arachni 0.2.2.1

data/lib/rpc/xml/server/output.rb

@@ -0,0 +1,299 @@
+=begin
+                  Arachni
+  Copyright (c) 2010-2011 Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
+
+  This is free software; you can copy and distribute and modify
+  this program under the term of the GPL v2.0 License
+  (See LICENSE file for details)
+
+=end
+
+module Arachni
+
+module UI
+
+#
+# XML-RPC deamon Output module
+#
+# It basically classifies and buffers all system messages until it's time to
+# flush the buffer and send them over the wire.
+#
+# @author: Tasos "Zapotek" Laskos
+#                                      <tasos.laskos@gmail.com>
+#                                      <zapotek@segfault.gr>
+# @version: 0.1
+#
+module Output
+
+    # verbosity flag
+    #
+    # if it's on verbose messages will be enabled
+    @@verbose = false
+
+    # debug flag
+    #
+    # if it's on debugging messages will be enabled
+    @@debug   = false
+
+    # only_positives flag
+    #
+    # if it's on status messages will be disabled
+    @@only_positives  = false
+
+    @@reroute_to_file = false
+
+    @@buffer ||= []
+
+    #
+    # Empties the output buffer and returns all messages.
+    #
+    # Messages are classified by their type.
+    #
+    # @return   [Array<Hash>]
+    #
+    def flush_buffer
+        buf = @@buffer.dup
+        @@buffer.clear
+        return buf
+    end
+
+    def buffer( msg )
+        if file = @@reroute_to_file
+            File.open( file, 'a+' ) {
+                |f|
+
+                type = msg.keys[0]
+                str  = msg.values[0]
+                next if str.empty?
+
+                f.write( "[#{Time.now.asctime}] [#{type}]  #{str}\n" )
+            }
+        else
+            @@buffer << msg
+        end
+    end
+
+    # Prints an error message
+    #
+    # It ignores all flags, error messages will be output under all
+    # circumstances.
+    #
+    # @param    [String]    error string
+    # @return    [void]
+    #
+    def print_error( str = '' )
+        buffer( :error => str )
+        print_color( '[-]', 31, str, $stderr )
+    end
+
+    # Prints a status message
+    #
+    # Obeys {@@only_positives}
+    #
+    # @see #only_positives?
+    # @see #only_positives!
+    #
+    # @param    [String]    status string
+    # @return    [void]
+    #
+    def print_status( str = '' )
+        if @@only_positives then return end
+        buffer( :status => str )
+    end
+
+    # Prints an info message
+    #
+    # Obeys {@@only_positives}
+    #
+    # @see #only_positives?
+    # @see #only_positives!
+    #
+    # @param    [String]    info string
+    # @return    [void]
+    #
+    def print_info( str = '' )
+        if @@only_positives then return end
+        buffer( :info => str )
+    end
+
+    # Prints a good message, something that went very very right,
+    # like the discovery of a vulnerability
+    #
+    # Disregards all flags.
+    #
+    # @param    [String]    ok string
+    # @return    [void]
+    #
+    def print_ok( str = '' )
+        buffer( :ok => str )
+    end
+
+    # Prints a debugging message
+    #
+    # Obeys {@@debug}
+    #
+    # @see #debug?
+    # @see #debug!
+    #
+    # @param    [String]    debugging string
+    # @return    [void]
+    #
+    def print_debug( str = '' )
+        if !@@debug then return end
+
+        if reroute_to_file?
+            buffer( :debug => str )
+        else
+            print_color( '[!]', 36, str, $stderr )
+        end
+    end
+
+    # Pretty prints an object, used for debugging,
+    # needs some improvement but it'll do for now
+    #
+    # Obeys {@@debug}
+    #
+    # @see #debug?
+    # @see #debug!
+    #
+    # @param    [Object]
+    # @return    [void]
+    #
+    def print_debug_pp( obj = nil )
+        if !@@debug then return end
+        pp obj
+    end
+
+    # Prints the backtrace of an exception
+    #
+    # Obeys {@@debug}
+    #
+    # @see #debug?
+    # @see #debug!
+    #
+    # @param    [Exception]
+    # @return    [void]
+    #
+    def print_debug_backtrace( e = nil )
+        if !@@debug then return end
+        e.backtrace.each{ |line| print_debug( line ) }
+    end
+
+    # Prints a verbose message
+    #
+    # Obeys {@@verbose}
+    #
+    # @see #verbose?
+    # @see #verbose!
+    #
+    # @param    [String]    verbose string
+    # @return    [void]
+    #
+    def print_verbose( str = '' )
+        if !@@verbose then return end
+        buffer( :verbose => str )
+    end
+
+    # Prints a line of message
+    #
+    # Obeys {@@only_positives}
+    #
+    # @see #only_positives?
+    # @see #only_positives!
+    #
+    # @param    [String]    string
+    # @return    [void]
+    #
+    def print_line( str = '' )
+        if @@only_positives then return end
+        buffer( :line => str )
+    end
+
+    # Sets the {@@verbose} flag to true
+    #
+    # @see #verbose?
+    #
+    # @return    [void]
+    #
+    def verbose!
+        @@verbose = true
+    end
+
+    # Returns the {@@verbose} flag
+    #
+    # @see #verbose!
+    #
+    # @return    [Bool]    @@verbose
+    #
+    def verbose?
+        @@verbose
+    end
+
+    # Sets the {@@debug} flag to true
+    #
+    # @see #debug?
+    #
+    # @return    [void]
+    #
+    def debug!
+        @@debug = true
+    end
+
+    # Returns the {@@debug} flag
+    #
+    # @see #debug!
+    #
+    # @return    [Bool]    @@debug
+    #
+    def debug?
+        @@debug
+    end
+
+    # Sets the {@@only_positives} flag to true
+    #
+    # @see #only_positives?
+    #
+    # @return    [void]
+    #
+    def only_positives!
+        @@only_positives = true
+    end
+
+    # Returns the {@@only_positives} flag
+    #
+    # @see #only_positives!
+    #
+    # @return    [Bool]    @@only_positives
+    #
+    def only_positives?
+        @@only_positives
+    end
+
+    def reroute_to_file( file )
+        @@reroute_to_file = file
+    end
+
+    def reroute_to_file?
+        @@reroute_to_file
+    end
+
+    private
+
+    # Prints a message prefixed with a colored sign.
+    #
+    # Disregards all flags.
+    #
+    # @param    [String]    sign
+    # @param    [Integer]   shell color number
+    # @param    [String]    the string to output
+    #
+    # @return    [void]
+    #
+    def print_color( sign, color, string, out = $stdout )
+        out.print "\033[1;#{color.to_s}m #{sign}\033[1;00m #{string}\n";
+    end
+
+end
+
+end
+end

data/lib/rpc/xml/server/plugin/manager.rb

@@ -0,0 +1,58 @@
+=begin
+                  Arachni
+  Copyright (c) 2010-2011 Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
+
+  This is free software; you can copy and distribute and modify
+  this program under the term of the GPL v2.0 License
+  (See LICENSE file for details)
+
+=end
+
+module Arachni
+
+require Options.instance.dir['lib'] + 'plugin/manager'
+
+module RPC
+module XML
+module Server
+module Plugin
+
+#
+# We need to extend the original Manager and redeclare its inherited methods
+# which are required over XMLRPC.
+#
+# @author: Tasos "Zapotek" Laskos
+#                                      <tasos.laskos@gmail.com>
+#                                      <zapotek@segfault.gr>
+# @version: 0.1.1
+#
+class Manager < ::Arachni::Plugin::Manager
+
+    # make these inherited methods visible again
+    private :available
+    public  :available
+
+    def initialize( framework )
+        super( framework )
+
+        @plugin_opts = {}
+    end
+
+    def load( plugins )
+
+        @plugin_opts.merge!( plugins )
+        super( plugins.keys )
+    end
+
+    def create( name )
+        self[name].new( @framework, prep_opts( name, self[name], @plugin_opts[name] ) )
+    end
+
+
+end
+
+end
+end
+end
+end
+end

data/lib/ruby.rb

@@ -0,0 +1,5 @@
+
+opts = Arachni::Options.instance
+require opts.dir['lib'] +  'ruby/object'
+require opts.dir['lib'] +  'ruby/string'
+require opts.dir['lib'] +  'ruby/xmlrpc/server'

data/lib/ruby/object.rb

@@ -0,0 +1,32 @@
+=begin
+                  Arachni
+  Copyright (c) 2010-2011 Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
+
+  This is free software; you can copy and distribute and modify
+  this program under the term of the GPL v2.0 License
+  (See LICENSE file for details)
+
+=end
+
+#
+# Overloads the {Object} class providing a deep_clone() method
+#
+# @author: Tasos "Zapotek" Laskos
+#                                      <tasos.laskos@gmail.com>
+#                                      <zapotek@segfault.gr>
+# @version: 0.1
+#
+class Object
+
+    #
+    # Deep-clones self using a Marshal dump-load.
+    #
+    def deep_clone
+        begin
+            return Marshal.load( Marshal.dump( self  ) )
+        rescue Exception
+            return self
+        end
+    end
+
+end

data/lib/ruby/string.rb

@@ -0,0 +1,74 @@
+=begin
+                  Arachni
+  Copyright (c) 2010-2011 Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
+
+  This is free software; you can copy and distribute and modify
+  this program under the term of the GPL v2.0 License
+  (See LICENSE file for details)
+
+=end
+
+#
+# Overloads the {String} class.
+#
+# @author: Tasos "Zapotek" Laskos
+#                                      <tasos.laskos@gmail.com>
+#                                      <zapotek@segfault.gr>
+# @version: 0.1
+#
+class String
+
+    #
+    # Gets the reverse diff between self and str on a word level.
+    #
+    #
+    #   self = <<END
+    #   This is the first test.
+    #   Not really sure what else to put here...
+    #   END
+    #
+    #   str = <<END
+    #   This is the second test.
+    #   Not really sure what else to put here...
+    #   Boo-Yah!
+    #   END
+    #
+    #   self.rdiff( str )
+    #   # => "This is the test.\nNot really sure what else to put here...\n"
+    #
+    #
+    # @param [String] str
+    #
+    # @return [String]
+    #
+    def rdiff( str )
+
+        return self if self == str
+
+        # get the words of the first text in an array
+        words1 = self.split( /\b/ )
+
+        # get the words of the second text in an array
+        words2 = str.split( /\b/ )
+
+        # get all the words that are different between the 2 arrays
+        # math style!
+        changes  = words1 - words2
+        changes << words2 - words1
+        changes.flatten!
+
+        # get what hasn't changed (the rdiff, so to speak) as a string
+        return ( words1 - changes ).join( '' )
+
+    end
+
+    def substring?( string )
+        begin
+            match = match( Regexp.new( Regexp.escape( string ) ) )
+            match && !match.to_s.empty?
+        rescue
+            return nil
+        end
+    end
+
+end