Commit Graph

21448 Commits

Author SHA1 Message Date
jorgectf
a6b3aefb0b Add flask_mongoengine sink 2021-04-09 21:30:17 +02:00
jorgectf
0e51dbec86 Polish tests 2021-04-09 21:29:56 +02:00
thank_you
83f28bfdda Catch any keyword argument passed to MongoEngine's objects method
After some research, we discovered that any keyword argument passed to the objects method will result in NoSQL injection. This includes scenarios where we have the following:

objects(name_of_model_attribute=unsanitized_user_input)
2021-04-07 16:45:48 -04:00
thank_you
719c30bd92 Fix file name and adjust where the test points to 2021-04-07 16:42:51 -04:00
thank_you
4e98348411 Remove comment 2021-04-06 13:57:03 -04:00
thank_you
dc274ecf36 Improve sentence structure and grammar 2021-04-06 13:51:59 -04:00
thank_you
520e65e3c3 Remove unnecessary example code 2021-04-06 13:46:51 -04:00
thank_you
ac31260fed Made grammar changes 2021-04-06 13:42:57 -04:00
thank_you
6ade120983 Add check for mongoengine raw queries
After initial research on our end, we believe that the only vulnerability within the objects() method is passing a query into the __raw__ keyword argument. More info can be found below:

http://docs.mongoengine.org/guide/querying.html?highlight=inc__#raw-queries
2021-04-05 20:44:16 -04:00
thank_you
759fa2cd01 Update query to search for more pymongo sink methods 2021-04-05 20:42:18 -04:00
thank_you
3f0c758622 Add required __raw__ keyword
This __raw__ keyword is required for the actual mongoengine vulnerability. More info can be found below:

http://docs.mongoengine.org/guide/querying.html?highlight=inc__#raw-queries
2021-04-05 19:07:13 -04:00
Your Name
80216f6974 Rename classes 2021-04-05 14:41:08 -04:00
Your Name
be9a3a95b1 Add relevant PyMongo sink methods 2021-04-05 14:23:56 -04:00
Your Name
9072d19cda Update qhelp file 2021-04-05 13:56:43 -04:00
jorgectf
15e176a3b8 Polish query select 2021-04-01 13:00:12 +02:00
jorgectf
f980d0694b Fix taint configs 2021-04-01 12:50:25 +02:00
jorgectf
c8740a2031 Update naming 2021-04-01 12:41:11 +02:00
jorgectf
3a47a45e47 Attempt to apply TaintTracking2 2021-03-31 18:49:41 +02:00
jorgectf
f0a50eb67a Polish up configs 2021-03-31 17:58:18 +02:00
jorgectf
017a826b30 Remove unused class variables 2021-03-31 17:52:03 +02:00
jorgectf
5a1dc48e48 Fix Mongoengine test 2021-03-31 17:50:31 +02:00
jorgectf
7a4dc46341 Fix Sinks 2021-03-31 17:50:05 +02:00
jorgectf
01f9d4a1b0 Fix MongoEngine Sink 2021-03-31 15:50:45 +02:00
jorgectf
ccd57bea7a Fix imports 2021-03-30 21:17:11 +02:00
jorgectf
4579132f22 Add left tests 2021-03-30 21:14:33 +02:00
jorgectf
d856f160c8 Adapt query configs and custom classes 2021-03-30 21:14:21 +02:00
jorgectf
bd5ff01ebb PyMongo and Mongoengine sinks 2021-03-30 21:13:43 +02:00
jorgectf
aea7546cf9 Add Concepts 2021-03-30 21:13:15 +02:00
jorgectf
517a9202ce PR init 2021-03-30 17:51:17 +02:00
Jonas Jensen
7f16c52217 Merge pull request #3364 from github/rdmarsh/cpp/use-taint-configuration-dtt
C++: use TaintTracking::Configuration in DefaultTaintTracking
2021-03-26 12:39:25 +01:00
Tom Hvitved
1dbfe2369d Merge pull request #5542 from hvitved/csharp/update-suites
C#: Remove deleted queries from suites
2021-03-26 12:13:09 +01:00
CodeQL CI
f584ff9acf Merge pull request #5533 from asgerf/js/fix-query-metadata
Approved by esbena
2021-03-26 11:09:54 +00:00
Tom Hvitved
9d1ef21d85 C#: Remove deleted queries from suites 2021-03-26 11:17:27 +01:00
Mathias Vorreiter Pedersen
c7c65736a9 C++: Accept test changes. These happened because of the incorrect usage of multiple configurations in 6c1ec6d96b. 2021-03-26 10:57:58 +01:00
Jonas Jensen
86755c6a98 Merge pull request #5515 from criemen/fix-query-metadata
C++: Fix query metadata warnings.
2021-03-26 10:19:46 +01:00
Anders Schack-Mulligen
506c95d098 Merge pull request #5372 from smowton/smowton/feature/commons-lang-models-to-csv
Java: Convert existing Commons Lang models to CSV
2021-03-26 10:18:23 +01:00
Tom Hvitved
d4ce42ac4f Merge pull request #5416 from hvitved/csharp/rework-summaries
C#: Rework flow summary implementation
2021-03-26 09:47:15 +01:00
Tom Hvitved
e93b72d563 Merge pull request #5459 from hvitved/csharp/update-nuget
C#: Update more nuget packages
2021-03-26 09:28:09 +01:00
Mathias Vorreiter Pedersen
983b64a05f Merge branch 'main' into rdmarsh/cpp/use-taint-configuration-dtt 2021-03-26 09:11:12 +01:00
Tom Hvitved
57fd2e3578 C#: Rename parameter in fieldOf() 2021-03-26 08:49:06 +01:00
yoff
208d5157fa Merge pull request #5500 from RasmusWL/django-forms
Python: Model RemoteFlowSources on Django forms/fields
2021-03-25 20:43:19 +01:00
yoff
716e0f1404 Merge pull request #5517 from tausbn/python-prevent-potentially-bad-join-order
Python: Prevent potentially bad join order
2021-03-25 18:14:47 +01:00
Tom Hvitved
f100c8a9c0 C++: Make Windows autobuilder tests pass again 2021-03-25 17:43:48 +01:00
Tom Hvitved
ed78acb1d4 C#: Update more nuget packages 2021-03-25 17:32:12 +01:00
Chris Smowton
eaa2d4d831 Stop using wildcard Argument
All instances are replaced with a specific Argument or range.
2021-03-25 15:42:35 +00:00
Chris Smowton
2f34588770 Constructor models: use Argument[-1] for the result, not ReturnValue 2021-03-25 15:23:08 +00:00
Asger Feldthaus
a456458a38 JS: Add change note for code duplication library removal 2021-03-25 15:21:48 +00:00
Asger Feldthaus
446ad5ec9e JS: Remove code duplication library 2021-03-25 15:20:59 +00:00
Asger Feldthaus
c812bd948a JS: Add @problem.severity to an example query 2021-03-25 15:14:48 +00:00
Asger Feldthaus
7aae51c876 JS: Add change note for filter query removal 2021-03-25 15:13:51 +00:00