Package com.denimgroup.threadfix.data.entities

Examples of com.denimgroup.threadfix.data.entities.WafRule


                    return null;
                }

                log.debug("wafRuleId " + wafRuleId);

                WafRule rule = wafRuleDao.retrieveByWafAndNativeId(wafId, wafRuleId);
                if (rule == null) {
                    log.debug("wafRule not found");
                    return null;
                }
View Full Code Here


    String nativeId = getRegexResult(entry, "\\[unique_id \\\"([^\\\"]+)\\\"\\]");
   
    if (nativeId == null || securityEventDao.retrieveByNativeIdAndWafId(nativeId, wafId) != null)
      return null;
   
    WafRule rule = wafRuleDao.retrieveByWafAndNativeId(wafId, wafRuleNativeId);
    if (rule == null)
      return null;
   
    Calendar calendar = parseDate(time);
   
View Full Code Here

    String nativeId = hashArrayItems(toHash);
   
    if (nativeId == null || securityEventDao.retrieveByNativeIdAndWafId(nativeId, wafId) != null)
      return null;
   
    WafRule rule = wafRuleDao.retrieveByWafAndNativeId(wafId, sid);
    if (rule == null)
      return null;
    Calendar calendar = parseDate(time);
   
    SecurityEvent event = new SecurityEvent();
View Full Code Here

    for (Vulnerability vuln : application.getVulnerabilities()) {
      if (vuln == null || vuln.getIsFalsePositive())
        continue;
     
      WafRule oldRule = null;
      if (wafRuleDao != null && directive != null)
        oldRule = wafRuleDao.retrieveByVulnerabilityAndWafAndDirective(vuln, application.getWaf(), directive);
      WafRule currentRule = null;
      if (oldRule == null) {
        currentRule = makeRule(application.getWaf().getCurrentId(), vuln, directive);
        if (currentRule != null) {
          currentRule.setVulnerability(vuln);
          application.getWaf().setCurrentId(application.getWaf().getCurrentId() + 1);
        }
      } else {
        currentRule = oldRule;
      }

      if (currentRule != null && currentRule.getRule() != null
          && !currentRule.getRule().trim().equals("")) {
        rules.add(currentRule);
      } else {
        log.debug("New rule was null or empty for vulnerability: " + vuln);
      }
    }
View Full Code Here

      param = surfaceLocation.getParameter().replaceFirst("param=", "");
 
    String rule = generateRuleText(vulnType, vulnUrl, action, currentId.toString(), param, vulnerability);
 
    if (rule != null) {
      WafRule newRule = new WafRule();
      newRule.setRule(rule);
      newRule.setNativeId(currentId.toString());
      return newRule;
    }
    return null;
  }
View Full Code Here

    }
   
    String parameter = surfaceLocation.getParameter();
    String path      = surfaceLocation.getPath();
   
    WafRule rule = new WafRule();
    rule.setIsNormalRule(false);
    rule.setWafRuleDirective(directive);
    rule.setNativeId(currentId.toString());
   
    //CSRF is handled on a by-url basis in its own tag
    if (GenericVulnerability.CWE_CROSS_SITE_REQUEST_FORGERY.equals(vulnType)) {
      rule.setVulnerabilityDesc("CSRF");
      rule.setRule("<csrf_urls>" + path + "</csrf_urls>");
      return rule;
    }
   
    // Possibly turn on Response Scrubbing if CCN or SSN might be present
    if (GenericVulnerability.CWE_INFORMATION_EXPOSURE.equals(vulnType) ||
        GenericVulnerability.CWE_PRIVACY_VIOLATION.equals(vulnType)) {
      for (Finding finding : vulnerability.getFindings()) {
        if (finding != null && finding.getChannelVulnerability() != null &&
            finding.getChannelVulnerability().getName()!= null &&
            (finding.getChannelVulnerability().getName().contains("Credit Card") ||
             finding.getChannelVulnerability().getName().contains("Social Security"))) {
          rule.setRule("Response Scrubbing");
          return rule;
        }
      }
      return null;
    }
   
    // Possibly turn on Illegal methods
    // TODO improve detection of these vulns
    if (GenericVulnerability.CWE_GENERIC_INJECTION.equals(vulnType) ||
        GenericVulnerability.CWE_DEBUG_CODE.equals(vulnType)) {
      for (Finding finding : vulnerability.getFindings()) {
        if (finding != null && finding.getChannelVulnerability() != null &&
            finding.getChannelVulnerability().getName()!= null &&
            finding.getChannelVulnerability().getName().contains("HTTP Method")) {
          rule.setRule("Illegal Method");
          return rule;
        }
      }
      return null;
    }

    // The general case: set the path, parameter, and type
    if (path != null && (parameter != null || GenericVulnerability.CWE_FILE_UPLOAD.equals(vulnType))) {
      rule.setParameter(parameter);
      rule.setPath(path);
      rule.setRule("BIG-IP");
      rule.setVulnerabilityDesc(vulnType);
      return rule;
    }
   
    return null;
  }
View Full Code Here

TOP

Related Classes of com.denimgroup.threadfix.data.entities.WafRule

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.