From 4bd1be97fb9625ed5ddef9fa33bfb72c6f705ba1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20Foppolo?= Date: Sun, 5 Jun 2022 13:52:07 +0200 Subject: [PATCH] Update some mobsfscan rules type to Security Hotspot (#31) --- .../src/main/resources/mobsfscan-rules.json | 72 ++++++++++++++----- scripts/commons/Prompt.groovy | 2 +- scripts/commons/RuleUpdater.groovy | 12 +--- .../src/main/resources/mobsfscan-rules.json | 58 +++++++++++---- 4 files changed, 103 insertions(+), 41 deletions(-) diff --git a/objc-lang/src/main/resources/mobsfscan-rules.json b/objc-lang/src/main/resources/mobsfscan-rules.json index bf95a4e0..67db5e1b 100644 --- a/objc-lang/src/main/resources/mobsfscan-rules.json +++ b/objc-lang/src/main/resources/mobsfscan-rules.json @@ -36,15 +36,23 @@ "key": "ios_self_signed_ssl", "description": "App allows self signed or invalid SSL certificates. App is vulnerable to MITM attacks.", "severity": "CRITICAL", - "type": "VULNERABILITY", - "name": "Self Signed SSL" + "name": "Self Signed SSL", + "type": "SECURITY_HOTSPOT", + "debt": { + "offset": "0min", + "function": "CONSTANT_ISSUE" + } }, { "key": "ios_webview_ignore_ssl", "description": "UIWebView in App ignore SSL errors and accept any SSL Certificate. App is vulnerable to MITM attacks.", "severity": "CRITICAL", - "type": "VULNERABILITY", - "name": "WebView ignore SSL" + "name": "WebView ignore SSL", + "type": "SECURITY_HOTSPOT", + "debt": { + "offset": "0min", + "function": "CONSTANT_ISSUE" + } }, { "key": "ios_app_logging", @@ -73,59 +81,87 @@ "description": "Weak Hash algorithm used. The hash algorithm is known to have hash collisions.", "severity": "MAJOR", "type": "VULNERABILITY", - "name": "Weak Hash algorithm used" + "name": "Weak Hash algorithm used", + "debt": { + "offset": "60min", + "function": "CONSTANT_ISSUE" + } }, { "key": "ios_sha1_collision", "description": "SHA1 is a weak hash known to have hash collisions.", "severity": "MAJOR", "type": "VULNERABILITY", - "name": "SHA-1 Collision" + "name": "SHA-1 Collision", + "debt": { + "offset": "60min", + "function": "CONSTANT_ISSUE" + } }, { "key": "ios_aes_ecb", "description": "The App uses ECB mode in Cryptographic encryption algorithm. ECB mode is known to be weak as it results in the same ciphertext for identical blocks of plaintext.", "severity": "CRITICAL", "type": "VULNERABILITY", - "name": "Usage of ECB mode" + "name": "Usage of ECB mode", + "debt": { + "offset": "60min", + "function": "CONSTANT_ISSUE" + } }, { "key": "ios_biometric_bool", "description": "Biometric authentication should be based on Keychain, not based on bool.", "severity": "MAJOR", - "type": "VULNERABILITY", "name": "Weak biometric implementation", "debt": { - "offset": "30min", + "offset": "60min", "function": "CONSTANT_ISSUE" - } + }, + "type": "SECURITY_HOTSPOT" }, { "key": "ios_jailbreak_detect", "description": "This app does not have Jailbreak detection capabilities.", "severity": "INFO", - "type": "VULNERABILITY", - "name": "No jailbreak detection" + "name": "No jailbreak detection", + "type": "SECURITY_HOTSPOT", + "debt": { + "offset": "0min", + "function": "CONSTANT_ISSUE" + } }, { "key": "ios_detect_jailbreak_check", "description": "This app does not perform SFAntiPiracy Jailbreak checks.", "severity": "INFO", - "type": "VULNERABILITY", - "name": "No SFAntiPiracy detection" + "name": "No SFAntiPiracy detection", + "type": "SECURITY_HOTSPOT", + "debt": { + "offset": "0min", + "function": "CONSTANT_ISSUE" + } }, { "key": "ios_piracy_check", "description": "This app does not perform SFAntiPiracy Piracy checks.", "severity": "INFO", - "type": "VULNERABILITY", - "name": "No SFAntiPiracy detection" + "name": "No SFAntiPiracy detection", + "type": "SECURITY_HOTSPOT", + "debt": { + "offset": "0min", + "function": "CONSTANT_ISSUE" + } }, { "key": "ios_mach_ports", "description": "This app does not have anti-debugger code using Mach Exception Ports.", "severity": "INFO", - "type": "VULNERABILITY", - "name": "No anti-debugger protection" + "name": "No anti-debugger protection", + "type": "SECURITY_HOTSPOT", + "debt": { + "offset": "0min", + "function": "CONSTANT_ISSUE" + } } ] \ No newline at end of file diff --git a/scripts/commons/Prompt.groovy b/scripts/commons/Prompt.groovy index ba00d92b..287a8cf2 100644 --- a/scripts/commons/Prompt.groovy +++ b/scripts/commons/Prompt.groovy @@ -79,7 +79,7 @@ class Prompt { def error = false try { def intAnswer = Integer.parseInt(answer) - if (intAnswer < 1) { + if (intAnswer < 0) { error = true } else { return "${intAnswer}min" diff --git a/scripts/commons/RuleUpdater.groovy b/scripts/commons/RuleUpdater.groovy index 84b81385..88731a48 100644 --- a/scripts/commons/RuleUpdater.groovy +++ b/scripts/commons/RuleUpdater.groovy @@ -118,15 +118,9 @@ class RuleUpdater { println r.type.style(ConsoleString.Color.DEFAULT_BOLD) } if (r.debt == null) { - def needDebt = new Prompt("Remediation time needed ?", "Yes", "No").promptChoice() - switch (needDebt) { - case "Yes": - def offset = new Prompt("Remediation time ?").promptDuration() - println offset.style(ConsoleString.Color.DEFAULT_BOLD) - r.debt = [offset: offset, function: "CONSTANT_ISSUE"] - case "No": - break - } + def offset = new Prompt("Remediation time ?").promptDuration() + println offset.style(ConsoleString.Color.DEFAULT_BOLD) + r.debt = [offset: offset, function: "CONSTANT_ISSUE"] } } diff --git a/swift-lang/src/main/resources/mobsfscan-rules.json b/swift-lang/src/main/resources/mobsfscan-rules.json index b8f49b2e..05540045 100644 --- a/swift-lang/src/main/resources/mobsfscan-rules.json +++ b/swift-lang/src/main/resources/mobsfscan-rules.json @@ -4,14 +4,22 @@ "name": "SHA-1 Collision", "severity": "MAJOR", "description": "SHA1 is a weak hash known to have hash collisions.", - "type": "VULNERABILITY" + "type": "VULNERABILITY", + "debt": { + "offset": "60min", + "function": "CONSTANT_ISSUE" + } }, { "key": "ios_cert_pinning", "name": "Certificate Pinning", "severity": "INFO", "description": "This app does not have Certificate Pinning implemented in code.", - "type": "VULNERABILITY" + "type": "SECURITY_HOTSPOT", + "debt": { + "offset": "0min", + "function": "CONSTANT_ISSUE" + } }, { "key": "ios_hardcoded_secret", @@ -51,16 +59,20 @@ "description": "Weak Hash algorithm used. The hash algorithm is known to have hash collisions.", "severity": "MAJOR", "type": "VULNERABILITY", - "name": "Weak Hash algorithm used" + "name": "Weak Hash algorithm used", + "debt": { + "offset": "60min", + "function": "CONSTANT_ISSUE" + } }, { "key": "ios_biometric_bool", "description": "Biometric authentication should be based on Keychain, not based on bool.", "severity": "MAJOR", - "type": "VULNERABILITY", + "type": "SECURITY_HOTSPOT", "name": "Weak biometric implementation", "debt": { - "offset": "30min", + "offset": "60min", "function": "CONSTANT_ISSUE" } }, @@ -91,21 +103,33 @@ "description": "The app uses TLS 1.0 or TLS 1.1. TLS 1.3 should be used instead.", "severity": "CRITICAL", "type": "VULNERABILITY", - "name": "Deprecated TLS version" + "name": "Deprecated TLS version", + "debt": { + "offset": "5min", + "function": "CONSTANT_ISSUE" + } }, { "key": "ios_tls12_used", "description": "This app uses TLS 1.2. TLS 1.3 should be used instead.", "severity": "MAJOR", + "name": "Deprecated TLS version", "type": "VULNERABILITY", - "name": "Deprecated TLS version" + "debt": { + "offset": "5min", + "function": "CONSTANT_ISSUE" + } }, { "key": "ios_dtls1_used", "description": "DTLS 1.2 should be used. Detected old version - DTLS 1.0.", "severity": "MAJOR", "type": "VULNERABILITY", - "name": "Deprecated DTLS version" + "name": "Deprecated DTLS version", + "debt": { + "offset": "5min", + "function": "CONSTANT_ISSUE" + } }, { "key": "ios_depr_tls_min", @@ -133,15 +157,19 @@ "key": "ios_jailbreak_detect", "description": "This app does not have Jailbreak detection capabilities.", "severity": "INFO", - "type": "VULNERABILITY", - "name": "No jailbreak detection" + "name": "No jailbreak detection", + "type": "SECURITY_HOTSPOT", + "debt": { + "offset": "0min", + "function": "CONSTANT_ISSUE" + } }, { "key": "ios_custom_keyboard_disabled", "description": "This app does not have custom keyboards disabled.", "severity": "INFO", - "type": "VULNERABILITY", "name": "Custom keyboard enabled", + "type": "SECURITY_HOTSPOT", "debt": { "offset": "5min", "function": "CONSTANT_ISSUE" @@ -162,7 +190,11 @@ "key": "ios_detect_reversing", "description": "This app does not have Reverse engineering detection capabilities.", "severity": "INFO", - "type": "VULNERABILITY", - "name": "No reverse engineering detection" + "name": "No reverse engineering detection", + "type": "SECURITY_HOTSPOT", + "debt": { + "offset": "0min", + "function": "CONSTANT_ISSUE" + } } ] \ No newline at end of file