arachni 0.2.2.2 → 0.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGELOG.md +18 -1
- data/README.md +50 -139
- data/bin/arachni_web +1 -0
- data/data/crypto/public.pem +9 -0
- data/getoptslong.rb +1 -0
- data/lib/arachni.rb +1 -1
- data/lib/crypto/rsa_aes_cbc.rb +98 -0
- data/lib/rpc/xml/client/base.rb +8 -3
- data/lib/rpc/xml/client/instance.rb +3 -3
- data/lib/rpc/xml/server/base.rb +27 -5
- data/lib/rpc/xml/server/dispatcher.rb +14 -6
- data/lib/rpc/xml/server/instance.rb +3 -3
- data/lib/ui/web/dispatcher_manager.rb +98 -0
- data/lib/ui/web/server/views/{dispatcher.erb → dispatchers.erb} +31 -16
- data/lib/ui/web/server/views/dispatchers_edit.erb +42 -0
- data/lib/ui/web/server/views/home.erb +12 -1
- data/lib/ui/web/server/views/instance.erb +7 -7
- data/lib/ui/web/server/views/layout.erb +2 -2
- data/lib/ui/web/server/views/welcome.erb +3 -4
- data/lib/ui/web/server.rb +194 -105
- data/lib/ui/xmlrpc/dispatcher_monitor.rb +1 -5
- data/lib/ui/xmlrpc/xmlrpc.rb +2 -6
- data/modules/audit/path_traversal.rb +13 -6
- data/reports/html/default.erb +82 -27
- data/reports/html.rb +32 -1
- data/reports/metareport.rb +1 -0
- data/reports/plugin_formatters/stdout/metaformatters/timeout_notice.rb +2 -0
- metadata +7 -4
- data/lib/ui/web/server/public/reports/demo.testfire.net:Sun Mar 20 02:48:10 2011.afr +0 -104829
data/reports/html/default.erb
CHANGED
@@ -22,6 +22,9 @@
|
|
22
22
|
<script type="text/javascript">
|
23
23
|
//<![CDATA[
|
24
24
|
|
25
|
+
var configuration = <%=js_multiline( conf )%>
|
26
|
+
var email_address;
|
27
|
+
|
25
28
|
if( typeof jQuery == 'undefined' ) {
|
26
29
|
alert( "Could not load the necessary JavaScript libraries -- the presentation and functionality of the report will be crippled.\n" +
|
27
30
|
"Make sure that your internet connection is working and try refreshing the page." );
|
@@ -31,6 +34,46 @@
|
|
31
34
|
return document.getElementById(id)
|
32
35
|
}
|
33
36
|
|
37
|
+
function report_fp( i ) {
|
38
|
+
|
39
|
+
if( !email_address ) {
|
40
|
+
email_address = prompt( "Please enter your e-mail address:", "")
|
41
|
+
}
|
42
|
+
|
43
|
+
if( !email_address )
|
44
|
+
return false;
|
45
|
+
|
46
|
+
// get some values from elements on the page:
|
47
|
+
var $form = $( "#false_positive_" + i ),
|
48
|
+
issue = $form.find( 'input[name="issue"]' ).val(),
|
49
|
+
module = $form.find( 'input[name="module"]' ).val(),
|
50
|
+
url = $form.find( 'input[name="url"]' ).val();
|
51
|
+
|
52
|
+
// Send the data using post and put the results in a div
|
53
|
+
$.post( "<%=REPORT_FP_URL%>",
|
54
|
+
{ email_address: email_address, url: url, module: module, issue: issue, configuration: configuration } ,
|
55
|
+
function( ) {
|
56
|
+
$( "#fp_report_msg" ).html( "Done!" )
|
57
|
+
}
|
58
|
+
);
|
59
|
+
|
60
|
+
$(function() {
|
61
|
+
var fp_txt = '<p>Please wait while the data is being transferred...</p>';
|
62
|
+
$( "#fp_report_msg" ).html( fp_txt );
|
63
|
+
|
64
|
+
$( "#fp_report_msg" ).dialog({
|
65
|
+
modal: true,
|
66
|
+
buttons: {
|
67
|
+
Ok: function() {
|
68
|
+
$( this ).dialog( "close" );
|
69
|
+
$( "#fp_report_msg" ).html( fp_txt );
|
70
|
+
}
|
71
|
+
}
|
72
|
+
});
|
73
|
+
});
|
74
|
+
|
75
|
+
}
|
76
|
+
|
34
77
|
function toggleElem( id ){
|
35
78
|
|
36
79
|
if( getElem(id).style.display == 'none' ||
|
@@ -568,10 +611,12 @@
|
|
568
611
|
|
569
612
|
<body>
|
570
613
|
|
614
|
+
<div id="fp_report_msg" class="hidden" title="Reporting a false positive."></div>
|
615
|
+
|
571
616
|
<div id="contentreport">
|
572
617
|
<header>
|
573
|
-
<h1>Report for <%=
|
574
|
-
<span style="float: right">Found a false positive? <a href="<%=
|
618
|
+
<h1>Report for <%=escapeHTML(@audit_store.options['url'])%> (Generated on <strong><%=Time.now%></strong>)</h1>
|
619
|
+
<span style="float: right">Found a false positive? <a href="<%=escapeHTML(REPORT_FP)%>">Report it here</a>.</span>
|
575
620
|
</header>
|
576
621
|
|
577
622
|
<nav>
|
@@ -646,7 +691,7 @@
|
|
646
691
|
<h3>Runtime options</h3>
|
647
692
|
|
648
693
|
<strong>URL:</strong> <%=@audit_store.options['url']%><br />
|
649
|
-
<strong>User agent:</strong>
|
694
|
+
<strong>User agent:</strong> <%=escapeHTML( @audit_store.options['user_agent'] )%><br />
|
650
695
|
|
651
696
|
<p> </p>
|
652
697
|
|
@@ -696,7 +741,7 @@
|
|
696
741
|
<% if !@audit_store.options['exclude'].empty?%>
|
697
742
|
<% @audit_store.options['exclude'].each do |rule|%>
|
698
743
|
|
699
|
-
<li><%=
|
744
|
+
<li><%=escapeHTML( rule )%></li>
|
700
745
|
|
701
746
|
<%end%>
|
702
747
|
<% else %>
|
@@ -711,7 +756,7 @@
|
|
711
756
|
<% if !@audit_store.options['include'].empty?%>
|
712
757
|
<% @audit_store.options['include'].each do |rule|%>
|
713
758
|
|
714
|
-
<li><%=
|
759
|
+
<li><%=escapeHTML( rule )%></li>
|
715
760
|
|
716
761
|
<%end%>
|
717
762
|
<% else %>
|
@@ -726,7 +771,7 @@
|
|
726
771
|
<% if !@audit_store.options['redundant'].empty?%>
|
727
772
|
<% @audit_store.options['redundant'].each do |rule|%>
|
728
773
|
|
729
|
-
<li><%=
|
774
|
+
<li><%=escapeHTML( rule['regexp'] )%> - Count: <%=rule['count']%></li>
|
730
775
|
|
731
776
|
<%end%>
|
732
777
|
<% else %>
|
@@ -742,7 +787,7 @@
|
|
742
787
|
<ul>
|
743
788
|
<% if @audit_store.options['cookies'] && !@audit_store.options['cookies'].empty?%>
|
744
789
|
<% @audit_store.options['cookies'].each_pair do |name, val|%>
|
745
|
-
<li><%=
|
790
|
+
<li><%=escapeHTML( name )%> = <%=escapeHTML( val )%></li>
|
746
791
|
<%end%>
|
747
792
|
<% else %>
|
748
793
|
<li>N/A</li>
|
@@ -772,19 +817,29 @@
|
|
772
817
|
<div class="issue">
|
773
818
|
|
774
819
|
<h3 id="issue_<%=idx%>">
|
775
|
-
<a href="#issue_<%=idx%>">[<%=idx%>] <%=
|
820
|
+
<a href="#issue_<%=idx%>">[<%=idx%>] <%=escapeHTML(issue.name)%></a>
|
776
821
|
</h3>
|
777
822
|
|
823
|
+
<p>
|
824
|
+
<form name="false_positive_<%=j%>" id="false_positive_<%=i%>">
|
825
|
+
<input type="hidden" name="module" value="<%=escapeHTML(issue.internal_modname)%>" />
|
826
|
+
<input type="hidden" name="url" value="<%=escapeHTML(issue.url)%>" />
|
827
|
+
<input type="hidden" name="issue" value="<%=@crypto_issues[i]%>" />
|
828
|
+
<input onclick="javascript:report_fp( <%=i%> );" type="button" value="Report false positive" />
|
829
|
+
</form>
|
830
|
+
</p>
|
831
|
+
|
832
|
+
|
778
833
|
<div class="left">
|
779
834
|
<ul>
|
780
|
-
<li><strong>Module name</strong>: <%=
|
781
|
-
(Internal module name: <strong><%=
|
835
|
+
<li><strong>Module name</strong>: <%=escapeHTML(issue.mod_name)%> <br/>
|
836
|
+
(Internal module name: <strong><%=escapeHTML(issue.internal_modname)%></strong>)</li>
|
782
837
|
|
783
838
|
<% if issue.var %>
|
784
|
-
<li><strong>Affected variable</strong>: <%=
|
839
|
+
<li><strong>Affected variable</strong>: <%=escapeHTML(issue.var)%></li>
|
785
840
|
<%end%>
|
786
841
|
|
787
|
-
<li><strong>Affected URL</strong>: <a href="<%=
|
842
|
+
<li><strong>Affected URL</strong>: <a href="<%=escapeHTML(issue.url)%>"><%=escapeHTML(issue.url)%></a> </li>
|
788
843
|
<li><strong>HTML Element</strong>: <%=issue.elem%></li>
|
789
844
|
<li><strong>Requires manual verification?</strong>: <%=issue.verification ? 'Yes' : 'No'%></li>
|
790
845
|
<hr/>
|
@@ -805,7 +860,7 @@
|
|
805
860
|
<% if issue.references && !issue.references.empty? %>
|
806
861
|
<% issue.references.each_pair do |source, url| %>
|
807
862
|
|
808
|
-
<li><%=
|
863
|
+
<li><%=escapeHTML(source)%> - <a target="_blank" href="<%=url%>"><%=url%></a></li>
|
809
864
|
|
810
865
|
<%end%>
|
811
866
|
<%else%>
|
@@ -819,20 +874,20 @@
|
|
819
874
|
<div class="right">
|
820
875
|
<p>
|
821
876
|
<h3>Description</h3>
|
822
|
-
<blockquote><p><%=
|
877
|
+
<blockquote><p><%=escapeHTML(issue.description)%></p></blockquote>
|
823
878
|
</p>
|
824
879
|
|
825
880
|
<% if issue.remedy_guidance && !issue.remedy_guidance.empty? %>
|
826
881
|
<p>
|
827
882
|
<h3>Remedial guidance</h3>
|
828
|
-
<blockquote><p><%=
|
883
|
+
<blockquote><p><%=escapeHTML(issue.remedy_guidance)%></p></blockquote>
|
829
884
|
</p>
|
830
885
|
<%end%>
|
831
886
|
|
832
887
|
<% if issue.remedy_code && !issue.remedy_code.empty? %>
|
833
888
|
<p>
|
834
889
|
<h3>Remedial code</h3>
|
835
|
-
<pre class="code notice"><%=
|
890
|
+
<pre class="code notice"><%=escapeHTML(issue.remedy_code)%></pre>
|
836
891
|
</p>
|
837
892
|
<%end%>
|
838
893
|
|
@@ -851,13 +906,13 @@
|
|
851
906
|
</h5>
|
852
907
|
|
853
908
|
<strong>Affected URL</strong>:
|
854
|
-
<p class="notice"><a href="<%=
|
909
|
+
<p class="notice"><a href="<%=escapeHTML(variation['url'])%>"><%=escapeHTML(variation['url'])%></a></p>
|
855
910
|
|
856
911
|
<% if (variation['response'] && !variation['response'].empty?) && variation['regexp_match'] %>
|
857
912
|
|
858
913
|
<div class="hidden" id="inspection-dialog_<%=var_idx%>_<%=idx%>" title="Relevant content is shown in red.">
|
859
|
-
<% match =
|
860
|
-
<pre> <%=
|
914
|
+
<% match = escapeHTML( variation['regexp_match'] )%>
|
915
|
+
<pre> <%=escapeHTML( variation['response'] ).gsub( match, '<strong style="color: red">' + match + '</strong>' ) %> </pre>
|
861
916
|
</div>
|
862
917
|
|
863
918
|
<form style="display:inline" action="#">
|
@@ -871,7 +926,7 @@
|
|
871
926
|
<form style="display:inline" action="<%=issue.url%>" target="_blank" method="<%=issue.method.downcase%>">
|
872
927
|
<% if variation['opts'][:combo]%>
|
873
928
|
<%variation['opts'][:combo].each_pair do |name, value|%>
|
874
|
-
<input type="hidden" name="<%=
|
929
|
+
<input type="hidden" name="<%=escapeHTML(name)%>" value="<%=escapeHTML( value )%>" />
|
875
930
|
<%end%>
|
876
931
|
<%end%>
|
877
932
|
<input type="submit" value="Replay" />
|
@@ -884,25 +939,25 @@
|
|
884
939
|
|
885
940
|
<% if variation['injected'] %>
|
886
941
|
<strong>Injected value</strong>:
|
887
|
-
<pre> <%=
|
942
|
+
<pre> <%=escapeHTML(variation['injected'])%> </pre>
|
888
943
|
<br/>
|
889
944
|
<%end%>
|
890
945
|
|
891
946
|
<% if variation['id'] %>
|
892
947
|
<strong>ID</strong>:
|
893
|
-
<pre><%=
|
948
|
+
<pre><%=escapeHTML(variation['id'])%></pre>
|
894
949
|
<br/>
|
895
950
|
<%end%>
|
896
951
|
|
897
952
|
<% if variation['regexp'] %>
|
898
953
|
<strong>Regular expression</strong>:
|
899
|
-
<pre><%=
|
954
|
+
<pre><%=escapeHTML(variation['regexp'])%></pre>
|
900
955
|
<br/>
|
901
956
|
<%end%>
|
902
957
|
|
903
958
|
<% if variation['regexp_match'] %>
|
904
959
|
<strong>Matched by the regular expression</strong>:
|
905
|
-
<pre><%=
|
960
|
+
<pre><%=escapeHTML(variation['regexp_match'])%> </pre>
|
906
961
|
<%end%>
|
907
962
|
|
908
963
|
<br/>
|
@@ -918,12 +973,12 @@
|
|
918
973
|
<tr>
|
919
974
|
<td>
|
920
975
|
<% if variation['headers']['request'].is_a?( Hash ) %>
|
921
|
-
<pre class="notice"><% variation['headers']['request'].each_pair do |name, val| %><strong><%=name%></strong><%="\t" +
|
976
|
+
<pre class="notice"><% variation['headers']['request'].each_pair do |name, val| %><strong><%=name%></strong><%="\t" + escapeHTML(val) + "\n"%><%end%></pre>
|
922
977
|
<%end%>
|
923
978
|
</td>
|
924
979
|
<td>
|
925
980
|
<% if variation['headers']['response'].is_a?( Hash ) %>
|
926
|
-
<pre class="notice"><% variation['headers']['response'].each_pair do |name, val| %><strong><%=name%></strong><%="\t" +
|
981
|
+
<pre class="notice"><% variation['headers']['response'].each_pair do |name, val| %><strong><%=name%></strong><%="\t" + escapeHTML(val) + "\n"%><%end%></pre>
|
927
982
|
<%end%>
|
928
983
|
</td>
|
929
984
|
</tr>
|
@@ -960,7 +1015,7 @@
|
|
960
1015
|
<p> </p>
|
961
1016
|
<h3><%=@audit_store.sitemap.size%> pages</h3>
|
962
1017
|
<% @audit_store.sitemap.each do |url| %>
|
963
|
-
<a href="<%=
|
1018
|
+
<a href="<%=escapeHTML(url)%>"><%=escapeHTML(url)%></a><br/>
|
964
1019
|
<%end%>
|
965
1020
|
|
966
1021
|
</section>
|
data/reports/html.rb
CHANGED
@@ -14,6 +14,8 @@ require 'cgi'
|
|
14
14
|
|
15
15
|
module Arachni
|
16
16
|
|
17
|
+
require Options.instance.dir['lib'] + 'crypto/rsa_aes_cbc'
|
18
|
+
|
17
19
|
module Reports
|
18
20
|
|
19
21
|
#
|
@@ -22,10 +24,12 @@ module Reports
|
|
22
24
|
# @author: Tasos "Zapotek" Laskos
|
23
25
|
# <tasos.laskos@gmail.com>
|
24
26
|
# <zapotek@segfault.gr>
|
25
|
-
# @version: 0.2
|
27
|
+
# @version: 0.2.1
|
26
28
|
#
|
27
29
|
class HTML < Arachni::Report::Base
|
28
30
|
|
31
|
+
REPORT_FP_URL = "https://arachni.segfault.gr/false_positive"
|
32
|
+
|
29
33
|
#
|
30
34
|
# @param [AuditStore] audit_store
|
31
35
|
# @param [Hash] options options passed to the report
|
@@ -33,6 +37,8 @@ class HTML < Arachni::Report::Base
|
|
33
37
|
def initialize( audit_store, options )
|
34
38
|
@audit_store = audit_store
|
35
39
|
@options = options
|
40
|
+
|
41
|
+
@crypto = RSA_AES_CBC.new( Options.instance.dir['data'] + 'crypto/public.pem' )
|
36
42
|
end
|
37
43
|
|
38
44
|
#
|
@@ -49,6 +55,12 @@ class HTML < Arachni::Report::Base
|
|
49
55
|
|
50
56
|
@plugins = format_plugin_results( @audit_store.plugins )
|
51
57
|
|
58
|
+
conf = {}
|
59
|
+
conf['options'] = @audit_store.options
|
60
|
+
conf['version'] = @audit_store.version
|
61
|
+
conf['revision'] = @audit_store.revision
|
62
|
+
conf = @crypto.encrypt( conf.to_yaml )
|
63
|
+
|
52
64
|
__save( @options['outfile'], report.result( binding ) )
|
53
65
|
|
54
66
|
print_status( 'Saved in \'' + @options['outfile'] + '\'.' )
|
@@ -71,6 +83,21 @@ class HTML < Arachni::Report::Base
|
|
71
83
|
|
72
84
|
private
|
73
85
|
|
86
|
+
def js_multiline( str )
|
87
|
+
"\"" + str.gsub( "\n", '\n' ) + "\"";
|
88
|
+
end
|
89
|
+
|
90
|
+
def escapeHTML( str )
|
91
|
+
# carefully escapes HTML and converts to UTF-8
|
92
|
+
# while removing invalid character sequences
|
93
|
+
begin
|
94
|
+
return CGI.escapeHTML( str )
|
95
|
+
rescue
|
96
|
+
ic = Iconv.new( 'UTF-8//IGNORE', 'UTF-8' )
|
97
|
+
return CGI.escapeHTML( ic.iconv( str + ' ' )[0..-2] )
|
98
|
+
end
|
99
|
+
end
|
100
|
+
|
74
101
|
def self.prep_description( str )
|
75
102
|
placeholder = '--' + rand( 1000 ).to_s + '--'
|
76
103
|
cstr = str.gsub( /^\s*$/xm, placeholder )
|
@@ -114,9 +141,13 @@ class HTML < Arachni::Report::Base
|
|
114
141
|
@total_severities = 0
|
115
142
|
@total_elements = 0
|
116
143
|
@total_verifications = 0
|
144
|
+
|
145
|
+
@crypto_issues = []
|
117
146
|
@audit_store.issues.each_with_index {
|
118
147
|
|issue, i|
|
119
148
|
|
149
|
+
@crypto_issues << @crypto.encrypt( issue.to_yaml )
|
150
|
+
|
120
151
|
@graph_data[:severities][issue.severity] ||= 0
|
121
152
|
@graph_data[:severities][issue.severity] += 1
|
122
153
|
@total_severities += 1
|
data/reports/metareport.rb
CHANGED
metadata
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
name: arachni
|
3
3
|
version: !ruby/object:Gem::Version
|
4
4
|
prerelease:
|
5
|
-
version: 0.2.
|
5
|
+
version: 0.2.3
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
8
8
|
- Tasos Laskos
|
@@ -10,7 +10,7 @@ autorequire:
|
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
12
|
|
13
|
-
date: 2011-
|
13
|
+
date: 2011-05-22 00:00:00 +01:00
|
14
14
|
default_executable:
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
@@ -176,6 +176,7 @@ files:
|
|
176
176
|
- CONTRIBUTORS.md
|
177
177
|
- EXPLOITATION.md
|
178
178
|
- HACKING.md
|
179
|
+
- data/crypto/public.pem
|
179
180
|
- lib/nokogiri/xml/node.rb
|
180
181
|
- lib/module.rb
|
181
182
|
- lib/module/trainer.rb
|
@@ -211,6 +212,7 @@ files:
|
|
211
212
|
- lib/plugin/manager.rb
|
212
213
|
- lib/arachni.rb
|
213
214
|
- lib/framework.rb
|
215
|
+
- lib/crypto/rsa_aes_cbc.rb
|
214
216
|
- lib/http.rb
|
215
217
|
- lib/spider.rb
|
216
218
|
- lib/audit_store.rb
|
@@ -264,7 +266,6 @@ files:
|
|
264
266
|
- lib/ui/web/server/public/spider.png
|
265
267
|
- lib/ui/web/server/public/banner.png
|
266
268
|
- lib/ui/web/server/public/bodybg-small.png
|
267
|
-
- lib/ui/web/server/public/reports/demo.testfire.net:Sun Mar 20 02:48:10 2011.afr
|
268
269
|
- lib/ui/web/server/public/reports/placeholder
|
269
270
|
- lib/ui/web/server/public/icons/status.png
|
270
271
|
- lib/ui/web/server/public/icons/info.png
|
@@ -277,7 +278,6 @@ files:
|
|
277
278
|
- lib/ui/web/server/views/dispatcher_error.erb
|
278
279
|
- lib/ui/web/server/views/instance.erb
|
279
280
|
- lib/ui/web/server/views/log.erb
|
280
|
-
- lib/ui/web/server/views/dispatcher.erb
|
281
281
|
- lib/ui/web/server/views/flash.erb
|
282
282
|
- lib/ui/web/server/views/report_formats.erb
|
283
283
|
- lib/ui/web/server/views/modules.erb
|
@@ -285,14 +285,17 @@ files:
|
|
285
285
|
- lib/ui/web/server/views/layout.erb
|
286
286
|
- lib/ui/web/server/views/output_results.erb
|
287
287
|
- lib/ui/web/server/views/options.erb
|
288
|
+
- lib/ui/web/server/views/dispatchers.erb
|
288
289
|
- lib/ui/web/server/views/error.erb
|
289
290
|
- lib/ui/web/server/views/home.erb
|
290
291
|
- lib/ui/web/server/views/welcome.erb
|
291
292
|
- lib/ui/web/server/views/reports.erb
|
293
|
+
- lib/ui/web/server/views/dispatchers_edit.erb
|
292
294
|
- lib/ui/web/server/views/settings.erb
|
293
295
|
- lib/ui/web/report_manager.rb
|
294
296
|
- lib/ui/web/server.rb
|
295
297
|
- lib/ui/web/log.rb
|
298
|
+
- lib/ui/web/dispatcher_manager.rb
|
296
299
|
- lib/ui/web/output_stream.rb
|
297
300
|
- lib/parser/auditable.rb
|
298
301
|
- lib/parser/parser.rb
|