arachni 0.4.2 → 0.4.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +8 -8
- data/ACKNOWLEDGMENTS.md +3 -0
- data/CHANGELOG.md +181 -1
- data/README.md +68 -14
- data/Rakefile +1 -5
- data/arachni.gemspec +9 -6
- data/bin/arachni_multi +23 -0
- data/bin/arachni_rpc +2 -2
- data/bin/arachni_rpcd_monitor +1 -1
- data/fingerprinters/frameworks/rack.rb +41 -0
- data/fingerprinters/languages/asp.rb +42 -0
- data/fingerprinters/languages/aspx.rb +63 -0
- data/fingerprinters/languages/jsp.rb +44 -0
- data/fingerprinters/languages/php.rb +43 -0
- data/fingerprinters/languages/python.rb +40 -0
- data/fingerprinters/languages/ruby.rb +41 -0
- data/fingerprinters/os/bsd.rb +36 -0
- data/fingerprinters/os/linux.rb +42 -0
- data/fingerprinters/os/solaris.rb +41 -0
- data/fingerprinters/os/unix.rb +36 -0
- data/fingerprinters/os/windows.rb +41 -0
- data/fingerprinters/servers/apache.rb +36 -0
- data/fingerprinters/servers/iis.rb +36 -0
- data/fingerprinters/servers/jetty.rb +36 -0
- data/fingerprinters/servers/nginx.rb +36 -0
- data/fingerprinters/servers/tomcat.rb +36 -0
- data/lib/arachni/audit_store.rb +3 -4
- data/lib/arachni/banner.rb +0 -2
- data/lib/arachni/element/base.rb +25 -35
- data/lib/arachni/element/capabilities/auditable.rb +265 -133
- data/lib/arachni/element/capabilities/auditable/rdiff.rb +14 -4
- data/lib/arachni/element/capabilities/auditable/taint.rb +32 -10
- data/lib/arachni/element/capabilities/auditable/timeout.rb +59 -29
- data/lib/arachni/element/cookie.rb +4 -3
- data/lib/arachni/element/form.rb +1 -5
- data/lib/arachni/element/header.rb +10 -0
- data/lib/arachni/element/link.rb +0 -1
- data/lib/arachni/element_filter.rb +2 -2
- data/lib/arachni/framework.rb +37 -13
- data/lib/arachni/http.rb +3 -2
- data/lib/arachni/issue.rb +27 -0
- data/lib/arachni/module.rb +16 -0
- data/lib/arachni/module/auditor.rb +107 -70
- data/lib/arachni/module/base.rb +1 -1
- data/lib/arachni/module/key_filler.rb +26 -39
- data/lib/arachni/module/manager.rb +53 -56
- data/lib/arachni/options.rb +126 -19
- data/lib/arachni/page.rb +41 -42
- data/lib/arachni/parser.rb +91 -139
- data/lib/arachni/platform.rb +19 -0
- data/lib/arachni/platform/fingerprinter.rb +100 -0
- data/lib/arachni/platform/list.rb +293 -0
- data/lib/arachni/platform/manager.rb +435 -0
- data/lib/arachni/platforms.rb +498 -0
- data/lib/arachni/plugin.rb +17 -1
- data/lib/arachni/plugin/manager.rb +35 -36
- data/lib/arachni/processes.rb +27 -0
- data/lib/arachni/processes/dispatchers.rb +149 -0
- data/lib/arachni/processes/helpers.rb +19 -0
- data/lib/arachni/processes/helpers/dispatchers.rb +45 -0
- data/lib/arachni/processes/helpers/instances.rb +51 -0
- data/lib/arachni/processes/helpers/processes.rb +51 -0
- data/lib/arachni/processes/instances.rb +196 -0
- data/lib/arachni/processes/manager.rb +129 -0
- data/lib/arachni/report.rb +16 -0
- data/lib/arachni/rpc/client/base.rb +9 -1
- data/lib/arachni/rpc/server/base.rb +1 -0
- data/lib/arachni/rpc/server/dispatcher.rb +60 -24
- data/lib/arachni/rpc/server/dispatcher/handler.rb +4 -2
- data/lib/arachni/rpc/server/dispatcher/node.rb +8 -3
- data/lib/arachni/rpc/server/framework.rb +70 -772
- data/lib/arachni/rpc/server/{distributor.rb → framework/distributor.rb} +150 -117
- data/lib/arachni/rpc/server/framework/master.rb +470 -0
- data/lib/arachni/rpc/server/framework/multi_instance.rb +267 -0
- data/lib/arachni/rpc/server/framework/slave.rb +159 -0
- data/lib/arachni/rpc/server/instance.rb +187 -109
- data/lib/arachni/rpc/server/spider.rb +136 -38
- data/lib/arachni/ruby.rb +19 -0
- data/lib/arachni/ruby/hash.rb +62 -0
- data/lib/arachni/ruby/io.rb +49 -0
- data/lib/arachni/ruby/set.rb +27 -0
- data/lib/arachni/ruby/string.rb +17 -2
- data/lib/arachni/spider.rb +60 -38
- data/lib/arachni/support.rb +26 -0
- data/lib/arachni/support/buffer.rb +19 -0
- data/lib/arachni/support/buffer/autoflush.rb +79 -0
- data/lib/arachni/{buffer → support/buffer}/base.rb +1 -1
- data/lib/arachni/{cache.rb → support/cache.rb} +1 -1
- data/lib/arachni/{cache → support/cache}/base.rb +7 -9
- data/lib/arachni/{cache → support/cache}/least_cost_replacement.rb +7 -1
- data/lib/arachni/{cache → support/cache}/least_recently_used.rb +10 -34
- data/lib/arachni/{cache → support/cache}/preference.rb +8 -3
- data/lib/arachni/{cache → support/cache}/random_replacement.rb +8 -3
- data/lib/arachni/support/crypto.rb +18 -0
- data/lib/arachni/{crypto → support/crypto}/rsa_aes_cbc.rb +7 -4
- data/lib/arachni/support/database.rb +20 -0
- data/lib/arachni/support/database/base.rb +124 -0
- data/lib/arachni/{database → support/database}/hash.rb +1 -1
- data/lib/arachni/{database → support/database}/queue.rb +1 -1
- data/lib/arachni/support/lookup.rb +20 -0
- data/lib/arachni/support/lookup/base.rb +91 -0
- data/lib/arachni/support/lookup/hash_set.rb +42 -0
- data/lib/arachni/support/lookup/moolb.rb +66 -0
- data/lib/arachni/support/queue.rb +18 -0
- data/lib/arachni/support/queue/disk.rb +171 -0
- data/lib/arachni/trainer.rb +2 -2
- data/lib/arachni/ui/cli/cli.rb +22 -0
- data/lib/arachni/ui/cli/rpc/dispatcher_monitor.rb +7 -3
- data/lib/arachni/ui/cli/rpc/{rpc.rb → instance.rb} +69 -97
- data/lib/arachni/ui/cli/rpc/local.rb +80 -0
- data/lib/arachni/ui/cli/rpc/remote.rb +134 -0
- data/lib/arachni/ui/cli/utilities.rb +40 -5
- data/lib/arachni/ui/foo/output.rb +19 -16
- data/lib/arachni/uri.rb +35 -5
- data/lib/arachni/utilities.rb +5 -39
- data/lib/version +1 -1
- data/logs/Dispatcher - 21448-7331.log +17 -0
- data/logs/Dispatcher - 21645-1111.log +13 -0
- data/logs/Dispatcher - 21673-1111.log +21 -0
- data/modules/audit/code_injection.rb +21 -20
- data/modules/audit/code_injection_timing.rb +15 -13
- data/modules/audit/os_cmd_injection.rb +14 -10
- data/modules/audit/os_cmd_injection_timing.rb +12 -12
- data/modules/audit/path_traversal.rb +52 -47
- data/modules/audit/rfi.rb +25 -18
- data/modules/audit/sqli.rb +10 -10
- data/modules/audit/sqli_blind_rdiff.rb +3 -3
- data/modules/audit/sqli_blind_timing.rb +10 -10
- data/modules/audit/sqli_blind_timing/mssql.txt +9 -0
- data/modules/audit/sqli_blind_timing/mysql.txt +32 -0
- data/modules/audit/sqli_blind_timing/pgsql.txt +28 -0
- data/modules/audit/trainer.rb +7 -4
- data/modules/audit/unvalidated_redirect.rb +13 -11
- data/modules/audit/xpath.rb +10 -6
- data/modules/audit/xss_tag.rb +10 -3
- data/modules/recon/grep/html_objects.rb +9 -4
- data/plugins/defaults/content_types.rb +3 -3
- data/plugins/defaults/meta/remedies/timing_attacks.rb +4 -2
- data/plugins/defaults/meta/uniformity.rb +4 -3
- data/plugins/proxy.rb +42 -132
- data/plugins/proxy/panel/panel.html.erb +6 -0
- data/plugins/proxy/panel/vectors.yml.erb +9 -0
- data/plugins/proxy/server.rb +41 -10
- data/plugins/proxy/template_scope.rb +138 -0
- data/plugins/vector_feed.rb +12 -12
- data/reports/html.rb +1 -0
- data/spec/arachni/audit_store_spec.rb +1 -1
- data/spec/arachni/component/manager_spec.rb +10 -57
- data/spec/arachni/component/options/address_spec.rb +1 -1
- data/spec/arachni/component/options/base_spec.rb +1 -1
- data/spec/arachni/component/options/bool_spec.rb +1 -1
- data/spec/arachni/component/options/enum_spec.rb +1 -1
- data/spec/arachni/component/options/float_spec.rb +1 -1
- data/spec/arachni/component/options/int_spec.rb +1 -1
- data/spec/arachni/component/options/path_spec.rb +1 -1
- data/spec/arachni/component/options/port_spec.rb +1 -1
- data/spec/arachni/component/options/string_spec.rb +1 -1
- data/spec/arachni/component/options/url_spec.rb +1 -1
- data/spec/arachni/element/base_spec.rb +16 -5
- data/spec/arachni/element/body_spec.rb +1 -1
- data/spec/arachni/element/capabilities/auditable/rdiff_spec.rb +11 -3
- data/spec/arachni/element/capabilities/auditable/taint_spec.rb +27 -3
- data/spec/arachni/element/capabilities/auditable/timeout_spec.rb +32 -3
- data/spec/arachni/element/capabilities/mutable_spec.rb +1 -1
- data/spec/arachni/element/cookie_spec.rb +21 -7
- data/spec/arachni/element/form_spec.rb +7 -58
- data/spec/arachni/element/header_spec.rb +15 -3
- data/spec/arachni/element/link_spec.rb +3 -26
- data/spec/arachni/element/path_spec.rb +1 -1
- data/spec/arachni/element/server_spec.rb +1 -1
- data/spec/arachni/element_filter_spec.rb +1 -1
- data/spec/arachni/{error.rb → error_spec.rb} +1 -1
- data/spec/arachni/framework_spec.rb +127 -50
- data/spec/arachni/http/cookie_jar_spec.rb +9 -42
- data/spec/arachni/http_spec.rb +9 -21
- data/spec/arachni/issue_spec.rb +29 -1
- data/spec/arachni/mixins/observable_spec.rb +4 -6
- data/spec/arachni/mixins/progress_bar_spec.rb +1 -1
- data/spec/arachni/module/auditor_spec.rb +17 -5
- data/spec/arachni/module/key_filler.rb +33 -8
- data/spec/arachni/module/manager_spec.rb +1 -3
- data/spec/arachni/module/utilities_spec.rb +1 -1
- data/spec/arachni/options_spec.rb +185 -1
- data/spec/arachni/page_spec.rb +16 -3
- data/spec/arachni/parser_spec.rb +27 -123
- data/spec/arachni/platform/fingerprinter_spec.rb +159 -0
- data/spec/arachni/platform/list_spec.rb +399 -0
- data/spec/arachni/platform/manager_spec.rb +373 -0
- data/spec/arachni/plugin/manager_spec.rb +6 -29
- data/spec/arachni/report/base_spec.rb +2 -2
- data/spec/arachni/report/manager_spec.rb +2 -2
- data/spec/arachni/rpc/client/base_spec.rb +22 -27
- data/spec/arachni/rpc/client/dispatcher_spec.rb +4 -15
- data/spec/arachni/rpc/client/instance_spec.rb +3 -11
- data/spec/arachni/rpc/server/active_options_spec.rb +2 -17
- data/spec/arachni/rpc/server/base_spec.rb +23 -7
- data/spec/arachni/rpc/server/dispatcher/handler_spec.rb +4 -21
- data/spec/arachni/rpc/server/dispatcher/node_spec.rb +30 -8
- data/spec/arachni/rpc/server/dispatcher_spec.rb +130 -70
- data/spec/arachni/rpc/server/{distributor_spec.rb → framework/distributor_spec.rb} +95 -130
- data/spec/arachni/rpc/server/framework_hpg_spec.rb +38 -99
- data/spec/arachni/rpc/server/framework_simple_spec.rb +38 -71
- data/spec/arachni/rpc/server/instance_spec.rb +183 -135
- data/spec/arachni/rpc/server/modules/manager_spec.rb +18 -50
- data/spec/arachni/rpc/server/output_spec.rb +1 -1
- data/spec/arachni/rpc/server/plugin/manager_spec.rb +12 -36
- data/spec/arachni/rpc/server/spider_spec.rb +23 -48
- data/spec/arachni/ruby/array_spec.rb +1 -1
- data/spec/arachni/ruby/enumerable_spec.rb +1 -1
- data/spec/arachni/ruby/hash_spec.rb +70 -0
- data/spec/arachni/ruby/io_spec.rb +26 -0
- data/spec/arachni/ruby/object_spec.rb +1 -1
- data/spec/arachni/ruby/set_spec.rb +15 -0
- data/spec/arachni/ruby/string_spec.rb +18 -1
- data/spec/arachni/ruby/webrick_spec.rb +1 -1
- data/spec/arachni/session_spec.rb +3 -3
- data/spec/arachni/spider_spec.rb +30 -6
- data/spec/arachni/{buffer → support/buffer}/autoflush_spec.rb +7 -12
- data/spec/arachni/{buffer → support/buffer}/base_spec.rb +19 -23
- data/spec/arachni/{cache → support/cache}/base_spec.rb +7 -7
- data/spec/arachni/{cache → support/cache}/least_cost_replacement_spec.rb +3 -3
- data/spec/arachni/{cache → support/cache}/least_recently_used_spec.rb +3 -3
- data/spec/arachni/{cache → support/cache}/preference_spec.rb +3 -3
- data/spec/arachni/{cache → support/cache}/random_replacement_spec.rb +3 -3
- data/spec/arachni/{crypto → support/crypto}/rsa_aes_cbc_spec.rb +3 -5
- data/spec/arachni/{database → support/database}/hash_spec.rb +4 -5
- data/spec/arachni/{database → support/database}/queue_spec.rb +3 -4
- data/spec/arachni/support/lookup/hash_set_spec.rb +5 -0
- data/spec/arachni/support/lookup/moolb_spec.rb +41 -0
- data/spec/arachni/support/queue/disk_spec.rb +116 -0
- data/spec/arachni/trainer_spec.rb +6 -2
- data/spec/arachni/typhoeus/hydra_spec.rb +1 -1
- data/spec/arachni/typhoeus/requrest_spec.rb +1 -1
- data/spec/arachni/typhoeus/response_spec.rb +1 -1
- data/spec/arachni/uri_spec.rb +72 -38
- data/spec/arachni/utilities_spec.rb +6 -46
- data/spec/fingerprinters/frameworks/rack_spec.rb +41 -0
- data/spec/fingerprinters/languages/asp_spec.rb +40 -0
- data/spec/fingerprinters/languages/aspx_spec.rb +78 -0
- data/spec/fingerprinters/languages/jsp_spec.rb +58 -0
- data/spec/fingerprinters/languages/php_spec.rb +61 -0
- data/spec/fingerprinters/languages/python_spec.rb +23 -0
- data/spec/fingerprinters/languages/ruby.rb +34 -0
- data/spec/fingerprinters/os/bsd_spec.rb +26 -0
- data/spec/fingerprinters/os/linux_spec.rb +34 -0
- data/spec/fingerprinters/os/solaris_spec.rb +34 -0
- data/spec/fingerprinters/os/unix_spec.rb +26 -0
- data/spec/fingerprinters/os/windows_spec.rb +34 -0
- data/spec/fingerprinters/servers/apache_spec.rb +26 -0
- data/spec/fingerprinters/servers/iis_spec.rb +28 -0
- data/spec/fingerprinters/servers/jetty_spec.rb +28 -0
- data/spec/fingerprinters/servers/nginx_spec.rb +26 -0
- data/spec/fingerprinters/servers/tomcat_spec.rb +28 -0
- data/spec/modules/audit/code_injection_spec.rb +2 -2
- data/spec/modules/audit/code_injection_timing_spec.rb +1 -1
- data/spec/modules/audit/csrf_spec.rb +1 -1
- data/spec/modules/audit/ldapi_spec.rb +1 -1
- data/spec/modules/audit/os_cmd_injection_spec.rb +1 -1
- data/spec/modules/audit/os_cmd_injection_timing_spec.rb +2 -2
- data/spec/modules/audit/path_traversal_spec.rb +1 -1
- data/spec/modules/audit/response_splitting_spec.rb +1 -1
- data/spec/modules/audit/rfi_spec.rb +1 -1
- data/spec/modules/audit/session_fixation_spec.rb +1 -1
- data/spec/modules/audit/sqli_blind_rdiff_spec.rb +1 -1
- data/spec/modules/audit/sqli_blind_timing_spec.rb +4 -4
- data/spec/modules/audit/sqli_spec.rb +2 -2
- data/spec/modules/audit/trainer_spec.rb +11 -1
- data/spec/modules/audit/unvalidated_redirect_spec.rb +1 -1
- data/spec/modules/audit/xpath_spec.rb +1 -1
- data/spec/modules/audit/xss_event_spec.rb +1 -1
- data/spec/modules/audit/xss_path_spec.rb +1 -1
- data/spec/modules/audit/xss_script_tag_spec.rb +1 -1
- data/spec/modules/audit/xss_spec.rb +1 -1
- data/spec/modules/audit/xss_tag_spec.rb +1 -1
- data/spec/modules/recon/allowed_methods_spec.rb +1 -1
- data/spec/modules/recon/backdoors_spec.rb +1 -1
- data/spec/modules/recon/backup_files_spec.rb +1 -1
- data/spec/modules/recon/common_directories_spec.rb +1 -1
- data/spec/modules/recon/common_files_spec.rb +1 -1
- data/spec/modules/recon/directory_listing_spec.rb +1 -1
- data/spec/modules/recon/grep/captcha_spec.rb +1 -1
- data/spec/modules/recon/grep/credit_card_spec.rb +1 -1
- data/spec/modules/recon/grep/cvs_svn_users_spec.rb +1 -1
- data/spec/modules/recon/grep/emails_spec.rb +1 -1
- data/spec/modules/recon/grep/html_objects_spec.rb +1 -1
- data/spec/modules/recon/grep/http_only_cookies_spec.rb +1 -1
- data/spec/modules/recon/grep/insecure_cookies_spec.rb +1 -1
- data/spec/modules/recon/grep/mixed_resource_spec.rb +1 -1
- data/spec/modules/recon/grep/password_autocomplete_spec.rb +1 -1
- data/spec/modules/recon/grep/private_ip_spec.rb +1 -1
- data/spec/modules/recon/grep/ssn_spec.rb +1 -1
- data/spec/modules/recon/grep/unencrypted_password_forms_spec.rb +1 -1
- data/spec/modules/recon/htaccess_limit_spec.rb +1 -1
- data/spec/modules/recon/http_put_spec.rb +1 -1
- data/spec/modules/recon/interesting_responses_spec.rb +1 -1
- data/spec/modules/recon/webdav_spec.rb +1 -1
- data/spec/modules/recon/xst_spec.rb +1 -1
- data/spec/path_extractors/anchors_spec.rb +1 -1
- data/spec/path_extractors/areas_spec.rb +1 -1
- data/spec/path_extractors/forms_spec.rb +1 -1
- data/spec/path_extractors/frames_spec.rb +1 -1
- data/spec/path_extractors/generic_spec.rb +1 -1
- data/spec/path_extractors/links_spec.rb +1 -1
- data/spec/path_extractors/meta_refresh_spec.rb +1 -1
- data/spec/path_extractors/scripts_spec.rb +1 -1
- data/spec/plugins/autologin_spec.rb +1 -1
- data/spec/plugins/autothrottle_spec.rb +2 -2
- data/spec/plugins/content_types_spec.rb +1 -1
- data/spec/plugins/cookie_collector_spec.rb +1 -1
- data/spec/plugins/form_dicattack_spec.rb +7 -7
- data/spec/plugins/healthmap_spec.rb +1 -1
- data/spec/plugins/http_dicattack_spec.rb +6 -6
- data/spec/plugins/meta/remedies/discovery_spec.rb +1 -1
- data/spec/plugins/meta/remedies/timing_attacks_spec.rb +1 -1
- data/spec/plugins/meta/uniformity_spec.rb +1 -1
- data/spec/plugins/profiler_spec.rb +3 -3
- data/spec/plugins/rescan_spec.rb +3 -3
- data/spec/plugins/resolver_spec.rb +1 -1
- data/spec/plugins/script_spec.rb +2 -2
- data/spec/plugins/vector_feed_spec.rb +13 -1
- data/spec/plugins/waf_detector_spec.rb +2 -2
- data/spec/reports/afr_spec.rb +1 -1
- data/spec/reports/ap_spec.rb +1 -1
- data/spec/reports/html_spec.rb +1 -1
- data/spec/reports/json_spec.rb +1 -1
- data/spec/reports/marshal_spec.rb +1 -1
- data/spec/reports/stdout_spec.rb +1 -1
- data/spec/reports/txt_spec.rb +1 -1
- data/spec/reports/xml_spec.rb +1 -1
- data/spec/reports/yaml_spec.rb +1 -1
- data/spec/spec_helper.rb +27 -32
- data/spec/{fixtures → support/fixtures}/auditstore.afr +0 -0
- data/spec/{fixtures → support/fixtures}/cookies.txt +0 -0
- data/spec/support/fixtures/fingerprinters/test.rb +36 -0
- data/spec/{fixtures → support/fixtures}/modules/test.rb +0 -0
- data/spec/{fixtures → support/fixtures}/modules/test2.rb +0 -0
- data/spec/{fixtures → support/fixtures}/modules/test3.rb +0 -0
- data/spec/{fixtures → support/fixtures}/passwords.txt +0 -0
- data/spec/{fixtures → support/fixtures}/plugins/bad.rb +0 -0
- data/spec/{fixtures → support/fixtures}/plugins/defaults/default.rb +0 -0
- data/spec/{fixtures → support/fixtures}/plugins/distributable.rb +0 -0
- data/spec/{fixtures → support/fixtures}/plugins/loop.rb +0 -0
- data/spec/{fixtures → support/fixtures}/plugins/spider_hook.rb +1 -0
- data/spec/{fixtures → support/fixtures}/plugins/wait.rb +0 -0
- data/spec/{fixtures → support/fixtures}/plugins/with_options.rb +0 -0
- data/spec/{fixtures → support/fixtures}/reports/base_spec/plugin_formatters/with_formatters/foobar.rb +0 -0
- data/spec/{fixtures → support/fixtures}/reports/base_spec/with_formatters.rb +0 -0
- data/spec/{fixtures → support/fixtures}/reports/base_spec/with_outfile.rb +0 -0
- data/spec/{fixtures → support/fixtures}/reports/base_spec/without_outfile.rb +0 -0
- data/spec/{fixtures → support/fixtures}/reports/manager_spec/afr.rb +0 -0
- data/spec/{fixtures → support/fixtures}/reports/manager_spec/foo.rb +0 -0
- data/spec/{fixtures → support/fixtures}/rescan.afr.tpl +0 -0
- data/spec/{fixtures → support/fixtures}/rpcd_handlers/echo.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/body.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/cookies.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/empty.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/flch.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/forms.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/headers.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/links.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/nil.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/path.rb +0 -0
- data/spec/{fixtures → support/fixtures}/run_mod/server.rb +0 -0
- data/spec/{fixtures → support/fixtures}/script_plugin.rb +0 -0
- data/spec/{fixtures → support/fixtures}/taint_module/taint.rb +0 -0
- data/spec/{fixtures → support/fixtures}/usernames.txt +0 -0
- data/spec/{fixtures → support/fixtures}/wait_module/wait.rb +0 -0
- data/spec/{helpers → support/helpers}/auditor.rb +0 -0
- data/spec/support/helpers/framework.rb +19 -0
- data/spec/support/helpers/misc.rb +19 -0
- data/spec/support/helpers/paths.rb +31 -0
- data/spec/support/helpers/requires.rb +24 -0
- data/spec/support/helpers/resets.rb +42 -0
- data/spec/support/helpers/web_server.rb +27 -0
- data/spec/support/lib/web_server_manager.rb +120 -0
- data/spec/support/logs/Dispatcher - 11642-42685.log +9 -0
- data/spec/support/logs/Dispatcher - 11669-58445.log +21 -0
- data/spec/support/logs/Dispatcher - 11803-19013.log +9 -0
- data/spec/support/logs/Dispatcher - 11813-58646.log +19 -0
- data/spec/support/logs/Dispatcher - 11822-1913.log +17 -0
- data/spec/support/logs/Dispatcher - 11831-60571.log +13 -0
- data/spec/support/logs/Dispatcher - 11840-20151.log +9 -0
- data/spec/support/logs/Dispatcher - 11850-21796.log +9 -0
- data/spec/support/logs/Dispatcher - 11859-47650.log +11 -0
- data/spec/support/logs/Dispatcher - 11872-13669.log +11 -0
- data/spec/support/logs/Dispatcher - 11885-40034.log +35 -0
- data/spec/support/logs/Dispatcher - 11946-10629.log +21 -0
- data/spec/support/logs/Dispatcher - 11955-55497.log +21 -0
- data/spec/support/logs/Dispatcher - 11964-33080.log +23 -0
- data/spec/support/logs/Dispatcher - 12005-28558.log +19 -0
- data/spec/support/logs/Dispatcher - 12014-59368.log +17 -0
- data/spec/support/logs/Dispatcher - 12023-41547.log +15 -0
- data/spec/support/logs/Dispatcher - 12037-54838.log +11 -0
- data/spec/support/logs/Dispatcher - 12050-38840.log +9 -0
- data/spec/support/logs/Dispatcher - 12059-7283.log +9 -0
- data/spec/support/logs/Dispatcher - 12068-19765.log +9 -0
- data/spec/support/logs/Dispatcher - 12077-24147.log +9 -0
- data/spec/support/logs/Dispatcher - 12086-60404.log +11 -0
- data/spec/support/logs/Dispatcher - 12099-43307.log +9 -0
- data/spec/support/logs/Dispatcher - 12109-9701.log +9 -0
- data/spec/support/logs/Dispatcher - 12162-19782.log +63 -0
- data/spec/support/logs/Dispatcher - 12171-35883.log +43 -0
- data/spec/support/logs/Dispatcher - 12180-6456.log +39 -0
- data/spec/support/logs/Dispatcher - 12189-64516.log +34 -0
- data/spec/support/logs/Dispatcher - 12198-50800.log +28 -0
- data/spec/support/logs/Dispatcher - 12207-6148.log +21 -0
- data/spec/support/logs/Dispatcher - 12216-45994.log +13 -0
- data/spec/support/logs/Dispatcher - 12226-59932.log +9 -0
- data/spec/support/logs/Dispatcher - 12369-42683.log +19 -0
- data/spec/support/logs/Dispatcher - 12379-51205.log +21 -0
- data/spec/support/logs/Dispatcher - 12388-15229.log +15 -0
- data/spec/support/logs/Dispatcher - 12401-35502.log +19 -0
- data/spec/support/logs/Dispatcher - 12410-3386.log +21 -0
- data/spec/support/logs/Dispatcher - 12419-16056.log +15 -0
- data/spec/support/logs/Dispatcher - 12540-25763.log +17 -0
- data/spec/support/logs/Dispatcher - 12549-49234.log +21 -0
- data/spec/support/logs/Dispatcher - 12558-61027.log +13 -0
- data/spec/support/logs/Dispatcher - 12571-34789.log +19 -0
- data/spec/support/logs/Dispatcher - 12580-27968.log +21 -0
- data/spec/support/logs/Dispatcher - 12589-38100.log +15 -0
- data/spec/support/logs/Dispatcher - 12643-8172.log +17 -0
- data/spec/support/logs/Dispatcher - 12652-44715.log +21 -0
- data/spec/support/logs/Dispatcher - 12661-40547.log +13 -0
- data/spec/support/logs/Dispatcher - 12674-20100.log +17 -0
- data/spec/support/logs/Dispatcher - 12683-57063.log +21 -0
- data/spec/support/logs/Dispatcher - 12692-20974.log +13 -0
- data/spec/support/logs/Dispatcher - 12920-24047.log +19 -0
- data/spec/support/logs/Dispatcher - 12929-13265.log +21 -0
- data/spec/support/logs/Dispatcher - 12938-38472.log +15 -0
- data/spec/support/logs/Dispatcher - 12962-47051.log +21 -0
- data/spec/support/logs/Dispatcher - 12971-48844.log +25 -0
- data/spec/support/logs/Dispatcher - 12980-2331.log +15 -0
- data/spec/support/logs/Dispatcher - 13016-57455.log +17 -0
- data/spec/support/logs/Dispatcher - 13025-44069.log +21 -0
- data/spec/support/logs/Dispatcher - 13034-59986.log +13 -0
- data/spec/support/logs/Dispatcher - 13047-17338.log +21 -0
- data/spec/support/logs/Dispatcher - 13056-57124.log +25 -0
- data/spec/support/logs/Dispatcher - 13065-3014.log +15 -0
- data/spec/support/logs/Dispatcher - 13101-42040.log +17 -0
- data/spec/support/logs/Dispatcher - 13110-29137.log +21 -0
- data/spec/support/logs/Dispatcher - 13119-52878.log +13 -0
- data/spec/support/logs/Dispatcher - 13132-20646.log +17 -0
- data/spec/support/logs/Dispatcher - 13141-21629.log +21 -0
- data/spec/support/logs/Dispatcher - 13150-42002.log +13 -0
- data/spec/support/logs/Dispatcher - 8291-38888.log +9 -0
- data/spec/support/logs/Dispatcher - 8325-2241.log +21 -0
- data/spec/support/logs/Dispatcher - 8458-40239.log +9 -0
- data/spec/support/logs/Dispatcher - 8468-26555.log +19 -0
- data/spec/support/logs/Dispatcher - 8477-28819.log +17 -0
- data/spec/support/logs/Dispatcher - 8486-36985.log +13 -0
- data/spec/support/logs/Dispatcher - 8495-59407.log +9 -0
- data/spec/support/logs/Dispatcher - 8504-27479.log +9 -0
- data/spec/support/logs/Dispatcher - 8513-51807.log +11 -0
- data/spec/support/logs/Dispatcher - 8526-53739.log +11 -0
- data/spec/support/logs/Dispatcher - 8539-55908.log +35 -0
- data/spec/support/logs/Dispatcher - 8603-24287.log +21 -0
- data/spec/support/logs/Dispatcher - 8612-37320.log +21 -0
- data/spec/support/logs/Dispatcher - 8621-60797.log +23 -0
- data/spec/support/logs/Dispatcher - 8662-56395.log +19 -0
- data/spec/support/logs/Dispatcher - 8671-54268.log +17 -0
- data/spec/support/logs/Dispatcher - 8680-32387.log +15 -0
- data/spec/support/logs/Dispatcher - 8693-60728.log +11 -0
- data/spec/support/logs/Dispatcher - 8706-53092.log +9 -0
- data/spec/support/logs/Dispatcher - 8715-35576.log +9 -0
- data/spec/support/logs/Dispatcher - 8724-9842.log +9 -0
- data/spec/support/logs/Dispatcher - 8734-37290.log +9 -0
- data/spec/support/logs/Dispatcher - 8743-46516.log +11 -0
- data/spec/support/logs/Dispatcher - 8756-59294.log +9 -0
- data/spec/support/logs/Dispatcher - 8765-16318.log +9 -0
- data/spec/support/logs/Dispatcher - 8818-35968.log +63 -0
- data/spec/support/logs/Dispatcher - 8827-57068.log +43 -0
- data/spec/support/logs/Dispatcher - 8836-31238.log +39 -0
- data/spec/support/logs/Dispatcher - 8845-48148.log +34 -0
- data/spec/support/logs/Dispatcher - 8854-17355.log +28 -0
- data/spec/support/logs/Dispatcher - 8863-6616.log +21 -0
- data/spec/support/logs/Dispatcher - 8872-1373.log +13 -0
- data/spec/support/logs/Dispatcher - 8882-40014.log +9 -0
- data/spec/support/logs/Dispatcher - 8989-17108.log +19 -0
- data/spec/support/logs/Dispatcher - 9000-23195.log +21 -0
- data/spec/support/logs/Dispatcher - 9009-33836.log +15 -0
- data/spec/support/logs/Dispatcher - 9022-55515.log +19 -0
- data/spec/support/logs/Dispatcher - 9031-51301.log +21 -0
- data/spec/support/logs/Dispatcher - 9040-10025.log +15 -0
- data/spec/support/logs/Dispatcher - 9180-20874.log +17 -0
- data/spec/support/logs/Dispatcher - 9189-29826.log +21 -0
- data/spec/support/logs/Dispatcher - 9198-21818.log +13 -0
- data/spec/support/logs/Dispatcher - 9211-64830.log +19 -0
- data/spec/support/logs/Dispatcher - 9220-2570.log +21 -0
- data/spec/support/logs/Dispatcher - 9229-45654.log +15 -0
- data/spec/support/logs/Dispatcher - 9286-1284.log +17 -0
- data/spec/support/logs/Dispatcher - 9295-58545.log +21 -0
- data/spec/support/logs/Dispatcher - 9304-52355.log +13 -0
- data/spec/support/logs/Dispatcher - 9317-58138.log +17 -0
- data/spec/support/logs/Dispatcher - 9326-39184.log +21 -0
- data/spec/support/logs/Dispatcher - 9336-44714.log +13 -0
- data/spec/support/logs/Dispatcher - 9555-26114.log +19 -0
- data/spec/support/logs/Dispatcher - 9564-2270.log +21 -0
- data/spec/support/logs/Dispatcher - 9573-26148.log +15 -0
- data/spec/support/logs/Dispatcher - 9597-62247.log +21 -0
- data/spec/support/logs/Dispatcher - 9606-16162.log +25 -0
- data/spec/support/logs/Dispatcher - 9615-8643.log +15 -0
- data/spec/support/logs/Dispatcher - 9651-49224.log +17 -0
- data/spec/support/logs/Dispatcher - 9660-4390.log +21 -0
- data/spec/support/logs/Dispatcher - 9669-18266.log +13 -0
- data/spec/support/logs/Dispatcher - 9682-44582.log +21 -0
- data/spec/support/logs/Dispatcher - 9691-15941.log +25 -0
- data/spec/support/logs/Dispatcher - 9700-22186.log +15 -0
- data/spec/support/logs/Dispatcher - 9736-29672.log +17 -0
- data/spec/support/logs/Dispatcher - 9745-33231.log +21 -0
- data/spec/support/logs/Dispatcher - 9754-48381.log +13 -0
- data/spec/support/logs/Dispatcher - 9767-29812.log +17 -0
- data/spec/support/logs/Dispatcher - 9776-9894.log +21 -0
- data/spec/support/logs/Dispatcher - 9785-1421.log +13 -0
- data/spec/support/logs/Instance - 12384-38605.error.log +328 -0
- data/spec/support/logs/Instance - 12657-2379.error.log +328 -0
- data/spec/support/logs/Instance - 12688-50940.error.log +427 -0
- data/spec/support/logs/Instance - 12708-13716.error.log +326 -0
- data/spec/support/logs/Instance - 12714-45400.error.log +328 -0
- data/spec/support/logs/Instance - 12848-32645.error.log +326 -0
- data/spec/support/logs/Instance - 9005-21883.error.log +328 -0
- data/spec/support/logs/Instance - 9300-33102.error.log +328 -0
- data/spec/support/logs/Instance - 9331-48336.error.log +427 -0
- data/spec/support/logs/Instance - 9352-62807.error.log +326 -0
- data/spec/support/logs/Instance - 9358-45154.error.log +328 -0
- data/spec/support/logs/Instance - 9487-8746.error.log +326 -0
- data/spec/{logs → support/logs}/placeholder +0 -0
- data/spec/{pems → support/pems}/cacert.pem +0 -0
- data/spec/{pems → support/pems}/client/cert.pem +0 -0
- data/spec/{pems → support/pems}/client/foo-cert.pem +0 -0
- data/spec/{pems → support/pems}/client/foo-key.pem +0 -0
- data/spec/{pems → support/pems}/client/key.pem +0 -0
- data/spec/{pems → support/pems}/server/cert.pem +0 -0
- data/spec/{pems → support/pems}/server/key.pem +0 -0
- data/spec/{servers → support/servers}/arachni/element/capabilities/auditable/rdiff.rb +0 -0
- data/spec/{servers → support/servers}/arachni/element/capabilities/auditable/taint.rb +0 -0
- data/spec/{servers → support/servers}/arachni/element/capabilities/auditable/timeout.rb +0 -0
- data/spec/{servers → support/servers}/arachni/element/cookie.rb +0 -0
- data/spec/{servers → support/servers}/arachni/element/form.rb +0 -0
- data/spec/{servers → support/servers}/arachni/element/header.rb +0 -0
- data/spec/{servers → support/servers}/arachni/element/link.rb +0 -0
- data/spec/{servers → support/servers}/arachni/framework.rb +0 -0
- data/spec/{servers → support/servers}/arachni/http.rb +0 -0
- data/spec/{servers → support/servers}/arachni/http_auth.rb +0 -0
- data/spec/{servers → support/servers}/arachni/module/auditor.rb +0 -0
- data/spec/{servers → support/servers}/arachni/parser.rb +0 -0
- data/spec/{servers → support/servers}/arachni/rpc/server/framework_hpg.rb +0 -1
- data/spec/{servers → support/servers}/arachni/rpc/server/framework_simple.rb +0 -0
- data/spec/{servers → support/servers}/arachni/session.rb +0 -0
- data/spec/{servers → support/servers}/arachni/spider.rb +0 -0
- data/spec/{servers → support/servers}/arachni/spider_https.rb +0 -0
- data/spec/{servers → support/servers}/arachni/trainer.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/code_injection.rb +3 -4
- data/spec/{servers → support/servers}/modules/audit/code_injection_timing.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/csrf.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/ldapi.rb +1 -1
- data/spec/{servers → support/servers}/modules/audit/os_cmd_injection.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/os_cmd_injection_timing.rb +1 -10
- data/spec/{servers → support/servers}/modules/audit/path_traversal.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/response_splitting.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/rfi.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/session_fixation.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli.rb +1 -1
- data/spec/{servers → support/servers}/modules/audit/sqli/coldfusion +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/db2 +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/emc +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/informix +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/interbase +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/jdbc +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/mssql +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/mysql +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/oracle +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/postgresql +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/sqlite +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli/sybase +0 -0
- data/spec/{servers → support/servers}/modules/audit/sqli_blind_rdiff.rb +1 -1
- data/spec/{servers → support/servers}/modules/audit/sqli_blind_timing.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/trainer_module.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/unvalidated_redirect.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/xpath.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/xpath/dotnet +0 -0
- data/spec/{servers → support/servers}/modules/audit/xpath/general +0 -0
- data/spec/{servers → support/servers}/modules/audit/xpath/java +0 -0
- data/spec/{servers → support/servers}/modules/audit/xpath/libxml2 +0 -0
- data/spec/{servers → support/servers}/modules/audit/xpath/php +0 -0
- data/spec/{servers → support/servers}/modules/audit/xss.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/xss_event.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/xss_path.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/xss_script_tag.rb +0 -0
- data/spec/{servers → support/servers}/modules/audit/xss_tag.rb +0 -0
- data/spec/{servers → support/servers}/modules/module_server.rb +1 -1
- data/spec/{servers → support/servers}/modules/recon/allowed_methods.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/backdoors.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/backup_files.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/common_directories.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/common_files.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/directory_listing.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/captcha.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/credit_card.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/cvs_svn_users.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/emails.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/html_objects.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/http_only_cookies.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/insecure_cookies.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/mixed_resource.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/password_autocomplete.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/private_ip.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/ssn.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/grep/unencrypted_password_forms.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/htaccess_limit.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/http_put.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/interesting_responses.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/webdav.rb +0 -0
- data/spec/{servers → support/servers}/modules/recon/xst.rb +0 -0
- data/spec/{servers → support/servers}/plugins/autologin.rb +0 -0
- data/spec/{servers → support/servers}/plugins/autothrottle.rb +0 -0
- data/spec/{servers → support/servers}/plugins/content_types.rb +0 -0
- data/spec/{servers → support/servers}/plugins/cookie_collector.rb +0 -0
- data/spec/{servers → support/servers}/plugins/form_dicattack.rb +0 -0
- data/spec/{servers → support/servers}/plugins/healthmap.rb +0 -0
- data/spec/{servers → support/servers}/plugins/http_dicattack.rb +0 -0
- data/spec/{servers → support/servers}/plugins/http_dicattack_secure.rb +0 -0
- data/spec/{servers → support/servers}/plugins/http_dicattack_unprotected.rb +0 -0
- data/spec/{servers → support/servers}/plugins/meta/remedies/discovery.rb +1 -1
- data/spec/{servers → support/servers}/plugins/meta/remedies/timing_attacks.rb +0 -0
- data/spec/{servers → support/servers}/plugins/profiler.rb +0 -0
- data/spec/{servers → support/servers}/plugins/rescan.rb +0 -0
- data/spec/{servers → support/servers}/plugins/waf_detector.rb +0 -0
- data/spec/{shared → support/shared}/component.rb +1 -1
- data/spec/{shared → support/shared}/element/capabilities/auditable.rb +363 -194
- data/spec/{shared → support/shared}/element/capabilities/refreshable.rb +0 -0
- data/spec/support/shared/fingerprinter.rb +14 -0
- data/spec/{shared → support/shared}/module.rb +1 -1
- data/spec/{shared → support/shared}/path_extractor.rb +0 -0
- data/spec/{shared → support/shared}/plugin.rb +0 -0
- data/spec/{shared → support/shared}/reports.rb +1 -1
- data/spec/{arachni/bloom_filter_spec.rb → support/shared/support/lookup.rb} +11 -11
- metadata +936 -199
- data/lib/arachni/bloom_filter.rb +0 -74
- data/lib/arachni/buffer.rb +0 -3
- data/lib/arachni/buffer/autoflush.rb +0 -77
- data/lib/arachni/database.rb +0 -4
- data/lib/arachni/database/base.rb +0 -131
- data/modules/audit/code_injection_timing/payloads.txt +0 -4
- data/modules/audit/os_cmd_injection/payloads.txt +0 -3
- data/modules/audit/os_cmd_injection_timing/payloads.txt +0 -2
- data/modules/audit/sqli_blind_timing/payloads.txt +0 -69
- data/spec/helpers/misc.rb +0 -41
- data/spec/helpers/processes.rb +0 -112
- data/spec/helpers/requires.rb +0 -8
- data/spec/helpers/server.rb +0 -54
@@ -0,0 +1,19 @@
|
|
1
|
+
=begin
|
2
|
+
Copyright 2010-2013 Tasos Laskos <tasos.laskos@gmail.com>
|
3
|
+
|
4
|
+
Licensed under the Apache License, Version 2.0 (the "License");
|
5
|
+
you may not use this file except in compliance with the License.
|
6
|
+
You may obtain a copy of the License at
|
7
|
+
|
8
|
+
http://www.apache.org/licenses/LICENSE-2.0
|
9
|
+
|
10
|
+
Unless required by applicable law or agreed to in writing, software
|
11
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
+
See the License for the specific language governing permissions and
|
14
|
+
limitations under the License.
|
15
|
+
=end
|
16
|
+
|
17
|
+
lib = Arachni::Options.dir['lib']
|
18
|
+
require lib + 'component/manager'
|
19
|
+
require lib + 'platform/manager'
|
@@ -0,0 +1,100 @@
|
|
1
|
+
=begin
|
2
|
+
Copyright 2010-2013 Tasos Laskos <tasos.laskos@gmail.com>
|
3
|
+
|
4
|
+
Licensed under the Apache License, Version 2.0 (the "License");
|
5
|
+
you may not use this file except in compliance with the License.
|
6
|
+
You may obtain a copy of the License at
|
7
|
+
|
8
|
+
http://www.apache.org/licenses/LICENSE-2.0
|
9
|
+
|
10
|
+
Unless required by applicable law or agreed to in writing, software
|
11
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
+
See the License for the specific language governing permissions and
|
14
|
+
limitations under the License.
|
15
|
+
=end
|
16
|
+
|
17
|
+
module Arachni
|
18
|
+
|
19
|
+
module Platform
|
20
|
+
|
21
|
+
# Namespace under which all platform fingerprinter components reside.
|
22
|
+
module Fingerprinters
|
23
|
+
end
|
24
|
+
|
25
|
+
#
|
26
|
+
# Provides utility methods for fingerprinter components as well as
|
27
|
+
# the {Page} object to be fingerprinted
|
28
|
+
#
|
29
|
+
# @author Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
|
30
|
+
# @abstract
|
31
|
+
class Fingerprinter
|
32
|
+
include Utilities
|
33
|
+
|
34
|
+
# @return [Page] Page to fingerprint.
|
35
|
+
attr_reader :page
|
36
|
+
|
37
|
+
def initialize( page )
|
38
|
+
@page = page
|
39
|
+
end
|
40
|
+
|
41
|
+
# Executes the payload of the fingerprinter.
|
42
|
+
# @abstract
|
43
|
+
def run
|
44
|
+
end
|
45
|
+
|
46
|
+
# @param [String] string
|
47
|
+
# @return [Boolean]
|
48
|
+
# `true` if either {#server} or {#powered_by} include `string`,
|
49
|
+
# `false` otherwise.
|
50
|
+
def server_or_powered_by_include?( string )
|
51
|
+
server.include?( string.downcase ) || powered_by.include?( string.downcase )
|
52
|
+
end
|
53
|
+
|
54
|
+
# @return [Arachni::URI] Parsed URL of the {#page}.
|
55
|
+
def uri
|
56
|
+
uri_parse( page.url )
|
57
|
+
end
|
58
|
+
|
59
|
+
# @return [Hash] URI parameters with keys and values downcased.
|
60
|
+
def parameters
|
61
|
+
@parameters ||= page.query_vars.downcase
|
62
|
+
end
|
63
|
+
|
64
|
+
# @return [Hash] Cookies as headers with keys and values downcased.
|
65
|
+
def cookies
|
66
|
+
@cookies ||= page.cookies.
|
67
|
+
inject({}) { |h, c| h.merge! c.simple }.downcase
|
68
|
+
end
|
69
|
+
|
70
|
+
# @return [Hash] Response headers with keys and values downcased.
|
71
|
+
def headers
|
72
|
+
@headers ||= page.response_headers.downcase
|
73
|
+
end
|
74
|
+
|
75
|
+
# @return [String. nil] Value of the `X-Powered-By` header.
|
76
|
+
def powered_by
|
77
|
+
headers['x-powered-by'].to_s
|
78
|
+
end
|
79
|
+
|
80
|
+
# @return [String. nil] Value of the `Server` header.
|
81
|
+
def server
|
82
|
+
headers['server'].to_s
|
83
|
+
end
|
84
|
+
|
85
|
+
# @return [String] Downcased file extension of the page.
|
86
|
+
def extension
|
87
|
+
@extension ||= uri_parse( page.url ).resource_extension.to_s.downcase
|
88
|
+
end
|
89
|
+
|
90
|
+
# @return [Platform]
|
91
|
+
# Platform for the given page, should be updated by the
|
92
|
+
# fingerprinter accordingly.
|
93
|
+
def platforms
|
94
|
+
page.platforms
|
95
|
+
end
|
96
|
+
|
97
|
+
end
|
98
|
+
|
99
|
+
end
|
100
|
+
end
|
@@ -0,0 +1,293 @@
|
|
1
|
+
=begin
|
2
|
+
Copyright 2010-2013 Tasos Laskos <tasos.laskos@gmail.com>
|
3
|
+
|
4
|
+
Licensed under the Apache License, Version 2.0 (the "License");
|
5
|
+
you may not use this file except in compliance with the License.
|
6
|
+
You may obtain a copy of the License at
|
7
|
+
|
8
|
+
http://www.apache.org/licenses/LICENSE-2.0
|
9
|
+
|
10
|
+
Unless required by applicable law or agreed to in writing, software
|
11
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
+
See the License for the specific language governing permissions and
|
14
|
+
limitations under the License.
|
15
|
+
=end
|
16
|
+
|
17
|
+
module Arachni
|
18
|
+
|
19
|
+
module Platform
|
20
|
+
|
21
|
+
# Represents a collection of applicable platforms.
|
22
|
+
#
|
23
|
+
# @author Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
|
24
|
+
class List
|
25
|
+
include Enumerable
|
26
|
+
|
27
|
+
# @param [Array<String, Symbol>] valid_platforms
|
28
|
+
# Valid platforms for this list.
|
29
|
+
def initialize( valid_platforms )
|
30
|
+
@valid_platforms = normalize!( valid_platforms )
|
31
|
+
@platforms = Set.new
|
32
|
+
end
|
33
|
+
|
34
|
+
# @return [Array<Symbol>] Supported platforms.
|
35
|
+
def valid
|
36
|
+
@valid ||= Set.new( hierarchical? ? flat_list : @valid_platforms )
|
37
|
+
end
|
38
|
+
|
39
|
+
# Selects appropriate data depending on the applicable platforms
|
40
|
+
# from `data_per_platform`.
|
41
|
+
#
|
42
|
+
# @param [Hash{<Symbol, String> => Object}] data_per_platform
|
43
|
+
# Hash with platform names as keys and arbitrary data as values.
|
44
|
+
#
|
45
|
+
# @return [Hash] `data_per_platform` with non-applicable entries removed.
|
46
|
+
# @raise [Error::Invalid] On {#invalid?} platforms.
|
47
|
+
def pick( data_per_platform )
|
48
|
+
orig_data_per_platform = data_per_platform.dup
|
49
|
+
data_per_platform = data_per_platform.dup
|
50
|
+
|
51
|
+
data_per_platform.select! { |k, v| include? k }
|
52
|
+
|
53
|
+
# Bail out if the valid platforms are just a flat array, without hierarchy.
|
54
|
+
return data_per_platform if !hierarchical?
|
55
|
+
|
56
|
+
# Keep track of parents which will be removed due to the existence of
|
57
|
+
# their children.
|
58
|
+
specified_parents = []
|
59
|
+
|
60
|
+
# Remove parents if we have children.
|
61
|
+
data_per_platform.keys.each do |platform|
|
62
|
+
specified_parents |= parents = find_parents( platform )
|
63
|
+
data_per_platform.reject! { |k, _| parents.include? k }
|
64
|
+
end
|
65
|
+
|
66
|
+
# Include all of the parents' children if parents are specified but no
|
67
|
+
# children for them.
|
68
|
+
|
69
|
+
children = {}
|
70
|
+
children_for = valid & @platforms.to_a
|
71
|
+
children_for.each do |platform|
|
72
|
+
next if specified_parents.include? platform
|
73
|
+
c = find_children( platform )
|
74
|
+
children.merge! orig_data_per_platform.select { |k, _| c.include? k }
|
75
|
+
end
|
76
|
+
|
77
|
+
data_per_platform.merge! children
|
78
|
+
|
79
|
+
# Include the nearest parent data there is a child platform but there
|
80
|
+
# are no data for it.
|
81
|
+
|
82
|
+
ignore = data_per_platform.keys | specified_parents
|
83
|
+
orig_data_per_platform.each do |platform, data|
|
84
|
+
next if ignore.include?( platform ) ||
|
85
|
+
!include_any?( find_children( platform ) )
|
86
|
+
data_per_platform[platform] = data
|
87
|
+
end
|
88
|
+
|
89
|
+
data_per_platform
|
90
|
+
end
|
91
|
+
|
92
|
+
# @param [Array<Symbol, String> Symbol, String] platforms
|
93
|
+
# Platform(s) to check.
|
94
|
+
# @return [Boolean]
|
95
|
+
# `true` if platforms are valid (i.e. in {#valid}), `false` otherwise.
|
96
|
+
# @see #invalid?
|
97
|
+
def valid?( platforms )
|
98
|
+
normalize( platforms )
|
99
|
+
true
|
100
|
+
rescue
|
101
|
+
false
|
102
|
+
end
|
103
|
+
|
104
|
+
# @param [Array<Symbol, String> Symbol, String] platforms
|
105
|
+
# Platform(s) to check.
|
106
|
+
# @return [Boolean]
|
107
|
+
# `true` if platforms are invalid (i.e. not in {#valid}), `false` otherwise.
|
108
|
+
# @see #valid?
|
109
|
+
def invalid?( platforms )
|
110
|
+
!valid?( platforms )
|
111
|
+
end
|
112
|
+
|
113
|
+
# @return [Boolean]
|
114
|
+
# `true` if there are no applicable platforms, `false` otherwise.
|
115
|
+
def empty?
|
116
|
+
@platforms.empty?
|
117
|
+
end
|
118
|
+
|
119
|
+
# @return [Boolean]
|
120
|
+
# `true` if there are applicable platforms, `false` otherwise.
|
121
|
+
def any?
|
122
|
+
!empty?
|
123
|
+
end
|
124
|
+
|
125
|
+
# @param [Symbol, String] platform Platform to add to the list.
|
126
|
+
# @return [Platform] `self`
|
127
|
+
# @raise [Error::Invalid] On {#invalid?} platforms.
|
128
|
+
def <<( platform )
|
129
|
+
@platforms << normalize( platform )
|
130
|
+
self
|
131
|
+
end
|
132
|
+
|
133
|
+
# @param [Platform, Enumerable] enum
|
134
|
+
# Enumerable object containing platforms.
|
135
|
+
# @return [Platform] Updated copy of `self`.
|
136
|
+
# @raise [Error::Invalid] On {#invalid?} platforms.
|
137
|
+
def merge( enum )
|
138
|
+
dup.merge!( enum )
|
139
|
+
end
|
140
|
+
|
141
|
+
# @param [Enumerable] enum
|
142
|
+
# Enumerable object containing platforms.
|
143
|
+
# @return [Platform] Updated `self`.
|
144
|
+
# @raise [Error::Invalid] On {#invalid?} platforms.
|
145
|
+
def merge!( enum )
|
146
|
+
@platforms.merge normalize( enum )
|
147
|
+
self
|
148
|
+
end
|
149
|
+
alias update merge!
|
150
|
+
|
151
|
+
# @param [Platform, Enumerable] enum
|
152
|
+
# {Platform} or enumerable object containing platforms.
|
153
|
+
# @return [Platform]
|
154
|
+
# New {Platform} built by merging `self` and the elements of the
|
155
|
+
# given enumerable object.
|
156
|
+
# @raise [Error::Invalid] On {#invalid?} platforms.
|
157
|
+
def |( enum )
|
158
|
+
dup.merge( enum )
|
159
|
+
end
|
160
|
+
alias + |
|
161
|
+
|
162
|
+
# @param [Block] block Block to be passed each platform.
|
163
|
+
# @return [Enumerator, Platform]
|
164
|
+
# `Enumerator` if no `block` is given, `self` otherwise.
|
165
|
+
def each( &block )
|
166
|
+
return enum_for( __method__ ) if !block_given?
|
167
|
+
@platforms.each( &block )
|
168
|
+
self
|
169
|
+
end
|
170
|
+
|
171
|
+
# @param [Symbol, String] platform Platform to check.
|
172
|
+
# @return [Boolean]
|
173
|
+
# `true` if `platform` applies to the given resource, `false` otherwise.
|
174
|
+
# @raise [Error::Invalid] On {#invalid?} `platforms`.
|
175
|
+
def include?( platform )
|
176
|
+
@platforms.include? normalize( platform )
|
177
|
+
end
|
178
|
+
|
179
|
+
# @param [Array<Symbol, String>] platforms Platform to check.
|
180
|
+
# @return [Boolean]
|
181
|
+
# `true` if any platform in `platforms` applies to the given resource,
|
182
|
+
# `false` otherwise.
|
183
|
+
# @raise [Error::Invalid] On {#invalid?} `platforms`.
|
184
|
+
def include_any?( platforms )
|
185
|
+
(@platforms & normalize( platforms )).any?
|
186
|
+
end
|
187
|
+
|
188
|
+
# Clears platforms.
|
189
|
+
def clear
|
190
|
+
@platforms.clear
|
191
|
+
end
|
192
|
+
|
193
|
+
# @return [Platform] Copy of `self`.
|
194
|
+
def dup
|
195
|
+
self.class.new( @valid_platforms ).tap { |p| p.platforms = @platforms }
|
196
|
+
end
|
197
|
+
|
198
|
+
# @return [Boolean]
|
199
|
+
# `true` if the list has a hierarchy, `false` otherwise.
|
200
|
+
def hierarchical?
|
201
|
+
@valid_platforms.is_a? Hash
|
202
|
+
end
|
203
|
+
|
204
|
+
def self.normalize( platforms )
|
205
|
+
case platforms
|
206
|
+
when self.class, Symbol
|
207
|
+
platforms
|
208
|
+
when String
|
209
|
+
platforms.to_sym
|
210
|
+
when Hash
|
211
|
+
platforms.symbolize_keys
|
212
|
+
when Enumerable, Array
|
213
|
+
platforms.to_a.flatten.map( &:to_sym ).uniq.sort
|
214
|
+
end
|
215
|
+
end
|
216
|
+
|
217
|
+
protected
|
218
|
+
|
219
|
+
def platforms=( enum )
|
220
|
+
@platforms = Set.new( enum )
|
221
|
+
end
|
222
|
+
|
223
|
+
private
|
224
|
+
|
225
|
+
# @return [Array<Symbol>] Flat list of supported {OS operating systems}.
|
226
|
+
def flat_list( hash = @valid_platforms )
|
227
|
+
flat = []
|
228
|
+
hash.each do |k, v|
|
229
|
+
flat << k
|
230
|
+
flat |= flat_list( v ) if v.any?
|
231
|
+
end
|
232
|
+
flat.reject { |i| !i.is_a? Symbol }
|
233
|
+
end
|
234
|
+
|
235
|
+
def find_children( platform, hash = @valid_platforms )
|
236
|
+
return [] if hash.empty?
|
237
|
+
|
238
|
+
children = []
|
239
|
+
hash.each do |k, v|
|
240
|
+
if k == platform
|
241
|
+
children |= flat_list( v )
|
242
|
+
elsif v.is_a? Hash
|
243
|
+
children |= find_children( platform, v )
|
244
|
+
end
|
245
|
+
|
246
|
+
end
|
247
|
+
children
|
248
|
+
end
|
249
|
+
|
250
|
+
def find_parents( platform, hash = @valid_platforms )
|
251
|
+
return [] if hash.empty?
|
252
|
+
|
253
|
+
parents = []
|
254
|
+
hash.each do |k, v|
|
255
|
+
if v.include?( platform )
|
256
|
+
parents << k
|
257
|
+
elsif v.is_a? Hash
|
258
|
+
parents |= find_parents( platform, v )
|
259
|
+
end
|
260
|
+
end
|
261
|
+
parents
|
262
|
+
end
|
263
|
+
|
264
|
+
def normalize( platforms )
|
265
|
+
return platforms if platforms.is_a? self.class
|
266
|
+
|
267
|
+
if platforms.is_a?( Symbol ) || platforms.is_a?( String )
|
268
|
+
platform = normalize!( platforms )
|
269
|
+
if !valid.include?( platform )
|
270
|
+
fail Error::Invalid, "Invalid platform: #{platform}"
|
271
|
+
end
|
272
|
+
|
273
|
+
return platform
|
274
|
+
end
|
275
|
+
|
276
|
+
platforms = normalize!( platforms )
|
277
|
+
invalid = (valid + platforms) - valid
|
278
|
+
|
279
|
+
if invalid.any?
|
280
|
+
fail Error::Invalid, "Invalid platforms: #{invalid.to_a.join( ', ' )}"
|
281
|
+
end
|
282
|
+
|
283
|
+
platforms
|
284
|
+
end
|
285
|
+
|
286
|
+
def normalize!( platforms )
|
287
|
+
self.class.normalize( platforms )
|
288
|
+
end
|
289
|
+
|
290
|
+
end
|
291
|
+
|
292
|
+
end
|
293
|
+
end
|
@@ -0,0 +1,435 @@
|
|
1
|
+
=begin
|
2
|
+
Copyright 2010-2013 Tasos Laskos <tasos.laskos@gmail.com>
|
3
|
+
|
4
|
+
Licensed under the Apache License, Version 2.0 (the "License");
|
5
|
+
you may not use this file except in compliance with the License.
|
6
|
+
You may obtain a copy of the License at
|
7
|
+
|
8
|
+
http://www.apache.org/licenses/LICENSE-2.0
|
9
|
+
|
10
|
+
Unless required by applicable law or agreed to in writing, software
|
11
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
+
See the License for the specific language governing permissions and
|
14
|
+
limitations under the License.
|
15
|
+
=end
|
16
|
+
|
17
|
+
require_relative 'list'
|
18
|
+
require_relative 'fingerprinter'
|
19
|
+
|
20
|
+
module Arachni
|
21
|
+
|
22
|
+
module Platform
|
23
|
+
|
24
|
+
#
|
25
|
+
# {Platform} error namespace.
|
26
|
+
#
|
27
|
+
# All {Platform} errors inherit from and live under it.
|
28
|
+
#
|
29
|
+
# @author Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
|
30
|
+
#
|
31
|
+
class Error < Arachni::Error
|
32
|
+
|
33
|
+
# Raised on {Platform#invalid?} platform names.
|
34
|
+
#
|
35
|
+
# @author Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
|
36
|
+
class Invalid < Error
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
#
|
41
|
+
# Represents a collection of platform {List lists}.
|
42
|
+
#
|
43
|
+
# It also holds a DB of all fingerprints per URI as a class variable and
|
44
|
+
# provides helper method for accessing and manipulating it.
|
45
|
+
#
|
46
|
+
# @author Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
|
47
|
+
#
|
48
|
+
class Manager
|
49
|
+
include Enumerable
|
50
|
+
include Utilities
|
51
|
+
extend Utilities
|
52
|
+
include UI::Output
|
53
|
+
extend UI::Output
|
54
|
+
|
55
|
+
TYPES = {
|
56
|
+
os: 'Operating systems',
|
57
|
+
db: 'Databases',
|
58
|
+
servers: 'Web servers',
|
59
|
+
languages: 'Programming languages',
|
60
|
+
frameworks: 'Frameworks'
|
61
|
+
}
|
62
|
+
|
63
|
+
OS = {
|
64
|
+
# Generic *nix, flavor couldn't be identified.
|
65
|
+
unix: {
|
66
|
+
linux: {},
|
67
|
+
|
68
|
+
# Generic BSD, flavor couldn't be identified.
|
69
|
+
bsd: {},
|
70
|
+
solaris: {}
|
71
|
+
},
|
72
|
+
windows: {}
|
73
|
+
}
|
74
|
+
|
75
|
+
DB = [
|
76
|
+
:mysql,
|
77
|
+
:pgsql,
|
78
|
+
:mssql,
|
79
|
+
:oracle,
|
80
|
+
:sqlite,
|
81
|
+
:emc,
|
82
|
+
:db2,
|
83
|
+
:coldfusion,
|
84
|
+
:interbase,
|
85
|
+
:informix
|
86
|
+
]
|
87
|
+
|
88
|
+
SERVERS = [
|
89
|
+
:apache,
|
90
|
+
:nginx,
|
91
|
+
:tomcat,
|
92
|
+
:iis,
|
93
|
+
:jetty
|
94
|
+
]
|
95
|
+
|
96
|
+
LANGUAGES = [
|
97
|
+
:php,
|
98
|
+
:jsp,
|
99
|
+
:python,
|
100
|
+
:ruby,
|
101
|
+
:asp,
|
102
|
+
:aspx,
|
103
|
+
:perl
|
104
|
+
]
|
105
|
+
|
106
|
+
# WebApp frameworks.
|
107
|
+
FRAMEWORKS = [
|
108
|
+
:rack
|
109
|
+
]
|
110
|
+
|
111
|
+
PLATFORM_NAMES = {
|
112
|
+
# Operating systems
|
113
|
+
unix: 'Generic Unix family',
|
114
|
+
linux: 'Linux',
|
115
|
+
bsd: 'Generic BSD family',
|
116
|
+
solaris: 'Solaris',
|
117
|
+
windows: 'MS Windows',
|
118
|
+
|
119
|
+
# Databases
|
120
|
+
mysql: 'MySQL',
|
121
|
+
pgsql: 'Postgresql',
|
122
|
+
mssql: 'MSSQL',
|
123
|
+
oracle: 'Oracle',
|
124
|
+
sqlite: 'SQLite',
|
125
|
+
emc: 'EMC',
|
126
|
+
db2: 'DB2',
|
127
|
+
coldfusion: 'ColdFusion',
|
128
|
+
interbase: 'InterBase',
|
129
|
+
informix: 'Informix',
|
130
|
+
|
131
|
+
# Web servers
|
132
|
+
apache: 'Apache',
|
133
|
+
nginx: 'Nginx',
|
134
|
+
tomcat: 'TomCat',
|
135
|
+
iis: 'IIS',
|
136
|
+
jetty: 'Jetty',
|
137
|
+
|
138
|
+
# Programming languages
|
139
|
+
php: 'PHP',
|
140
|
+
jsp: 'JSP',
|
141
|
+
python: 'Python',
|
142
|
+
ruby: 'Ruby',
|
143
|
+
asp: 'ASP',
|
144
|
+
aspx: 'ASP.NET',
|
145
|
+
perl: 'Perl',
|
146
|
+
|
147
|
+
# Web frameworks
|
148
|
+
rack: 'Rack'
|
149
|
+
}
|
150
|
+
|
151
|
+
# Sets global platforms fingerprints
|
152
|
+
# @private
|
153
|
+
def self.set( platforms )
|
154
|
+
@platforms = platforms
|
155
|
+
end
|
156
|
+
|
157
|
+
# Clears global platforms DB.
|
158
|
+
def self.clear
|
159
|
+
@platforms.clear
|
160
|
+
end
|
161
|
+
|
162
|
+
# Empties the global platform fingerprints.
|
163
|
+
def self.reset
|
164
|
+
set Hash.new
|
165
|
+
@manager.clear if @manager
|
166
|
+
@manager = nil
|
167
|
+
self
|
168
|
+
end
|
169
|
+
reset
|
170
|
+
|
171
|
+
def self.fingerprinters
|
172
|
+
@manager ||=
|
173
|
+
Component::Manager.new( Options.dir['fingerprinters'],
|
174
|
+
Platform::Fingerprinters )
|
175
|
+
end
|
176
|
+
fingerprinters.load_all
|
177
|
+
|
178
|
+
# Runs all fingerprinters against the given `page`.
|
179
|
+
#
|
180
|
+
# @param [Page] page Page to fingerprint.
|
181
|
+
# @return [Manager] Updated `self`.
|
182
|
+
def self.fingerprint( page )
|
183
|
+
fingerprinters.available.each do |name|
|
184
|
+
exception_jail( false ) do
|
185
|
+
fingerprinters[name].new( page ).run
|
186
|
+
end
|
187
|
+
end
|
188
|
+
page
|
189
|
+
end
|
190
|
+
|
191
|
+
#
|
192
|
+
# Sets platform manager for the given `uri`.
|
193
|
+
#
|
194
|
+
# @param [String, URI] uri
|
195
|
+
# @param [Enumerable] platforms
|
196
|
+
#
|
197
|
+
# @return [Manager]
|
198
|
+
# @raise [Error::Invalid] On {#invalid?} platforms.
|
199
|
+
def self.[]=( uri, platforms )
|
200
|
+
@platforms[make_key( uri )] =
|
201
|
+
platforms.is_a?( self ) ? platforms : new( platforms )
|
202
|
+
end
|
203
|
+
|
204
|
+
#
|
205
|
+
# Updates the `platforms` for the given `uri`.
|
206
|
+
#
|
207
|
+
# @param [String, URI] uri
|
208
|
+
# @param [Manager] platforms
|
209
|
+
#
|
210
|
+
# @return [Manager] Updated manager.
|
211
|
+
# @raise [Error::Invalid] On {#invalid?} platforms.
|
212
|
+
def self.update( uri, platforms )
|
213
|
+
self[uri].update platforms
|
214
|
+
end
|
215
|
+
|
216
|
+
# @param [String, URI] uri
|
217
|
+
# @return [Manager] Platform for the given `uri`
|
218
|
+
def self.[]( uri )
|
219
|
+
@platforms[make_key( uri )] ||= new
|
220
|
+
end
|
221
|
+
|
222
|
+
# @return [Boolean]
|
223
|
+
# `true` if there are no platforms fingerprints, `false` otherwise.
|
224
|
+
def self.empty?
|
225
|
+
@platforms.empty?
|
226
|
+
end
|
227
|
+
|
228
|
+
# @return [Boolean]
|
229
|
+
# `true` if there are platforms fingerprints, `false` otherwise.
|
230
|
+
def self.any?
|
231
|
+
!empty?
|
232
|
+
end
|
233
|
+
|
234
|
+
# @return [Hash<Integer, Platform>]
|
235
|
+
# Platform per {URI#persistent_hash hashed URL}.
|
236
|
+
def self.all
|
237
|
+
@platforms
|
238
|
+
end
|
239
|
+
|
240
|
+
# @return [Hash{Integer=>Array<Symbol>}]
|
241
|
+
# Light representation of the fingerprint DB with URL hashes as keys
|
242
|
+
# and arrays of symbols for platforms as values.
|
243
|
+
def self.light
|
244
|
+
all.inject({}) { |h, (k, v)| h[k] = v.to_a; h }
|
245
|
+
end
|
246
|
+
|
247
|
+
# @param [Hash{Integer=>Array<Symbol>}] light_platforms
|
248
|
+
# Return value of {.light}.
|
249
|
+
# @return [Manager]
|
250
|
+
def self.update_light( light_platforms )
|
251
|
+
light_platforms.each do |url, platforms|
|
252
|
+
@platforms[url] ||= new( platforms )
|
253
|
+
end
|
254
|
+
self
|
255
|
+
end
|
256
|
+
|
257
|
+
# @param [Array<String, Symbol>] platforms
|
258
|
+
# Platforms with which to initialize the lists.
|
259
|
+
def initialize( platforms = [] )
|
260
|
+
@platforms = {}
|
261
|
+
TYPES.keys.each do |type|
|
262
|
+
@platforms[type] =
|
263
|
+
List.new( self.class.const_get( type.to_s.upcase.to_sym ) )
|
264
|
+
end
|
265
|
+
|
266
|
+
update [platforms | Options.platforms].flatten.compact
|
267
|
+
end
|
268
|
+
|
269
|
+
# @!method os
|
270
|
+
# @return [List] Platform list for operating systems.
|
271
|
+
# @see OS
|
272
|
+
|
273
|
+
# @!method db
|
274
|
+
# @return [List] Platform list for databases.
|
275
|
+
# @see DB
|
276
|
+
|
277
|
+
# @!method servers
|
278
|
+
# @return [List] Platform list for web servers.
|
279
|
+
# @see SERVERS
|
280
|
+
|
281
|
+
# @!method languages
|
282
|
+
# @return [List] Platform list for languages.
|
283
|
+
# @see LANGUAGES
|
284
|
+
|
285
|
+
# @!method frameworks
|
286
|
+
# @return [List] Platform list for frameworks.
|
287
|
+
# @see FRAMEWORKS
|
288
|
+
|
289
|
+
[:os, :db, :servers, :languages, :frameworks].each do |type|
|
290
|
+
define_method type do
|
291
|
+
@platforms[type]
|
292
|
+
end
|
293
|
+
end
|
294
|
+
|
295
|
+
# Converts a platform shortname to a full name.
|
296
|
+
#
|
297
|
+
# @param [String, Symbol] platform
|
298
|
+
# Platform shortname.
|
299
|
+
#
|
300
|
+
# @return [String] Full name.
|
301
|
+
# @raise [Error::Invalid] On {#invalid?} platforms.
|
302
|
+
def fullname( platform )
|
303
|
+
PLATFORM_NAMES[normalize( platform )]
|
304
|
+
end
|
305
|
+
|
306
|
+
# Selects appropriate data, depending on the applicable platforms,
|
307
|
+
# from `data_per_platform`.
|
308
|
+
#
|
309
|
+
# @param [Hash{<Symbol, String> => Object}] data_per_platform
|
310
|
+
# Hash with platform names as keys and arbitrary data as values.
|
311
|
+
#
|
312
|
+
# @return [Hash]
|
313
|
+
# `data_per_platform` with non-applicable entries (for non-empty platform
|
314
|
+
# lists) removed. Data for platforms whose list is empty will not be removed.
|
315
|
+
# @raise [Error::Invalid] On {#invalid?} platforms.
|
316
|
+
def pick( data_per_platform )
|
317
|
+
data_per_list = {}
|
318
|
+
data_per_platform.each do |platform, value|
|
319
|
+
list = find_list( platform )
|
320
|
+
data_per_list[list] ||= {}
|
321
|
+
data_per_list[list][platform] = value
|
322
|
+
end
|
323
|
+
|
324
|
+
picked = {}
|
325
|
+
data_per_list.each do |list, data|
|
326
|
+
# If a platform list is empty pass the given data without picking...
|
327
|
+
if list.empty?
|
328
|
+
picked.merge! data
|
329
|
+
next
|
330
|
+
end
|
331
|
+
|
332
|
+
# ...otherwise enforce its platform restrictions.
|
333
|
+
picked.merge! list.pick( data )
|
334
|
+
end
|
335
|
+
|
336
|
+
picked
|
337
|
+
end
|
338
|
+
|
339
|
+
# @return [Set<Symbol>] List of valid platforms.
|
340
|
+
def valid
|
341
|
+
@valid ||= Set.new( @platforms.map { |_, p| p.valid.to_a }.flatten )
|
342
|
+
end
|
343
|
+
|
344
|
+
# @param [Symbol, String] platform Platform to check.
|
345
|
+
# @return [Boolean]
|
346
|
+
# `true` if platform is valid (i.e. in {#valid}), `false` otherwise.
|
347
|
+
# @see #invalid?
|
348
|
+
def valid?( platform )
|
349
|
+
valid.include? platform
|
350
|
+
end
|
351
|
+
|
352
|
+
# @param [Symbol, String] platform Platform to check.
|
353
|
+
# @return [Boolean]
|
354
|
+
# `true` if platform is invalid (i.e. not in {#valid}), `false` otherwise.
|
355
|
+
# @see #invalid?
|
356
|
+
def invalid?( platform )
|
357
|
+
!valid?( platform )
|
358
|
+
end
|
359
|
+
|
360
|
+
# @param [Block] block Block to be passed each platform.
|
361
|
+
# @return [Enumerator, Manager]
|
362
|
+
# `Enumerator` if no `block` is given, `self` otherwise.
|
363
|
+
def each( &block )
|
364
|
+
return enum_for( __method__ ) if !block_given?
|
365
|
+
@platforms.map { |_, p| p.to_a }.flatten.each( &block )
|
366
|
+
self
|
367
|
+
end
|
368
|
+
|
369
|
+
# @param [Symbol, String] platform Platform to check.
|
370
|
+
# @return [Boolean]
|
371
|
+
# `true` if one of the lists contains the `platform`, `false` otherwise.
|
372
|
+
# @raise [Error::Invalid] On {#invalid?} `platforms`.
|
373
|
+
def include?( platform )
|
374
|
+
find_list( platform ).include?( platform )
|
375
|
+
end
|
376
|
+
|
377
|
+
# @return [Boolean]
|
378
|
+
# `true` if there are no applicable platforms, `false` otherwise.
|
379
|
+
def empty?
|
380
|
+
!@platforms.map { |_, p| p.empty? }.include?( false )
|
381
|
+
end
|
382
|
+
|
383
|
+
# @return [Boolean]
|
384
|
+
# `true` if there are applicable platforms, `false` otherwise.
|
385
|
+
def any?
|
386
|
+
!empty?
|
387
|
+
end
|
388
|
+
|
389
|
+
# @param [Enumerable] enum Enumerable object containing platforms.
|
390
|
+
# @return [Manager] Updated `self`.
|
391
|
+
# @raise [Error::Invalid] On {#invalid?} platforms.
|
392
|
+
def update( enum )
|
393
|
+
enum.each { |p| self << p }
|
394
|
+
self
|
395
|
+
end
|
396
|
+
|
397
|
+
# @param [Symbol, String] platform
|
398
|
+
# Platform to add to the appropriate list.
|
399
|
+
# @return [Manager] `self`
|
400
|
+
# @raise [Error::Invalid] On {#invalid?} platforms.
|
401
|
+
def <<( platform )
|
402
|
+
find_list( platform ) << platform
|
403
|
+
self
|
404
|
+
end
|
405
|
+
|
406
|
+
# @param [String, Symbol] platform
|
407
|
+
# Platform whose type to find
|
408
|
+
# @return [Symbol] Platform type.
|
409
|
+
def find_type( platform )
|
410
|
+
platform = normalize( platform )
|
411
|
+
@platforms.each { |type, list| return type if list.valid? platform }
|
412
|
+
nil
|
413
|
+
end
|
414
|
+
|
415
|
+
# @param [String, Symbol] platform Platform whose list to find.
|
416
|
+
# @return [List] Platform list.
|
417
|
+
def find_list( platform )
|
418
|
+
@platforms[find_type( normalize( platform ) )]
|
419
|
+
end
|
420
|
+
|
421
|
+
private
|
422
|
+
|
423
|
+
def normalize( platform )
|
424
|
+
platform = List.normalize( platform )
|
425
|
+
fail Error::Invalid, "Invalid platform: #{platform}" if invalid?( platform )
|
426
|
+
platform
|
427
|
+
end
|
428
|
+
|
429
|
+
def self.make_key( uri )
|
430
|
+
Arachni::URI( uri ).without_query.persistent_hash
|
431
|
+
end
|
432
|
+
|
433
|
+
end
|
434
|
+
end
|
435
|
+
end
|