jimneath/output-i-0f149b7e.txt

## gistfile1.sh
for i in `find /data -maxdepth 1 -type d ! -name "monit.d" ! -name "nginx" ! -name "lost+found" ! -name "homedirs" ! -name "data"`;
do
  appname=`echo ${i} | awk -F/ '{print $3}'`
  version=''

  if [ -f $i/current/Gemfile.lock ];
  then
    version=`egrep "^    *rails \([0-9\.]+\)" $i/current/Gemfile.lock | egrep -o "[0-9\.]+"`
  else
    version=`gem list | egrep -o "^rails \([^,\)]+" | egrep -o "[0-9\.]+"`
  fi

  if [[ $version != 3.2.11 && $version != 3.1.10 && $version != 3.0.19 && $version != 2.3.15 ]]
  then
    if [[ -d "$i/current/config/initializers" ]];
    then
      grep -q "ActiveSupport::XmlMini::PARSING.delete" $i/current/config/initializers/*
      patched=$?

      if [ $patched != 0 ];
      then
        echo -e "\033[31mApp: ${appname} - Rails Version: ${version} - Vulnerability Possible"
      else
        echo -e "\033[33mApp: ${appname} - Rails Version: ${version} - CVE-2013-0156 Looks to be patched"
      fi
    else
      echo -e "\033[33mApp: ${appname} - Rails Version: ${version} - No Initializers dir, may not be a rails app"
    fi
  else
    echo -e "\033[32mApp: ${appname} - Rails Version: ${version} - CVE-2013-0156 Patched"
  fi
done

## output-i-0f149b7e.txt
App: ths - Rails Version: 2.3.15 - Vulnerability Possible
App: sphinx-0.9.8.1 - Rails Version: 2.3.15 - No Initializers dir, may not be a rails app
App: thehairstyler - Rails Version: 2.3.15 - No Initializers dir, may not be a rails app
App: ssmtp - Rails Version: 2.3.15 - No Initializers dir, may not be a rails app
app_master i-0f149b7e ~ #

## output-i-2cf3fd49.txt
App: bruschetta - Rails Version: 3.1.0 - CVE-2013-0156 Looks to be patched
solo i-2cf3fd49 ~ #
	for i in `find /data -maxdepth 1 -type d ! -name "monit.d" ! -name "nginx" ! -name "lost+found" ! -name "homedirs" ! -name "data"`;
	do
	appname=`echo ${i} \| awk -F/ '{print $3}'`
	version=''

	if [ -f $i/current/Gemfile.lock ];
	then
	version=`egrep "^ *rails \([0-9\.]+\)" $i/current/Gemfile.lock \| egrep -o "[0-9\.]+"`
	else
	version=`gem list \| egrep -o "^rails \([^,\)]+" \| egrep -o "[0-9\.]+"`
	fi

	if [[ $version != 3.2.11 && $version != 3.1.10 && $version != 3.0.19 && $version != 2.3.15 ]]
	then
	if [[ -d "$i/current/config/initializers" ]];
	then
	grep -q "ActiveSupport::XmlMini::PARSING.delete" $i/current/config/initializers/*
	patched=$?

	if [ $patched != 0 ];
	then
	echo -e "\033[31mApp: ${appname} - Rails Version: ${version} - Vulnerability Possible"
	else
	echo -e "\033[33mApp: ${appname} - Rails Version: ${version} - CVE-2013-0156 Looks to be patched"
	fi
	else
	echo -e "\033[33mApp: ${appname} - Rails Version: ${version} - No Initializers dir, may not be a rails app"
	fi
	else
	echo -e "\033[32mApp: ${appname} - Rails Version: ${version} - CVE-2013-0156 Patched"
	fi
	done
	App: ths - Rails Version: 2.3.15 - Vulnerability Possible
	App: sphinx-0.9.8.1 - Rails Version: 2.3.15 - No Initializers dir, may not be a rails app
	App: thehairstyler - Rails Version: 2.3.15 - No Initializers dir, may not be a rails app
	App: ssmtp - Rails Version: 2.3.15 - No Initializers dir, may not be a rails app
	app_master i-0f149b7e ~ #
	App: bruschetta - Rails Version: 3.1.0 - CVE-2013-0156 Looks to be patched
	solo i-2cf3fd49 ~ #