Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
RIPS - A static source code analyser for vulnerabilties in PHP scripts
Posted by: Reiners
Date: July 03, 2010 09:05AM

One month ago my static source code analyser for vulnerabilities in PHP scripts called "RIPS" has been released during the MOPS and I haven't announced it at sla.ckers yet. You can find a small paper about it here, a blogpost here and the open source files over here. I recommend to read about the limitations before firing RIPS at big code trees like wordpress and expecting too much ;)

Here are some features:

* detect XSS, SQLi, File disclosure, LFI/RFI, RCE vulnerabilities and more
* 5 verbosity levels for debugging your scan results
* mark vulnerable lines in source code viewer
* highlight specific variables in source code viewer
* user-defined function code by mouse-over on detected call
* list of all user-defined functions and program entry points (user input) connected to the source code viewer
* create CURL exploits for detected vulnerabilties with few clicks
* 7 different syntax highlighting colour schemata
* only minimal requirement is a local webserver with PHP and a browser (tested with Opera and Firefox)

RIPS is written in PHP itself and can be controlled by a webinterface:



Unlike other static code analyser RIPS tries to not only point out vulnerable lines but also to actively assist in reviewing the vulnerability. I constantly try to improve RIPS and just released a new version (0.31) but keep in mind it is still beta. Since it is open source I hope to find some guys giving feedback, ideas, code snippets or anything else that helps improving this tool.

If you want to help here is what you could be interested in:

PHP developer:
- check detection of PHP characteristics
- improve scanner code
- improve scanner performance
- e.g.: would it be nicer to handle the config by XML without decreasing performance?

PHP security enthusiast:
- check potentially vulnerable functions (PVF) list
- check vulnerability detection
- e.g.: does it find backticks?

interested in automatic code analysation:
- check efficency
- model improvement (inter-procedual, data-flow, etc)

JavaScript enthusiast:
- improve JS code
- add new JS code
- e.g.: I want to add window resizing, the smaller the code the better

Designer:
- edit/add some cool code highlighting schemata (CSS)
- change the whole RIPS design?

Or just feel free to use it of course! :)

Options: ReplyQuote
Re: RIPS - A static source code analyser for vulnerabilties in PHP scripts
Posted by: Gareth Heyes
Date: July 04, 2010 05:23AM

I did you a logo because I think your project is cool :)



------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]



Edited 2 time(s). Last edit at 07/05/2010 09:33AM by Gareth Heyes.

Options: ReplyQuote
Re: RIPS - A static source code analyser for vulnerabilties in PHP scripts
Posted by: Reiners
Date: July 04, 2010 10:24AM

hey very nice, thank you very much!! :) I added it as sourceforge project logo and will include to the webinterface in the next release !

Options: ReplyQuote
Re: RIPS - A static source code analyser for vulnerabilties in PHP scripts
Posted by: Skyphire
Date: July 05, 2010 08:27AM

Here's what I use: http://www.skyphire.nl/dll/fuzzing/suigenchi.txt

No longer maintained though.

Options: ReplyQuote
Re: RIPS - A static source code analyser for vulnerabilties in PHP scripts
Posted by: Reiners
Date: August 13, 2010 06:14PM

released version 0.32

changelog and files: http://sourceforge.net/projects/rips-scanner/files/

A lot more documentation and description has been added, so if you had problems understanding what RIPS does you may enjoy the new version a bit more. Also, if you have been confused by the inverted code trace you can now choose to display the code trace top-down.

thanks again gareth for the logo =)


Options: ReplyQuote
Re: RIPS - A static source code analyser for vulnerabilties in PHP scripts
Posted by: Reiners
Date: September 11, 2010 11:26AM

released version 0.33.

Especially the code viewer has been improved (variable highlighting, drag+dropable, resizeable window, active jumping between function calls and declarations) and is not only good for analyzing vulnerabilities manually but also for understanding foreign code quickly.
also a lot of new features like statistics, a regex search option and a help option (with description, example PoC, patch suggestion) have been added.

full changelog and files: http://sourceforge.net/projects/rips-scanner/files/

Options: ReplyQuote
Re: RIPS - A static source code analyser for vulnerabilties in PHP scripts
Posted by: Reiners
Date: June 04, 2011 08:08PM

released version 0.40.
download: http://sourceforge.net/projects/rips-scanner/files/
project status with screenshots: https://websec.wordpress.com/2011/06/04/project-rips-status/

Options: ReplyQuote
Re: RIPS - A static source code analyser for vulnerabilties in PHP scripts
Posted by: SunTzu
Date: January 08, 2012 03:26AM

man good job on the tool. it helped a lot.

Options: ReplyQuote
Re: RIPS - A static source code analyser for vulnerabilties in PHP scripts
Posted by: Reiners
Date: January 14, 2012 06:42AM

hi, glad you like it. btw, version 0.51 is already shipped
https://websec.wordpress.com/2011/12/31/project-rips-v0-50-status/

Options: ReplyQuote
Re: RIPS - A static source code analyser for vulnerabilties in PHP scripts
Date: February 02, 2012 03:44AM

This really helps in source code review, thanks for this reiner.

Options: ReplyQuote
Re: RIPS - A static source code analyser for vulnerabilties in PHP scripts
Posted by: us3r
Date: July 02, 2013 10:12PM

Yes it's true as people said, this is a very interesting project.

Myself I use it for the safety of my php file.

Options: ReplyQuote


Sorry, only registered users may post in this forum.