arachni 0.4.2 → 0.4.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +8 -8
- data/ACKNOWLEDGMENTS.md +3 -0
- data/CHANGELOG.md +181 -1
- data/README.md +68 -14
- data/Rakefile +1 -5
- data/arachni.gemspec +9 -6
- data/bin/arachni_multi +23 -0
- data/bin/arachni_rpc +2 -2
- data/bin/arachni_rpcd_monitor +1 -1
- data/fingerprinters/frameworks/rack.rb +41 -0
- data/fingerprinters/languages/asp.rb +42 -0
- data/fingerprinters/languages/aspx.rb +63 -0
- data/fingerprinters/languages/jsp.rb +44 -0
- data/fingerprinters/languages/php.rb +43 -0
- data/fingerprinters/languages/python.rb +40 -0
- data/fingerprinters/languages/ruby.rb +41 -0
- data/fingerprinters/os/bsd.rb +36 -0
- data/fingerprinters/os/linux.rb +42 -0
- data/fingerprinters/os/solaris.rb +41 -0
- data/fingerprinters/os/unix.rb +36 -0
- data/fingerprinters/os/windows.rb +41 -0
- data/fingerprinters/servers/apache.rb +36 -0
- data/fingerprinters/servers/iis.rb +36 -0
- data/fingerprinters/servers/jetty.rb +36 -0
- data/fingerprinters/servers/nginx.rb +36 -0
- data/fingerprinters/servers/tomcat.rb +36 -0
- data/lib/arachni/audit_store.rb +3 -4
- data/lib/arachni/banner.rb +0 -2
- data/lib/arachni/element/base.rb +25 -35
- data/lib/arachni/element/capabilities/auditable.rb +265 -133
- data/lib/arachni/element/capabilities/auditable/rdiff.rb +14 -4
- data/lib/arachni/element/capabilities/auditable/taint.rb +32 -10
- data/lib/arachni/element/capabilities/auditable/timeout.rb +59 -29
- data/lib/arachni/element/cookie.rb +4 -3
- data/lib/arachni/element/form.rb +1 -5
- data/lib/arachni/element/header.rb +10 -0
- data/lib/arachni/element/link.rb +0 -1
- data/lib/arachni/element_filter.rb +2 -2
- data/lib/arachni/framework.rb +37 -13
- data/lib/arachni/http.rb +3 -2
- data/lib/arachni/issue.rb +27 -0
- data/lib/arachni/module.rb +16 -0
- data/lib/arachni/module/auditor.rb +107 -70
- data/lib/arachni/module/base.rb +1 -1
- data/lib/arachni/module/key_filler.rb +26 -39
- data/lib/arachni/module/manager.rb +53 -56
- data/lib/arachni/options.rb +126 -19
- data/lib/arachni/page.rb +41 -42
- data/lib/arachni/parser.rb +91 -139
- data/lib/arachni/platform.rb +19 -0
- data/lib/arachni/platform/fingerprinter.rb +100 -0
- data/lib/arachni/platform/list.rb +293 -0
- data/lib/arachni/platform/manager.rb +435 -0
- data/lib/arachni/platforms.rb +498 -0
- data/lib/arachni/plugin.rb +17 -1
- data/lib/arachni/plugin/manager.rb +35 -36
- data/lib/arachni/processes.rb +27 -0
- data/lib/arachni/processes/dispatchers.rb +149 -0
- data/lib/arachni/processes/helpers.rb +19 -0
- data/lib/arachni/processes/helpers/dispatchers.rb +45 -0
- data/lib/arachni/processes/helpers/instances.rb +51 -0
- data/lib/arachni/processes/helpers/processes.rb +51 -0
- data/lib/arachni/processes/instances.rb +196 -0
- data/lib/arachni/processes/manager.rb +129 -0
- data/lib/arachni/report.rb +16 -0
- data/lib/arachni/rpc/client/base.rb +9 -1
- data/lib/arachni/rpc/server/base.rb +1 -0
- data/lib/arachni/rpc/server/dispatcher.rb +60 -24
- data/lib/arachni/rpc/server/dispatcher/handler.rb +4 -2
- data/lib/arachni/rpc/server/dispatcher/node.rb +8 -3
- data/lib/arachni/rpc/server/framework.rb +70 -772
- data/lib/arachni/rpc/server/{distributor.rb → framework/distributor.rb} +150 -117
- data/lib/arachni/rpc/server/framework/master.rb +470 -0
- data/lib/arachni/rpc/server/framework/multi_instance.rb +267 -0
- data/lib/arachni/rpc/server/framework/slave.rb +159 -0
- data/lib/arachni/rpc/server/instance.rb +187 -109
- data/lib/arachni/rpc/server/spider.rb +136 -38
- data/lib/arachni/ruby.rb +19 -0
- data/lib/arachni/ruby/hash.rb +62 -0
- data/lib/arachni/ruby/io.rb +49 -0
- data/lib/arachni/ruby/set.rb +27 -0
- data/lib/arachni/ruby/string.rb +17 -2
- data/lib/arachni/spider.rb +60 -38
- data/lib/arachni/support.rb +26 -0
- data/lib/arachni/support/buffer.rb +19 -0
- data/lib/arachni/support/buffer/autoflush.rb +79 -0
- data/lib/arachni/{buffer → support/buffer}/base.rb +1 -1
- data/lib/arachni/{cache.rb → support/cache.rb} +1 -1
- data/lib/arachni/{cache → support/cache}/base.rb +7 -9
- data/lib/arachni/{cache → support/cache}/least_cost_replacement.rb +7 -1
- data/lib/arachni/{cache → support/cache}/least_recently_used.rb +10 -34
- data/lib/arachni/{cache → support/cache}/preference.rb +8 -3
- data/lib/arachni/{cache → support/cache}/random_replacement.rb +8 -3
- data/lib/arachni/support/crypto.rb +18 -0
- data/lib/arachni/{crypto → support/crypto}/rsa_aes_cbc.rb +7 -4
- data/lib/arachni/support/database.rb +20 -0
- data/lib/arachni/support/database/base.rb +124 -0
- data/lib/arachni/{database → support/database}/hash.rb +1 -1
- data/lib/arachni/{database → support/database}/queue.rb +1 -1
- data/lib/arachni/support/lookup.rb +20 -0
- data/lib/arachni/support/lookup/base.rb +91 -0
- data/lib/arachni/support/lookup/hash_set.rb +42 -0
- data/lib/arachni/support/lookup/moolb.rb +66 -0
- data/lib/arachni/support/queue.rb +18 -0
- data/lib/arachni/support/queue/disk.rb +171 -0
- data/lib/arachni/trainer.rb +2 -2
- data/lib/arachni/ui/cli/cli.rb +22 -0
- data/lib/arachni/ui/cli/rpc/dispatcher_monitor.rb +7 -3
- data/lib/arachni/ui/cli/rpc/{rpc.rb → instance.rb} +69 -97
- data/lib/arachni/ui/cli/rpc/local.rb +80 -0
- data/lib/arachni/ui/cli/rpc/remote.rb +134 -0
- data/lib/arachni/ui/cli/utilities.rb +40 -5
- data/lib/arachni/ui/foo/output.rb +19 -16
- data/lib/arachni/uri.rb +35 -5
- data/lib/arachni/utilities.rb +5 -39
- data/lib/version +1 -1
- data/logs/Dispatcher - 21448-7331.log +17 -0
- data/logs/Dispatcher - 21645-1111.log +13 -0
- data/logs/Dispatcher - 21673-1111.log +21 -0
- data/modules/audit/code_injection.rb +21 -20
- data/modules/audit/code_injection_timing.rb +15 -13
- data/modules/audit/os_cmd_injection.rb +14 -10
- data/modules/audit/os_cmd_injection_timing.rb +12 -12
- data/modules/audit/path_traversal.rb +52 -47
- data/modules/audit/rfi.rb +25 -18
- data/modules/audit/sqli.rb +10 -10
- data/modules/audit/sqli_blind_rdiff.rb +3 -3
- data/modules/audit/sqli_blind_timing.rb +10 -10
- data/modules/audit/sqli_blind_timing/mssql.txt +9 -0
- data/modules/audit/sqli_blind_timing/mysql.txt +32 -0
- data/modules/audit/sqli_blind_timing/pgsql.txt +28 -0
- data/modules/audit/trainer.rb +7 -4
- data/modules/audit/unvalidated_redirect.rb +13 -11
- data/modules/audit/xpath.rb +10 -6
- data/modules/audit/xss_tag.rb +10 -3
- data/modules/recon/grep/html_objects.rb +9 -4
- data/plugins/defaults/content_types.rb +3 -3
- data/plugins/defaults/meta/remedies/timing_attacks.rb +4 -2
- data/plugins/defaults/meta/uniformity.rb +4 -3
- data/plugins/proxy.rb +42 -132
- data/plugins/proxy/panel/panel.html.erb +6 -0
- data/plugins/proxy/panel/vectors.yml.erb +9 -0
- data/plugins/proxy/server.rb +41 -10
- data/plugins/proxy/template_scope.rb +138 -0
- data/plugins/vector_feed.rb +12 -12
- data/reports/html.rb +1 -0
- data/spec/arachni/audit_store_spec.rb +1 -1
- data/spec/arachni/component/manager_spec.rb +10 -57
- data/spec/arachni/component/options/address_spec.rb +1 -1
- data/spec/arachni/component/options/base_spec.rb +1 -1
- data/spec/arachni/component/options/bool_spec.rb +1 -1
- data/spec/arachni/component/options/enum_spec.rb +1 -1
- data/spec/arachni/component/options/float_spec.rb +1 -1
- data/spec/arachni/component/options/int_spec.rb +1 -1
- data/spec/arachni/component/options/path_spec.rb +1 -1
- data/spec/arachni/component/options/port_spec.rb +1 -1
- data/spec/arachni/component/options/string_spec.rb +1 -1
- data/spec/arachni/component/options/url_spec.rb +1 -1
- data/spec/arachni/element/base_spec.rb +16 -5
- data/spec/arachni/element/body_spec.rb +1 -1
- data/spec/arachni/element/capabilities/auditable/rdiff_spec.rb +11 -3
- data/spec/arachni/element/capabilities/auditable/taint_spec.rb +27 -3
- data/spec/arachni/element/capabilities/auditable/timeout_spec.rb +32 -3
- data/spec/arachni/element/capabilities/mutable_spec.rb +1 -1
- data/spec/arachni/element/cookie_spec.rb +21 -7
- data/spec/arachni/element/form_spec.rb +7 -58
- data/spec/arachni/element/header_spec.rb +15 -3
- data/spec/arachni/element/link_spec.rb +3 -26
- data/spec/arachni/element/path_spec.rb +1 -1
- data/spec/arachni/element/server_spec.rb +1 -1
- data/spec/arachni/element_filter_spec.rb +1 -1
- data/spec/arachni/{error.rb → error_spec.rb} +1 -1
- data/spec/arachni/framework_spec.rb +127 -50
- data/spec/arachni/http/cookie_jar_spec.rb +9 -42
- data/spec/arachni/http_spec.rb +9 -21
- data/spec/arachni/issue_spec.rb +29 -1
- data/spec/arachni/mixins/observable_spec.rb +4 -6
- data/spec/arachni/mixins/progress_bar_spec.rb +1 -1
- data/spec/arachni/module/auditor_spec.rb +17 -5
- data/spec/arachni/module/key_filler.rb +33 -8
- data/spec/arachni/module/manager_spec.rb +1 -3
- data/spec/arachni/module/utilities_spec.rb +1 -1
- data/spec/arachni/options_spec.rb +185 -1
- data/spec/arachni/page_spec.rb +16 -3
- data/spec/arachni/parser_spec.rb +27 -123
- data/spec/arachni/platform/fingerprinter_spec.rb +159 -0
- data/spec/arachni/platform/list_spec.rb +399 -0
- data/spec/arachni/platform/manager_spec.rb +373 -0
- data/spec/arachni/plugin/manager_spec.rb +6 -29
- data/spec/arachni/report/base_spec.rb +2 -2
- data/spec/arachni/report/manager_spec.rb +2 -2
- data/spec/arachni/rpc/client/base_spec.rb +22 -27
- data/spec/arachni/rpc/client/dispatcher_spec.rb +4 -15
- data/spec/arachni/rpc/client/instance_spec.rb +3 -11
- data/spec/arachni/rpc/server/active_options_spec.rb +2 -17
- data/spec/arachni/rpc/server/base_spec.rb +23 -7
- data/spec/arachni/rpc/server/dispatcher/handler_spec.rb +4 -21
- data/spec/arachni/rpc/server/dispatcher/node_spec.rb +30 -8
- data/spec/arachni/rpc/server/dispatcher_spec.rb +130 -70
- data/spec/arachni/rpc/server/{distributor_spec.rb → framework/distributor_spec.rb} +95 -130
- data/spec/arachni/rpc/server/framework_hpg_spec.rb +38 -99
- data/spec/arachni/rpc/server/framework_simple_spec.rb +38 -71
- data/spec/arachni/rpc/server/instance_spec.rb +183 -135
- data/spec/arachni/rpc/server/modules/manager_spec.rb +18 -50
- data/spec/arachni/rpc/server/output_spec.rb +1 -1
- data/spec/arachni/rpc/server/plugin/manager_spec.rb +12 -36
- data/spec/arachni/rpc/server/spider_spec.rb +23 -48
- data/spec/arachni/ruby/array_spec.rb +1 -1
- data/spec/arachni/ruby/enumerable_spec.rb +1 -1
- data/spec/arachni/ruby/hash_spec.rb +70 -0
- data/spec/arachni/ruby/io_spec.rb +26 -0
- data/spec/arachni/ruby/object_spec.rb +1 -1
- data/spec/arachni/ruby/set_spec.rb +15 -0
- data/spec/arachni/ruby/string_spec.rb +18 -1
- data/spec/arachni/ruby/webrick_spec.rb +1 -1
- data/spec/arachni/session_spec.rb +3 -3
- data/spec/arachni/spider_spec.rb +30 -6
- data/spec/arachni/{buffer → support/buffer}/autoflush_spec.rb +7 -12
- data/spec/arachni/{buffer → support/buffer}/base_spec.rb +19 -23
- data/spec/arachni/{cache → support/cache}/base_spec.rb +7 -7
- data/spec/arachni/{cache → support/cache}/least_cost_replacement_spec.rb +3 -3
- data/spec/arachni/{cache → support/cache}/least_recently_used_spec.rb +3 -3
- data/spec/arachni/{cache → support/cache}/preference_spec.rb +3 -3
- data/spec/arachni/{cache → support/cache}/random_replacement_spec.rb +3 -3
- data/spec/arachni/{crypto → support/crypto}/rsa_aes_cbc_spec.rb +3 -5
- data/spec/arachni/{database → support/database}/hash_spec.rb +4 -5
- data/spec/arachni/{database → support/database}/queue_spec.rb +3 -4
- data/spec/arachni/support/lookup/hash_set_spec.rb +5 -0
- data/spec/arachni/support/lookup/moolb_spec.rb +41 -0
- data/spec/arachni/support/queue/disk_spec.rb +116 -0
- data/spec/arachni/trainer_spec.rb +6 -2
- data/spec/arachni/typhoeus/hydra_spec.rb +1 -1
- data/spec/arachni/typhoeus/requrest_spec.rb +1 -1
- data/spec/arachni/typhoeus/response_spec.rb +1 -1
- data/spec/arachni/uri_spec.rb +72 -38
- data/spec/arachni/utilities_spec.rb +6 -46
- data/spec/fingerprinters/frameworks/rack_spec.rb +41 -0
- data/spec/fingerprinters/languages/asp_spec.rb +40 -0
- data/spec/fingerprinters/languages/aspx_spec.rb +78 -0
- data/spec/fingerprinters/languages/jsp_spec.rb +58 -0
- data/spec/fingerprinters/languages/php_spec.rb +61 -0
- data/spec/fingerprinters/languages/python_spec.rb +23 -0
- data/spec/fingerprinters/languages/ruby.rb +34 -0
- data/spec/fingerprinters/os/bsd_spec.rb +26 -0
- data/spec/fingerprinters/os/linux_spec.rb +34 -0
- data/spec/fingerprinters/os/solaris_spec.rb +34 -0
- data/spec/fingerprinters/os/unix_spec.rb +26 -0
- data/spec/fingerprinters/os/windows_spec.rb +34 -0
- data/spec/fingerprinters/servers/apache_spec.rb +26 -0
- data/spec/fingerprinters/servers/iis_spec.rb +28 -0
- data/spec/fingerprinters/servers/jetty_spec.rb +28 -0
- data/spec/fingerprinters/servers/nginx_spec.rb +26 -0
- data/spec/fingerprinters/servers/tomcat_spec.rb +28 -0
- data/spec/modules/audit/code_injection_spec.rb +2 -2
- data/spec/modules/audit/code_injection_timing_spec.rb +1 -1
- data/spec/modules/audit/csrf_spec.rb +1 -1
- data/spec/modules/audit/ldapi_spec.rb +1 -1
- data/spec/modules/audit/os_cmd_injection_spec.rb +1 -1
- data/spec/modules/audit/os_cmd_injection_timing_spec.rb +2 -2
- data/spec/modules/audit/path_traversal_spec.rb +1 -1
- data/spec/modules/audit/response_splitting_spec.rb +1 -1
- data/spec/modules/audit/rfi_spec.rb +1 -1
- data/spec/modules/audit/session_fixation_spec.rb +1 -1
- data/spec/modules/audit/sqli_blind_rdiff_spec.rb +1 -1
- data/spec/modules/audit/sqli_blind_timing_spec.rb +4 -4
- data/spec/modules/audit/sqli_spec.rb +2 -2
- data/spec/modules/audit/trainer_spec.rb +11 -1
- data/spec/modules/audit/unvalidated_redirect_spec.rb +1 -1
- data/spec/modules/audit/xpath_spec.rb +1 -1
- data/spec/modules/audit/xss_event_spec.rb +1 -1
- data/spec/modules/audit/xss_path_spec.rb +1 -1
- data/spec/modules/audit/xss_script_tag_spec.rb +1 -1
- data/spec/modules/audit/xss_spec.rb +1 -1
- data/spec/modules/audit/xss_tag_spec.rb +1 -1
- data/spec/modules/recon/allowed_methods_spec.rb +1 -1
- data/spec/modules/recon/backdoors_spec.rb +1 -1
- data/spec/modules/recon/backup_files_spec.rb +1 -1
- data/spec/modules/recon/common_directories_spec.rb +1 -1
- data/spec/modules/recon/common_files_spec.rb +1 -1
- data/spec/modules/recon/directory_listing_spec.rb +1 -1
- data/spec/modules/recon/grep/captcha_spec.rb +1 -1
- data/spec/modules/recon/grep/credit_card_spec.rb +1 -1
- data/spec/modules/recon/grep/cvs_svn_users_spec.rb +1 -1
- data/spec/modules/recon/grep/emails_spec.rb +1 -1
- data/spec/modules/recon/grep/html_objects_spec.rb +1 -1
- data/spec/modules/recon/grep/http_only_cookies_spec.rb +1 -1
- data/spec/modules/recon/grep/insecure_cookies_spec.rb +1 -1
- data/spec/modules/recon/grep/mixed_resource_spec.rb +1 -1
- data/spec/modules/recon/grep/password_autocomplete_spec.rb +1 -1
- data/spec/modules/recon/grep/private_ip_spec.rb +1 -1
- data/spec/modules/recon/grep/ssn_spec.rb +1 -1
- data/spec/modules/recon/grep/unencrypted_password_forms_spec.rb +1 -1
- data/spec/modules/recon/htaccess_limit_spec.rb +1 -1
- data/spec/modules/recon/http_put_spec.rb +1 -1
- data/spec/modules/recon/interesting_responses_spec.rb +1 -1
- data/spec/modules/recon/webdav_spec.rb +1 -1
- data/spec/modules/recon/xst_spec.rb +1 -1
- data/spec/path_extractors/anchors_spec.rb +1 -1
- data/spec/path_extractors/areas_spec.rb +1 -1
- data/spec/path_extractors/forms_spec.rb +1 -1
- data/spec/path_extractors/frames_spec.rb +1 -1
- data/spec/path_extractors/generic_spec.rb +1 -1
- data/spec/path_extractors/links_spec.rb +1 -1
- data/spec/path_extractors/meta_refresh_spec.rb +1 -1
- data/spec/path_extractors/scripts_spec.rb +1 -1
- data/spec/plugins/autologin_spec.rb +1 -1
- data/spec/plugins/autothrottle_spec.rb +2 -2
- data/spec/plugins/content_types_spec.rb +1 -1
- data/spec/plugins/cookie_collector_spec.rb +1 -1
- data/spec/plugins/form_dicattack_spec.rb +7 -7
- data/spec/plugins/healthmap_spec.rb +1 -1
- data/spec/plugins/http_dicattack_spec.rb +6 -6
- data/spec/plugins/meta/remedies/discovery_spec.rb +1 -1
- data/spec/plugins/meta/remedies/timing_attacks_spec.rb +1 -1
- data/spec/plugins/meta/uniformity_spec.rb +1 -1
- data/spec/plugins/profiler_spec.rb +3 -3
- data/spec/plugins/rescan_spec.rb +3 -3
- data/spec/plugins/resolver_spec.rb +1 -1
- data/spec/plugins/script_spec.rb +2 -2
- data/spec/plugins/vector_feed_spec.rb +13 -1
- data/spec/plugins/waf_detector_spec.rb +2 -2
- data/spec/reports/afr_spec.rb +1 -1
- data/spec/reports/ap_spec.rb +1 -1
- data/spec/reports/html_spec.rb +1 -1
- data/spec/reports/json_spec.rb +1 -1
- data/spec/reports/marshal_spec.rb +1 -1
- data/spec/reports/stdout_spec.rb +1 -1
- data/spec/reports/txt_spec.rb +1 -1
- data/spec/reports/xml_spec.rb +1 -1
- data/spec/reports/yaml_spec.rb +1 -1
- data/spec/spec_helper.rb +27 -32
- data/spec/{fixtures → support/fixtures}/auditstore.afr +0 -0
- data/spec/{fixtures → support/fixtures}/cookies.txt +0 -0
- data/spec/support/fixtures/fingerprinters/test.rb +36 -0
- data/spec/{fixtures → support/fixtures}/modules/test.rb +0 -0
- data/spec/{fixtures → support/fixtures}/modules/test2.rb +0 -0
- data/spec/{fixtures → support/fixtures}/modules/test3.rb +0 -0
- data/spec/{fixtures → support/fixtures}/passwords.txt +0 -0
- data/spec/{fixtures → support/fixtures}/plugins/bad.rb +0 -0
- data/spec/{fixtures → support/fixtures}/plugins/defaults/default.rb +0 -0
- data/spec/{fixtures → support/fixtures}/plugins/distributable.rb +0 -0
- data/spec/{fixtures → support/fixtures}/plugins/loop.rb +0 -0
- data/spec/{fixtures → support/fixtures}/plugins/spider_hook.rb +1 -0
- data/spec/{fixtures → support/fixtures}/plugins/wait.rb +0 -0
- data/spec/{fixtures → support/fixtures}/plugins/with_options.rb +0 -0
- data/spec/{fixtures → support/fixtures}/reports/base_spec/plugin_formatters/with_formatters/foobar.rb +0 -0
- data/spec/{fixtures → support/fixtures}/reports/base_spec/with_formatters.rb +0 -0
- data/spec/{fixtures → support/fixtures}/reports/base_spec/with_outfile.rb +0 -0
- data/spec/{fixtures → support/fixtures}/reports/base_spec/without_outfile.rb +0 -0
- data/spec/{fixtures → support/fixtures}/reports/manager_spec/afr.rb +0 -0
- data/spec/{fixtures → support/fixtures}/reports/manager_spec/foo.rb +0 -0
- data/spec/{fixtures → support/fixtures}/rescan.afr.tpl +0 -0
- data/spec/{fixtures → support/fixtures}/rpcd_handlers/echo.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/body.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/cookies.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/empty.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/flch.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/forms.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/headers.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/links.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/nil.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/path.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/server.rb +0 -0
- data/spec/{fixtures → support/fixtures}/script_plugin.rb +0 -0
- data/spec/{fixtures → support/fixtures}/taint_module/taint.rb +0 -0
- data/spec/{fixtures → support/fixtures}/usernames.txt +0 -0
- data/spec/{fixtures → support/fixtures}/wait_module/wait.rb +0 -0
- data/spec/{helpers → support/helpers}/auditor.rb +0 -0
- data/spec/support/helpers/framework.rb +19 -0
- data/spec/support/helpers/misc.rb +19 -0
- data/spec/support/helpers/paths.rb +31 -0
- data/spec/support/helpers/requires.rb +24 -0
- data/spec/support/helpers/resets.rb +42 -0
- data/spec/support/helpers/web_server.rb +27 -0
- data/spec/support/lib/web_server_manager.rb +120 -0
- data/spec/support/logs/Dispatcher - 11642-42685.log +9 -0
- data/spec/support/logs/Dispatcher - 11669-58445.log +21 -0
- data/spec/support/logs/Dispatcher - 11803-19013.log +9 -0
- data/spec/support/logs/Dispatcher - 11813-58646.log +19 -0
- data/spec/support/logs/Dispatcher - 11822-1913.log +17 -0
- data/spec/support/logs/Dispatcher - 11831-60571.log +13 -0
- data/spec/support/logs/Dispatcher - 11840-20151.log +9 -0
- data/spec/support/logs/Dispatcher - 11850-21796.log +9 -0
- data/spec/support/logs/Dispatcher - 11859-47650.log +11 -0
- data/spec/support/logs/Dispatcher - 11872-13669.log +11 -0
- data/spec/support/logs/Dispatcher - 11885-40034.log +35 -0
- data/spec/support/logs/Dispatcher - 11946-10629.log +21 -0
- data/spec/support/logs/Dispatcher - 11955-55497.log +21 -0
- data/spec/support/logs/Dispatcher - 11964-33080.log +23 -0
- data/spec/support/logs/Dispatcher - 12005-28558.log +19 -0
- data/spec/support/logs/Dispatcher - 12014-59368.log +17 -0
- data/spec/support/logs/Dispatcher - 12023-41547.log +15 -0
- data/spec/support/logs/Dispatcher - 12037-54838.log +11 -0
- data/spec/support/logs/Dispatcher - 12050-38840.log +9 -0
- data/spec/support/logs/Dispatcher - 12059-7283.log +9 -0
- data/spec/support/logs/Dispatcher - 12068-19765.log +9 -0
- data/spec/support/logs/Dispatcher - 12077-24147.log +9 -0
- data/spec/support/logs/Dispatcher - 12086-60404.log +11 -0
- data/spec/support/logs/Dispatcher - 12099-43307.log +9 -0
- data/spec/support/logs/Dispatcher - 12109-9701.log +9 -0
- data/spec/support/logs/Dispatcher - 12162-19782.log +63 -0
- data/spec/support/logs/Dispatcher - 12171-35883.log +43 -0
- data/spec/support/logs/Dispatcher - 12180-6456.log +39 -0
- data/spec/support/logs/Dispatcher - 12189-64516.log +34 -0
- data/spec/support/logs/Dispatcher - 12198-50800.log +28 -0
- data/spec/support/logs/Dispatcher - 12207-6148.log +21 -0
- data/spec/support/logs/Dispatcher - 12216-45994.log +13 -0
- data/spec/support/logs/Dispatcher - 12226-59932.log +9 -0
- data/spec/support/logs/Dispatcher - 12369-42683.log +19 -0
- data/spec/support/logs/Dispatcher - 12379-51205.log +21 -0
- data/spec/support/logs/Dispatcher - 12388-15229.log +15 -0
- data/spec/support/logs/Dispatcher - 12401-35502.log +19 -0
- data/spec/support/logs/Dispatcher - 12410-3386.log +21 -0
- data/spec/support/logs/Dispatcher - 12419-16056.log +15 -0
- data/spec/support/logs/Dispatcher - 12540-25763.log +17 -0
- data/spec/support/logs/Dispatcher - 12549-49234.log +21 -0
- data/spec/support/logs/Dispatcher - 12558-61027.log +13 -0
- data/spec/support/logs/Dispatcher - 12571-34789.log +19 -0
- data/spec/support/logs/Dispatcher - 12580-27968.log +21 -0
- data/spec/support/logs/Dispatcher - 12589-38100.log +15 -0
- data/spec/support/logs/Dispatcher - 12643-8172.log +17 -0
- data/spec/support/logs/Dispatcher - 12652-44715.log +21 -0
- data/spec/support/logs/Dispatcher - 12661-40547.log +13 -0
- data/spec/support/logs/Dispatcher - 12674-20100.log +17 -0
- data/spec/support/logs/Dispatcher - 12683-57063.log +21 -0
- data/spec/support/logs/Dispatcher - 12692-20974.log +13 -0
- data/spec/support/logs/Dispatcher - 12920-24047.log +19 -0
- data/spec/support/logs/Dispatcher - 12929-13265.log +21 -0
- data/spec/support/logs/Dispatcher - 12938-38472.log +15 -0
- data/spec/support/logs/Dispatcher - 12962-47051.log +21 -0
- data/spec/support/logs/Dispatcher - 12971-48844.log +25 -0
- data/spec/support/logs/Dispatcher - 12980-2331.log +15 -0
- data/spec/support/logs/Dispatcher - 13016-57455.log +17 -0
- data/spec/support/logs/Dispatcher - 13025-44069.log +21 -0
- data/spec/support/logs/Dispatcher - 13034-59986.log +13 -0
- data/spec/support/logs/Dispatcher - 13047-17338.log +21 -0
- data/spec/support/logs/Dispatcher - 13056-57124.log +25 -0
- data/spec/support/logs/Dispatcher - 13065-3014.log +15 -0
- data/spec/support/logs/Dispatcher - 13101-42040.log +17 -0
- data/spec/support/logs/Dispatcher - 13110-29137.log +21 -0
- data/spec/support/logs/Dispatcher - 13119-52878.log +13 -0
- data/spec/support/logs/Dispatcher - 13132-20646.log +17 -0
- data/spec/support/logs/Dispatcher - 13141-21629.log +21 -0
- data/spec/support/logs/Dispatcher - 13150-42002.log +13 -0
- data/spec/support/logs/Dispatcher - 8291-38888.log +9 -0
- data/spec/support/logs/Dispatcher - 8325-2241.log +21 -0
- data/spec/support/logs/Dispatcher - 8458-40239.log +9 -0
- data/spec/support/logs/Dispatcher - 8468-26555.log +19 -0
- data/spec/support/logs/Dispatcher - 8477-28819.log +17 -0
- data/spec/support/logs/Dispatcher - 8486-36985.log +13 -0
- data/spec/support/logs/Dispatcher - 8495-59407.log +9 -0
- data/spec/support/logs/Dispatcher - 8504-27479.log +9 -0
- data/spec/support/logs/Dispatcher - 8513-51807.log +11 -0
- data/spec/support/logs/Dispatcher - 8526-53739.log +11 -0
- data/spec/support/logs/Dispatcher - 8539-55908.log +35 -0
- data/spec/support/logs/Dispatcher - 8603-24287.log +21 -0
- data/spec/support/logs/Dispatcher - 8612-37320.log +21 -0
- data/spec/support/logs/Dispatcher - 8621-60797.log +23 -0
- data/spec/support/logs/Dispatcher - 8662-56395.log +19 -0
- data/spec/support/logs/Dispatcher - 8671-54268.log +17 -0
- data/spec/support/logs/Dispatcher - 8680-32387.log +15 -0
- data/spec/support/logs/Dispatcher - 8693-60728.log +11 -0
- data/spec/support/logs/Dispatcher - 8706-53092.log +9 -0
- data/spec/support/logs/Dispatcher - 8715-35576.log +9 -0
- data/spec/support/logs/Dispatcher - 8724-9842.log +9 -0
- data/spec/support/logs/Dispatcher - 8734-37290.log +9 -0
- data/spec/support/logs/Dispatcher - 8743-46516.log +11 -0
- data/spec/support/logs/Dispatcher - 8756-59294.log +9 -0
- data/spec/support/logs/Dispatcher - 8765-16318.log +9 -0
- data/spec/support/logs/Dispatcher - 8818-35968.log +63 -0
- data/spec/support/logs/Dispatcher - 8827-57068.log +43 -0
- data/spec/support/logs/Dispatcher - 8836-31238.log +39 -0
- data/spec/support/logs/Dispatcher - 8845-48148.log +34 -0
- data/spec/support/logs/Dispatcher - 8854-17355.log +28 -0
- data/spec/support/logs/Dispatcher - 8863-6616.log +21 -0
- data/spec/support/logs/Dispatcher - 8872-1373.log +13 -0
- data/spec/support/logs/Dispatcher - 8882-40014.log +9 -0
- data/spec/support/logs/Dispatcher - 8989-17108.log +19 -0
- data/spec/support/logs/Dispatcher - 9000-23195.log +21 -0
- data/spec/support/logs/Dispatcher - 9009-33836.log +15 -0
- data/spec/support/logs/Dispatcher - 9022-55515.log +19 -0
- data/spec/support/logs/Dispatcher - 9031-51301.log +21 -0
- data/spec/support/logs/Dispatcher - 9040-10025.log +15 -0
- data/spec/support/logs/Dispatcher - 9180-20874.log +17 -0
- data/spec/support/logs/Dispatcher - 9189-29826.log +21 -0
- data/spec/support/logs/Dispatcher - 9198-21818.log +13 -0
- data/spec/support/logs/Dispatcher - 9211-64830.log +19 -0
- data/spec/support/logs/Dispatcher - 9220-2570.log +21 -0
- data/spec/support/logs/Dispatcher - 9229-45654.log +15 -0
- data/spec/support/logs/Dispatcher - 9286-1284.log +17 -0
- data/spec/support/logs/Dispatcher - 9295-58545.log +21 -0
- data/spec/support/logs/Dispatcher - 9304-52355.log +13 -0
- data/spec/support/logs/Dispatcher - 9317-58138.log +17 -0
- data/spec/support/logs/Dispatcher - 9326-39184.log +21 -0
- data/spec/support/logs/Dispatcher - 9336-44714.log +13 -0
- data/spec/support/logs/Dispatcher - 9555-26114.log +19 -0
- data/spec/support/logs/Dispatcher - 9564-2270.log +21 -0
- data/spec/support/logs/Dispatcher - 9573-26148.log +15 -0
- data/spec/support/logs/Dispatcher - 9597-62247.log +21 -0
- data/spec/support/logs/Dispatcher - 9606-16162.log +25 -0
- data/spec/support/logs/Dispatcher - 9615-8643.log +15 -0
- data/spec/support/logs/Dispatcher - 9651-49224.log +17 -0
- data/spec/support/logs/Dispatcher - 9660-4390.log +21 -0
- data/spec/support/logs/Dispatcher - 9669-18266.log +13 -0
- data/spec/support/logs/Dispatcher - 9682-44582.log +21 -0
- data/spec/support/logs/Dispatcher - 9691-15941.log +25 -0
- data/spec/support/logs/Dispatcher - 9700-22186.log +15 -0
- data/spec/support/logs/Dispatcher - 9736-29672.log +17 -0
- data/spec/support/logs/Dispatcher - 9745-33231.log +21 -0
- data/spec/support/logs/Dispatcher - 9754-48381.log +13 -0
- data/spec/support/logs/Dispatcher - 9767-29812.log +17 -0
- data/spec/support/logs/Dispatcher - 9776-9894.log +21 -0
- data/spec/support/logs/Dispatcher - 9785-1421.log +13 -0
- data/spec/support/logs/Instance - 12384-38605.error.log +328 -0
- data/spec/support/logs/Instance - 12657-2379.error.log +328 -0
- data/spec/support/logs/Instance - 12688-50940.error.log +427 -0
- data/spec/support/logs/Instance - 12708-13716.error.log +326 -0
- data/spec/support/logs/Instance - 12714-45400.error.log +328 -0
- data/spec/support/logs/Instance - 12848-32645.error.log +326 -0
- data/spec/support/logs/Instance - 9005-21883.error.log +328 -0
- data/spec/support/logs/Instance - 9300-33102.error.log +328 -0
- data/spec/support/logs/Instance - 9331-48336.error.log +427 -0
- data/spec/support/logs/Instance - 9352-62807.error.log +326 -0
- data/spec/support/logs/Instance - 9358-45154.error.log +328 -0
- data/spec/support/logs/Instance - 9487-8746.error.log +326 -0
- data/spec/{logs → support/logs}/placeholder +0 -0
- data/spec/{pems → support/pems}/cacert.pem +0 -0
- data/spec/{pems → support/pems}/client/cert.pem +0 -0
- data/spec/{pems → support/pems}/client/foo-cert.pem +0 -0
- data/spec/{pems → support/pems}/client/foo-key.pem +0 -0
- data/spec/{pems → support/pems}/client/key.pem +0 -0
- data/spec/{pems → support/pems}/server/cert.pem +0 -0
- data/spec/{pems → support/pems}/server/key.pem +0 -0
- data/spec/{servers → support/servers}/arachni/element/capabilities/auditable/rdiff.rb +0 -0
- data/spec/{servers → support/servers}/arachni/element/capabilities/auditable/taint.rb +0 -0
- data/spec/{servers → support/servers}/arachni/element/capabilities/auditable/timeout.rb +0 -0
- data/spec/{servers → support/servers}/arachni/element/cookie.rb +0 -0
- data/spec/{servers → support/servers}/arachni/element/form.rb +0 -0
- data/spec/{servers → support/servers}/arachni/element/header.rb +0 -0
- data/spec/{servers → support/servers}/arachni/element/link.rb +0 -0
- data/spec/{servers → support/servers}/arachni/framework.rb +0 -0
- data/spec/{servers → support/servers}/arachni/http.rb +0 -0
- data/spec/{servers → support/servers}/arachni/http_auth.rb +0 -0
- data/spec/{servers → support/servers}/arachni/module/auditor.rb +0 -0
- data/spec/{servers → support/servers}/arachni/parser.rb +0 -0
- data/spec/{servers → support/servers}/arachni/rpc/server/framework_hpg.rb +0 -1
- data/spec/{servers → support/servers}/arachni/rpc/server/framework_simple.rb +0 -0
- data/spec/{servers → support/servers}/arachni/session.rb +0 -0
- data/spec/{servers → support/servers}/arachni/spider.rb +0 -0
- data/spec/{servers → support/servers}/arachni/spider_https.rb +0 -0
- data/spec/{servers → support/servers}/arachni/trainer.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/code_injection.rb +3 -4
- data/spec/{servers → support/servers}/modules/audit/code_injection_timing.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/csrf.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/ldapi.rb +1 -1
- data/spec/{servers → support/servers}/modules/audit/os_cmd_injection.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/os_cmd_injection_timing.rb +1 -10
- data/spec/{servers → support/servers}/modules/audit/path_traversal.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/response_splitting.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/rfi.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/session_fixation.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli.rb +1 -1
- data/spec/{servers → support/servers}/modules/audit/sqli/coldfusion +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/db2 +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/emc +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/informix +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/interbase +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/jdbc +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/mssql +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/mysql +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/oracle +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/postgresql +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/sqlite +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/sybase +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli_blind_rdiff.rb +1 -1
- data/spec/{servers → support/servers}/modules/audit/sqli_blind_timing.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/trainer_module.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/unvalidated_redirect.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/xpath.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/xpath/dotnet +0 -0
- data/spec/{servers → support/servers}/modules/audit/xpath/general +0 -0
- data/spec/{servers → support/servers}/modules/audit/xpath/java +0 -0
- data/spec/{servers → support/servers}/modules/audit/xpath/libxml2 +0 -0
- data/spec/{servers → support/servers}/modules/audit/xpath/php +0 -0
- data/spec/{servers → support/servers}/modules/audit/xss.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/xss_event.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/xss_path.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/xss_script_tag.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/xss_tag.rb +0 -0
- data/spec/{servers → support/servers}/modules/module_server.rb +1 -1
- data/spec/{servers → support/servers}/modules/recon/allowed_methods.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/backdoors.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/backup_files.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/common_directories.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/common_files.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/directory_listing.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/captcha.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/credit_card.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/cvs_svn_users.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/emails.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/html_objects.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/http_only_cookies.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/insecure_cookies.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/mixed_resource.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/password_autocomplete.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/private_ip.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/ssn.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/unencrypted_password_forms.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/htaccess_limit.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/http_put.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/interesting_responses.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/webdav.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/xst.rb +0 -0
- data/spec/{servers → support/servers}/plugins/autologin.rb +0 -0
- data/spec/{servers → support/servers}/plugins/autothrottle.rb +0 -0
- data/spec/{servers → support/servers}/plugins/content_types.rb +0 -0
- data/spec/{servers → support/servers}/plugins/cookie_collector.rb +0 -0
- data/spec/{servers → support/servers}/plugins/form_dicattack.rb +0 -0
- data/spec/{servers → support/servers}/plugins/healthmap.rb +0 -0
- data/spec/{servers → support/servers}/plugins/http_dicattack.rb +0 -0
- data/spec/{servers → support/servers}/plugins/http_dicattack_secure.rb +0 -0
- data/spec/{servers → support/servers}/plugins/http_dicattack_unprotected.rb +0 -0
- data/spec/{servers → support/servers}/plugins/meta/remedies/discovery.rb +1 -1
- data/spec/{servers → support/servers}/plugins/meta/remedies/timing_attacks.rb +0 -0
- data/spec/{servers → support/servers}/plugins/profiler.rb +0 -0
- data/spec/{servers → support/servers}/plugins/rescan.rb +0 -0
- data/spec/{servers → support/servers}/plugins/waf_detector.rb +0 -0
- data/spec/{shared → support/shared}/component.rb +1 -1
- data/spec/{shared → support/shared}/element/capabilities/auditable.rb +363 -194
- data/spec/{shared → support/shared}/element/capabilities/refreshable.rb +0 -0
- data/spec/support/shared/fingerprinter.rb +14 -0
- data/spec/{shared → support/shared}/module.rb +1 -1
- data/spec/{shared → support/shared}/path_extractor.rb +0 -0
- data/spec/{shared → support/shared}/plugin.rb +0 -0
- data/spec/{shared → support/shared}/reports.rb +1 -1
- data/spec/{arachni/bloom_filter_spec.rb → support/shared/support/lookup.rb} +11 -11
- metadata +936 -199
- data/lib/arachni/bloom_filter.rb +0 -74
- data/lib/arachni/buffer.rb +0 -3
- data/lib/arachni/buffer/autoflush.rb +0 -77
- data/lib/arachni/database.rb +0 -4
- data/lib/arachni/database/base.rb +0 -131
- data/modules/audit/code_injection_timing/payloads.txt +0 -4
- data/modules/audit/os_cmd_injection/payloads.txt +0 -3
- data/modules/audit/os_cmd_injection_timing/payloads.txt +0 -2
- data/modules/audit/sqli_blind_timing/payloads.txt +0 -69
- data/spec/helpers/misc.rb +0 -41
- data/spec/helpers/processes.rb +0 -112
- data/spec/helpers/requires.rb +0 -8
- data/spec/helpers/server.rb +0 -54
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
|
|
1
|
+
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
describe Arachni::Session do
|
|
4
4
|
|
|
5
5
|
before( :all ) do
|
|
6
|
-
@url =
|
|
6
|
+
@url = web_server_url_for( :session )
|
|
7
7
|
@opts = Arachni::Options.instance
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -283,7 +283,7 @@ describe Arachni::Session do
|
|
|
283
283
|
describe '#set_login_check' do
|
|
284
284
|
it 'sets a login check using a URL and regular expression' do
|
|
285
285
|
s = new_session
|
|
286
|
-
url =
|
|
286
|
+
url = web_server_url_for( :session ) + '/'
|
|
287
287
|
s.opts.url = "#{url}/congrats"
|
|
288
288
|
|
|
289
289
|
s.has_login_sequence?.should be_false
|
data/spec/arachni/spider_spec.rb
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
|
|
1
|
+
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
describe Arachni::Spider do
|
|
4
4
|
before( :all ) do
|
|
5
5
|
@opts = Arachni::Options.instance
|
|
6
|
-
@opts.url =
|
|
6
|
+
@opts.url = web_server_url_for :spider
|
|
7
7
|
@url = @opts.url.to_s
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -14,7 +14,7 @@ describe Arachni::Spider do
|
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
it 'supports HTTPS' do
|
|
17
|
-
@opts.url = (
|
|
17
|
+
@opts.url = (web_server_url_for :spider_https).gsub( 'http', 'https' )
|
|
18
18
|
spider = Arachni::Spider.new
|
|
19
19
|
|
|
20
20
|
spider.run.size.should == 3
|
|
@@ -222,6 +222,17 @@ describe Arachni::Spider do
|
|
|
222
222
|
end
|
|
223
223
|
end
|
|
224
224
|
context 'when the link-count-limit option has been set' do
|
|
225
|
+
context 'and the limit has been reached' do
|
|
226
|
+
it 'immediately returns' do
|
|
227
|
+
@opts.link_count_limit = 1
|
|
228
|
+
spider = Arachni::Spider.new
|
|
229
|
+
spider.run.should == spider.sitemap
|
|
230
|
+
spider.sitemap.should == [@url]
|
|
231
|
+
|
|
232
|
+
spider.run.should be_false
|
|
233
|
+
end
|
|
234
|
+
end
|
|
235
|
+
|
|
225
236
|
it 'follows only a <link-count-limit> amount of paths' do
|
|
226
237
|
@opts.link_count_limit = 1
|
|
227
238
|
spider = Arachni::Spider.new
|
|
@@ -381,7 +392,7 @@ describe Arachni::Spider do
|
|
|
381
392
|
|
|
382
393
|
s = Arachni::Spider.new
|
|
383
394
|
paths = [@url + 'a_pushed_path', @url + 'another_pushed_path']
|
|
384
|
-
s.push( paths )
|
|
395
|
+
s.push( paths ).should be_true
|
|
385
396
|
(s.paths & paths).sort.should == paths.sort
|
|
386
397
|
s.run
|
|
387
398
|
(s.paths & paths).should be_empty
|
|
@@ -396,12 +407,25 @@ describe Arachni::Spider do
|
|
|
396
407
|
nwp = Arachni::Module::Utilities.to_absolute( wp )
|
|
397
408
|
np = Arachni::Module::Utilities.to_absolute( p )
|
|
398
409
|
|
|
399
|
-
s.push( p )
|
|
410
|
+
s.push( p ).should be_true
|
|
400
411
|
s.run
|
|
401
412
|
s.fancy_sitemap[np].should == 200
|
|
402
413
|
s.fancy_sitemap[nwp].should == 200
|
|
403
414
|
end
|
|
404
415
|
|
|
416
|
+
context 'when the link-count-limit option has been set' do
|
|
417
|
+
context 'and the limit has been reached' do
|
|
418
|
+
it 'immediately returns' do
|
|
419
|
+
@opts.link_count_limit = 1
|
|
420
|
+
spider = Arachni::Spider.new
|
|
421
|
+
spider.run.should == spider.sitemap
|
|
422
|
+
spider.sitemap.should == [@url]
|
|
423
|
+
|
|
424
|
+
spider.push( Arachni::Module::Utilities.to_absolute( 'test' ) ).should be_false
|
|
425
|
+
end
|
|
426
|
+
end
|
|
427
|
+
end
|
|
428
|
+
|
|
405
429
|
#context 'when called after the crawl has finished' do
|
|
406
430
|
# it 'should wake the crawler up after pushing the new paths' do
|
|
407
431
|
# s = Arachni::Spider.new
|
|
@@ -445,7 +469,7 @@ describe Arachni::Spider do
|
|
|
445
469
|
end
|
|
446
470
|
context 'when running' do
|
|
447
471
|
it 'returns false' do
|
|
448
|
-
@opts.url =
|
|
472
|
+
@opts.url = web_server_url_for( :auditor ) + '/sleep'
|
|
449
473
|
s = Arachni::Spider.new
|
|
450
474
|
Thread.new{ s.run }
|
|
451
475
|
sleep 1
|
|
@@ -1,16 +1,11 @@
|
|
|
1
|
-
|
|
2
|
-
require Arachni::Options.dir['lib'] + 'buffer'
|
|
3
|
-
|
|
4
|
-
describe Arachni::Buffer::AutoFlush do
|
|
5
|
-
before( :all ) do
|
|
6
|
-
@buffer = Arachni::Buffer::AutoFlush
|
|
7
|
-
end
|
|
1
|
+
require 'spec_helper'
|
|
8
2
|
|
|
3
|
+
describe Arachni::Support::Buffer::AutoFlush do
|
|
9
4
|
describe '#initialize' do
|
|
10
5
|
context 'when passed a max_size' do
|
|
11
6
|
context 'when the buffer reaches that size' do
|
|
12
7
|
it 'forces the buffer to #flush itself' do
|
|
13
|
-
b =
|
|
8
|
+
b = described_class.new( 10 )
|
|
14
9
|
|
|
15
10
|
buffers = []
|
|
16
11
|
b.on_flush do |buffer|
|
|
@@ -31,7 +26,7 @@ describe Arachni::Buffer::AutoFlush do
|
|
|
31
26
|
context 'when passed a max_pushes' do
|
|
32
27
|
context 'when the amount of pushes reaches that size' do
|
|
33
28
|
it 'forces the buffer to #flush itself' do
|
|
34
|
-
b =
|
|
29
|
+
b = described_class.new( 99999, 10 )
|
|
35
30
|
|
|
36
31
|
buffers = []
|
|
37
32
|
b.on_flush do |buffer|
|
|
@@ -45,7 +40,7 @@ describe Arachni::Buffer::AutoFlush do
|
|
|
45
40
|
buffers.shift.should == (10...20).to_a
|
|
46
41
|
b.should be_empty
|
|
47
42
|
|
|
48
|
-
b =
|
|
43
|
+
b = described_class.new( 99999, 10 )
|
|
49
44
|
|
|
50
45
|
buffers = []
|
|
51
46
|
b.on_flush do |buffer|
|
|
@@ -64,13 +59,13 @@ describe Arachni::Buffer::AutoFlush do
|
|
|
64
59
|
|
|
65
60
|
context 'when passed a type' do
|
|
66
61
|
it 'should be used for internal storage' do
|
|
67
|
-
b =
|
|
62
|
+
b = described_class.new( 10, 999, Set )
|
|
68
63
|
b << 'test'
|
|
69
64
|
b << 'test'
|
|
70
65
|
b.size.should == 1
|
|
71
66
|
b.flush.class.should == Set
|
|
72
67
|
|
|
73
|
-
b =
|
|
68
|
+
b = described_class.new
|
|
74
69
|
b << 'test'
|
|
75
70
|
b << 'test'
|
|
76
71
|
b.size.should == 2
|
|
@@ -1,15 +1,11 @@
|
|
|
1
|
-
|
|
2
|
-
require Arachni::Options.dir['lib'] + 'buffer'
|
|
1
|
+
require 'spec_helper'
|
|
3
2
|
|
|
4
|
-
describe Arachni::Buffer::Base do
|
|
5
|
-
before( :all ) do
|
|
6
|
-
@buffer = Arachni::Buffer::Base
|
|
7
|
-
end
|
|
3
|
+
describe Arachni::Support::Buffer::Base do
|
|
8
4
|
|
|
9
5
|
describe '#initialize' do
|
|
10
6
|
context 'when passed a max_size' do
|
|
11
7
|
it 'determines whether or not the buffer is full' do
|
|
12
|
-
b =
|
|
8
|
+
b = described_class.new( 10 )
|
|
13
9
|
20.times { |i| b << i }
|
|
14
10
|
b.full?.should be_true
|
|
15
11
|
end
|
|
@@ -17,13 +13,13 @@ describe Arachni::Buffer::Base do
|
|
|
17
13
|
|
|
18
14
|
context 'when passed a type' do
|
|
19
15
|
it 'determines the type to use for internal storage' do
|
|
20
|
-
b =
|
|
16
|
+
b = described_class.new( 10, Set )
|
|
21
17
|
b << 'test'
|
|
22
18
|
b << 'test'
|
|
23
19
|
b.size.should == 1
|
|
24
20
|
b.flush.class.should == Set
|
|
25
21
|
|
|
26
|
-
b =
|
|
22
|
+
b = described_class.new
|
|
27
23
|
b << 'test'
|
|
28
24
|
b << 'test'
|
|
29
25
|
b.size.should == 2
|
|
@@ -35,13 +31,13 @@ describe Arachni::Buffer::Base do
|
|
|
35
31
|
|
|
36
32
|
describe '#<<' do
|
|
37
33
|
it 'adds an element to the buffer' do
|
|
38
|
-
b =
|
|
34
|
+
b = described_class.new
|
|
39
35
|
b << 'test'
|
|
40
36
|
b << 'test'
|
|
41
37
|
b.size.should == 2
|
|
42
38
|
end
|
|
43
39
|
it 'aliased to #push' do
|
|
44
|
-
b =
|
|
40
|
+
b = described_class.new
|
|
45
41
|
b.push 'test'
|
|
46
42
|
b.push 'test'
|
|
47
43
|
b.size.should == 2
|
|
@@ -50,7 +46,7 @@ describe Arachni::Buffer::Base do
|
|
|
50
46
|
|
|
51
47
|
describe '#batch_push' do
|
|
52
48
|
it 'pushes a batch of entries' do
|
|
53
|
-
b =
|
|
49
|
+
b = described_class.new
|
|
54
50
|
b.batch_push [ 'test', 'test2' ]
|
|
55
51
|
b.size.should == 2
|
|
56
52
|
end
|
|
@@ -58,7 +54,7 @@ describe Arachni::Buffer::Base do
|
|
|
58
54
|
|
|
59
55
|
describe '#size' do
|
|
60
56
|
it 'returns the number of entries in the buffer' do
|
|
61
|
-
b =
|
|
57
|
+
b = described_class.new
|
|
62
58
|
b.batch_push [ 'test', 'test2', 'test3' ]
|
|
63
59
|
b.size.should == 3
|
|
64
60
|
end
|
|
@@ -68,13 +64,13 @@ describe Arachni::Buffer::Base do
|
|
|
68
64
|
context 'when the buffer' do
|
|
69
65
|
context 'is empty' do
|
|
70
66
|
it 'returns true' do
|
|
71
|
-
b =
|
|
67
|
+
b = described_class.new( 10 )
|
|
72
68
|
b.empty?.should be_true
|
|
73
69
|
end
|
|
74
70
|
end
|
|
75
71
|
context 'is not empty' do
|
|
76
72
|
it 'returns false' do
|
|
77
|
-
b =
|
|
73
|
+
b = described_class.new( 10 )
|
|
78
74
|
b << 1
|
|
79
75
|
b.empty?.should be_false
|
|
80
76
|
end
|
|
@@ -86,14 +82,14 @@ describe Arachni::Buffer::Base do
|
|
|
86
82
|
context 'when the buffer has' do
|
|
87
83
|
context 'reached its maximum size' do
|
|
88
84
|
it 'returns true' do
|
|
89
|
-
b =
|
|
85
|
+
b = described_class.new( 10 )
|
|
90
86
|
20.times { |i| b << i }
|
|
91
87
|
b.full?.should be_true
|
|
92
88
|
end
|
|
93
89
|
end
|
|
94
90
|
context 'not reached its maximum size' do
|
|
95
91
|
it 'returns false' do
|
|
96
|
-
b =
|
|
92
|
+
b = described_class.new( 100 )
|
|
97
93
|
20.times { |i| b << i }
|
|
98
94
|
b.full?.should be_false
|
|
99
95
|
end
|
|
@@ -103,7 +99,7 @@ describe Arachni::Buffer::Base do
|
|
|
103
99
|
|
|
104
100
|
describe '#flush' do
|
|
105
101
|
it 'returns buffer contents' do
|
|
106
|
-
b =
|
|
102
|
+
b = described_class.new
|
|
107
103
|
b.batch_push [ 'test', 'test2', 'test3' ]
|
|
108
104
|
b.size.should == 3
|
|
109
105
|
|
|
@@ -111,7 +107,7 @@ describe Arachni::Buffer::Base do
|
|
|
111
107
|
b.size.should == 0
|
|
112
108
|
end
|
|
113
109
|
it 'empties the buffer' do
|
|
114
|
-
b =
|
|
110
|
+
b = described_class.new
|
|
115
111
|
b.batch_push [ 'test', 'test2', 'test3' ]
|
|
116
112
|
b.size.should == 3
|
|
117
113
|
|
|
@@ -124,7 +120,7 @@ describe Arachni::Buffer::Base do
|
|
|
124
120
|
it 'adds blocks to be called every time #<< (or #push) is called' do
|
|
125
121
|
item = :ya
|
|
126
122
|
|
|
127
|
-
b =
|
|
123
|
+
b = described_class.new
|
|
128
124
|
|
|
129
125
|
call_args = []
|
|
130
126
|
b.on_push do |buffer|
|
|
@@ -138,7 +134,7 @@ describe Arachni::Buffer::Base do
|
|
|
138
134
|
b << item
|
|
139
135
|
call_args.should == [ item, item]
|
|
140
136
|
|
|
141
|
-
b =
|
|
137
|
+
b = described_class.new
|
|
142
138
|
|
|
143
139
|
call_args = []
|
|
144
140
|
b.on_push do |buffer|
|
|
@@ -158,7 +154,7 @@ describe Arachni::Buffer::Base do
|
|
|
158
154
|
it 'adds blocks to be called every time #batch_push is called' do
|
|
159
155
|
item = [:ya, :ya1]
|
|
160
156
|
|
|
161
|
-
b =
|
|
157
|
+
b = described_class.new
|
|
162
158
|
|
|
163
159
|
call_args = []
|
|
164
160
|
b.on_batch_push do |buffer|
|
|
@@ -178,7 +174,7 @@ describe Arachni::Buffer::Base do
|
|
|
178
174
|
it 'adds blocks to be called every time #flush is called' do
|
|
179
175
|
item = :ya
|
|
180
176
|
|
|
181
|
-
b =
|
|
177
|
+
b = described_class.new
|
|
182
178
|
b << item
|
|
183
179
|
|
|
184
180
|
call_args = []
|
|
@@ -1,19 +1,19 @@
|
|
|
1
|
-
|
|
1
|
+
require 'spec_helper'
|
|
2
2
|
|
|
3
|
-
describe Arachni::Cache::Base do
|
|
3
|
+
describe Arachni::Support::Cache::Base do
|
|
4
4
|
|
|
5
|
-
before { @cache =
|
|
5
|
+
before { @cache = described_class.new }
|
|
6
6
|
|
|
7
7
|
describe '#new' do
|
|
8
8
|
describe 'max_size' do
|
|
9
9
|
describe 'nil' do
|
|
10
10
|
it 'leaves the cache uncapped' do
|
|
11
|
-
|
|
11
|
+
described_class.new.capped?.should be_false
|
|
12
12
|
end
|
|
13
13
|
end
|
|
14
14
|
describe Integer do
|
|
15
15
|
it 'imposes a limit to the size of the cache' do
|
|
16
|
-
|
|
16
|
+
described_class.new( 10 ).capped?.should be_true
|
|
17
17
|
end
|
|
18
18
|
end
|
|
19
19
|
end
|
|
@@ -182,7 +182,7 @@ describe Arachni::Cache::Base do
|
|
|
182
182
|
old_val = 'my val'
|
|
183
183
|
new_val = 'new val'
|
|
184
184
|
|
|
185
|
-
cache =
|
|
185
|
+
cache = described_class.new
|
|
186
186
|
cache[:my_key] = old_val
|
|
187
187
|
cache.fetch_or_store( :my_key ) { new_val }
|
|
188
188
|
|
|
@@ -193,7 +193,7 @@ describe Arachni::Cache::Base do
|
|
|
193
193
|
context 'when the passed key does not exist' do
|
|
194
194
|
it 'assigns to it the return value of the given block' do
|
|
195
195
|
new_val = 'new val'
|
|
196
|
-
cache =
|
|
196
|
+
cache = described_class.new
|
|
197
197
|
cache.fetch_or_store( :my_key ) { new_val }
|
|
198
198
|
|
|
199
199
|
cache[:my_key].should == new_val
|
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
|
|
1
|
+
require 'spec_helper'
|
|
2
2
|
|
|
3
|
-
describe Arachni::Cache::LeastCostReplacement do
|
|
3
|
+
describe Arachni::Support::Cache::LeastCostReplacement do
|
|
4
4
|
|
|
5
|
-
before { @cache =
|
|
5
|
+
before { @cache = described_class.new }
|
|
6
6
|
|
|
7
7
|
|
|
8
8
|
it 'prunes itself by removing the least costly entries' do
|
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
|
|
1
|
+
require 'spec_helper'
|
|
2
2
|
|
|
3
|
-
describe Arachni::Cache::LeastRecentlyUsed do
|
|
3
|
+
describe Arachni::Support::Cache::LeastRecentlyUsed do
|
|
4
4
|
|
|
5
|
-
before { @cache =
|
|
5
|
+
before { @cache = described_class.new }
|
|
6
6
|
|
|
7
7
|
it 'prunes itself by removing Least Recently Used entries' do
|
|
8
8
|
@cache.max_size = 3
|
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
|
|
1
|
+
require 'spec_helper'
|
|
2
2
|
|
|
3
|
-
describe Arachni::Cache::Preference do
|
|
3
|
+
describe Arachni::Support::Cache::Preference do
|
|
4
4
|
|
|
5
|
-
before { @cache =
|
|
5
|
+
before { @cache = described_class.new }
|
|
6
6
|
|
|
7
7
|
it 'prunes itself by removing entries returned by the given block' do
|
|
8
8
|
@cache.max_size = 3
|
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
|
|
1
|
+
require 'spec_helper'
|
|
2
2
|
|
|
3
|
-
describe Arachni::Cache::RandomReplacement do
|
|
3
|
+
describe Arachni::Support::Cache::RandomReplacement do
|
|
4
4
|
|
|
5
|
-
before { @cache =
|
|
5
|
+
before { @cache = described_class.new }
|
|
6
6
|
|
|
7
7
|
it 'prunes itself by removing random entries (Random Replacement)' do
|
|
8
8
|
@cache.max_size = 3
|
|
@@ -1,9 +1,7 @@
|
|
|
1
|
-
|
|
2
|
-
require_testee
|
|
3
|
-
|
|
1
|
+
require 'spec_helper'
|
|
4
2
|
require 'tempfile'
|
|
5
3
|
|
|
6
|
-
describe RSA_AES_CBC do
|
|
4
|
+
describe Arachni::Support::Crypto::RSA_AES_CBC do
|
|
7
5
|
|
|
8
6
|
SEED = 'seed data'
|
|
9
7
|
|
|
@@ -21,7 +19,7 @@ describe RSA_AES_CBC do
|
|
|
21
19
|
@private_key_file_path = private_key_file.path
|
|
22
20
|
@public_key_file_path = public_key_file.path
|
|
23
21
|
|
|
24
|
-
@crypto =
|
|
22
|
+
@crypto = described_class.new( @public_key_file_path, @private_key_file_path )
|
|
25
23
|
end
|
|
26
24
|
|
|
27
25
|
it 'generates matching encrypted and decrypted data' do
|
|
@@ -1,10 +1,9 @@
|
|
|
1
|
-
|
|
2
|
-
require_testee
|
|
1
|
+
require 'spec_helper'
|
|
3
2
|
|
|
4
|
-
describe Arachni::Database::Hash do
|
|
3
|
+
describe Arachni::Support::Database::Hash do
|
|
5
4
|
|
|
6
5
|
before :all do
|
|
7
|
-
@hash =
|
|
6
|
+
@hash = described_class.new
|
|
8
7
|
@non_existent = 'blahblahblah'
|
|
9
8
|
|
|
10
9
|
@seeds = {
|
|
@@ -16,7 +15,7 @@ describe Arachni::Database::Hash do
|
|
|
16
15
|
|
|
17
16
|
# http://www.ruby-doc.org/core-1.9.3/Hash.html#method-i-empty?
|
|
18
17
|
it 'implements #empty?' do
|
|
19
|
-
h =
|
|
18
|
+
h = described_class.new
|
|
20
19
|
|
|
21
20
|
h.empty?.should == {}.empty?
|
|
22
21
|
|