RubyGems - arachni - Versions diffs - 0.2.4 → 0.3 - Mend

arachni 0.2.4 → 0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (79) hide show

data/CHANGELOG.md +33 -0
data/README.md +2 -4
data/Rakefile +15 -4
data/bin/arachni +0 -0
data/bin/arachni_web +0 -0
data/bin/arachni_web_autostart +0 -0
data/bin/arachni_xmlrpc +0 -0
data/bin/arachni_xmlrpcd +0 -0
data/bin/arachni_xmlrpcd_monitor +0 -0
data/lib/arachni.rb +1 -1
data/lib/framework.rb +36 -6
data/lib/http.rb +12 -5
data/lib/module/auditor.rb +482 -59
data/lib/module/base.rb +17 -0
data/lib/module/manager.rb +26 -2
data/lib/module/trainer.rb +1 -12
data/lib/module/utilities.rb +12 -0
data/lib/parser/auditable.rb +8 -3
data/lib/parser/elements.rb +11 -0
data/lib/parser/page.rb +3 -1
data/lib/parser/parser.rb +130 -18
data/lib/rpc/xml/server/dispatcher.rb +21 -0
data/lib/spider.rb +141 -82
data/lib/ui/cli/cli.rb +2 -3
data/lib/ui/web/addon_manager.rb +273 -0
data/lib/ui/web/addons/autodeploy.rb +172 -0
data/lib/ui/web/addons/autodeploy/lib/manager.rb +291 -0
data/lib/ui/web/addons/autodeploy/views/index.erb +124 -0
data/lib/ui/web/addons/sample.rb +78 -0
data/lib/ui/web/addons/sample/views/index.erb +4 -0
data/lib/ui/web/addons/scheduler.rb +139 -0
data/lib/ui/web/addons/scheduler/views/index.erb +131 -0
data/lib/ui/web/addons/scheduler/views/options.erb +93 -0
data/lib/ui/web/dispatcher_manager.rb +80 -13
data/lib/ui/web/instance_manager.rb +87 -0
data/lib/ui/web/scheduler.rb +166 -0
data/lib/ui/web/server.rb +142 -202
data/lib/ui/web/server/public/js/jquery-ui-timepicker.js +985 -0
data/lib/ui/web/server/public/plugins/sample/style.css +0 -0
data/lib/ui/web/server/public/style.css +42 -0
data/lib/ui/web/server/views/addon.erb +15 -0
data/lib/ui/web/server/views/addons.erb +46 -0
data/lib/ui/web/server/views/dispatchers.erb +1 -1
data/lib/ui/web/server/views/instance.erb +9 -11
data/lib/ui/web/server/views/layout.erb +14 -1
data/lib/ui/web/server/views/welcome.erb +7 -6
data/lib/ui/web/utilities.rb +134 -0
data/modules/audit/code_injection_timing.rb +6 -2
data/modules/audit/code_injection_timing/payloads.txt +2 -2
data/modules/audit/os_cmd_injection_timing.rb +7 -3
data/modules/audit/os_cmd_injection_timing/payloads.txt +1 -1
data/modules/audit/sqli_blind_rdiff.rb +18 -233
data/modules/audit/sqli_blind_rdiff/payloads.txt +5 -0
data/modules/audit/sqli_blind_timing.rb +9 -2
data/path_extractors/anchors.rb +1 -1
data/path_extractors/forms.rb +1 -1
data/path_extractors/frames.rb +1 -1
data/path_extractors/generic.rb +1 -1
data/path_extractors/links.rb +1 -1
data/path_extractors/meta_refresh.rb +1 -1
data/path_extractors/scripts.rb +1 -1
data/path_extractors/sitemap.rb +1 -1
data/plugins/proxy/server.rb +3 -2
data/plugins/waf_detector.rb +0 -3
metadata +37 -34
data/lib/anemone/cookie_store.rb +0 -35
data/lib/anemone/core.rb +0 -371
data/lib/anemone/exceptions.rb +0 -5
data/lib/anemone/http.rb +0 -144
data/lib/anemone/page.rb +0 -338
data/lib/anemone/page_store.rb +0 -160
data/lib/anemone/storage.rb +0 -34
data/lib/anemone/storage/base.rb +0 -75
data/lib/anemone/storage/exceptions.rb +0 -15
data/lib/anemone/storage/mongodb.rb +0 -89
data/lib/anemone/storage/pstore.rb +0 -50
data/lib/anemone/storage/redis.rb +0 -90
data/lib/anemone/storage/tokyo_cabinet.rb +0 -57
data/lib/anemone/tentacle.rb +0 -40

data/lib/rpc/xml/server/dispatcher.rb CHANGED Viewed

@@ -178,6 +178,10 @@ class Dispatcher < Base
         }
     end
+    def proc_info
+        unnil( proc( Process.pid ) )
+    end
     #
     # Outputs the Arachni banner.<br/>
     # Displays version number, revision number, author details etc.
@@ -235,6 +239,23 @@ USAGE
     private
+    #
+    # Recursively removes nils.
+    #
+    # @param    [Hash]  hash
+    #
+    # @return   [Hash]
+    #
+    def unnil( hash )
+        hash.each_pair {
+            |k, v|
+            hash[k] = '' if v.nil?
+            hash[k] = unnil( v ) if v.is_a? Hash
+        }
+        return hash
+    end
     #
     # Initializes and updates the pool making sure that the number of
     # available server processes stays constant for any given moment

data/lib/spider.rb CHANGED Viewed

@@ -8,8 +8,9 @@
 =end
-require Arachni::Options.instance.dir['lib'] + 'anemone'
 require Arachni::Options.instance.dir['lib'] + 'module/utilities'
+require 'nokogiri'
+require Arachni::Options.instance.dir['lib'] + 'nokogiri/xml/node'
 module Arachni
@@ -21,7 +22,7 @@ module Arachni
 # @author: Tasos "Zapotek" Laskos
 #                                      <tasos.laskos@gmail.com>
 #                                      <zapotek@segfault.gr>
-# @version: 0.1
+# @version: 0.2
 #
 class Spider
@@ -34,8 +35,6 @@ class Spider
     #
     attr_reader :opts
-    attr_reader :pages
     #
     # Sitemap, array of links
     #
@@ -59,31 +58,6 @@ class Spider
     def initialize( opts )
         @opts = opts
-        @anemone_opts = {
-            :threads              =>  1,
-            :discard_page_bodies  =>  false,
-            :delay                =>  0,
-            :obey_robots_txt      =>  false,
-            :depth_limit          =>  false,
-            :link_count_limit     =>  false,
-            :redirect_limit       =>  false,
-            :storage              =>  nil,
-            :cookies              =>  nil,
-            :accept_cookies       =>  true,
-            :proxy_addr           =>  nil,
-            :proxy_port           =>  nil,
-            :proxy_user           =>  nil,
-            :proxy_pass           =>  nil
-        }
-        hash_opts = @opts.to_h
-        @anemone_opts.each_pair {
-            |k, v|
-            @anemone_opts[k] = hash_opts[k.to_s] if hash_opts[k.to_s]
-        }
-        @anemone_opts = @anemone_opts.merge( hash_opts )
         @sitemap = []
         @on_every_page_blocks = []
@@ -102,85 +76,170 @@ class Spider
     def run( &block )
         return if @opts.link_count_limit == 0
-        i = 1
-        # start the crawl
-        Anemone.crawl( @opts.url, @anemone_opts ) {
-            |anemone|
+        paths = []
+        paths << @opts.url.to_s
-            # apply 'exclude' patterns
-            anemone.skip_links_like( @opts.exclude ) if @opts.exclude
+        visited = []
-            # apply 'include' patterns and grab matching pages
-            # as they are discovered
-            anemone.on_pages_like( @opts.include ) {
-                |page|
+        while( !paths.empty? )
+            while( !paths.empty? && url = paths.pop )
+                url = url_sanitize( url )
+                next if skip?( url ) || !in_domain?( url )
-                @pages = anemone.pages.keys || []
+                wait_if_paused
-                url = url_sanitize( page.url.to_s )
+                visited << url
-                # something went kaboom, tell the user and skip the page
-                if page.error
-                    print_error( "[Error: " + (page.error.to_s) + "] " + url )
-                    print_debug_backtrace( page.error )
-                    next
-                end
+                opts = {
+                    :timeout => nil,
+                    :remove_id => true,
+                    :async => @opts.spider_first
+                }
-                # push the url in the sitemap
-                @sitemap.push( url )
-                print_line
-                print_status( "[HTTP: #{page.code}] " + url )
-                # call the block...if we have one
-                if block
-                    exception_jail{
-                        new_page = Arachni::Parser.new( @opts,
-                            Typhoeus::Response.new(
-                                :effective_url => url,
-                                :body          => page.body,
-                                :headers_hash  => page.headers
-                            )
-                        ).run
-                        new_page.code   = page.code
-                        new_page.method = 'GET'
-                        block.call( new_page.clone )
+                Arachni::HTTP.instance.get( url, opts ).on_complete {
+                    |res|
+                    print_line
+                    print_status( "[HTTP: #{res.code}] " + res.effective_url )
+                    page = Arachni::Parser.new( @opts, res ).run
+                    page.url = url_sanitize( res.effective_url )
+                    @sitemap |= page.paths.map { |path| url_sanitize( path ) }
+                    paths    |= @sitemap - visited
+                    # call the block...if we have one
+                    if block
+                        exception_jail{
+                            block.call( page.clone )
+                        }
+                    end
+                    # run blocks specified later
+                    @on_every_page_blocks.each {
+                        |block|
+                        block.call( page )
                     }
-                end
-                # run blocks specified later
-                @on_every_page_blocks.each {
-                    |block|
-                    block.call( page )
                 }
-                # we don't need the HTML doc anymore
-                page.discard_doc!( )
+                Arachni::HTTP.instance.run if !@opts.spider_first
                 # make sure we obey the link count limit and
                 # return if we have exceeded it.
                 if( @opts.link_count_limit &&
-                    @opts.link_count_limit <= i )
+                    @opts.link_count_limit <= visited.size )
+                    Arachni::HTTP.instance.run if @opts.spider_first
                     return @sitemap.uniq
                 end
-                i+=1
-            }
-        }
+            end
+            if @opts.spider_first
+                Arachni::HTTP.instance.run
+            else
+                break
+            end
+        end
         return @sitemap.uniq
     end
+    def skip?( url )
+        @opts.exclude.each {
+            |regexp|
+            return true if regexp =~ url
+        }
+        @opts.redundant.each_with_index {
+            |redundant, i|
+            if( url =~ redundant['regexp'] )
+                if( @opts.redundant[i]['count'] == 0 )
+                    print_verbose( 'Discarding redundant page: \'' + url + '\'' )
+                    return true
+                end
+                print_info( 'Matched redundancy rule: ' +
+                redundant['regexp'].to_s + ' for page \'' +
+                url + '\'' )
+                print_info( 'Count-down: ' + @opts.redundant[i]['count'].to_s )
+                @opts.redundant[i]['count'] -= 1
+            end
+        }
+        skip_cnt = 0
+        @opts.include.each {
+            |regexp|
+            skip_cnt += 1 if !(regexp =~ url)
+        }
+        return false if skip_cnt > 1
+        return false
+    end
+    def wait_if_paused
+        while( paused? )
+            ::IO::select( nil, nil, nil, 1 )
+        end
+    end
+    def pause!
+        @pause = true
+    end
+    def resume!
+        @pause = false
+    end
+    def paused?
+        @pause ||= false
+        return @pause
+    end
+    #
+    # Checks if the uri is in the same domain
     #
-    # Decodes URLs to reverse multiple encodes and removes NULL characters
+    # @param [URI] url
     #
-    def url_sanitize( url )
+    # @return [String]
+    #
+    def in_domain?( uri )
+        uri_1 = URI( uri.to_s )
+        uri_2 = URI( @opts.url.to_s )
-        while( url =~ /%/ )
-            url = ( URI.decode( url ).to_s.unpack( 'A*' )[0] )
+        if( @opts.follow_subdomains )
+            return extract_domain( uri_1 ) ==  extract_domain( uri_2 )
         end
-        return url
+        uri_1.host == uri_2.host
+    end
+    #
+    # Extracts the domain from a URI object
+    #
+    # @param [URI] url
+    #
+    # @return [String]
+    #
+    def extract_domain( url )
+        if !url.host then return false end
+        splits = url.host.split( /\./ )
+        if splits.length == 1 then return true end
+        splits[-2] + "." + splits[-1]
     end

data/lib/ui/cli/cli.rb CHANGED Viewed

@@ -123,16 +123,15 @@ class CLI
         audited = stats[:auditmap_size]
         mapped  = stats[:sitemap_size]
-        progress = ( Float( audited ) / mapped ) * 100
         print_line
-        print_info( "Audit progress: #{progress.to_s[0...5]}% ( #{audited}/#{mapped} pages )" )
+        print_info( "Audit progress: #{stats[:progress]}% ( Discovered #{mapped} pages )" )
         print_line
         print_info( "Sent #{stats[:requests]} requests." )
         print_info( "Received and analyzed #{stats[:responses]} responses." )
         print_info( 'In ' + stats[:time] )
-        avg = 'Average: ' + stats[:avg] + ' requests/second.'
+        avg = 'Average: ' + stats[:avg].to_s + ' requests/second.'
         print_info( avg )
         print_line

data/lib/ui/web/addon_manager.rb ADDED Viewed

@@ -0,0 +1,273 @@
+=begin
+                  Arachni
+  Copyright (c) 2010-2011 Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
+  This is free software; you can copy and distribute and modify
+  this program under the term of the GPL v2.0 License
+  (See LICENSE file for details)
+=end
+module Arachni
+module UI
+module Web
+module Addons
+    #
+    # Base class for all add-ons.
+    #
+    #
+    # @author: Tasos "Zapotek" Laskos
+    #                                      <tasos.laskos@gmail.com>
+    #                                      <zapotek@segfault.gr>
+    # @version: 0.1
+    #
+    class Base
+        def initialize( settings, route )
+            @settings = settings
+            @route    = '/addons/' + route
+            @settings.helpers do
+                def present( tpl, args )
+                    views = current_addon.path_views
+                    trv = ( '../' * views.split( '/' ).size ) + views + tpl.to_s
+                    erb_args = []
+                    erb_args << { :layout => true }
+                    erb_args << { :tpl => trv.to_sym, :addon => addons.by_name( current_addon_name ), :tpl_args => args }
+                    erb :addon, *erb_args
+                end
+                def partial( tpl, args )
+                    views = current_addon.path_views
+                    trv = ( '../' * views.split( '/' ).size ) + views + tpl.to_s
+                    erb_args = []
+                    erb_args << { :layout => false }
+                    erb_args << args
+                    erb trv.to_sym, *erb_args
+                end
+                def current_addon_name
+                    env['PATH_INFO'].scan( /\/addons\/(.*?)\// ).flatten[0]
+                end
+                def current_addon
+                    addons.running[current_addon_name]
+                end
+            end
+        end
+        def path_root
+            @route
+        end
+        def path_views
+            path_addon + '/views/'
+        end
+        def path_addon
+            Options.instance.dir['lib'] + 'ui/web' + path_root
+        end
+        def run
+        end
+        #
+        # This optional method allows you to specify the title which will be
+        # used for the menu (in case you want it to be dynamic).
+        #
+        # @return   [String]
+        #
+        def title
+            ''
+        end
+        #
+        #
+        # *DO NOT MESS WITH THE FOLLOWING METHODS*
+        #
+        #
+        def settings
+           @settings
+        end
+        def get( path, &block )
+            settings.get( @route + path, &block )
+        end
+        def post( path, &block )
+            settings.post( @route + path, &block )
+        end
+        def put( path, &block )
+            settings.put( @route + path, &block )
+        end
+        def delete( path, &block )
+            settings.delete( @route + path, &block )
+        end
+    end
+end
+#
+# Add-on manager.
+#
+#
+# @author: Tasos "Zapotek" Laskos
+#                                      <tasos.laskos@gmail.com>
+#                                      <zapotek@segfault.gr>
+# @version: 0.1
+#
+class AddonManager
+    include Utilities
+    class Addon
+        include DataMapper::Resource
+        property :id,   Serial
+        property :name, String
+    end
+    class RestrictedComponentManager < Arachni::ComponentManager
+        def paths
+            cpaths = paths = Dir.glob( File.join( "#{@lib}", "*.rb" ) )
+            return paths.reject { |path| helper?( path ) }
+        end
+    end
+    def initialize( opts, settings )
+        @opts     = opts
+        @settings = settings
+        lib = @opts.dir['lib'] + 'ui/web/addons/'
+        @@manager ||= RestrictedComponentManager.new( lib, Addons )
+        @@running ||= {}
+        DataMapper::setup( :default, "sqlite3://#{@settings.db}/default.db" )
+        DataMapper.finalize
+        Addon.auto_upgrade!
+        run( enabled )
+    end
+    #
+    # Runs addons.
+    #
+    # @param    [Array]     addons  array holding the names of the addons
+    #
+    def run( addons )
+        begin
+            addons.each {
+                |name|
+                @@running[name] = @@manager[name].new( @settings, name )
+                @@running[name].run
+            }
+        rescue ::Exception => e
+            ap e.to_s
+            ap e.backtrace
+        end
+    end
+    def running
+        @@running
+    end
+    #
+    # Gets add-on info by name.
+    #
+    # @param    [String]    name
+    #
+    # @return   [Hash]
+    #
+    def by_name( name )
+        available.each { |addon| return addon if addon['filename'] == name }
+        return nil
+    end
+    #
+    # Gets all available add-ons.
+    #
+    # @return   [Array]
+    #
+    def available
+        @@available ||= populate_available
+        @@available.each {
+            |addon|
+            if @@running[addon['filename']] && !@@running[addon['filename']].title.empty?
+                addon['title'] = @@running[addon['filename']].title
+            else
+                addon['title'] = addon['name']
+            end
+        }
+        return @@available
+    end
+    #
+    # Enables and runs add-ons.
+    #
+    # @param    [Array]     addons  array holding the names of the addons
+    #
+    def enable!( addons )
+        Addon.all.destroy
+        addons.each { |addon| Addon.create( :name => addon ); run( [addon] ) }
+    end
+    #
+    # Gets all enabled add-ons.
+    #
+    # @return   [Array]
+    #
+    def enabled
+        Addon.all.map { |addon| addon.name }
+    end
+    private
+    def populate_available
+        @@available ||= []
+        return @@available if !@@available.empty?
+        @@available_classes ||= {}
+        @@manager.available.each {
+            |avail|
+            @@available << {
+                'name'        => @@manager[avail].info[:name],
+                'filename'    => avail,
+                'description' => @@manager[avail].info[:description],
+                'version'     => @@manager[avail].info[:version],
+                'author'      => @@manager[avail].info[:author]
+            }
+            @@available_classes[avail] = @@manager[avail]
+        }
+        return @@available
+    end
+end
+end
+end
+end