DVGM: Using Breakman.
This commit is contained in:
parent
ad7646860c
commit
dadda68b9b
|
@ -0,0 +1,49 @@
|
|||
# Static Analysis: Brakeman
|
||||
|
||||
Brakeman is a static source code analyser for Ruby on Rails applications and can
|
||||
be used at any stage of development, as it does not rely on any code being
|
||||
executed. It finds many different types of security vulnerabilities. In the
|
||||
following exercises, you will run Brakeman on DVGM and inspect three findings
|
||||
more closely.
|
||||
|
||||
## Running Brakeman
|
||||
|
||||
Running Brakeman is simple. Navigate to the source code directory of DVGM and
|
||||
call `brakeman` without any arguments.
|
||||
|
||||
Brakeman should return withing a few seconds and produce 7 security warnings. We
|
||||
will have a closer look at the SQL Injection and Cross-Site Scripting findings.
|
||||
|
||||
### SQL Injection
|
||||
|
||||
Brakeman will report one possible SQL injection.
|
||||
|
||||
1. In which file and line is the possible SQL Injection located?
|
||||
2. What action in what part of the app triggers the SQL query?
|
||||
3. Is the vulnerability exploitable? If yes, write an exploit and test it.
|
||||
4. If it is exploitable, how would a possible fix look like? Try the fix by
|
||||
changing the source code of DVGM (the changes are automatically picked up).
|
||||
See if your exploit still works. Do not forget to revert all changes afterwards,
|
||||
as we will also use other tools.
|
||||
|
||||
### Cross-Site Scripting (XSS)
|
||||
|
||||
Brakeman will report two possible cross-site scripting vulnerabilities *in DVGM
|
||||
itself*. We will look more closely at the one that possibly affects logged-in
|
||||
lecturers.
|
||||
|
||||
1. In which file and line is the possible XSS vulnerability located?
|
||||
2. What action in what part of the app triggers the flagged line?
|
||||
3. Is the vulnerability exploitable? If yes, write an exploit and test it.
|
||||
4. If it is exploitable, how would a possible fix look like? Try the fix by
|
||||
changing the source code of DVGM (the changes are automatically picked up).
|
||||
See if your exploit still works. Do not forget to revert all changes afterwards,
|
||||
as we will also use other tools.
|
||||
|
||||
### Vulnerable Dependencies
|
||||
|
||||
Brakeman will also report (at least) two possible Cross-Site Scripting
|
||||
vulnerabilities in dependencies.
|
||||
|
||||
1. Which dependencies are affected?
|
||||
2. Is DVGM likely to be affected by the reported CVEs?
|
Loading…
Reference in New Issue