Packages
sobelow
0.7.5
0.14.1
0.14.0
0.13.0
0.12.2
0.12.1
0.12.0
0.11.1
0.11.0
0.10.6
0.10.5
0.10.4
0.10.3
0.10.2
0.10.1
0.10.0
0.9.3
0.9.2
0.9.1
0.9.0
0.8.0
0.7.8
0.7.7
0.7.6
0.7.5
0.7.4
0.7.3
0.7.2
0.7.1
0.7.0
0.6.9
0.6.8
0.6.7
0.6.6
0.6.5
0.6.4
0.6.3
0.6.2
0.6.1
0.6.0
0.5.4
0.5.3
0.5.2
0.5.1
0.5.0
0.4.9
0.4.8
0.4.7
0.4.6
0.4.5
0.4.4
0.4.3
0.4.2
0.4.1
0.4.0
0.3.12
0.3.11
0.3.10
0.3.9
0.3.8
0.3.7
0.3.6
0.3.5
0.3.4
0.3.3
0.3.2
0.3.1
0.3.0
0.2.8
0.2.7
0.2.6
0.2.5
0.2.4
0.2.3
Security-focused static analysis for Elixir & the Phoenix framework
Current section
Files
Jump to
Current section
Files
lib/sobelow/rce.ex
defmodule Sobelow.RCE do
@moduledoc """
# Remote Code Execution
Remote Code Execution vulnerabilities are a result of
untrusted user input being executed or interpreted by
the system and may result in complete system compromise.
Code Execution checks can be ignored with the
following command:
$ mix sobelow -i RCE
"""
@submodules [Sobelow.RCE.EEx, Sobelow.RCE.CodeModule]
use Sobelow.FindingType
def get_vulns(fun, meta_file, _web_root, skip_mods \\ []) do
allowed = @submodules -- (Sobelow.get_ignored() ++ skip_mods)
Enum.each(allowed, fn mod ->
apply(mod, :run, [fun, meta_file])
end)
end
def details() do
IO.ANSI.Docs.print(@moduledoc)
end
end