Check context for sensitive file access

library/agent/Agent.ts

@@ -24,6 +24,7 @@ import { Users } from "./Users";
 import { wrapInstalledPackages } from "./wrapInstalledPackages";
 import { Wrapper } from "./Wrapper";
 import { isAikidoCI } from "../helpers/isAikidoCI";
+import { InterceptorResultSource } from "./hooks/InterceptorResult";
 
 type WrappedPackage = { version: string | null; supported: boolean };
 
@@ -150,7 +151,7 @@ export class Agent {
     operation: string;
     kind: Kind;
     blocked: boolean;
-    source: Source;
+    source: InterceptorResultSource;
     request: Context;
     stack: string;
     paths: string[];

library/agent/Attack.ts

@@ -22,6 +22,6 @@ export function attackKindHumanName(kind: Kind) {
     case "js_injection":
       return "a JavaScript injection";
     case "sensitive_file_access":
-      return "a sensitive file access";
+      return "access to a sensitive file";
   }
 }

library/agent/api/Event.ts

@@ -1,5 +1,5 @@
 import { Kind } from "../Attack";
-import { Source } from "../Source";
+import { InterceptorResultSource } from "../hooks/InterceptorResult";
 
 export type AgentInfo = {
   dryMode: boolean;
@@ -53,7 +53,7 @@ export type DetectedAttack = {
     operation: string;
     module: string;
     blocked: boolean;
-    source: Source;
+    source: InterceptorResultSource;
     path: string;
     stack: string;
     payload: string;

library/agent/hooks/InterceptorResult.ts

@@ -1,10 +1,12 @@
 import { Kind } from "../Attack";
 import { Source } from "../Source";
 
+export type InterceptorResultSource = Source | "route";
+
 export type InterceptorResult = {
   operation: string;
   kind: Kind;
-  source: Source;
+  source: InterceptorResultSource;
   pathsToPayload: string[];
   metadata: Record<string, string>;
   payload: unknown;

library/sinks/FileSystem.ts

@@ -7,13 +7,24 @@ import { Wrapper } from "../agent/Wrapper";
 import { getSemverNodeVersion } from "../helpers/getNodeVersion";
 import { isVersionGreaterOrEqual } from "../helpers/isVersionGreaterOrEqual";
 import { checkContextForPathTraversal } from "../vulnerabilities/path-traversal/checkContextForPathTraversal";
+import { checkContextForSensitiveFileAccess } from "../vulnerabilities/sensitive-file-access/checkContextForSensitiveFile";
 
 type FileSystemFunction = {
   pathsArgs: number; // The amount of arguments that are paths
   sync: boolean; // Whether the function has a synchronous version (e.g. fs.accessSync)
   promise: boolean; // Whether the function has a promise version (e.g. fs.promises.access)
 };
 
+const operationsToCheckForSensitiveFileAccess = [
+  "open",
+  "opendir",
+  "readdir",
+  "readFile",
+  "openSync",
+  "readdirSync",
+  "readFileSync",
+];
+
 export class FileSystem implements Wrapper {
   private patchedPromises = false;
 
@@ -46,6 +57,24 @@ export class FileSystem implements Wrapper {
       }
     }
 
+    if (
+      args &&
+      args.length &&
+      amountOfPathArgs === 1 &&
+      typeof args[0] === "string" &&
+      operationsToCheckForSensitiveFileAccess.includes(name)
+    ) {
+      const result = checkContextForSensitiveFileAccess({
+        filename: args[0],
+        operation: `fs.${name}`,
+        context: context,
+      });
+
+      if (result) {
+        return result;
+      }
+    }
+
     return undefined;
   }
 

library/sources/Express.tests.ts

@@ -137,7 +137,12 @@ export function createExpressTests(expressPackageName: string) {
 
     app.use(newRouter);
 
-    app.use("/", express.static(__dirname + "/fixtures/public/"));
+    app.use(
+      "/",
+      express.static(__dirname + "/fixtures/public/", {
+        dotfiles: "allow",
+      })
+    );
 
     const nestedApp = express();
     nestedApp.set("trust proxy", true);
@@ -719,4 +724,13 @@ export function createExpressTests(expressPackageName: string) {
       );
     }
   );
+
+  t.test("it prevents access to sensitive files", async (t) => {
+    const response = await request(getApp()).get("/.env.test");
+
+    t.same(JSON.parse(response.body.toString()), {
+      error:
+        "Zen has blocked access to a sensitive file: fs.open(...) originating from route.",
+    });
+  });
 }

library/sources/fixtures/public/.env.test

@@ -0,0 +1 @@
+Testfile

library/vulnerabilities/sensitive-file-access/checkContextForSensitiveFile.ts

@@ -0,0 +1,46 @@
+import { Context } from "../../agent/Context";
+import { InterceptorResult } from "../../agent/hooks/InterceptorResult";
+import { pathToString } from "../../helpers/pathToString";
+import { isSensitiveFile } from "./isSensitiveFile";
+import { getMatchingPathEnding } from "./getMatchingPathEnding";
+
+export function checkContextForSensitiveFileAccess({
+  filename,
+  context,
+  operation,
+}: {
+  filename: string | URL | Buffer;
+  context: Context;
+  operation: string;
+}): InterceptorResult {
+  const filePathString = pathToString(filename);
+  if (!filePathString) {
+    return;
+  }
+
+  if (!context.route) {
+    return;
+  }
+
+  const matchingPathEnding = getMatchingPathEnding(
+    context.route,
+    filePathString
+  );
+
+  if (!matchingPathEnding) {
+    return;
+  }
+
+  if (isSensitiveFile(matchingPathEnding)) {
+    return {
+      operation: operation,
+      kind: "sensitive_file_access",
+      source: "route",
+      pathsToPayload: ["."],
+      metadata: {
+        filename: filePathString,
+      },
+      payload: context.route,
+    };
+  }
+}

library/vulnerabilities/sensitive-file-access/isSensitiveFile.test.ts

@@ -8,6 +8,25 @@ t.test("is a sensitive file", async (t) => {
   t.same(isSensitiveFile("/.git"), true);
   t.same(isSensitiveFile("/.git/"), true);
   t.same(isSensitiveFile("/.git/test"), true);
+  t.same(isSensitiveFile("/.aws/keys.conf"), true);
+  t.same(isSensitiveFile("/.ssh/config"), true);
+  t.same(isSensitiveFile("/.circleci/config.yml"), true);
+  t.same(isSensitiveFile("/.github/secrets"), true);
+  t.same(isSensitiveFile("/.docker/config.json"), true);
+  t.same(isSensitiveFile("/.env.prod"), true);
+  t.same(isSensitiveFile("/backend/.env-Production"), true);
+  t.same(isSensitiveFile("/.env.test"), true);
+  t.same(isSensitiveFile("/.gitlab-ci.yml"), true);
+  t.same(isSensitiveFile("/ci/.travis.yml"), true);
+  t.same(isSensitiveFile("/.idea/"), true);
+  t.same(isSensitiveFile("/data/db.sqlite"), true);
+  t.same(isSensitiveFile("/data/db.sql"), true);
+  t.same(isSensitiveFile("/DoCkErFiLe"), true);
+  t.same(isSensitiveFile("/docker-compose.yml"), true);
+  t.same(isSensitiveFile("/docker-compose.dev.yml"), true);
+  t.same(isSensitiveFile("/docker-compose.prod.yaml"), true);
+  t.same(isSensitiveFile("/package-lock.json"), true);
+  t.same(isSensitiveFile("/static/package.Json"), true);
 });
 
 t.test("is not a sensitive file", async (t) => {
@@ -17,4 +36,9 @@ t.test("is not a sensitive file", async (t) => {
   t.same(isSensitiveFile("/"), false);
   t.same(isSensitiveFile("/.gitabc"), false);
   t.same(isSensitiveFile("/.gitabc/test"), false);
+  t.same(isSensitiveFile("/xenv"), false);
+  t.same(isSensitiveFile("/test/"), false);
+  t.same(isSensitiveFile("/route/abc/123"), false);
+  t.same(isSensitiveFile("/data/db.sqla"), false);
+  t.same(isSensitiveFile("/data/sql/a"), false);
 });

library/vulnerabilities/sensitive-file-access/isSensitiveFile.ts

@@ -1,5 +1,31 @@
-const forbiddenFileNames = [".env", ".bashrc"];
-const forbiddenDirectories = [".git", ".aws"];
+const forbiddenFileNames = [
+  "\\.env[^/]*",
+  "\\.bashrc",
+  "\\.gitlab-ci.yml",
+  "\\.travis.yml",
+  "[^/]*\\.(?:sql|sqlite|db)",
+  "Dockerfile",
+  "docker-compose(?:[^/]*)?\\.(?:yml|yaml)",
+
+  // Node.js specific
+  "package-lock\\.json",
+  "package\\.json",
+  "npm-shrinkwrap\\.json",
+  "yarn\\.lock",
+  "\\.npmrc",
+];
+const forbiddenDirectories = [
+  "\\.git",
+  "\\.aws",
+  "\\.ssh",
+  "\\.circleci",
+  "\\.github",
+  "\\.docker",
+  "\\.svn",
+  "\\.hg",
+  "\\.idea",
+  "\\.vscode",
+];
 
 const forbiddenFileNamesPattern = `(?:.*/(?:${forbiddenFileNames.join("|")}))`;
 const forbiddenDirectoriesPattern = `(?:.*/(?:${forbiddenDirectories.join("|")})(?:/.*)?)`;