arachni 0.2.2.2 → 0.2.3
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG.md +18 -1
- data/README.md +50 -139
- data/bin/arachni_web +1 -0
- data/data/crypto/public.pem +9 -0
- data/getoptslong.rb +1 -0
- data/lib/arachni.rb +1 -1
- data/lib/crypto/rsa_aes_cbc.rb +98 -0
- data/lib/rpc/xml/client/base.rb +8 -3
- data/lib/rpc/xml/client/instance.rb +3 -3
- data/lib/rpc/xml/server/base.rb +27 -5
- data/lib/rpc/xml/server/dispatcher.rb +14 -6
- data/lib/rpc/xml/server/instance.rb +3 -3
- data/lib/ui/web/dispatcher_manager.rb +98 -0
- data/lib/ui/web/server/views/{dispatcher.erb → dispatchers.erb} +31 -16
- data/lib/ui/web/server/views/dispatchers_edit.erb +42 -0
- data/lib/ui/web/server/views/home.erb +12 -1
- data/lib/ui/web/server/views/instance.erb +7 -7
- data/lib/ui/web/server/views/layout.erb +2 -2
- data/lib/ui/web/server/views/welcome.erb +3 -4
- data/lib/ui/web/server.rb +194 -105
- data/lib/ui/xmlrpc/dispatcher_monitor.rb +1 -5
- data/lib/ui/xmlrpc/xmlrpc.rb +2 -6
- data/modules/audit/path_traversal.rb +13 -6
- data/reports/html/default.erb +82 -27
- data/reports/html.rb +32 -1
- data/reports/metareport.rb +1 -0
- data/reports/plugin_formatters/stdout/metaformatters/timeout_notice.rb +2 -0
- metadata +7 -4
- data/lib/ui/web/server/public/reports/demo.testfire.net:Sun Mar 20 02:48:10 2011.afr +0 -104829
data/reports/html/default.erb
CHANGED
@@ -22,6 +22,9 @@
|
|
22
22
|
<script type="text/javascript">
|
23
23
|
//<![CDATA[
|
24
24
|
|
25
|
+
var configuration = <%=js_multiline( conf )%>
|
26
|
+
var email_address;
|
27
|
+
|
25
28
|
if( typeof jQuery == 'undefined' ) {
|
26
29
|
alert( "Could not load the necessary JavaScript libraries -- the presentation and functionality of the report will be crippled.\n" +
|
27
30
|
"Make sure that your internet connection is working and try refreshing the page." );
|
@@ -31,6 +34,46 @@
|
|
31
34
|
return document.getElementById(id)
|
32
35
|
}
|
33
36
|
|
37
|
+
function report_fp( i ) {
|
38
|
+
|
39
|
+
if( !email_address ) {
|
40
|
+
email_address = prompt( "Please enter your e-mail address:", "")
|
41
|
+
}
|
42
|
+
|
43
|
+
if( !email_address )
|
44
|
+
return false;
|
45
|
+
|
46
|
+
// get some values from elements on the page:
|
47
|
+
var $form = $( "#false_positive_" + i ),
|
48
|
+
issue = $form.find( 'input[name="issue"]' ).val(),
|
49
|
+
module = $form.find( 'input[name="module"]' ).val(),
|
50
|
+
url = $form.find( 'input[name="url"]' ).val();
|
51
|
+
|
52
|
+
// Send the data using post and put the results in a div
|
53
|
+
$.post( "<%=REPORT_FP_URL%>",
|
54
|
+
{ email_address: email_address, url: url, module: module, issue: issue, configuration: configuration } ,
|
55
|
+
function( ) {
|
56
|
+
$( "#fp_report_msg" ).html( "Done!" )
|
57
|
+
}
|
58
|
+
);
|
59
|
+
|
60
|
+
$(function() {
|
61
|
+
var fp_txt = '<p>Please wait while the data is being transferred...</p>';
|
62
|
+
$( "#fp_report_msg" ).html( fp_txt );
|
63
|
+
|
64
|
+
$( "#fp_report_msg" ).dialog({
|
65
|
+
modal: true,
|
66
|
+
buttons: {
|
67
|
+
Ok: function() {
|
68
|
+
$( this ).dialog( "close" );
|
69
|
+
$( "#fp_report_msg" ).html( fp_txt );
|
70
|
+
}
|
71
|
+
}
|
72
|
+
});
|
73
|
+
});
|
74
|
+
|
75
|
+
}
|
76
|
+
|
34
77
|
function toggleElem( id ){
|
35
78
|
|
36
79
|
if( getElem(id).style.display == 'none' ||
|
@@ -568,10 +611,12 @@
|
|
568
611
|
|
569
612
|
<body>
|
570
613
|
|
614
|
+
<div id="fp_report_msg" class="hidden" title="Reporting a false positive."></div>
|
615
|
+
|
571
616
|
<div id="contentreport">
|
572
617
|
<header>
|
573
|
-
<h1>Report for <%=
|
574
|
-
<span style="float: right">Found a false positive? <a href="<%=
|
618
|
+
<h1>Report for <%=escapeHTML(@audit_store.options['url'])%> (Generated on <strong><%=Time.now%></strong>)</h1>
|
619
|
+
<span style="float: right">Found a false positive? <a href="<%=escapeHTML(REPORT_FP)%>">Report it here</a>.</span>
|
575
620
|
</header>
|
576
621
|
|
577
622
|
<nav>
|
@@ -646,7 +691,7 @@
|
|
646
691
|
<h3>Runtime options</h3>
|
647
692
|
|
648
693
|
<strong>URL:</strong> <%=@audit_store.options['url']%><br />
|
649
|
-
<strong>User agent:</strong>
|
694
|
+
<strong>User agent:</strong> <%=escapeHTML( @audit_store.options['user_agent'] )%><br />
|
650
695
|
|
651
696
|
<p> </p>
|
652
697
|
|
@@ -696,7 +741,7 @@
|
|
696
741
|
<% if !@audit_store.options['exclude'].empty?%>
|
697
742
|
<% @audit_store.options['exclude'].each do |rule|%>
|
698
743
|
|
699
|
-
<li><%=
|
744
|
+
<li><%=escapeHTML( rule )%></li>
|
700
745
|
|
701
746
|
<%end%>
|
702
747
|
<% else %>
|
@@ -711,7 +756,7 @@
|
|
711
756
|
<% if !@audit_store.options['include'].empty?%>
|
712
757
|
<% @audit_store.options['include'].each do |rule|%>
|
713
758
|
|
714
|
-
<li><%=
|
759
|
+
<li><%=escapeHTML( rule )%></li>
|
715
760
|
|
716
761
|
<%end%>
|
717
762
|
<% else %>
|
@@ -726,7 +771,7 @@
|
|
726
771
|
<% if !@audit_store.options['redundant'].empty?%>
|
727
772
|
<% @audit_store.options['redundant'].each do |rule|%>
|
728
773
|
|
729
|
-
<li><%=
|
774
|
+
<li><%=escapeHTML( rule['regexp'] )%> - Count: <%=rule['count']%></li>
|
730
775
|
|
731
776
|
<%end%>
|
732
777
|
<% else %>
|
@@ -742,7 +787,7 @@
|
|
742
787
|
<ul>
|
743
788
|
<% if @audit_store.options['cookies'] && !@audit_store.options['cookies'].empty?%>
|
744
789
|
<% @audit_store.options['cookies'].each_pair do |name, val|%>
|
745
|
-
<li><%=
|
790
|
+
<li><%=escapeHTML( name )%> = <%=escapeHTML( val )%></li>
|
746
791
|
<%end%>
|
747
792
|
<% else %>
|
748
793
|
<li>N/A</li>
|
@@ -772,19 +817,29 @@
|
|
772
817
|
<div class="issue">
|
773
818
|
|
774
819
|
<h3 id="issue_<%=idx%>">
|
775
|
-
<a href="#issue_<%=idx%>">[<%=idx%>] <%=
|
820
|
+
<a href="#issue_<%=idx%>">[<%=idx%>] <%=escapeHTML(issue.name)%></a>
|
776
821
|
</h3>
|
777
822
|
|
823
|
+
<p>
|
824
|
+
<form name="false_positive_<%=j%>" id="false_positive_<%=i%>">
|
825
|
+
<input type="hidden" name="module" value="<%=escapeHTML(issue.internal_modname)%>" />
|
826
|
+
<input type="hidden" name="url" value="<%=escapeHTML(issue.url)%>" />
|
827
|
+
<input type="hidden" name="issue" value="<%=@crypto_issues[i]%>" />
|
828
|
+
<input onclick="javascript:report_fp( <%=i%> );" type="button" value="Report false positive" />
|
829
|
+
</form>
|
830
|
+
</p>
|
831
|
+
|
832
|
+
|
778
833
|
<div class="left">
|
779
834
|
<ul>
|
780
|
-
<li><strong>Module name</strong>: <%=
|
781
|
-
(Internal module name: <strong><%=
|
835
|
+
<li><strong>Module name</strong>: <%=escapeHTML(issue.mod_name)%> <br/>
|
836
|
+
(Internal module name: <strong><%=escapeHTML(issue.internal_modname)%></strong>)</li>
|
782
837
|
|
783
838
|
<% if issue.var %>
|
784
|
-
<li><strong>Affected variable</strong>: <%=
|
839
|
+
<li><strong>Affected variable</strong>: <%=escapeHTML(issue.var)%></li>
|
785
840
|
<%end%>
|
786
841
|
|
787
|
-
<li><strong>Affected URL</strong>: <a href="<%=
|
842
|
+
<li><strong>Affected URL</strong>: <a href="<%=escapeHTML(issue.url)%>"><%=escapeHTML(issue.url)%></a> </li>
|
788
843
|
<li><strong>HTML Element</strong>: <%=issue.elem%></li>
|
789
844
|
<li><strong>Requires manual verification?</strong>: <%=issue.verification ? 'Yes' : 'No'%></li>
|
790
845
|
<hr/>
|
@@ -805,7 +860,7 @@
|
|
805
860
|
<% if issue.references && !issue.references.empty? %>
|
806
861
|
<% issue.references.each_pair do |source, url| %>
|
807
862
|
|
808
|
-
<li><%=
|
863
|
+
<li><%=escapeHTML(source)%> - <a target="_blank" href="<%=url%>"><%=url%></a></li>
|
809
864
|
|
810
865
|
<%end%>
|
811
866
|
<%else%>
|
@@ -819,20 +874,20 @@
|
|
819
874
|
<div class="right">
|
820
875
|
<p>
|
821
876
|
<h3>Description</h3>
|
822
|
-
<blockquote><p><%=
|
877
|
+
<blockquote><p><%=escapeHTML(issue.description)%></p></blockquote>
|
823
878
|
</p>
|
824
879
|
|
825
880
|
<% if issue.remedy_guidance && !issue.remedy_guidance.empty? %>
|
826
881
|
<p>
|
827
882
|
<h3>Remedial guidance</h3>
|
828
|
-
<blockquote><p><%=
|
883
|
+
<blockquote><p><%=escapeHTML(issue.remedy_guidance)%></p></blockquote>
|
829
884
|
</p>
|
830
885
|
<%end%>
|
831
886
|
|
832
887
|
<% if issue.remedy_code && !issue.remedy_code.empty? %>
|
833
888
|
<p>
|
834
889
|
<h3>Remedial code</h3>
|
835
|
-
<pre class="code notice"><%=
|
890
|
+
<pre class="code notice"><%=escapeHTML(issue.remedy_code)%></pre>
|
836
891
|
</p>
|
837
892
|
<%end%>
|
838
893
|
|
@@ -851,13 +906,13 @@
|
|
851
906
|
</h5>
|
852
907
|
|
853
908
|
<strong>Affected URL</strong>:
|
854
|
-
<p class="notice"><a href="<%=
|
909
|
+
<p class="notice"><a href="<%=escapeHTML(variation['url'])%>"><%=escapeHTML(variation['url'])%></a></p>
|
855
910
|
|
856
911
|
<% if (variation['response'] && !variation['response'].empty?) && variation['regexp_match'] %>
|
857
912
|
|
858
913
|
<div class="hidden" id="inspection-dialog_<%=var_idx%>_<%=idx%>" title="Relevant content is shown in red.">
|
859
|
-
<% match =
|
860
|
-
<pre> <%=
|
914
|
+
<% match = escapeHTML( variation['regexp_match'] )%>
|
915
|
+
<pre> <%=escapeHTML( variation['response'] ).gsub( match, '<strong style="color: red">' + match + '</strong>' ) %> </pre>
|
861
916
|
</div>
|
862
917
|
|
863
918
|
<form style="display:inline" action="#">
|
@@ -871,7 +926,7 @@
|
|
871
926
|
<form style="display:inline" action="<%=issue.url%>" target="_blank" method="<%=issue.method.downcase%>">
|
872
927
|
<% if variation['opts'][:combo]%>
|
873
928
|
<%variation['opts'][:combo].each_pair do |name, value|%>
|
874
|
-
<input type="hidden" name="<%=
|
929
|
+
<input type="hidden" name="<%=escapeHTML(name)%>" value="<%=escapeHTML( value )%>" />
|
875
930
|
<%end%>
|
876
931
|
<%end%>
|
877
932
|
<input type="submit" value="Replay" />
|
@@ -884,25 +939,25 @@
|
|
884
939
|
|
885
940
|
<% if variation['injected'] %>
|
886
941
|
<strong>Injected value</strong>:
|
887
|
-
<pre> <%=
|
942
|
+
<pre> <%=escapeHTML(variation['injected'])%> </pre>
|
888
943
|
<br/>
|
889
944
|
<%end%>
|
890
945
|
|
891
946
|
<% if variation['id'] %>
|
892
947
|
<strong>ID</strong>:
|
893
|
-
<pre><%=
|
948
|
+
<pre><%=escapeHTML(variation['id'])%></pre>
|
894
949
|
<br/>
|
895
950
|
<%end%>
|
896
951
|
|
897
952
|
<% if variation['regexp'] %>
|
898
953
|
<strong>Regular expression</strong>:
|
899
|
-
<pre><%=
|
954
|
+
<pre><%=escapeHTML(variation['regexp'])%></pre>
|
900
955
|
<br/>
|
901
956
|
<%end%>
|
902
957
|
|
903
958
|
<% if variation['regexp_match'] %>
|
904
959
|
<strong>Matched by the regular expression</strong>:
|
905
|
-
<pre><%=
|
960
|
+
<pre><%=escapeHTML(variation['regexp_match'])%> </pre>
|
906
961
|
<%end%>
|
907
962
|
|
908
963
|
<br/>
|
@@ -918,12 +973,12 @@
|
|
918
973
|
<tr>
|
919
974
|
<td>
|
920
975
|
<% if variation['headers']['request'].is_a?( Hash ) %>
|
921
|
-
<pre class="notice"><% variation['headers']['request'].each_pair do |name, val| %><strong><%=name%></strong><%="\t" +
|
976
|
+
<pre class="notice"><% variation['headers']['request'].each_pair do |name, val| %><strong><%=name%></strong><%="\t" + escapeHTML(val) + "\n"%><%end%></pre>
|
922
977
|
<%end%>
|
923
978
|
</td>
|
924
979
|
<td>
|
925
980
|
<% if variation['headers']['response'].is_a?( Hash ) %>
|
926
|
-
<pre class="notice"><% variation['headers']['response'].each_pair do |name, val| %><strong><%=name%></strong><%="\t" +
|
981
|
+
<pre class="notice"><% variation['headers']['response'].each_pair do |name, val| %><strong><%=name%></strong><%="\t" + escapeHTML(val) + "\n"%><%end%></pre>
|
927
982
|
<%end%>
|
928
983
|
</td>
|
929
984
|
</tr>
|
@@ -960,7 +1015,7 @@
|
|
960
1015
|
<p> </p>
|
961
1016
|
<h3><%=@audit_store.sitemap.size%> pages</h3>
|
962
1017
|
<% @audit_store.sitemap.each do |url| %>
|
963
|
-
<a href="<%=
|
1018
|
+
<a href="<%=escapeHTML(url)%>"><%=escapeHTML(url)%></a><br/>
|
964
1019
|
<%end%>
|
965
1020
|
|
966
1021
|
</section>
|
data/reports/html.rb
CHANGED
@@ -14,6 +14,8 @@ require 'cgi'
|
|
14
14
|
|
15
15
|
module Arachni
|
16
16
|
|
17
|
+
require Options.instance.dir['lib'] + 'crypto/rsa_aes_cbc'
|
18
|
+
|
17
19
|
module Reports
|
18
20
|
|
19
21
|
#
|
@@ -22,10 +24,12 @@ module Reports
|
|
22
24
|
# @author: Tasos "Zapotek" Laskos
|
23
25
|
# <tasos.laskos@gmail.com>
|
24
26
|
# <zapotek@segfault.gr>
|
25
|
-
# @version: 0.2
|
27
|
+
# @version: 0.2.1
|
26
28
|
#
|
27
29
|
class HTML < Arachni::Report::Base
|
28
30
|
|
31
|
+
REPORT_FP_URL = "https://arachni.segfault.gr/false_positive"
|
32
|
+
|
29
33
|
#
|
30
34
|
# @param [AuditStore] audit_store
|
31
35
|
# @param [Hash] options options passed to the report
|
@@ -33,6 +37,8 @@ class HTML < Arachni::Report::Base
|
|
33
37
|
def initialize( audit_store, options )
|
34
38
|
@audit_store = audit_store
|
35
39
|
@options = options
|
40
|
+
|
41
|
+
@crypto = RSA_AES_CBC.new( Options.instance.dir['data'] + 'crypto/public.pem' )
|
36
42
|
end
|
37
43
|
|
38
44
|
#
|
@@ -49,6 +55,12 @@ class HTML < Arachni::Report::Base
|
|
49
55
|
|
50
56
|
@plugins = format_plugin_results( @audit_store.plugins )
|
51
57
|
|
58
|
+
conf = {}
|
59
|
+
conf['options'] = @audit_store.options
|
60
|
+
conf['version'] = @audit_store.version
|
61
|
+
conf['revision'] = @audit_store.revision
|
62
|
+
conf = @crypto.encrypt( conf.to_yaml )
|
63
|
+
|
52
64
|
__save( @options['outfile'], report.result( binding ) )
|
53
65
|
|
54
66
|
print_status( 'Saved in \'' + @options['outfile'] + '\'.' )
|
@@ -71,6 +83,21 @@ class HTML < Arachni::Report::Base
|
|
71
83
|
|
72
84
|
private
|
73
85
|
|
86
|
+
def js_multiline( str )
|
87
|
+
"\"" + str.gsub( "\n", '\n' ) + "\"";
|
88
|
+
end
|
89
|
+
|
90
|
+
def escapeHTML( str )
|
91
|
+
# carefully escapes HTML and converts to UTF-8
|
92
|
+
# while removing invalid character sequences
|
93
|
+
begin
|
94
|
+
return CGI.escapeHTML( str )
|
95
|
+
rescue
|
96
|
+
ic = Iconv.new( 'UTF-8//IGNORE', 'UTF-8' )
|
97
|
+
return CGI.escapeHTML( ic.iconv( str + ' ' )[0..-2] )
|
98
|
+
end
|
99
|
+
end
|
100
|
+
|
74
101
|
def self.prep_description( str )
|
75
102
|
placeholder = '--' + rand( 1000 ).to_s + '--'
|
76
103
|
cstr = str.gsub( /^\s*$/xm, placeholder )
|
@@ -114,9 +141,13 @@ class HTML < Arachni::Report::Base
|
|
114
141
|
@total_severities = 0
|
115
142
|
@total_elements = 0
|
116
143
|
@total_verifications = 0
|
144
|
+
|
145
|
+
@crypto_issues = []
|
117
146
|
@audit_store.issues.each_with_index {
|
118
147
|
|issue, i|
|
119
148
|
|
149
|
+
@crypto_issues << @crypto.encrypt( issue.to_yaml )
|
150
|
+
|
120
151
|
@graph_data[:severities][issue.severity] ||= 0
|
121
152
|
@graph_data[:severities][issue.severity] += 1
|
122
153
|
@total_severities += 1
|
data/reports/metareport.rb
CHANGED
metadata
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
name: arachni
|
3
3
|
version: !ruby/object:Gem::Version
|
4
4
|
prerelease:
|
5
|
-
version: 0.2.
|
5
|
+
version: 0.2.3
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
8
8
|
- Tasos Laskos
|
@@ -10,7 +10,7 @@ autorequire:
|
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
12
|
|
13
|
-
date: 2011-
|
13
|
+
date: 2011-05-22 00:00:00 +01:00
|
14
14
|
default_executable:
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
@@ -176,6 +176,7 @@ files:
|
|
176
176
|
- CONTRIBUTORS.md
|
177
177
|
- EXPLOITATION.md
|
178
178
|
- HACKING.md
|
179
|
+
- data/crypto/public.pem
|
179
180
|
- lib/nokogiri/xml/node.rb
|
180
181
|
- lib/module.rb
|
181
182
|
- lib/module/trainer.rb
|
@@ -211,6 +212,7 @@ files:
|
|
211
212
|
- lib/plugin/manager.rb
|
212
213
|
- lib/arachni.rb
|
213
214
|
- lib/framework.rb
|
215
|
+
- lib/crypto/rsa_aes_cbc.rb
|
214
216
|
- lib/http.rb
|
215
217
|
- lib/spider.rb
|
216
218
|
- lib/audit_store.rb
|
@@ -264,7 +266,6 @@ files:
|
|
264
266
|
- lib/ui/web/server/public/spider.png
|
265
267
|
- lib/ui/web/server/public/banner.png
|
266
268
|
- lib/ui/web/server/public/bodybg-small.png
|
267
|
-
- lib/ui/web/server/public/reports/demo.testfire.net:Sun Mar 20 02:48:10 2011.afr
|
268
269
|
- lib/ui/web/server/public/reports/placeholder
|
269
270
|
- lib/ui/web/server/public/icons/status.png
|
270
271
|
- lib/ui/web/server/public/icons/info.png
|
@@ -277,7 +278,6 @@ files:
|
|
277
278
|
- lib/ui/web/server/views/dispatcher_error.erb
|
278
279
|
- lib/ui/web/server/views/instance.erb
|
279
280
|
- lib/ui/web/server/views/log.erb
|
280
|
-
- lib/ui/web/server/views/dispatcher.erb
|
281
281
|
- lib/ui/web/server/views/flash.erb
|
282
282
|
- lib/ui/web/server/views/report_formats.erb
|
283
283
|
- lib/ui/web/server/views/modules.erb
|
@@ -285,14 +285,17 @@ files:
|
|
285
285
|
- lib/ui/web/server/views/layout.erb
|
286
286
|
- lib/ui/web/server/views/output_results.erb
|
287
287
|
- lib/ui/web/server/views/options.erb
|
288
|
+
- lib/ui/web/server/views/dispatchers.erb
|
288
289
|
- lib/ui/web/server/views/error.erb
|
289
290
|
- lib/ui/web/server/views/home.erb
|
290
291
|
- lib/ui/web/server/views/welcome.erb
|
291
292
|
- lib/ui/web/server/views/reports.erb
|
293
|
+
- lib/ui/web/server/views/dispatchers_edit.erb
|
292
294
|
- lib/ui/web/server/views/settings.erb
|
293
295
|
- lib/ui/web/report_manager.rb
|
294
296
|
- lib/ui/web/server.rb
|
295
297
|
- lib/ui/web/log.rb
|
298
|
+
- lib/ui/web/dispatcher_manager.rb
|
296
299
|
- lib/ui/web/output_stream.rb
|
297
300
|
- lib/parser/auditable.rb
|
298
301
|
- lib/parser/parser.rb
|