bap-toolkit Use of hardcoded credentials

Use of hardcoded credentials

Open anzosasuke opened this issue 2 years ago • 2 comments

I was using BAP tool kit primus checks on Juliet test suite CWE259(child of hard-coded credentials CWE 798) to detect hardcoded passwords, but somehow it didn't detect any. Hard-coded credentials should've also accounted for hard-coded passwords, could you share some insights on why it was unsuccessful? any thoughts would be greatly appreciated. Thanks

Sep 12 '23 01:09 anzosasuke

I really need to know about this. Could you share any insights or answers? @ivg

Sep 17 '23 23:09 anzosasuke

The rule policy for check-hardcoded-values only checks for hardcoded socket addresses. There's no currently any provision for passwords.

(defun check-hardcoded-socket-address (sockaddr-ptr)
  (when (points-to-static-data sockaddr-ptr 16)
    (incident-report 'hardcoded-socket-address (incident-location))))


(defmethod call (name fd addr)
  (when (is-in name 'accept 'bind 'connect)
    (check-hardcoded-socket-address addr)))

(defmethod call (name fd buf size flags addr len)
  (when (is-in name 'sendto 'recvfrom)
    (check-hardcoded-socket-address addr)))

Sep 18 '23 13:09 ivg

bap-toolkit bap-toolkit copied to clipboard

Use of hardcoded credentials

bap-toolkit
bap-toolkit copied to clipboard