class Dawn::Cli::DawnCli

Public Instance Methods

__print_version() click to toggle source
# File lib/dawn/cli/dawn_cli.rb, line 90
def __print_version
  puts Dawn::VERSION
  Kernel.exit(0)
end
scan(target) click to toggle source
# File lib/dawn/cli/dawn_cli.rb, line 108
def scan(target)
  $logger.helo APPNAME, Dawn::VERSION
  trap("INT") { $logger.die('[INTERRUPTED]') }

  $logger.die("invalid directory (#{target})") unless Dawn::Core.is_good_target?(target)

  $debug = true if options[:debug]
  $verbose = true if options[:verbose]
  checks_to_be_skipped = []
  checks_to_be_skipped = options[:skip] unless options[:skip].nil?

  debug_me("scanning #{target}")

  $config_file= Dawn::Core.find_conf(true) if options[:config_file].nil?
  $config = Dawn::Core.read_conf($config_file)

  debug_me($config)

  engine = Dawn::Core.detect_mvc(target) unless options[:gemfile]
  engine = Dawn::GemfileLock.new(target) if options[:gemfile]

  if engine.nil?
    $logger.error("MVC detection failure. Please open an issue at https://github.com/thesp0nge/dawnscanner/issues")
    $logger.die('ruby framework auto detect failed.')
  end

  if options[:exit_on_warn]
    Kernel.at_exit do
      if engine.count_vulnerabilities != 0
        Kernel.exit(engine.count_vulnerabilities)
      end
    end
  end


  engine.load_knowledge_base

  ret = engine.apply_all(checks_to_be_skipped)


  if options[:report_format] and options[:report_format].eql? "json"
    STDERR.puts (ret)? {:status=>"OK", :vulnerabilities_count=>engine.count_vulnerabilities}.to_json : {:status=>"KO", :vulnerabilities_count=>-1}.to_json
    $logger.bye
    Kernel.exit(0)
  end

  $logger.info("#{engine.count_vulnerabilities} issues found")
  $logger.info("#{engine.checks.count} checks applied")

  Dawn::Reporter.new({:engine=>engine, :apply_all_code=>ret}).report
  $logger.bye

  Kernel.exit(0)

end