progpilot v1.0.2 releases: A static analysis tool for security

by do son · Published · Updated

progpilot

progpilot

A static analyzer for security purposes – Only PHP language is currently supported.

Changelog v1.0.2

  • Fix new bug reported in #44
  • update dependencies

Use

  • Download the latest phar archive in releases folder (or builds folder for dev versions).
  • Optional: configure your analysis with a yaml file.
  • Optional : use the up-to-date security files configuration in package/src/uptodate_data folder.
  • Progpilot takes two optional arguments :
    • your YAML configuration file (if not the default configuration will be used)
    • your files and folders that have to be analysed
      php progpilot.phar --configuration ./configuration.yml example1.php example2.php ./folder1/ ./folder2/

       

       

      progpilot

Library installation

Use getcomposer to install progpilot.
Your composer.json looks like this one :

{

    "name": "Example",

    "description": "Example of use of Progpilot",

    "require": {

        "designsecurity/progpilot": "@dev",

        "ircmaxell/php-cfg": "@dev"

    }

}

 

 

Then run composer :

composer install

Then you could try the following example.

Library example

  • For more information: look at the chapter about API explaination
  • Use this code to analyze source_code1.php :
    <?php

    

    require_once './vendor/autoload.php';

    

    $context = new \progpilot\Context;

    $analyzer = new \progpilot\Analyzer;

    

    $context->inputs->setFile("source_code1.php");

    

    $analyzer->run($context);

    $results = $context->outputs->getResults();

    

    var_dump($results);

    

    ?>

     

     

  • When source_code1.php contains this code :
    <?php

    

    $var7 = $_GET["p"];

    $var4 = $var7;

    echo "$var4";

    

    ?>

     

     

  • The simplified output will be :
    array(1) {

      [0]=>

      array(11) {

        ["source_name"]=>

        array(1) {

          [0]=>

          string(5) "$var4"

        }

        ["source_line"]=>

        array(1) {

          [0]=>

          int(4)

        }

        ["sink_name"]=>

        string(4) "echo"

        ["sink_line"]=>

        int(5)

        ["vuln_name"]=>

        string(3) "xss"

      }

    }

     

     

    All files (composer.json, example1.php, source_code1.php) used in this example are in the projects/example folder.
    For more examples look at this page

Tutorial

Copyright (c) 2017 Eric Therond <designsecurity.org>

Source: https://github.com/designsecurity/

Tags: progpilot