Should I use RIPS tool to test my themes and plugins?

Yes, and yes, RIPS is an excellent tool to do both.

You can use it to check the quality of your WordPress themes and plugins or any other WordPress theme and plugin.

RIPS is a static code analysis tool to automatically detect vulnerabilities in PHP applications. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks (potentially vulnerable functions) that can be tainted by user input (influenced by a malicious user) during the program flow. Besides the structured output of found vulnerabilities RIPS also offers an integrated code audit framework for further manual analysis.

Here is how it works simplified.

File Manipulation

This usage would not be smart and RIPS will detect the possible flows

$h = fopen( $_GET['file'],  'w' );  
fwrite( $h,  $_GET['data'] );

You must not trust data from the requests.

File Disclosure

When you write code like this RIPS will point you this is the wrong style:

echo file_get_contents( 'files/' . $_GET['file'] );

You must not trust data from the requests.
Similar for the include:

include( 'includes/' . $_GET['file'] );

Cross-Site Scripting

RIPS understand possible XSS flows your WordPress theme or plugin may have and will warn you for this.

echo ( 'Hello ' . $_GET['name'] );

And when someone creates the request like this:

/url?name=<script>alert(1)</script>

You need to encode request data since you cannot trust it if raw in this case.

Response splitting

header( 'Location: ' . $_GET['url'] );

Since PHP allows you to use header() you cannot trust the request since someone may add Set-Cookie: or similar inside. RIPS will help you check this.

Fixed sessions

Like explained in OWASP one may force session via setcookie()

setcookie( 'PHPSESSID', $_GET['sessid'] );

like in here

/url?sessid=1f3870be274f6c49b3e31a0c6728957f'

Good thing RIPS can understand that and will update you.

Code injection

eval( '\$color = \' . $_GET['color'] . '\';' );

You should not trust the request data.

'poc' => '/index.php?color=\';phpinfo();//',

or one modification of it called reflection injection

call_user_func( $_GET['func'] );

like in here:

/url?func=phpinfo'

Similar for exec()

 exec( './crypto -mode ' . $_GET['mode'] );

RIPS will let you know for these possible problems.

SQL injection

Anyone heard for WordPress security heard for SQL injection concept.

mysql_query( 'SELECT * FROM users WHERE id = ' . $_GET['id'] );

If we add 

/url?id=1 OR 1=1-- -',

RIPS will help you feel like the old security geek in here.

There are more security checks RIPS can do for you I haven’t mentioned in here.
Download it and start checking your WordPress themes and plugins.

Related Posts:

  1. Workflow and best practice for documentation [closed]
  2. How to get current post user id
  3. How do I combine a theme with a plugin
  4. How to write “alt” tag in image for wordpress code?
  5. Don’t load the theme for a page FROM a plugin EDITED
  6. Extending a theme: build new features as plugin or core modules?
  7. How do you create a re-useable HTML fragment in wordpress
  8. How to override any plugin file in the child theme
  9. Content-Security-Policy implementation with WordPress W3Total Cache plugin installed
  10. when i activate my WordPress plugin cannot see customizer options or preview
  11. how to add custom css at top above all css file for specific url
  12. Why the output of an image gallery plugin is not displayed into a page of my custom theme?
  13. Breadcrumb is not generating the correct post page url
  14. Site is setup statically – how to make it content managable?
  15. How to escape html code?
  16. How to make content as required in custom post type?
  17. How to call “page specific menu items” in template [closed]
  18. Update Multiple Post Meta for the Same Post In One call?
  19. Where should my plugin POST to?
  20. Security error WP 4.0 + WP phpBB Bridge [closed]
  21. How to make my plugin theme-independent?
  22. How to load a new template page according to a particular URL?
  23. How to Build a Movie Library in WordPress 3.x
  24. Display future posts?
  25. Override the core function locate_template
  26. Having separate plugins and themes folder for multi-site setup
  27. How can I get full attachment url from wp_get_attachment_metadata?
  28. unzip a folder on specific location and delete the zip file
  29. gallery option is not available in media upload box in costum theme option page
  30. Why are some of my thumbnails not being generated?
  31. Why is the Settings API is not saving my array of options
  32. add_action in functions.php, do_action in plugin?
  33. Escape when echoed
  34. WordPress security issue to output data from user input from theme option form
  35. WooCommerce get_price returning wrong price when used via ajax
  36. Open Post Thumbnail in New Child Theme File in WordPress
  37. How to use get_theme_mod in gutenberg editor wordpress?
  38. Reusable functions and tools (Framework)
  39. wp_create_nonce function doesn’t work inside a plugin?
  40. Check for security updates
  41. Plugin-generated pages use Not Found or Pages Archive templates?
  42. Classified ad website : which solutions to use? [closed]
  43. What are the specifics of WordPress development I need to know? [closed]
  44. How to create a code editor for my plugin .?
  45. Finding the URL to be used to check if plugin is installed with a theme
  46. wp_footer hook only working on homepage not in other pages
  47. Redirect to another page using contact form 7? [closed]
  48. how to force tag page layout to use same as search layout?
  49. Great blogs site resources/tutorial for WordPress Developers? [closed]
  50. Prevent direct access to WordPress plugin assets?
  51. Create custom pages with a plugin
  52. How to protect WordPress from security scanner [closed]
  53. Use different single.php file based on condition
  54. How to prevent plugins from sniffing/stealing other plugins’ options?
  55. Release the plugin in the WordPress repository where redux is used
  56. How to use the CSS of the WordPress core in the development of my administration page?
  57. I receive taxonomy id
  58. How can I use my custom wordpress theme on two websites? [closed]
  59. why need theme,if page builder is there in wordpress [closed]
  60. WordPress API functions not working at AJAX functions.php call
  61. What’s the right way to implement functions in footer.php
  62. How to check homepage contain blog post?
  63. how to design change in woocommerce cart page and all other page also by theme? [closed]
  64. Identify current wordpress theme
  65. Removing the custom_image_header from wp_head
  66. Xamp installed local wordpress not allowing to publish or install plugin
  67. Widgets are not displaying in the admin panel
  68. Help to Create a Simple Plugin to make a post
  69. submit two file input fields in the same form
  70. woocommerce: Customize email with item total count
  71. Child theme modifications not showing up
  72. Rename a folder via HTML POST request
  73. How to get a post views count using ‘WordPress popular posts’ plugin
  74. How can I see $post object in frontend from functions.php?
  75. Link custom post type to page
  76. How to prevent redoing get_posts queries and make results available to other scripts?
  77. Showing different js file for different theme in wordpress customizer api
  78. Securing a plugin pop-up window
  79. WordPress panel is not loading after plugin activated with error: HTTP ERROR 500
  80. When the user entered an unauthorized url redirect to login page
  81. Help Code Review – I need to write on .htaccess file from theme’s function.php
  82. Where do the section input fields values are stored in database
  83. How can I add a custom checkbox / radio button on the admin theme options to display a CSS or other?
  84. wp_verify_nonce fails always
  85. Input gets deleted/overwritten after changing to different Admin Menu
  86. Validating values using Settings API?
  87. How to show post attachment image
  88. Can anyone tell me why I can’t edit a plugin when it is installed without having to re-install?
  89. What is the Object for WP_Error Class?
  90. Active Plugins for current blog in WP Multisite Network? [duplicate]
  91. Disqus plugin outputs script as literal text
  92. How to get current template file used by WordPress?
  93. How to add image for custom taxonomy
  94. Integrating WordPress Content into a jQuery Slider
  95. Editing a theme
  96. manage_{taxonomy}_custom_column not working
  97. how to make wordpress remember my choice
  98. Meta box not displaying on the plugin page
  99. add_meta_box showing blank screen in my page
  100. How to create an Info Box on WordPress [closed]

Leave a Comment