@contrast/reporter
Advanced tools
Comparing version 1.6.0 to 1.6.1
@@ -56,3 +56,3 @@ "use strict"; | ||
const buildInputPayload = (result, time) => ({ | ||
filters: result.mongoExpansionResult ? ['nosql-expansion'] : [], | ||
filters: result.mongoExpansionResult ? ['nosql-expansion'] : result.ruleId === common_1.Rule.UNSAFE_FILE_UPLOAD ? ['agent-lib'] : [], | ||
name: result.key || '', | ||
@@ -135,2 +135,24 @@ time, | ||
}; | ||
const xxeSemanticAnalysisDetailsBuilder = (el) => { | ||
// @ts-expect-error: Unreachable code error | ||
const { prolog, entities } = el.findings; | ||
const details = { | ||
xml: prolog, | ||
declaredEntities: [], | ||
entitiesResolved: [] | ||
}; | ||
// @ts-expect-error: Unreachable code error | ||
entities.reduce((acc, entity) => { | ||
acc.declaredEntities.push({ | ||
start: entity.start, | ||
end: entity.finish | ||
}); | ||
acc.entitiesResolved.push({ | ||
publicId: entity.type === 'PUBLIC' ? entity.uri : undefined, | ||
systemId: entity.type === 'SYSTEM' ? entity.uri : undefined | ||
}); | ||
return acc; | ||
}, details); | ||
return details; | ||
}; | ||
const buildRequestObject = (reqData) => { | ||
@@ -317,2 +339,20 @@ const searchParams = new URLSearchParams(reqData.queries); | ||
} | ||
const xxeSemanticAnalysis = protect.findings.semanticResultsMap[common_1.Rule.XXE]; | ||
if (xxeSemanticAnalysis) { | ||
const isBlockMode = protect.policy[common_1.Rule.XXE] === 'block'; | ||
xxeSemanticAnalysis.forEach((vulnerability) => { | ||
Object.assign(vulnerability, { | ||
type: 'Unknown', | ||
key: 'Unknown', | ||
value: vulnerability.findings?.prolog, | ||
ruleId: common_1.Rule.XXE, | ||
details: [{ ...vulnerability.findings }] | ||
}); | ||
}); | ||
const protectionRules = buildProtectionRules(xxeSemanticAnalysis, requestPayload, time, isBlockMode, xxeSemanticAnalysisDetailsBuilder); | ||
if (protectionRules) { | ||
defendObject.protectionRules[common_1.Rule.XXE] = protectionRules; | ||
hasAttack = true; | ||
} | ||
} | ||
const cmdiCommandBackdoors = protect.findings.semanticResultsMap[common_1.Rule.CMD_INJECTION_COMMAND_BACKDOORS]; | ||
@@ -351,2 +391,11 @@ if (cmdiCommandBackdoors) { | ||
} | ||
const unsafeFileUpload = protect.findings.resultsMap[common_1.Rule.UNSAFE_FILE_UPLOAD]; | ||
if (unsafeFileUpload) { | ||
const isBlockMode = protect.policy[common_1.Rule.UNSAFE_FILE_UPLOAD] === 'block_at_perimeter'; | ||
const protectionRules = buildProtectionRules(unsafeFileUpload, requestPayload, time, isBlockMode, () => null); | ||
if (protectionRules) { | ||
defendObject.protectionRules[common_1.Rule.UNSAFE_FILE_UPLOAD] = protectionRules; | ||
hasAttack = true; | ||
} | ||
} | ||
const untrustedDeserialization = protect.findings.hardeningResultsMap[common_1.Rule.UNTRUSTED_DESERIALIZATION]; | ||
@@ -353,0 +402,0 @@ if (untrustedDeserialization) { |
@@ -24,2 +24,3 @@ "use strict"; | ||
const app_activity_builder_1 = __importDefault(require("./app-activity-builder")); | ||
const hpagent_1 = require("hpagent"); | ||
class ContrastUIReporter extends base_1.default { | ||
@@ -43,3 +44,3 @@ constructor(core, name = 'contrast-ui-reporter', appActivityBuilder = (0, app_activity_builder_1.default)()) { | ||
headers: this.constructAuthHeaders(), | ||
proxy: this.constructProxy(this.config.api.proxy), | ||
httpsAgent: this.constructProxy(this.config.api.proxy), | ||
}); | ||
@@ -52,2 +53,3 @@ this.logger = core.logger; | ||
'Application-Language': 'Node', | ||
'Application-Version': this.appInfo.version, | ||
'X-Contrast-Header-Encoding': 'base64', | ||
@@ -62,4 +64,3 @@ 'X-Contrast-Agent': `Node ${this.protectVersion}`, | ||
['Application-Name', this.appInfo.name], | ||
['Application-Path', '/'], | ||
['Application-Version', this.protectVersion], | ||
['Application-Path', this.appInfo.appPath], | ||
['Server-Name', this.appInfo.serverName], | ||
@@ -76,16 +77,7 @@ ['Server-Path', this.appInfo.app_dir], | ||
if (!proxyConfig.enable) | ||
return false; | ||
let port; | ||
const url = new URL(proxyConfig.url); | ||
if (url.port === '') { | ||
port = url.protocol === 'http:' ? 80 : 443; | ||
} | ||
else { | ||
port = url.port; | ||
} | ||
const host = url.host.split(':')[0]; | ||
return { | ||
host, | ||
port: Number(port), | ||
}; | ||
return null; | ||
return new hpagent_1.HttpsProxyAgent({ | ||
keepAlive: true, | ||
proxy: proxyConfig.url | ||
}); | ||
} | ||
@@ -92,0 +84,0 @@ startupServer() { |
@@ -74,4 +74,6 @@ import { Rule } from '@contrast/common'; | ||
[Rule.SSJS_INJECTION]?: SSJSInjection; | ||
[Rule.UNSAFE_FILE_UPLOAD]?: UnsafeFileUpload; | ||
[Rule.CMD_INJECTION_SEMANTIC_DANGEROUS_PATHS]?: CMDInjectionSemanticAnalysis; | ||
[Rule.CMD_INJECTION_SEMANTIC_CHAINED_COMMANDS]?: CMDInjectionSemanticAnalysis; | ||
[Rule.XXE]?: XXESemanticAnalysis; | ||
[Rule.CMD_INJECTION_COMMAND_BACKDOORS]?: CMDInjectionSemanticAnalysis; | ||
@@ -103,2 +105,6 @@ [Rule.UNTRUSTED_DESERIALIZATION]?: UntrustedDeserialization; | ||
} | ||
export interface UnsafeFileUpload { | ||
startTime: number; | ||
blockedAtPerimeter?: AttackBody<BlockedAtPerimeterSample>; | ||
} | ||
export interface CMDInjectionSemanticAnalysisDetails { | ||
@@ -108,2 +114,13 @@ command: string; | ||
} | ||
export interface XXESemanticAnalysisDetails { | ||
xml: string; | ||
declaredEntities: Array<{ | ||
start: number; | ||
end: number; | ||
}>; | ||
entitiesResolved: Array<{ | ||
publicId: string | undefined; | ||
systemId: string | undefined; | ||
}>; | ||
} | ||
export interface BotBlockerDetails { | ||
@@ -127,2 +144,8 @@ bot: string; | ||
} | ||
export interface XXESemanticAnalysis { | ||
startTime: number; | ||
exploited?: AttackBody<DefaultSample<XXESemanticAnalysisDetails>>; | ||
blocked?: AttackBody<DefaultSample<XXESemanticAnalysisDetails>>; | ||
blockedAtPerimeter?: AttackBody<DefaultSample<XXESemanticAnalysisDetails>>; | ||
} | ||
export interface UntrustedDeserialization { | ||
@@ -129,0 +152,0 @@ startTime: number; |
@@ -60,2 +60,16 @@ "use strict"; | ||
}; | ||
const DEFAULTS = { | ||
level: 'debug', | ||
syslog: { | ||
enable: false, | ||
ip: '127.0.0.1', | ||
port: 514, | ||
facility: 19, | ||
severity_blocked: 'notice', | ||
severity_exploited: 'alert', | ||
severity_probed: 'warning', | ||
severity_blocked_perimeter: 'notice', | ||
severity_suspicious: 'warning' | ||
} | ||
}; | ||
class SecurityLogger extends base_1.default { | ||
@@ -66,3 +80,3 @@ constructor(core, name = 'security-logger') { | ||
this.appInfo = core.appInfo; | ||
this.config = core.config.agent.security_logger; | ||
this.config = Object.assign({}, DEFAULTS, core.config.agent.security_logger); | ||
this.logger = core.logger; | ||
@@ -76,3 +90,3 @@ this.socket = (0, dgram_1.createSocket)('udp4'); | ||
core.messages.on(common_1.Event.SERVER_SETTINGS_UPDATE, (msg) => { | ||
Object.assign(this.config.syslog, (0, utils_1.translateServerSettings)(this.config.syslog, msg?.features?.syslog)); | ||
Object.assign(this.config.syslog, (0, utils_1.translateServerSettings)(core.config.agent.security_logger.syslog, msg?.features?.syslog)); | ||
}); | ||
@@ -79,0 +93,0 @@ } |
@@ -36,3 +36,5 @@ "use strict"; | ||
} | ||
Reflect.set(config, key, val); | ||
if (!Reflect.get(config, key)) { | ||
Reflect.set(config, key, val); | ||
} | ||
} | ||
@@ -39,0 +41,0 @@ return config; |
{ | ||
"name": "@contrast/reporter", | ||
"version": "1.6.0", | ||
"version": "1.6.1", | ||
"description": "Subscribes to agent messages and reports them", | ||
@@ -20,4 +20,5 @@ "license": "SEE LICENSE IN LICENSE", | ||
"dependencies": { | ||
"@contrast/common": "1.1.3", | ||
"@contrast/common": "1.1.4", | ||
"axios": "^0.27.2", | ||
"hpagent": "^1.2.0", | ||
"safe-stable-stringify": "^2.4.1", | ||
@@ -24,0 +25,0 @@ "sonic-boom": "^3.2.0" |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
104511
1579
5
+ Addedhpagent@^1.2.0
+ Added@contrast/common@1.1.4(transitive)
+ Addedhpagent@1.2.0(transitive)
- Removed@contrast/common@1.1.3(transitive)
Updated@contrast/common@1.1.4