.urlsafe_base64}#{suffix}")
end
|
#gen_random_tmp_filename_json ⇒ Object
202
203
204
|
# File 'lib/scabox_sdk/scanner.rb', line 202
def gen_random_tmp_filename_json
gen_random_tmp_filename('.json')
end
|
#get_code_version ⇒ Object
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
# File 'lib/scabox_sdk/scanner.rb', line 101
def get_code_version
code_version = []
Dir.chdir @opts.codebase do
stdout_str, stderr_str, status = Open3.capture3('/usr/bin/git', 'rev-parse', 'HEAD')
return code_version if stderr_str.include? 'fatal' || status != 0
head_hash = stdout_str.chomp
stdout_str, status = Open3.capture2('/usr/bin/git', 'show-ref', '--head', '--heads', '--tags')
return code_version if status != 0
stdout_str.each_line do |line|
line = line.chomp
if line.include? head_hash
code_version << line
end
end
end
code_version
end
|
#info(as_json = true) ⇒ Object
59
60
61
62
63
64
65
|
# File 'lib/scabox_sdk/scanner.rb', line 59
def info(as_json=true)
data = {name: @name, description: @description, support: @support}
if as_json
data = JSON.pretty_generate(data)
end
data
end
|
#parse_json_from_file(filename) ⇒ Object
190
191
192
193
194
195
196
|
# File 'lib/scabox_sdk/scanner.rb', line 190
def parse_json_from_file(filename)
content = nil
if File.exist?(filename)
content = parse_json_from_str(File.read(filename))
end
content
end
|
#parse_json_from_str(s) ⇒ Object
179
180
181
182
183
184
185
186
187
188
|
# File 'lib/scabox_sdk/scanner.rb', line 179
def parse_json_from_str(s)
content = nil
unless s.nil?
begin
content = JSON.parse(s)
rescue JSON::ParserError
end
end
content
end
|
#save_results ⇒ Object
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
|
# File 'lib/scabox_sdk/scanner.rb', line 124
def save_results
print_normal("Issues found: #{@issues.length}")
unless @issues.empty?
if @opts.format == :json
code_version = []
code_version = get_code_version unless @opts.codebase.nil?
json_output = {'type': 'sca', 'code_version': code_version, 'issues': @issues}
output = JSON.pretty_generate(json_output)
else
output = txt_output
end
if (!@opts.output.nil?)
File.open(@opts.output, 'wb') {|file| file.write(output) }
print_normal("Output saved: #{@opts.output}")
end
if (@opts.output_stdout)
puts output
end
end
end
|
#start_scan ⇒ Object
41
42
43
44
45
46
47
48
49
50
51
52
53
|
# File 'lib/scabox_sdk/scanner.rb', line 41
def start_scan
starting_time = Process.clock_gettime(Process::CLOCK_MONOTONIC)
print_title("Running #{name}...")
cmd = prepare_command
@cmd_output, status = run_cmd(cmd)
normalize_result
save_results
ending_time = Process.clock_gettime(Process::CLOCK_MONOTONIC)
elapsed_time = Time.at(ending_time - starting_time).utc.strftime('%H:%M:%S')
print_normal("Time elapsed: #{elapsed_time}")
end
|
#txt_output ⇒ Object
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
|
# File 'lib/scabox_sdk/scanner.rb', line 149
def txt_output
sep = "=" * 100
output = ''
@issues.each do |i|
output << "Hash Issue: #{i[:hash_issue]}\n"
output << "Plugin: #{i[:plugin]}\n"
output << "Path: #{i[:path]}\n"
output << "Component: #{i[:component]}\n"
output << "Version: #{i[:version]}\n"
output << "Discovery Method #{i[:discovery_method]}\n"
output << "Title: #{i[:title]}\n"
output << "Description: #{i[:description].gsub("\n", "")}\n"
output << "Solution: #{i[:solution].gsub("\n", "")}\n"
output << "Severity: #{i[:severity]}\n"
output << "CVE: #{i[:cve].join(', ')}\n"
output << "References:\n#{i[:references].join("\n")}\n"
output << "#{sep}\n\n"
end
output
end
|