A static source code analyser for vulnerabilities in PHP scripts
- web server: Apache or Nginx recommended
- PHP: latest version recommended
- browser: Firefox recommended
- Download the latest release
- Extract the files to your local web server's document root
- Make sure your web server has file permissions
- Make sure your installation is protected from unauthorized access
- Open your browser at http://localhost/rips-xx/
Follow the instructions on the main page.
See original php-rips scan html form (index.php) for more options.
php index.php [option=value]
| Options | Value |
|---|---|
| loc | target scan file/folder |
| subdir | recurse subdirs [0|1] |
| ignore_warning | [0|1] |
| vector | scan vectors [all|...] |
| verbosity | log verbosity [0-9] |
| treestyle | html output style [0|1] |
| stylesheet | html output stylesheet [ayti|...] |
Example: recursively scan ./code for all vuln. classes
php index.php loc=./code subdirs=1 vector=all verbosity=2
Note: in cli-mode argv wil be parsed into $_POST therefore allowing you to set any POST variables.
-
install the html publisher plugin
-
configure (multiple) scm to clone both this repository and the source you want to scan to distinct folders
-
add build step: execute shell
# config - remove this if you configure it via jenkins parameterized builds PATH_RIPS=rips-scanner PATH_REPORT=report FILE_REPORT=report.html PATH_TARGET=code RIPS_RECURSE_SUBDIR=1 RIPS_VECTOR=all RIPS_VERBOSITY=2 # copy dependencies mkdir -p report cp -r rips-scanner/css report cp -r rips-scanner/js report # run analysis echo "=========================================================" echo "[**] running scan ... $PATH_TARGET" echo "=========================================================" php $PATH_RIPS/index.php ignore_warning=1 loc=$PATH_TARGET subdirs=$RIPS_RECURSE_SUBDIR vector=$RIPS_VECTOR verbosity=$RIPS_VERBOSITY treestyle=1 stylesheet=ayti > $PATH_REPORT/$FILE_REPORT echo "=========================================================" echo "[**] scan done ... check out $PATH_REPORT/$FILE_REPORT" echo "========================================================="
-
add build step: execute python
import os, sys import rips_stats as rips if __name__=="__main__": report = os.path.join(os.environ.get("PATH_REPORT","report"),os.environ.get("FILE_REPORT","report.html")) sys.exit(rips.main([report]))
-
add post-build step: publish html, select folder 'report' name 'vulnerability-report'. A new clickable action icon 'vulnerability-report' will appear that points at the archived scan result.
The community branch of RIPS is forked from version 0.55 and is not officially supported by RIPS Technologies.
A completely rebuilt solution is available from RIPS Technologies that overcomes fundamental limitations in the open source version and performs state-of-the-art security analysis.
| Compared Feature | RIPS 0.5 | Next Generation |
|---|---|---|
| Supported PHP Language | PHP 3-4, no OOP | all, PHP 3-7 |
| Static Code Analysis | Only Token-based | Full |
| Analysis Precision | Low | Very High |
| PHP Version Specific Analysis | No | Yes |
| Scales to Large Codesizes | No | Yes |
| API / CLI Support | No | Yes |
| Continuous Integration | No | Yes |
| Compliance / Standards | No | Yes |
| Store Analysis Results | No | Yes |
| Export Analysis Results | No | Yes |
| Issue Review System | No | Yes |
| Realtime Results | No | Yes |
| Vulnerability Trends | No | Yes |
| Detects Latest Risks | No | Yes |
| Detects Complex Vulnerabilities | Limited | Yes |
| Supported Issue Types | 15 | >140 |
| Speed | Fast | Fast |
Learn more about the next generation of RIPS at https://www.ripstech.com/product/datasheets/.