W
Wayne Pierce
I'm working on a white-box security auditing framework, which is
currently written in Python and makes use of exec_file to load some
security scans at startup. Is there a way to do the same thing in
Ruby?
For those not familiar with Python, exec_file allows me to read an
external file and save the resulting objects to a hash/dictionary of
my choosing. I can then check the values or execute functions that
have been saved in my hash.
The beginning of each security check looks like:
author =3D "Wayne Pierce"
authorEmail =3D "(e-mail address removed)"
license =3D "GNU GPL v2"
licenseLink =3D "http://www.gnu.org/licenses/gpl.html"
date =3D "19 June 2004"
version =3D "1.0.0"
status =3D "production"
platform =3D ["win32"]
category =3D ["system"]
connectionType =3D ["local","remote"]
description =3D "Return a listing of the running processes on a system.=
"
def check():
...
The Python program reads each file and saves the results in a hash
under the scan name. Then I can compare the requirements passed to
the scanner against the saved data; for example I might want to only
run scans that are in cagetory "network", platform "win32", have a
status of "production" and can be run over the network (connectionType
of "remote", "ssh" or "wmi").
I haven't been able to find a way in Ruby to evaluate these files and
save the results to a variable, I would also need to save the function
"check" without executing it. However, if a scan met the criteria I
would then execute the function.
I have looked at Kernel#load, but the results aren't saved.=20
Kernel#readlines could work, although interpreting the code block
portion looks like it would be very ugly.
Does anyone know if there is an existing way to do this?
Thanks for any help,
Wayne
currently written in Python and makes use of exec_file to load some
security scans at startup. Is there a way to do the same thing in
Ruby?
For those not familiar with Python, exec_file allows me to read an
external file and save the resulting objects to a hash/dictionary of
my choosing. I can then check the values or execute functions that
have been saved in my hash.
The beginning of each security check looks like:
author =3D "Wayne Pierce"
authorEmail =3D "(e-mail address removed)"
license =3D "GNU GPL v2"
licenseLink =3D "http://www.gnu.org/licenses/gpl.html"
date =3D "19 June 2004"
version =3D "1.0.0"
status =3D "production"
platform =3D ["win32"]
category =3D ["system"]
connectionType =3D ["local","remote"]
description =3D "Return a listing of the running processes on a system.=
"
def check():
...
The Python program reads each file and saves the results in a hash
under the scan name. Then I can compare the requirements passed to
the scanner against the saved data; for example I might want to only
run scans that are in cagetory "network", platform "win32", have a
status of "production" and can be run over the network (connectionType
of "remote", "ssh" or "wmi").
I haven't been able to find a way in Ruby to evaluate these files and
save the results to a variable, I would also need to save the function
"check" without executing it. However, if a scan met the criteria I
would then execute the function.
I have looked at Kernel#load, but the results aren't saved.=20
Kernel#readlines could work, although interpreting the code block
portion looks like it would be very ugly.
Does anyone know if there is an existing way to do this?
Thanks for any help,
Wayne