arachni 0.4.7 → 1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -13
- data/AUTHORS.md +1 -1
- data/CHANGELOG.md +211 -0
- data/CONTRIBUTORS.md +1 -0
- data/Gemfile +23 -2
- data/LICENSE.md +34 -1
- data/README.md +211 -127
- data/Rakefile +79 -67
- data/arachni.gemspec +54 -62
- data/bin/arachni +6 -18
- data/bin/arachni_console +5 -13
- data/bin/arachni_multi +6 -16
- data/bin/arachni_reporter +12 -0
- data/bin/arachni_restore +12 -0
- data/bin/arachni_rpc +6 -16
- data/bin/arachni_rpcd +6 -17
- data/bin/arachni_rpcd_monitor +6 -18
- data/bin/arachni_script +8 -19
- data/components/checks/active/code_injection.rb +123 -0
- data/components/checks/active/code_injection_php_input_wrapper.rb +99 -0
- data/components/checks/active/code_injection_timing.rb +106 -0
- data/components/checks/active/csrf.rb +218 -0
- data/components/checks/active/file_inclusion.rb +152 -0
- data/components/checks/active/ldap_injection.rb +109 -0
- data/{modules/audit/ldapi → components/checks/active/ldap_injection}/errors.txt +0 -0
- data/components/checks/active/no_sql_injection.rb +94 -0
- data/components/checks/active/no_sql_injection/patterns/mongodb +1 -0
- data/{extras/placeholder → components/checks/active/no_sql_injection/regexp_ignore.txt} +0 -0
- data/components/checks/active/no_sql_injection_differential.rb +78 -0
- data/components/checks/active/os_cmd_injection.rb +116 -0
- data/components/checks/active/os_cmd_injection_timing.rb +92 -0
- data/components/checks/active/path_traversal.rb +174 -0
- data/components/checks/active/response_splitting.rb +94 -0
- data/components/checks/active/rfi.rb +172 -0
- data/components/checks/active/session_fixation.rb +117 -0
- data/components/checks/active/source_code_disclosure.rb +177 -0
- data/components/checks/active/sql_injection.rb +123 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/access +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/coldfusion +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/db2 +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/emc +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/firebird +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/frontbase +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/hsqldb +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/informix +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/ingres +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/interbase +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/maxdb +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/mssql +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/mysql +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/oracle +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/pgsql +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/sqlite +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/patterns/sybase +0 -0
- data/{modules/audit/sqli → components/checks/active/sql_injection}/regexp_ignore.txt +0 -0
- data/components/checks/active/sql_injection_differential.rb +114 -0
- data/{modules/audit/sqli_blind_rdiff → components/checks/active/sql_injection_differential}/payloads.txt +0 -0
- data/components/checks/active/sql_injection_timing.rb +98 -0
- data/{modules/audit/sqli_blind_timing → components/checks/active/sql_injection_timing}/mssql.txt +0 -0
- data/{modules/audit/sqli_blind_timing → components/checks/active/sql_injection_timing}/mysql.txt +0 -0
- data/{modules/audit/sqli_blind_timing → components/checks/active/sql_injection_timing}/pgsql.txt +0 -0
- data/components/checks/active/trainer.rb +40 -0
- data/components/checks/active/unvalidated_redirect.rb +108 -0
- data/components/checks/active/xpath_injection.rb +87 -0
- data/{modules/audit/xpath → components/checks/active/xpath_injection}/errors.txt +0 -0
- data/components/checks/active/xss.rb +169 -0
- data/components/checks/active/xss_dom.rb +119 -0
- data/components/checks/active/xss_dom_inputs.rb +132 -0
- data/components/checks/active/xss_dom_script_context.rb +118 -0
- data/components/checks/active/xss_event.rb +165 -0
- data/components/checks/active/xss_path.rb +146 -0
- data/components/checks/active/xss_script_context.rb +207 -0
- data/components/checks/active/xss_tag.rb +135 -0
- data/components/checks/passive/allowed_methods.rb +92 -0
- data/components/checks/passive/backdoors.rb +79 -0
- data/{modules/recon → components/checks/passive}/backdoors/filenames.txt +0 -0
- data/components/checks/passive/backup_directories.rb +86 -0
- data/components/checks/passive/backup_directories/formats.txt +56 -0
- data/components/checks/passive/backup_files.rb +99 -0
- data/components/checks/passive/backup_files/formats.txt +106 -0
- data/components/checks/passive/common_directories.rb +81 -0
- data/{modules/recon → components/checks/passive}/common_directories/directories.txt +0 -0
- data/components/checks/passive/common_files.rb +73 -0
- data/components/checks/passive/common_files/filenames.txt +24 -0
- data/components/checks/passive/directory_listing.rb +129 -0
- data/components/checks/passive/grep/captcha.rb +73 -0
- data/components/checks/passive/grep/cookie_set_for_parent_domain.rb +71 -0
- data/components/checks/passive/grep/credit_card.rb +124 -0
- data/components/checks/passive/grep/cvs_svn_users.rb +75 -0
- data/components/checks/passive/grep/emails.rb +53 -0
- data/components/checks/passive/grep/form_upload.rb +75 -0
- data/components/checks/passive/grep/hsts.rb +74 -0
- data/components/checks/passive/grep/html_objects.rb +45 -0
- data/components/checks/passive/grep/http_only_cookies.rb +72 -0
- data/components/checks/passive/grep/insecure_cookies.rb +74 -0
- data/components/checks/passive/grep/mixed_resource.rb +109 -0
- data/components/checks/passive/grep/password_autocomplete.rb +80 -0
- data/components/checks/passive/grep/private_ip.rb +73 -0
- data/components/checks/passive/grep/ssn.rb +62 -0
- data/components/checks/passive/grep/unencrypted_password_forms.rb +88 -0
- data/components/checks/passive/htaccess_limit.rb +71 -0
- data/components/checks/passive/http_put.rb +91 -0
- data/components/checks/passive/interesting_responses.rb +88 -0
- data/components/checks/passive/localstart_asp.rb +88 -0
- data/components/checks/passive/origin_spoof_access_restriction_bypass.rb +83 -0
- data/components/checks/passive/webdav.rb +101 -0
- data/components/checks/passive/xst.rb +90 -0
- data/components/fingerprinters/frameworks/rack.rb +33 -0
- data/components/fingerprinters/languages/asp.rb +34 -0
- data/components/fingerprinters/languages/aspx.rb +55 -0
- data/components/fingerprinters/languages/jsp.rb +34 -0
- data/components/fingerprinters/languages/php.rb +35 -0
- data/components/fingerprinters/languages/python.rb +32 -0
- data/components/fingerprinters/languages/ruby.rb +33 -0
- data/components/fingerprinters/os/bsd.rb +28 -0
- data/components/fingerprinters/os/linux.rb +34 -0
- data/components/fingerprinters/os/solaris.rb +33 -0
- data/components/fingerprinters/os/unix.rb +28 -0
- data/components/fingerprinters/os/windows.rb +33 -0
- data/components/fingerprinters/servers/apache.rb +28 -0
- data/components/fingerprinters/servers/iis.rb +28 -0
- data/components/fingerprinters/servers/jetty.rb +28 -0
- data/components/fingerprinters/servers/nginx.rb +28 -0
- data/components/fingerprinters/servers/tomcat.rb +28 -0
- data/components/path_extractors/anchors.rb +29 -0
- data/components/path_extractors/areas.rb +29 -0
- data/components/path_extractors/comments.rb +21 -0
- data/components/path_extractors/forms.rb +29 -0
- data/components/path_extractors/frames.rb +29 -0
- data/components/path_extractors/generic.rb +76 -0
- data/components/path_extractors/links.rb +29 -0
- data/components/path_extractors/meta_refresh.rb +50 -0
- data/components/path_extractors/scripts.rb +31 -0
- data/components/plugins/autologin.rb +120 -0
- data/components/plugins/beep_notify.rb +43 -0
- data/components/plugins/content_types.rb +110 -0
- data/components/plugins/cookie_collector.rb +94 -0
- data/components/plugins/defaults/autothrottle.rb +73 -0
- data/components/plugins/defaults/healthmap.rb +79 -0
- data/components/plugins/defaults/meta/remedies/discovery.rb +122 -0
- data/components/plugins/defaults/meta/remedies/timing_attacks.rb +98 -0
- data/components/plugins/defaults/meta/uniformity.rb +55 -0
- data/components/plugins/email_notify.rb +112 -0
- data/components/plugins/form_dicattack.rb +128 -0
- data/components/plugins/http_dicattack.rb +102 -0
- data/components/plugins/proxy.rb +492 -0
- data/{plugins → components/plugins}/proxy/panel/403_forbidden.html.erb +0 -0
- data/{plugins → components/plugins}/proxy/panel/404_not_found.html.erb +0 -0
- data/{plugins → components/plugins}/proxy/panel/css/bootstrap-responsive.css +0 -0
- data/{plugins → components/plugins}/proxy/panel/css/bootstrap.min.css +0 -0
- data/{plugins → components/plugins}/proxy/panel/css/panel.css +0 -0
- data/{plugins → components/plugins}/proxy/panel/help.html.erb +0 -0
- data/{plugins → components/plugins}/proxy/panel/img/glyphicons-halflings-white.png +0 -0
- data/{plugins → components/plugins}/proxy/panel/img/glyphicons-halflings.png +0 -0
- data/{plugins → components/plugins}/proxy/panel/img/record.png +0 -0
- data/{plugins → components/plugins}/proxy/panel/inspect.html.erb +0 -0
- data/{plugins → components/plugins}/proxy/panel/js/bootstrap.min.js +0 -0
- data/{plugins → components/plugins}/proxy/panel/js/jquery.min.js +0 -0
- data/{plugins → components/plugins}/proxy/panel/js/panel.js +0 -0
- data/{plugins → components/plugins}/proxy/panel/layout.html.erb +0 -0
- data/components/plugins/proxy/panel/page_accordion.html.erb +67 -0
- data/{plugins → components/plugins}/proxy/panel/page_twin_accordion.html.erb +0 -0
- data/components/plugins/proxy/panel/panel.html.erb +69 -0
- data/{plugins → components/plugins}/proxy/panel/shutdown_message.html.erb +0 -0
- data/{plugins → components/plugins}/proxy/panel/sign_in.html.erb +0 -0
- data/{plugins → components/plugins}/proxy/panel/vectors.yml.erb +0 -0
- data/{plugins → components/plugins}/proxy/panel/verify_login_check.html.erb +0 -0
- data/{plugins → components/plugins}/proxy/panel/verify_login_final.html.erb +0 -0
- data/components/plugins/proxy/panel/verify_login_sequence.html.erb +45 -0
- data/components/plugins/proxy/template_scope.rb +130 -0
- data/components/plugins/script.rb +48 -0
- data/components/plugins/uncommon_headers.rb +92 -0
- data/components/plugins/vector_feed.rb +225 -0
- data/components/plugins/waf_detector.rb +169 -0
- data/components/reporters/ap.rb +38 -0
- data/components/reporters/html.rb +468 -0
- data/components/reporters/html/default.erb +68 -0
- data/components/reporters/html/default/configuration.erb +78 -0
- data/components/reporters/html/default/css/lib/bootstrap-theme.min.css +7 -0
- data/components/reporters/html/default/css/lib/bootstrap.min.css +7 -0
- data/components/reporters/html/default/css/lib/c3.css +203 -0
- data/components/reporters/html/default/css/lib/font-awesome.min.css +4 -0
- data/components/reporters/html/default/css/main.css +140 -0
- data/components/reporters/html/default/fonts/FontAwesome.otf +0 -0
- data/components/reporters/html/default/fonts/fontawesome-webfont.eot +0 -0
- data/components/reporters/html/default/fonts/fontawesome-webfont.svg +504 -0
- data/components/reporters/html/default/fonts/fontawesome-webfont.ttf +0 -0
- data/components/reporters/html/default/fonts/fontawesome-webfont.woff +0 -0
- data/components/reporters/html/default/fonts/glyphicons-halflings-regular.eot +0 -0
- data/components/reporters/html/default/fonts/glyphicons-halflings-regular.svg +229 -0
- data/components/reporters/html/default/fonts/glyphicons-halflings-regular.ttf +0 -0
- data/components/reporters/html/default/fonts/glyphicons-halflings-regular.woff +0 -0
- data/components/reporters/html/default/issue.erb +81 -0
- data/components/reporters/html/default/issue/details.erb +68 -0
- data/components/reporters/html/default/issue/info.erb +74 -0
- data/components/reporters/html/default/issue/page.erb +117 -0
- data/components/reporters/html/default/issue/page/body.erb +42 -0
- data/components/reporters/html/default/issue/page/sink/data_flow.erb +95 -0
- data/components/reporters/html/default/issue/page/sink/data_flow/arguments.erb +70 -0
- data/components/reporters/html/default/issue/page/sink/data_flow/source.erb +1 -0
- data/components/reporters/html/default/issue/page/sink/execution_flow.erb +63 -0
- data/components/reporters/html/default/issue/page/sink/frame/source.erb +32 -0
- data/components/reporters/html/default/issue/page/sink/trace/table.erb +127 -0
- data/components/reporters/html/default/issue/page/transitions.erb +86 -0
- data/components/reporters/html/default/issue/platform.erb +8 -0
- data/components/reporters/html/default/issue/remarks.erb +28 -0
- data/components/reporters/html/default/issue/vector.erb +40 -0
- data/components/reporters/html/default/issues.erb +46 -0
- data/components/reporters/html/default/issues/grouped.erb +147 -0
- data/components/reporters/html/default/js/charts.js.erb +117 -0
- data/components/reporters/html/default/js/configuration.js.erb +12 -0
- data/components/reporters/html/default/js/helpers.js +107 -0
- data/components/reporters/html/default/js/init.js.erb +23 -0
- data/components/reporters/html/default/js/lib/bootstrap.min.js +6 -0
- data/components/reporters/html/default/js/lib/c3.min.js +3 -0
- data/components/reporters/html/default/js/lib/d3.min.js +5 -0
- data/components/reporters/html/default/js/lib/jquery.min.js +4 -0
- data/components/reporters/html/default/navigation.erb +136 -0
- data/components/reporters/html/default/plugins.erb +30 -0
- data/components/reporters/html/default/shared/hash.erb +10 -0
- data/components/reporters/html/default/shared/hash_table.erb +22 -0
- data/components/reporters/html/default/sitemap.erb +29 -0
- data/components/reporters/html/default/summary.erb +34 -0
- data/components/reporters/html/default/summary/charts.erb +67 -0
- data/components/reporters/html/default/summary/issues.erb +129 -0
- data/components/reporters/json.rb +44 -0
- data/components/reporters/marshal.rb +38 -0
- data/components/reporters/plugin_formatters/html/autologin.rb +50 -0
- data/components/reporters/plugin_formatters/html/content_types.rb +59 -0
- data/components/reporters/plugin_formatters/html/cookie_collector.rb +46 -0
- data/components/reporters/plugin_formatters/html/form_dicattack.rb +36 -0
- data/components/reporters/plugin_formatters/html/healthmap.rb +88 -0
- data/components/reporters/plugin_formatters/html/http_dicattack.rb +36 -0
- data/components/reporters/plugin_formatters/html/uncommon_headers.rb +40 -0
- data/components/reporters/plugin_formatters/html/uniformity.rb +55 -0
- data/components/reporters/plugin_formatters/html/waf_detector.rb +69 -0
- data/components/reporters/plugin_formatters/stdout/autologin.rb +25 -0
- data/components/reporters/plugin_formatters/stdout/content_types.rb +39 -0
- data/components/reporters/plugin_formatters/stdout/cookie_collector.rb +31 -0
- data/components/reporters/plugin_formatters/stdout/form_dicattack.rb +24 -0
- data/components/reporters/plugin_formatters/stdout/healthmap.rb +41 -0
- data/components/reporters/plugin_formatters/stdout/http_dicattack.rb +24 -0
- data/components/reporters/plugin_formatters/stdout/uncommon_headers.rb +29 -0
- data/components/reporters/plugin_formatters/stdout/uniformity.rb +35 -0
- data/components/reporters/plugin_formatters/stdout/waf_detector.rb +21 -0
- data/components/reporters/plugin_formatters/xml/autologin.rb +28 -0
- data/components/reporters/plugin_formatters/xml/content_types.rb +36 -0
- data/components/reporters/plugin_formatters/xml/cookie_collector.rb +32 -0
- data/components/reporters/plugin_formatters/xml/form_dicattack.rb +22 -0
- data/components/reporters/plugin_formatters/xml/healthmap.rb +30 -0
- data/components/reporters/plugin_formatters/xml/http_dicattack.rb +22 -0
- data/components/reporters/plugin_formatters/xml/uncommon_headers.rb +29 -0
- data/components/reporters/plugin_formatters/xml/uniformity.rb +23 -0
- data/components/reporters/plugin_formatters/xml/waf_detector.rb +22 -0
- data/components/reporters/stdout.rb +226 -0
- data/components/reporters/txt.rb +50 -0
- data/components/reporters/xml.rb +285 -0
- data/components/reporters/xml/schema.xsd +664 -0
- data/components/reporters/yaml.rb +37 -0
- data/{rpcd_handlers → components/services}/placeholder +0 -0
- data/lib/arachni.rb +29 -18
- data/lib/arachni/banner.rb +5 -13
- data/lib/arachni/browser.rb +1292 -0
- data/lib/arachni/browser/element_locator.rb +137 -0
- data/lib/arachni/browser/javascript.rb +383 -0
- data/lib/arachni/browser/javascript/dom_monitor.rb +31 -0
- data/lib/arachni/browser/javascript/proxy.rb +92 -0
- data/lib/arachni/browser/javascript/proxy/stub.rb +90 -0
- data/lib/arachni/browser/javascript/scripts/dom_monitor.js +146 -0
- data/lib/arachni/browser/javascript/scripts/taint_tracer.js +486 -0
- data/lib/arachni/browser/javascript/taint_tracer.rb +101 -0
- data/lib/arachni/browser/javascript/taint_tracer/frame.rb +73 -0
- data/lib/arachni/browser/javascript/taint_tracer/frame/called_function.rb +78 -0
- data/lib/arachni/browser/javascript/taint_tracer/sink/base.rb +63 -0
- data/lib/arachni/browser/javascript/taint_tracer/sink/data_flow.rb +83 -0
- data/lib/arachni/browser/javascript/taint_tracer/sink/execution_flow.rb +30 -0
- data/lib/arachni/browser_cluster.rb +414 -0
- data/lib/arachni/browser_cluster/job.rb +193 -0
- data/lib/arachni/browser_cluster/job/result.rb +29 -0
- data/lib/arachni/browser_cluster/jobs/browser_provider.rb +27 -0
- data/lib/arachni/browser_cluster/jobs/resource_exploration.rb +60 -0
- data/lib/arachni/browser_cluster/jobs/resource_exploration/event_trigger.rb +43 -0
- data/lib/arachni/browser_cluster/jobs/resource_exploration/event_trigger/result.rb +23 -0
- data/lib/arachni/browser_cluster/jobs/resource_exploration/result.rb +23 -0
- data/lib/arachni/browser_cluster/jobs/taint_trace.rb +48 -0
- data/lib/arachni/browser_cluster/jobs/taint_trace/event_trigger.rb +33 -0
- data/lib/arachni/browser_cluster/jobs/taint_trace/event_trigger/result.rb +23 -0
- data/lib/arachni/browser_cluster/jobs/taint_trace/result.rb +23 -0
- data/lib/arachni/browser_cluster/worker.rb +277 -0
- data/lib/arachni/check.rb +12 -0
- data/lib/arachni/check/auditor.rb +612 -0
- data/lib/arachni/check/base.rb +177 -0
- data/lib/arachni/check/manager.rb +137 -0
- data/lib/arachni/component.rb +11 -0
- data/lib/arachni/component/base.rb +62 -0
- data/lib/arachni/component/manager.rb +92 -90
- data/lib/arachni/component/options.rb +6 -28
- data/lib/arachni/component/options/address.rb +14 -30
- data/lib/arachni/component/options/base.rb +96 -81
- data/lib/arachni/component/options/bool.rb +20 -37
- data/lib/arachni/component/options/float.rb +12 -31
- data/lib/arachni/component/options/int.rb +14 -31
- data/lib/arachni/component/options/multiple_choice.rb +40 -0
- data/lib/arachni/component/options/object.rb +16 -0
- data/lib/arachni/component/options/path.rb +12 -25
- data/lib/arachni/component/options/port.rb +15 -25
- data/lib/arachni/component/options/string.rb +10 -32
- data/lib/arachni/component/options/url.rb +15 -30
- data/lib/arachni/component/output.rb +33 -0
- data/lib/arachni/component/utilities.rb +49 -0
- data/lib/arachni/data.rb +109 -0
- data/lib/arachni/data/framework.rb +160 -0
- data/lib/arachni/data/framework/rpc.rb +68 -0
- data/lib/arachni/data/issues.rb +227 -0
- data/lib/arachni/data/plugins.rb +109 -0
- data/lib/arachni/data/session.rb +48 -0
- data/lib/arachni/element/base.rb +131 -82
- data/lib/arachni/element/body.rb +43 -13
- data/lib/arachni/element/capabilities/analyzable.rb +46 -0
- data/lib/arachni/element/capabilities/analyzable/differential.rb +436 -0
- data/lib/arachni/element/capabilities/analyzable/taint.rb +218 -0
- data/lib/arachni/element/capabilities/analyzable/timeout.rb +433 -0
- data/lib/arachni/element/capabilities/auditable.rb +172 -577
- data/lib/arachni/element/capabilities/auditable/dom.rb +156 -0
- data/lib/arachni/element/capabilities/inputtable.rb +267 -0
- data/lib/arachni/element/capabilities/mutable.rb +197 -155
- data/lib/arachni/element/capabilities/refreshable.rb +31 -24
- data/lib/arachni/element/capabilities/submittable.rb +128 -0
- data/lib/arachni/element/capabilities/with_auditor.rb +60 -0
- data/lib/arachni/element/capabilities/with_auditor/output.rb +33 -0
- data/lib/arachni/element/capabilities/with_dom.rb +40 -0
- data/lib/arachni/element/capabilities/with_node.rb +52 -0
- data/lib/arachni/element/capabilities/with_scope.rb +25 -0
- data/lib/arachni/element/capabilities/with_scope/scope.rb +38 -0
- data/lib/arachni/element/cookie.rb +337 -862
- data/lib/arachni/element/cookie/dom.rb +67 -0
- data/lib/arachni/element/form.rb +326 -756
- data/lib/arachni/element/form/dom.rb +52 -0
- data/lib/arachni/element/generic_dom.rb +133 -0
- data/lib/arachni/element/header.rb +46 -46
- data/lib/arachni/element/link.rb +134 -172
- data/lib/arachni/element/link/dom.rb +128 -0
- data/lib/arachni/element/link_template.rb +268 -0
- data/lib/arachni/element/link_template/dom.rb +143 -0
- data/lib/arachni/element/path.rb +24 -13
- data/lib/arachni/element/server.rb +89 -13
- data/lib/arachni/element_filter.rb +101 -99
- data/lib/arachni/error.rb +5 -15
- data/lib/arachni/ethon/easy.rb +22 -0
- data/lib/arachni/framework.rb +841 -476
- data/lib/arachni/http.rb +6 -714
- data/lib/arachni/http/client.rb +801 -0
- data/lib/arachni/http/cookie_jar.rb +50 -51
- data/lib/arachni/http/headers.rb +122 -0
- data/lib/arachni/http/message.rb +76 -0
- data/lib/arachni/http/message/scope.rb +35 -0
- data/lib/arachni/http/proxy_server.rb +303 -0
- data/{plugins/proxy → lib/arachni/http/proxy_server}/ssl-interceptor-cert.pem +0 -0
- data/{plugins/proxy → lib/arachni/http/proxy_server}/ssl-interceptor-pkey.pem +0 -0
- data/lib/arachni/http/request.rb +471 -0
- data/lib/arachni/http/request/scope.rb +30 -0
- data/lib/arachni/http/response.rb +226 -0
- data/lib/arachni/http/response/scope.rb +67 -0
- data/lib/arachni/issue.rb +389 -223
- data/lib/arachni/issue/severity.rb +34 -0
- data/lib/arachni/issue/severity/base.rb +39 -0
- data/lib/arachni/option_group.rb +137 -0
- data/lib/arachni/option_groups.rb +13 -0
- data/lib/arachni/option_groups/audit.rb +226 -0
- data/lib/arachni/option_groups/browser_cluster.rb +50 -0
- data/lib/arachni/option_groups/datastore.rb +31 -0
- data/lib/arachni/option_groups/dispatcher.rb +132 -0
- data/lib/arachni/option_groups/http.rb +174 -0
- data/lib/arachni/option_groups/input.rb +156 -0
- data/lib/arachni/option_groups/output.rb +22 -0
- data/lib/arachni/option_groups/paths.rb +63 -0
- data/lib/arachni/option_groups/rpc.rb +87 -0
- data/lib/arachni/option_groups/scope.rb +233 -0
- data/lib/arachni/option_groups/session.rb +54 -0
- data/lib/arachni/option_groups/snapshot.rb +22 -0
- data/lib/arachni/options.rb +286 -1486
- data/lib/arachni/page.rb +504 -108
- data/lib/arachni/page/dom.rb +280 -0
- data/lib/arachni/page/dom/transition.rb +302 -0
- data/lib/arachni/page/scope.rb +53 -0
- data/lib/arachni/parser.rb +177 -210
- data/lib/arachni/platform.rb +5 -13
- data/lib/arachni/platform/fingerprinter.rb +24 -23
- data/lib/arachni/platform/list.rb +48 -27
- data/lib/arachni/platform/manager.rb +146 -83
- data/lib/arachni/plugin.rb +5 -13
- data/lib/arachni/plugin/base.rb +90 -110
- data/lib/arachni/plugin/formatter.rb +40 -0
- data/lib/arachni/plugin/manager.rb +129 -108
- data/lib/arachni/processes.rb +6 -14
- data/lib/arachni/processes/dispatchers.rb +51 -58
- data/lib/arachni/processes/executables/base.rb +9 -0
- data/lib/arachni/processes/executables/dispatcher.rb +6 -0
- data/lib/arachni/processes/executables/instance.rb +13 -0
- data/lib/arachni/processes/helpers.rb +4 -12
- data/lib/arachni/processes/helpers/dispatchers.rb +8 -12
- data/lib/arachni/processes/helpers/instances.rb +13 -13
- data/lib/arachni/processes/helpers/processes.rb +8 -28
- data/lib/arachni/processes/instances.rb +86 -63
- data/lib/arachni/processes/manager.rb +89 -52
- data/lib/arachni/report.rb +282 -15
- data/lib/arachni/reporter.rb +12 -0
- data/lib/arachni/reporter/base.rb +126 -0
- data/lib/arachni/reporter/formatter_manager.rb +20 -0
- data/lib/arachni/reporter/manager.rb +54 -0
- data/lib/arachni/reporter/options.rb +47 -0
- data/lib/arachni/rpc/client/base.rb +27 -35
- data/lib/arachni/rpc/client/dispatcher.rb +13 -21
- data/lib/arachni/rpc/client/instance.rb +45 -40
- data/lib/arachni/rpc/client/instance/framework.rb +88 -0
- data/lib/arachni/rpc/client/instance/service.rb +106 -0
- data/lib/arachni/rpc/serializer.rb +98 -0
- data/lib/arachni/rpc/server/active_options.rb +26 -42
- data/lib/arachni/rpc/server/base.rb +35 -26
- data/lib/arachni/rpc/server/check/manager.rb +38 -0
- data/lib/arachni/rpc/server/dispatcher.rb +125 -211
- data/lib/arachni/rpc/server/dispatcher/node.rb +36 -50
- data/lib/arachni/rpc/server/dispatcher/service.rb +153 -0
- data/lib/arachni/rpc/server/framework.rb +83 -176
- data/lib/arachni/rpc/server/framework/distributor.rb +292 -271
- data/lib/arachni/rpc/server/framework/master.rb +164 -296
- data/lib/arachni/rpc/server/framework/multi_instance.rb +96 -128
- data/lib/arachni/rpc/server/framework/slave.rb +79 -89
- data/lib/arachni/rpc/server/instance.rb +362 -413
- data/lib/arachni/rpc/server/output.rb +33 -147
- data/lib/arachni/rpc/server/plugin/manager.rb +18 -54
- data/lib/arachni/ruby.rb +5 -14
- data/lib/arachni/ruby/array.rb +4 -14
- data/lib/arachni/ruby/hash.rb +47 -15
- data/lib/arachni/ruby/io.rb +4 -14
- data/lib/arachni/ruby/object.rb +10 -52
- data/lib/arachni/ruby/set.rb +4 -12
- data/lib/arachni/ruby/string.rb +60 -40
- data/lib/arachni/ruby/webrick.rb +4 -12
- data/lib/arachni/ruby/webrick/cookie.rb +4 -12
- data/lib/arachni/ruby/webrick/httprequest.rb +4 -12
- data/lib/arachni/scope.rb +40 -0
- data/lib/arachni/selenium/webdriver/remote/http/typhoeus.rb +46 -0
- data/lib/arachni/session.rb +150 -173
- data/lib/arachni/snapshot.rb +181 -0
- data/lib/arachni/state.rb +122 -0
- data/lib/arachni/state/audit.rb +57 -0
- data/lib/arachni/state/element_filter.rb +67 -0
- data/lib/arachni/state/framework.rb +419 -0
- data/lib/arachni/state/framework/rpc.rb +63 -0
- data/lib/arachni/state/http.rb +60 -0
- data/lib/arachni/state/options.rb +39 -0
- data/lib/arachni/state/plugins.rb +94 -0
- data/lib/arachni/support.rb +6 -15
- data/lib/arachni/support/buffer.rb +5 -13
- data/lib/arachni/support/buffer/autoflush.rb +5 -15
- data/lib/arachni/support/buffer/base.rb +41 -70
- data/lib/arachni/support/cache.rb +5 -13
- data/lib/arachni/support/cache/base.rb +45 -50
- data/lib/arachni/support/cache/least_cost_replacement.rb +9 -19
- data/lib/arachni/support/cache/least_recently_used.rb +5 -15
- data/lib/arachni/support/cache/preference.rb +11 -20
- data/lib/arachni/support/cache/random_replacement.rb +10 -15
- data/lib/arachni/support/crypto.rb +5 -13
- data/lib/arachni/support/crypto/rsa_aes_cbc.rb +15 -27
- data/lib/arachni/support/database.rb +5 -13
- data/lib/arachni/support/database/base.rb +20 -37
- data/lib/arachni/support/database/hash.rb +265 -350
- data/lib/arachni/support/database/queue.rb +86 -27
- data/lib/arachni/support/lookup.rb +5 -13
- data/lib/arachni/support/lookup/base.rb +33 -26
- data/lib/arachni/support/lookup/hash_set.rb +11 -15
- data/lib/arachni/support/lookup/moolb.rb +9 -20
- data/lib/arachni/support/mixins.rb +14 -0
- data/lib/arachni/support/mixins/observable.rb +105 -0
- data/lib/arachni/support/mixins/terminal.rb +65 -0
- data/lib/arachni/support/profiler.rb +130 -0
- data/lib/arachni/support/signature.rb +37 -67
- data/lib/arachni/trainer.rb +57 -97
- data/lib/arachni/ui/foo/output.rb +31 -33
- data/lib/arachni/uri.rb +456 -462
- data/lib/arachni/uri/scope.rb +168 -0
- data/lib/arachni/utilities.rb +125 -147
- data/lib/arachni/version.rb +4 -12
- data/lib/arachni/watir/element.rb +17 -0
- data/lib/version +1 -1
- data/{spec/support/servers/modules/audit/sqli/jdbc → profiles/placeholder} +0 -0
- data/spec/arachni/browser/element_locator_spec.rb +228 -0
- data/spec/arachni/browser/javascript/dom_monitor_spec.rb +195 -0
- data/spec/arachni/browser/javascript/proxy/stub_spec.rb +106 -0
- data/spec/arachni/browser/javascript/proxy_spec.rb +144 -0
- data/spec/arachni/browser/javascript/taint_tracer/frame/called_function_spec.rb +72 -0
- data/spec/arachni/browser/javascript/taint_tracer/frame_spec.rb +46 -0
- data/spec/arachni/browser/javascript/taint_tracer/sink/data_flow_spec.rb +81 -0
- data/spec/arachni/browser/javascript/taint_tracer/sink/execution_flow_spec.rb +47 -0
- data/spec/arachni/browser/javascript/taint_tracer_spec.rb +1304 -0
- data/spec/arachni/browser/javascript_spec.rb +355 -0
- data/spec/arachni/browser_cluster/job/result_spec.rb +14 -0
- data/spec/arachni/browser_cluster/job_spec.rb +264 -0
- data/spec/arachni/browser_cluster/jobs/resource_exploration/event_trigger/result_spec.rb +7 -0
- data/spec/arachni/browser_cluster/jobs/resource_exploration/event_trigger_spec.rb +68 -0
- data/spec/arachni/browser_cluster/jobs/resource_exploration/result_spec.rb +7 -0
- data/spec/arachni/browser_cluster/jobs/resource_exploration_spec.rb +89 -0
- data/spec/arachni/browser_cluster/jobs/taint_tracer_spec.rb +149 -0
- data/spec/arachni/browser_cluster/worker_spec.rb +314 -0
- data/spec/arachni/browser_cluster_spec.rb +543 -0
- data/spec/arachni/browser_spec.rb +2368 -0
- data/spec/arachni/check/auditor_spec.rb +1089 -0
- data/spec/arachni/check/base_spec.rb +33 -0
- data/spec/arachni/check/manager_spec.rb +100 -0
- data/spec/arachni/component/base_spec.rb +64 -0
- data/spec/arachni/component/manager_spec.rb +37 -26
- data/spec/arachni/component/options/address_spec.rb +5 -11
- data/spec/arachni/component/options/base_spec.rb +29 -81
- data/spec/arachni/component/options/bool_spec.rb +16 -19
- data/spec/arachni/component/options/float_spec.rb +17 -16
- data/spec/arachni/component/options/int_spec.rb +17 -20
- data/spec/arachni/component/options/multiple_choice_spec.rb +82 -0
- data/spec/arachni/component/options/object_spec.rb +24 -0
- data/spec/arachni/component/options/path_spec.rb +8 -11
- data/spec/arachni/component/options/port_spec.rb +16 -15
- data/spec/arachni/component/options/string_spec.rb +8 -17
- data/spec/arachni/component/options/url_spec.rb +16 -14
- data/spec/arachni/component/utilities_spec.rb +30 -0
- data/spec/arachni/{module → component}/utilities_spec/read_file.txt +0 -0
- data/spec/arachni/data/framework/rpc_spec.rb +72 -0
- data/spec/arachni/data/framework_spec.rb +266 -0
- data/spec/arachni/data/issues_spec.rb +347 -0
- data/spec/arachni/data/plugins_spec.rb +102 -0
- data/spec/arachni/data/session_spec.rb +59 -0
- data/spec/arachni/data_spec.rb +71 -0
- data/spec/arachni/element/body_spec.rb +63 -4
- data/spec/arachni/element/capabilities/analyzable/differential_spec.rb +135 -0
- data/spec/arachni/element/capabilities/analyzable/taint_spec.rb +355 -0
- data/spec/arachni/element/capabilities/analyzable/timeout_spec.rb +386 -0
- data/spec/arachni/element/capabilities/with_scope/scope_spec.rb +25 -0
- data/spec/arachni/element/cookie/dom_spec.rb +145 -0
- data/spec/arachni/element/cookie_spec.rb +147 -108
- data/spec/arachni/element/form/dom_spec.rb +146 -0
- data/spec/arachni/element/form_spec.rb +519 -271
- data/spec/arachni/element/generic_dom_spec.rb +113 -0
- data/spec/arachni/element/header_spec.rb +68 -20
- data/spec/arachni/element/link/dom_spec.rb +206 -0
- data/spec/arachni/element/link_spec.rb +218 -130
- data/spec/arachni/element/link_template/dom_spec.rb +218 -0
- data/spec/arachni/element/link_template_spec.rb +403 -0
- data/spec/arachni/element/path_spec.rb +28 -4
- data/spec/arachni/element/server_spec.rb +171 -4
- data/spec/arachni/element_filter_spec.rb +227 -96
- data/spec/arachni/framework_spec.rb +1099 -759
- data/spec/arachni/http/client_spec.rb +1470 -0
- data/spec/arachni/http/cookie_jar_spec.rb +164 -130
- data/spec/arachni/http/headers_spec.rb +111 -0
- data/spec/arachni/http/message_spec.rb +5 -0
- data/spec/arachni/http/proxy_server_spec.rb +354 -0
- data/spec/arachni/http/request_spec.rb +602 -0
- data/spec/arachni/http/response/scope_spec.rb +135 -0
- data/spec/arachni/http/response_spec.rb +350 -0
- data/spec/arachni/issue/severity/base_spec.rb +15 -0
- data/spec/arachni/issue/severity_spec.rb +43 -0
- data/spec/arachni/issue_spec.rb +547 -284
- data/spec/arachni/option_groups/audit_spec.rb +298 -0
- data/spec/arachni/option_groups/browser_cluster_spec.rb +12 -0
- data/spec/arachni/option_groups/datastore_spec.rb +54 -0
- data/spec/arachni/option_groups/dispatcher_spec.rb +123 -0
- data/spec/arachni/option_groups/http_spec.rb +42 -0
- data/spec/arachni/option_groups/input_spec.rb +202 -0
- data/spec/arachni/option_groups/output_spec.rb +11 -0
- data/spec/arachni/option_groups/paths_spec.rb +34 -0
- data/spec/arachni/option_groups/rpc_spec.rb +13 -0
- data/spec/arachni/option_groups/scope_spec.rb +237 -0
- data/spec/arachni/option_groups/session_spec.rb +51 -0
- data/spec/arachni/option_groups/snapshot_spec.rb +11 -0
- data/spec/arachni/options_spec.rb +202 -756
- data/spec/arachni/page/dom/transition_spec.rb +515 -0
- data/spec/arachni/page/dom_spec.rb +308 -0
- data/spec/arachni/page/scope_spec.rb +80 -0
- data/spec/arachni/page_spec.rb +789 -175
- data/spec/arachni/parser_spec.rb +308 -200
- data/spec/arachni/platform/fingerprinter_spec.rb +51 -52
- data/spec/arachni/platform/manager_spec.rb +146 -34
- data/spec/arachni/plugin/base_spec.rb +97 -0
- data/spec/arachni/plugin/manager_spec.rb +186 -80
- data/spec/arachni/report_spec.rb +275 -0
- data/spec/arachni/reporter/base_spec.rb +96 -0
- data/spec/arachni/reporter/manager_spec.rb +38 -0
- data/spec/arachni/reporter/options_spec.rb +48 -0
- data/spec/arachni/rpc/client/base_spec.rb +43 -45
- data/spec/arachni/rpc/client/dispatcher_spec.rb +3 -3
- data/spec/arachni/rpc/client/instance_spec.rb +18 -40
- data/spec/arachni/rpc/server/active_options_spec.rb +35 -296
- data/spec/arachni/rpc/server/base_spec.rb +12 -6
- data/spec/arachni/rpc/server/checks/manager_spec.rb +48 -0
- data/spec/arachni/rpc/server/dispatcher/node_spec.rb +47 -74
- data/spec/arachni/rpc/server/dispatcher/service_spec.rb +99 -0
- data/spec/arachni/rpc/server/dispatcher_spec.rb +77 -38
- data/spec/arachni/rpc/server/framework/distributor_spec.rb +356 -396
- data/spec/arachni/rpc/server/framework_multi_spec.rb +336 -0
- data/spec/arachni/rpc/server/framework_spec.rb +396 -0
- data/spec/arachni/rpc/server/instance_spec.rb +480 -281
- data/spec/arachni/rpc/server/output_spec.rb +9 -212
- data/spec/arachni/rpc/server/plugin/manager_spec.rb +6 -11
- data/spec/arachni/ruby/hash_spec.rb +30 -0
- data/spec/arachni/ruby/object_spec.rb +0 -16
- data/spec/arachni/ruby/string_spec.rb +98 -6
- data/spec/arachni/scope_spec.rb +13 -0
- data/spec/arachni/session_spec.rb +279 -251
- data/spec/arachni/snapshot_spec.rb +127 -0
- data/spec/arachni/state/audit_spec.rb +107 -0
- data/spec/arachni/state/element_filter_spec.rb +66 -0
- data/spec/arachni/state/framework/rpc_spec.rb +85 -0
- data/spec/arachni/state/framework_spec.rb +853 -0
- data/spec/arachni/state/http_spec.rb +63 -0
- data/spec/arachni/state/options_spec.rb +55 -0
- data/spec/arachni/state/plugins_spec.rb +76 -0
- data/spec/arachni/state_spec.rb +87 -0
- data/spec/arachni/support/cache/least_cost_replacement_spec.rb +30 -32
- data/spec/arachni/support/cache/least_recently_used_spec.rb +39 -40
- data/spec/arachni/support/cache/preference_spec.rb +17 -18
- data/spec/arachni/support/cache/random_replacement_spec.rb +19 -20
- data/spec/arachni/support/database/queue_spec.rb +200 -32
- data/spec/arachni/support/lookup/hash_set_spec.rb +74 -0
- data/spec/arachni/support/mixins/observable_spec.rb +81 -0
- data/spec/arachni/support/signature_spec.rb +9 -25
- data/spec/arachni/trainer_spec.rb +141 -124
- data/spec/arachni/uri/scope_spec.rb +416 -0
- data/spec/arachni/uri_spec.rb +187 -195
- data/spec/arachni/utilities_spec.rb +178 -525
- data/spec/components/checks/active/code_injection_spec.rb +26 -0
- data/spec/components/checks/active/code_injection_timing_spec.rb +26 -0
- data/spec/components/checks/active/csrf_spec.rb +44 -0
- data/spec/components/checks/active/file_inclusion_spec.rb +56 -0
- data/spec/components/checks/active/ldap_injection_spec.rb +16 -0
- data/spec/components/checks/active/no_sql_injection_differential_spec.rb +15 -0
- data/spec/components/checks/active/no_sql_injection_spec.rb +28 -0
- data/spec/components/checks/active/os_cmd_injection_spec.rb +26 -0
- data/spec/components/checks/active/os_cmd_injection_timing_spec.rb +26 -0
- data/spec/components/checks/active/path_traversal_spec.rb +42 -0
- data/spec/components/checks/active/response_splitting_spec.rb +22 -0
- data/spec/components/checks/active/rfi_spec.rb +20 -0
- data/spec/components/checks/active/session_fixation_spec.rb +20 -0
- data/spec/components/checks/active/source_code_disclosure_spec.rb +26 -0
- data/spec/components/checks/active/sql_injection_differential_spec.rb +15 -0
- data/spec/components/checks/active/sql_injection_spec.rb +142 -0
- data/spec/components/checks/active/sql_injection_timing_spec.rb +24 -0
- data/spec/components/checks/active/trainer_spec.rb +36 -0
- data/spec/components/checks/active/unvalidated_redirect_spec.rb +20 -0
- data/spec/components/checks/active/xpath_injection_spec.rb +16 -0
- data/spec/components/checks/active/xss_dom_inputs_spec.rb +32 -0
- data/spec/components/checks/active/xss_dom_script_context_spec.rb +63 -0
- data/spec/components/checks/active/xss_dom_spec.rb +67 -0
- data/spec/components/checks/active/xss_event_spec.rb +15 -0
- data/spec/components/checks/active/xss_path_spec.rb +15 -0
- data/spec/components/checks/active/xss_script_context_spec.rb +22 -0
- data/spec/components/checks/active/xss_spec.rb +22 -0
- data/spec/components/checks/active/xss_tag_spec.rb +15 -0
- data/spec/components/checks/passive/allowed_methods_spec.rb +15 -0
- data/spec/components/checks/passive/backdoors_spec.rb +15 -0
- data/spec/components/checks/passive/backup_directories_spec.rb +15 -0
- data/spec/components/checks/passive/backup_files_spec.rb +15 -0
- data/spec/components/checks/passive/common_directories_spec.rb +15 -0
- data/spec/components/checks/passive/common_files_spec.rb +15 -0
- data/spec/components/checks/passive/directory_listing_spec.rb +15 -0
- data/spec/components/checks/passive/grep/captcha_spec.rb +15 -0
- data/spec/components/checks/passive/grep/cookie_set_for_parent_domain_spec.rb +15 -0
- data/spec/components/checks/passive/grep/credit_card_spec.rb +15 -0
- data/spec/components/checks/passive/grep/cvs_svn_users_spec.rb +15 -0
- data/spec/components/checks/passive/grep/emails_spec.rb +15 -0
- data/spec/components/checks/passive/grep/form_upload_spec.rb +15 -0
- data/spec/components/checks/passive/grep/hsts_spec.rb +17 -0
- data/spec/components/checks/passive/grep/html_objects_spec.rb +15 -0
- data/spec/components/checks/passive/grep/http_only_cookies_spec.rb +15 -0
- data/spec/components/checks/passive/grep/insecure_cookies_spec.rb +15 -0
- data/spec/components/checks/passive/grep/mixed_resource_spec.rb +16 -0
- data/spec/components/checks/passive/grep/password_autocomplete_spec.rb +15 -0
- data/spec/components/checks/passive/grep/private_ip_spec.rb +22 -0
- data/spec/components/checks/passive/grep/ssn_spec.rb +15 -0
- data/spec/components/checks/passive/grep/unencrypted_password_forms_spec.rb +15 -0
- data/spec/components/checks/passive/htaccess_limit_spec.rb +15 -0
- data/spec/components/checks/passive/http_put_spec.rb +15 -0
- data/spec/components/checks/passive/interesting_responses_spec.rb +23 -0
- data/spec/components/checks/passive/localstart_asp_spec.rb +15 -0
- data/spec/components/checks/passive/origin_spoof_access_restriction_bypass_spec.rb +15 -0
- data/spec/components/checks/passive/webdav_spec.rb +15 -0
- data/spec/components/checks/passive/xst_spec.rb +15 -0
- data/spec/components/fingerprinters/frameworks/rack_spec.rb +42 -0
- data/spec/components/fingerprinters/languages/asp_spec.rb +38 -0
- data/spec/components/fingerprinters/languages/aspx_spec.rb +79 -0
- data/spec/components/fingerprinters/languages/jsp_spec.rb +56 -0
- data/spec/components/fingerprinters/languages/php_spec.rb +59 -0
- data/spec/components/fingerprinters/languages/python_spec.rb +23 -0
- data/spec/components/fingerprinters/languages/ruby.rb +34 -0
- data/spec/components/fingerprinters/os/bsd_spec.rb +26 -0
- data/spec/components/fingerprinters/os/linux_spec.rb +34 -0
- data/spec/components/fingerprinters/os/solaris_spec.rb +34 -0
- data/spec/components/fingerprinters/os/unix_spec.rb +26 -0
- data/spec/components/fingerprinters/os/windows_spec.rb +34 -0
- data/spec/components/fingerprinters/servers/apache_spec.rb +26 -0
- data/spec/components/fingerprinters/servers/iis_spec.rb +28 -0
- data/spec/components/fingerprinters/servers/jetty_spec.rb +28 -0
- data/spec/components/fingerprinters/servers/nginx_spec.rb +26 -0
- data/spec/components/fingerprinters/servers/tomcat_spec.rb +28 -0
- data/spec/{path_extractors → components/path_extractors}/anchors_spec.rb +0 -0
- data/spec/{path_extractors → components/path_extractors}/areas_spec.rb +0 -0
- data/spec/components/path_extractors/comments_spec.rb +23 -0
- data/spec/{path_extractors → components/path_extractors}/forms_spec.rb +0 -0
- data/spec/{path_extractors → components/path_extractors}/frames_spec.rb +0 -0
- data/spec/{path_extractors → components/path_extractors}/generic_spec.rb +0 -0
- data/spec/{path_extractors → components/path_extractors}/links_spec.rb +0 -0
- data/spec/{path_extractors → components/path_extractors}/meta_refresh_spec.rb +0 -0
- data/spec/components/path_extractors/scripts_spec.rb +30 -0
- data/spec/components/plugins/autologin_spec.rb +96 -0
- data/spec/components/plugins/autothrottle_spec.rb +56 -0
- data/spec/components/plugins/content_types_spec.rb +91 -0
- data/spec/components/plugins/cookie_collector_spec.rb +41 -0
- data/spec/components/plugins/form_dicattack_spec.rb +54 -0
- data/spec/components/plugins/healthmap_spec.rb +40 -0
- data/spec/components/plugins/http_dicattack_spec.rb +40 -0
- data/spec/components/plugins/meta/remedies/discovery_spec.rb +23 -0
- data/spec/components/plugins/meta/remedies/timing_attacks_spec.rb +31 -0
- data/spec/components/plugins/meta/uniformity_spec.rb +29 -0
- data/spec/components/plugins/script_spec.rb +13 -0
- data/spec/components/plugins/uncommon_headers_spec.rb +64 -0
- data/spec/components/plugins/vector_feed_spec.rb +169 -0
- data/spec/components/plugins/waf_detector_spec.rb +50 -0
- data/spec/components/reporters/ap_spec.rb +9 -0
- data/spec/components/reporters/html_spec.rb +9 -0
- data/spec/components/reporters/json_spec.rb +17 -0
- data/spec/components/reporters/marshal_spec.rb +13 -0
- data/spec/components/reporters/stdout_spec.rb +9 -0
- data/spec/components/reporters/txt_spec.rb +8 -0
- data/spec/components/reporters/xml_spec.rb +9 -0
- data/spec/components/reporters/yaml_spec.rb +14 -0
- data/spec/external/wavsep/active/lfi_spec.rb +1 -1
- data/spec/external/wavsep/active/obsolete_files_spec.rb +225 -0
- data/spec/external/wavsep/active/rfi_spec.rb +1 -1
- data/spec/external/wavsep/active/sqli_spec.rb +8 -6
- data/spec/external/wavsep/active/unvalidated_redirect_spec.rb +57 -0
- data/spec/external/wavsep/active/xss_dom_spec.rb +27 -0
- data/spec/external/wavsep/active/xss_spec.rb +13 -3
- data/spec/external/wavsep/false_positives/lfi_spec.rb +4 -16
- data/spec/external/wavsep/false_positives/obsolete_files_spec.rb +21 -0
- data/spec/external/wavsep/false_positives/rfi_spec.rb +2 -2
- data/spec/external/wavsep/false_positives/sqli_spec.rb +4 -15
- data/spec/external/wavsep/false_positives/unvalidated_redirect_spec.rb +21 -0
- data/spec/external/wavsep/false_positives/xss_spec.rb +2 -2
- data/spec/spec_helper.rb +17 -18
- data/spec/support/factories/browser/javascript/taint_tracer/frame.rb +10 -0
- data/spec/support/factories/browser/javascript/taint_tracer/frame/called_function.rb +11 -0
- data/spec/support/factories/browser/javascript/taint_tracer/sink/data_flow.rb +14 -0
- data/spec/support/factories/browser/javascript/taint_tracer/sink/execution_flow.rb +10 -0
- data/spec/support/factories/browser_cluster/job.rb +27 -0
- data/spec/support/factories/element/cookie.rb +7 -0
- data/spec/support/factories/element/form.rb +12 -0
- data/spec/support/factories/element/header.rb +5 -0
- data/spec/support/factories/element/link.rb +11 -0
- data/spec/support/factories/element/link_template.rb +11 -0
- data/spec/support/factories/http/request.rb +9 -0
- data/spec/support/factories/http/response.rb +42 -0
- data/spec/support/factories/issue.rb +67 -0
- data/spec/support/factories/page.rb +7 -0
- data/spec/support/factories/page/dom.rb +13 -0
- data/spec/support/factories/page/dom/transition.rb +21 -0
- data/spec/support/factories/scan_report.rb +35 -0
- data/spec/support/factories/vector.rb +32 -0
- data/spec/support/fixtures/check_with_invalid_platforms/with_invalid_platforms.rb +37 -0
- data/spec/support/fixtures/checks/test.rb +58 -0
- data/spec/support/fixtures/checks/test2.rb +41 -0
- data/spec/support/fixtures/checks/test3.rb +41 -0
- data/spec/support/fixtures/executables/node.rb +47 -0
- data/spec/support/fixtures/fingerprinters/test.rb +5 -13
- data/spec/support/fixtures/option_groups/input.yml +2 -0
- data/spec/support/fixtures/plugins/bad.rb +5 -13
- data/spec/support/fixtures/plugins/defaults/default.rb +6 -14
- data/spec/support/fixtures/plugins/distributable.rb +7 -15
- data/spec/support/fixtures/plugins/loop.rb +5 -13
- data/spec/support/fixtures/plugins/suspendable.rb +44 -0
- data/spec/support/fixtures/plugins/wait.rb +6 -14
- data/spec/support/fixtures/plugins/with_options.rb +20 -16
- data/spec/support/fixtures/plugins_with_priorities/p0.rb +17 -0
- data/spec/support/fixtures/plugins_with_priorities/p00.rb +17 -0
- data/spec/support/fixtures/plugins_with_priorities/p1.rb +17 -0
- data/spec/support/fixtures/plugins_with_priorities/p2.rb +17 -0
- data/spec/support/fixtures/plugins_with_priorities/p22.rb +17 -0
- data/spec/support/fixtures/plugins_with_priorities/p222.rb +17 -0
- data/spec/support/fixtures/plugins_with_priorities/p_nil.rb +16 -0
- data/spec/support/fixtures/plugins_with_priorities/p_nil2.rb +16 -0
- data/spec/support/fixtures/report.afr +0 -0
- data/spec/support/fixtures/reporters/base_spec/plugin_formatters/with_formatters/foobar.rb +13 -0
- data/spec/support/fixtures/reporters/base_spec/with_formatters.rb +15 -0
- data/spec/support/fixtures/reporters/base_spec/with_outfile.rb +16 -0
- data/spec/support/fixtures/reporters/base_spec/without_outfile.rb +12 -0
- data/spec/support/fixtures/reporters/manager_spec/afr.rb +13 -0
- data/spec/support/fixtures/reporters/manager_spec/foo.rb +18 -0
- data/spec/support/fixtures/rescan.afr.tpl +4 -5
- data/spec/support/fixtures/run_check/body.rb +48 -0
- data/spec/support/fixtures/run_check/cookies.rb +48 -0
- data/spec/support/fixtures/run_check/empty.rb +34 -0
- data/spec/support/fixtures/run_check/flch.rb +53 -0
- data/spec/support/fixtures/run_check/forms.rb +48 -0
- data/spec/support/fixtures/run_check/headers.rb +48 -0
- data/spec/support/fixtures/run_check/links.rb +48 -0
- data/spec/support/fixtures/run_check/nil.rb +47 -0
- data/spec/support/fixtures/run_check/path.rb +48 -0
- data/spec/support/fixtures/run_check/server.rb +48 -0
- data/spec/support/fixtures/services/echo.rb +64 -0
- data/spec/support/fixtures/taint_check/taint.rb +38 -0
- data/spec/support/fixtures/wait_check/wait.rb +38 -0
- data/spec/support/helpers/auditor.rb +18 -5
- data/spec/support/helpers/browser.rb +6 -0
- data/spec/support/helpers/browser_cluster/jobs/taint_tracer.rb +32 -0
- data/spec/support/helpers/framework.rb +5 -13
- data/spec/support/helpers/misc.rb +4 -12
- data/spec/support/helpers/pages.rb +18 -0
- data/spec/support/helpers/paths.rb +4 -12
- data/spec/support/helpers/requires.rb +5 -13
- data/spec/support/helpers/resets.rb +12 -19
- data/spec/support/helpers/web_server.rb +11 -15
- data/spec/support/lib/factory.rb +115 -0
- data/spec/support/lib/web_server_client.rb +49 -0
- data/spec/support/lib/web_server_dispatcher.rb +33 -0
- data/spec/support/lib/web_server_manager.rb +29 -32
- data/spec/support/pems/cacert.pem +35 -37
- data/spec/support/pems/client/cert.pem +35 -37
- data/spec/support/pems/client/key.pem +49 -49
- data/spec/support/pems/server/cert.pem +35 -37
- data/spec/support/pems/server/key.pem +49 -49
- data/spec/support/servers/arachni/browser.rb +836 -0
- data/spec/support/servers/arachni/browser/javascript.rb +7 -0
- data/spec/support/servers/arachni/browser/javascript/angular-1.2.8.js +20554 -0
- data/spec/support/servers/arachni/browser/javascript/angular-route.js +911 -0
- data/spec/support/servers/arachni/browser/javascript/dom_monitor.rb +90 -0
- data/spec/support/servers/arachni/browser/javascript/jquery-2.0.3.js +8829 -0
- data/spec/support/servers/arachni/browser/javascript/proxy.rb +17 -0
- data/spec/support/servers/arachni/browser/javascript/taint_tracer.rb +714 -0
- data/spec/support/servers/arachni/browser_cluster/jobs/event_trigger.rb +25 -0
- data/spec/support/servers/arachni/browser_https.rb +60 -0
- data/spec/support/servers/arachni/check/auditor.rb +247 -0
- data/spec/support/servers/arachni/element/body.rb +5 -0
- data/spec/support/servers/arachni/element/capabilities/analyzable/differential.rb +162 -0
- data/spec/support/servers/arachni/element/capabilities/{auditable → analyzable}/taint.rb +0 -0
- data/spec/support/servers/arachni/element/capabilities/analyzable/timeout.rb +37 -0
- data/spec/support/servers/arachni/element/cookie.rb +1 -1
- data/spec/support/servers/arachni/element/cookie/cookie_dom.rb +21 -0
- data/spec/support/servers/arachni/element/form.rb +6 -22
- data/spec/support/servers/arachni/element/form/form_dom.rb +50 -0
- data/spec/support/servers/arachni/element/header.rb +7 -8
- data/spec/support/servers/arachni/element/link.rb +15 -7
- data/spec/support/servers/arachni/element/link/link_dom.rb +49 -0
- data/spec/support/servers/arachni/element/link_template.rb +11 -0
- data/spec/support/servers/arachni/element/link_template/link_template_dom.rb +43 -0
- data/spec/support/servers/arachni/framework.rb +18 -0
- data/spec/support/servers/arachni/http/client.rb +176 -0
- data/spec/support/servers/arachni/http/proxy_server.rb +9 -0
- data/spec/support/servers/arachni/http/proxy_server_https.rb +25 -0
- data/spec/support/servers/arachni/page/page_dom.rb +83 -0
- data/spec/support/servers/arachni/parser.rb +4 -0
- data/spec/support/servers/arachni/rpc/server/{framework_hpg.rb → framework_multi.rb} +0 -0
- data/spec/support/servers/arachni/session.rb +43 -9
- data/spec/support/servers/arachni/trainer.rb +11 -7
- data/spec/support/servers/checks/active/code_injection.rb +163 -0
- data/spec/support/servers/checks/active/code_injection_timing.rb +134 -0
- data/spec/support/servers/{modules/audit → checks/active}/csrf.rb +0 -0
- data/spec/support/servers/checks/active/file_inclusion.rb +228 -0
- data/spec/support/servers/checks/active/ldap_injection.rb +88 -0
- data/spec/support/servers/checks/active/no_sql_injection.rb +134 -0
- data/spec/support/servers/checks/active/no_sql_injection/mongodb +1 -0
- data/spec/support/servers/checks/active/no_sql_injection_differential.rb +61 -0
- data/spec/support/servers/checks/active/os_cmd_injection.rb +172 -0
- data/spec/support/servers/checks/active/os_cmd_injection_timing.rb +118 -0
- data/spec/support/servers/checks/active/path_traversal.rb +219 -0
- data/spec/support/servers/checks/active/response_splitting.rb +138 -0
- data/spec/support/servers/{modules/audit → checks/active}/rfi.rb +0 -0
- data/spec/support/servers/checks/active/session_fixation.rb +111 -0
- data/spec/support/servers/checks/active/source_code_disclosure.rb +118 -0
- data/spec/support/servers/checks/active/sql_injection.rb +133 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/access +0 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/coldfusion +0 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/db2 +0 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/emc +0 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/firebird +0 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/frontbase +0 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/hsqldb +0 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/informix +0 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/ingres +0 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/interbase +0 -0
- data/spec/support/servers/checks/active/sql_injection/jdbc +0 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/maxdb +0 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/mssql +0 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/mysql +0 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/oracle +0 -0
- data/spec/support/servers/{modules/audit/sqli/postgresql → checks/active/sql_injection/pgsql} +0 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/sqlite +0 -0
- data/spec/support/servers/{modules/audit/sqli → checks/active/sql_injection}/sybase +0 -0
- data/spec/support/servers/{modules/audit/sqli_blind_rdiff.rb → checks/active/sql_injection_differential.rb} +0 -0
- data/spec/support/servers/checks/active/sql_injection_timing.rb +145 -0
- data/spec/support/servers/{modules/audit/trainer_module.rb → checks/active/trainer_check.rb} +0 -0
- data/spec/support/servers/checks/active/unvalidated_redirect.rb +141 -0
- data/spec/support/servers/checks/active/xpath_injection.rb +121 -0
- data/spec/support/servers/{modules/audit/xpath → checks/active/xpath_injection}/dotnet +0 -0
- data/spec/support/servers/{modules/audit/xpath → checks/active/xpath_injection}/general +0 -0
- data/spec/support/servers/{modules/audit/xpath → checks/active/xpath_injection}/java +0 -0
- data/spec/support/servers/{modules/audit/xpath → checks/active/xpath_injection}/libxml2 +0 -0
- data/spec/support/servers/{modules/audit/xpath → checks/active/xpath_injection}/php +0 -0
- data/spec/support/servers/checks/active/xss.rb +239 -0
- data/spec/support/servers/checks/active/xss_dom.rb +133 -0
- data/spec/support/servers/checks/active/xss_dom_inputs.rb +35 -0
- data/spec/support/servers/checks/active/xss_dom_script_context.rb +139 -0
- data/spec/support/servers/checks/active/xss_event.rb +80 -0
- data/spec/support/servers/{modules/audit → checks/active}/xss_path.rb +0 -0
- data/spec/support/servers/checks/active/xss_script_context.rb +90 -0
- data/spec/support/servers/{modules/audit → checks/active}/xss_tag.rb +0 -0
- data/spec/support/servers/checks/check_server.rb +14 -0
- data/spec/support/servers/{modules/recon → checks/passive}/allowed_methods.rb +0 -0
- data/spec/support/servers/checks/passive/backdoors.rb +4 -0
- data/spec/support/servers/checks/passive/backup_directories.rb +15 -0
- data/spec/support/servers/checks/passive/backup_files.rb +15 -0
- data/spec/support/servers/checks/passive/common_directories.rb +6 -0
- data/spec/support/servers/checks/passive/common_files.rb +6 -0
- data/spec/support/servers/checks/passive/directory_listing.rb +30 -0
- data/spec/support/servers/{modules/recon → checks/passive}/grep/captcha.rb +0 -0
- data/spec/support/servers/checks/passive/grep/cookie_set_for_parent_domain.rb +21 -0
- data/spec/support/servers/{modules/recon → checks/passive}/grep/credit_card.rb +0 -0
- data/spec/support/servers/{modules/recon → checks/passive}/grep/cvs_svn_users.rb +0 -0
- data/spec/support/servers/checks/passive/grep/emails.rb +23 -0
- data/spec/support/servers/{modules/recon → checks/passive}/grep/form_upload.rb +0 -0
- data/spec/support/servers/checks/passive/grep/hsts_https.rb +37 -0
- data/spec/support/servers/{modules/recon → checks/passive}/grep/html_objects.rb +0 -0
- data/spec/support/servers/{modules/recon → checks/passive}/grep/http_only_cookies.rb +0 -0
- data/spec/support/servers/checks/passive/grep/insecure_cookies_https.rb +40 -0
- data/spec/support/servers/checks/passive/grep/mixed_resource_https.rb +69 -0
- data/spec/support/servers/checks/passive/grep/password_autocomplete.rb +33 -0
- data/spec/support/servers/{modules/recon → checks/passive}/grep/private_ip.rb +0 -0
- data/spec/support/servers/{modules/recon → checks/passive}/grep/ssn.rb +0 -0
- data/spec/support/servers/checks/passive/grep/unencrypted_password_forms.rb +33 -0
- data/spec/support/servers/{modules/recon → checks/passive}/htaccess_limit.rb +0 -0
- data/spec/support/servers/checks/passive/http_put.rb +7 -0
- data/spec/support/servers/checks/passive/interesting_responses.rb +5 -0
- data/spec/support/servers/{modules/recon → checks/passive}/localstart_asp.rb +0 -0
- data/spec/support/servers/checks/passive/origin_spoof_access_restriction_bypass.rb +30 -0
- data/spec/support/servers/checks/passive/webdav.rb +25 -0
- data/spec/support/servers/{modules/recon → checks/passive}/xst.rb +0 -0
- data/spec/support/servers/plugins/meta/remedies/discovery.rb +2 -2
- data/spec/support/servers/plugins/meta/remedies/timing_attacks.rb +2 -0
- data/spec/support/shared/browser/javascript/taint_tracer/sink/base.rb +36 -0
- data/spec/support/shared/check.rb +198 -0
- data/spec/support/shared/component.rb +15 -4
- data/spec/support/shared/component/options/base.rb +187 -0
- data/spec/support/shared/element/base.rb +131 -0
- data/spec/support/shared/element/capabilities/auditable.rb +371 -604
- data/spec/support/shared/element/capabilities/auditable/dom.rb +303 -0
- data/spec/support/shared/element/capabilities/inputtable.rb +499 -0
- data/spec/support/shared/element/capabilities/mutable.rb +362 -0
- data/spec/support/shared/element/capabilities/refreshable.rb +26 -26
- data/spec/support/shared/element/capabilities/submitable.rb +155 -0
- data/spec/support/shared/element/capabilities/with_auditor.rb +75 -0
- data/spec/support/shared/element/capabilities/with_dom.rb +39 -0
- data/spec/support/shared/element/capabilities/with_node.rb +42 -0
- data/spec/support/shared/element/capabilities/with_scope.rb +22 -0
- data/spec/support/shared/external/wavsep.rb +30 -9
- data/spec/support/shared/http/message.rb +72 -0
- data/spec/support/shared/option_group.rb +98 -0
- data/spec/support/shared/path_extractor.rb +1 -1
- data/spec/support/shared/plugin.rb +33 -16
- data/spec/support/shared/reporter.rb +41 -0
- data/spec/support/shared/support/cache.rb +341 -0
- data/spec/support/shared/support/lookup.rb +93 -13
- data/ui/cli/framework.rb +466 -0
- data/ui/cli/framework/option_parser.rb +628 -0
- data/ui/cli/option_parser.rb +104 -0
- data/ui/cli/output.rb +377 -0
- data/ui/cli/reporter.rb +52 -0
- data/ui/cli/reporter/option_parser.rb +102 -0
- data/ui/cli/restored_framework.rb +127 -0
- data/ui/cli/restored_framework/option_parser.rb +115 -0
- data/ui/cli/rpc/client/dispatcher_monitor.rb +157 -0
- data/ui/cli/rpc/client/dispatcher_monitor/option_parser.rb +41 -0
- data/ui/cli/rpc/client/instance.rb +294 -0
- data/ui/cli/rpc/client/local.rb +65 -0
- data/ui/cli/rpc/client/local/option_parser.rb +35 -0
- data/ui/cli/rpc/client/remote.rb +84 -0
- data/ui/cli/rpc/client/remote/option_parser.rb +99 -0
- data/ui/cli/rpc/server/dispatcher.rb +36 -0
- data/ui/cli/rpc/server/dispatcher/option_parser.rb +165 -0
- data/ui/cli/utilities.rb +228 -0
- metadata +1260 -1266
- data/EXPLOITATION.md +0 -431
- data/HACKING.md +0 -120
- data/NOTICE +0 -12
- data/data/crypto/public.pem +0 -9
- data/external/metasploit/LICENSE +0 -24
- data/external/metasploit/plugins/arachni.rb +0 -516
- data/external/metasploit/plugins/arachni/modules/auxiliary/arachni_sqlmap.rb +0 -91
- data/external/metasploit/plugins/arachni/modules/exploits/unix/webapp/arachni_exec.rb +0 -142
- data/external/metasploit/plugins/arachni/modules/exploits/unix/webapp/arachni_path_traversal.rb +0 -113
- data/external/metasploit/plugins/arachni/modules/exploits/unix/webapp/arachni_php_eval.rb +0 -150
- data/external/metasploit/plugins/arachni/modules/exploits/unix/webapp/arachni_php_include.rb +0 -141
- data/fingerprinters/frameworks/rack.rb +0 -41
- data/fingerprinters/languages/asp.rb +0 -42
- data/fingerprinters/languages/aspx.rb +0 -63
- data/fingerprinters/languages/jsp.rb +0 -42
- data/fingerprinters/languages/php.rb +0 -43
- data/fingerprinters/languages/python.rb +0 -40
- data/fingerprinters/languages/ruby.rb +0 -41
- data/fingerprinters/os/bsd.rb +0 -36
- data/fingerprinters/os/linux.rb +0 -42
- data/fingerprinters/os/solaris.rb +0 -41
- data/fingerprinters/os/unix.rb +0 -36
- data/fingerprinters/os/windows.rb +0 -41
- data/fingerprinters/servers/apache.rb +0 -36
- data/fingerprinters/servers/iis.rb +0 -36
- data/fingerprinters/servers/jetty.rb +0 -36
- data/fingerprinters/servers/nginx.rb +0 -36
- data/fingerprinters/servers/tomcat.rb +0 -36
- data/gfx/README.md +0 -18
- data/gfx/compiled/banner.png +0 -0
- data/gfx/compiled/favicon.ico +0 -0
- data/gfx/compiled/icon.png +0 -0
- data/gfx/compiled/logo.png +0 -0
- data/gfx/compiled/spider.png +0 -0
- data/gfx/font/Beneath_the_Surface.ttf +0 -0
- data/gfx/font/bts_readme.txt +0 -14
- data/gfx/source/banner.svg +0 -999
- data/gfx/source/icon.svg +0 -627
- data/gfx/source/logo.svg +0 -672
- data/gfx/source/spider.png +0 -0
- data/gfx/source/spider.svg +0 -277
- data/lib/arachni/audit_store.rb +0 -321
- data/lib/arachni/component/options/enum.rb +0 -51
- data/lib/arachni/element/capabilities/auditable/rdiff.rb +0 -489
- data/lib/arachni/element/capabilities/auditable/taint.rb +0 -238
- data/lib/arachni/element/capabilities/auditable/timeout.rb +0 -469
- data/lib/arachni/mixins/observable.rb +0 -91
- data/lib/arachni/mixins/progress_bar.rb +0 -87
- data/lib/arachni/mixins/terminal.rb +0 -112
- data/lib/arachni/module.rb +0 -20
- data/lib/arachni/module/auditor.rb +0 -618
- data/lib/arachni/module/base.rb +0 -188
- data/lib/arachni/module/manager.rb +0 -255
- data/lib/arachni/module/output.rb +0 -68
- data/lib/arachni/module/utilities.rb +0 -64
- data/lib/arachni/report/base.rb +0 -201
- data/lib/arachni/report/manager.rb +0 -86
- data/lib/arachni/rpc/server/dispatcher/handler.rb +0 -166
- data/lib/arachni/rpc/server/module/manager.rb +0 -46
- data/lib/arachni/rpc/server/spider.rb +0 -404
- data/lib/arachni/ruby/enumerable.rb +0 -29
- data/lib/arachni/spider.rb +0 -477
- data/lib/arachni/support/key_filler.rb +0 -68
- data/lib/arachni/support/queue.rb +0 -18
- data/lib/arachni/support/queue/disk.rb +0 -171
- data/lib/arachni/typhoeus/hydra.rb +0 -56
- data/lib/arachni/typhoeus/request.rb +0 -80
- data/lib/arachni/typhoeus/response.rb +0 -103
- data/lib/arachni/typhoeus/utils.rb +0 -25
- data/lib/arachni/ui/cli/cli.rb +0 -469
- data/lib/arachni/ui/cli/output.rb +0 -391
- data/lib/arachni/ui/cli/rpc/dispatcher_monitor.rb +0 -188
- data/lib/arachni/ui/cli/rpc/instance.rb +0 -407
- data/lib/arachni/ui/cli/rpc/local.rb +0 -80
- data/lib/arachni/ui/cli/rpc/remote.rb +0 -134
- data/lib/arachni/ui/cli/utilities.rb +0 -509
- data/modules/audit/code_injection.rb +0 -137
- data/modules/audit/code_injection_php_input_wrapper.rb +0 -109
- data/modules/audit/code_injection_timing.rb +0 -122
- data/modules/audit/csrf.rb +0 -225
- data/modules/audit/file_inclusion.rb +0 -156
- data/modules/audit/ldapi.rb +0 -97
- data/modules/audit/os_cmd_injection.rb +0 -109
- data/modules/audit/os_cmd_injection_timing.rb +0 -98
- data/modules/audit/path_traversal.rb +0 -170
- data/modules/audit/response_splitting.rb +0 -99
- data/modules/audit/rfi.rb +0 -181
- data/modules/audit/session_fixation.rb +0 -117
- data/modules/audit/source_code_disclosure.rb +0 -179
- data/modules/audit/sqli.rb +0 -148
- data/modules/audit/sqli_blind_rdiff.rb +0 -138
- data/modules/audit/sqli_blind_timing.rb +0 -126
- data/modules/audit/trainer.rb +0 -49
- data/modules/audit/unvalidated_redirect.rb +0 -91
- data/modules/audit/xpath.rb +0 -97
- data/modules/audit/xss.rb +0 -154
- data/modules/audit/xss_event.rb +0 -153
- data/modules/audit/xss_path.rb +0 -152
- data/modules/audit/xss_script_tag.rb +0 -137
- data/modules/audit/xss_tag.rb +0 -137
- data/modules/recon/allowed_methods.rb +0 -99
- data/modules/recon/backdoors.rb +0 -82
- data/modules/recon/backup_files.rb +0 -100
- data/modules/recon/backup_files/extensions.txt +0 -28
- data/modules/recon/common_directories.rb +0 -87
- data/modules/recon/common_files.rb +0 -78
- data/modules/recon/common_files/filenames.txt +0 -21
- data/modules/recon/directory_listing.rb +0 -133
- data/modules/recon/grep/captcha.rb +0 -74
- data/modules/recon/grep/credit_card.rb +0 -128
- data/modules/recon/grep/cvs_svn_users.rb +0 -81
- data/modules/recon/grep/emails.rb +0 -73
- data/modules/recon/grep/form_upload.rb +0 -86
- data/modules/recon/grep/html_objects.rb +0 -56
- data/modules/recon/grep/http_only_cookies.rb +0 -82
- data/modules/recon/grep/insecure_cookies.rb +0 -82
- data/modules/recon/grep/mixed_resource.rb +0 -113
- data/modules/recon/grep/password_autocomplete.rb +0 -85
- data/modules/recon/grep/private_ip.rb +0 -70
- data/modules/recon/grep/ssn.rb +0 -66
- data/modules/recon/grep/unencrypted_password_forms.rb +0 -103
- data/modules/recon/htaccess_limit.rb +0 -76
- data/modules/recon/http_put.rb +0 -95
- data/modules/recon/interesting_responses.rb +0 -91
- data/modules/recon/localstart_asp.rb +0 -97
- data/modules/recon/webdav.rb +0 -106
- data/modules/recon/x_forwarded_for_access_restriction_bypass.rb +0 -76
- data/modules/recon/xst.rb +0 -103
- data/path_extractors/anchors.rb +0 -37
- data/path_extractors/areas.rb +0 -37
- data/path_extractors/forms.rb +0 -37
- data/path_extractors/frames.rb +0 -37
- data/path_extractors/generic.rb +0 -84
- data/path_extractors/links.rb +0 -37
- data/path_extractors/meta_refresh.rb +0 -58
- data/path_extractors/scripts.rb +0 -38
- data/plugins/autologin.rb +0 -133
- data/plugins/beep_notify.rb +0 -49
- data/plugins/content_types.rb +0 -107
- data/plugins/cookie_collector.rb +0 -85
- data/plugins/defaults/autothrottle.rb +0 -78
- data/plugins/defaults/healthmap.rb +0 -89
- data/plugins/defaults/meta/remedies/discovery.rb +0 -138
- data/plugins/defaults/meta/remedies/timing_attacks.rb +0 -117
- data/plugins/defaults/meta/uniformity.rb +0 -82
- data/plugins/defaults/resolver.rb +0 -60
- data/plugins/email_notify.rb +0 -106
- data/plugins/form_dicattack.rb +0 -123
- data/plugins/http_dicattack.rb +0 -108
- data/plugins/libnotify.rb +0 -82
- data/plugins/profiler.rb +0 -179
- data/plugins/proxy.rb +0 -502
- data/plugins/proxy/panel/page_accordion.html.erb +0 -67
- data/plugins/proxy/panel/panel.html.erb +0 -69
- data/plugins/proxy/panel/verify_login_sequence.html.erb +0 -45
- data/plugins/proxy/server.rb +0 -215
- data/plugins/proxy/template_scope.rb +0 -138
- data/plugins/rescan.rb +0 -59
- data/plugins/script.rb +0 -53
- data/plugins/uncommon_headers.rb +0 -92
- data/plugins/vector_feed.rb +0 -226
- data/plugins/waf_detector.rb +0 -167
- data/profiles/full.afp +0 -48
- data/reports/afr.rb +0 -44
- data/reports/ap.rb +0 -46
- data/reports/html.rb +0 -273
- data/reports/html/default.erb +0 -82
- data/reports/html/default/configuration.erb +0 -126
- data/reports/html/default/css/jquery-ui.css +0 -570
- data/reports/html/default/css/jquery.jqplot.min.css +0 -1
- data/reports/html/default/css/main.css +0 -391
- data/reports/html/default/headers.erb +0 -19
- data/reports/html/default/issue.erb +0 -178
- data/reports/html/default/issues.erb +0 -52
- data/reports/html/default/js/charts.js +0 -147
- data/reports/html/default/js/helpers.js +0 -53
- data/reports/html/default/js/init.js +0 -72
- data/reports/html/default/js/lib/jqplot.barRenderer.min.js +0 -57
- data/reports/html/default/js/lib/jqplot.categoryAxisRenderer.min.js +0 -57
- data/reports/html/default/js/lib/jqplot.cursor.min.js +0 -57
- data/reports/html/default/js/lib/jqplot.pieRenderer.min.js +0 -57
- data/reports/html/default/js/lib/jqplot.pointLabels.min.js +0 -57
- data/reports/html/default/js/lib/jquery-ui.min.js +0 -404
- data/reports/html/default/js/lib/jquery.jqplot.min.js +0 -57
- data/reports/html/default/js/lib/jquery.min.js +0 -167
- data/reports/html/default/plugins.erb +0 -22
- data/reports/html/default/search.erb +0 -8
- data/reports/html/default/sitemap.erb +0 -15
- data/reports/html/default/summary.erb +0 -75
- data/reports/html/default/summary_issue.erb +0 -20
- data/reports/json.rb +0 -52
- data/reports/marshal.rb +0 -46
- data/reports/metareport.rb +0 -104
- data/reports/plugin_formatters/html/autologin.rb +0 -45
- data/reports/plugin_formatters/html/content_types.rb +0 -67
- data/reports/plugin_formatters/html/cookie_collector.rb +0 -52
- data/reports/plugin_formatters/html/discovery.rb +0 -45
- data/reports/plugin_formatters/html/form_dicattack.rb +0 -40
- data/reports/plugin_formatters/html/healthmap.rb +0 -60
- data/reports/plugin_formatters/html/http_dicattack.rb +0 -40
- data/reports/plugin_formatters/html/profiler.rb +0 -36
- data/reports/plugin_formatters/html/profiler/template.erb +0 -84
- data/reports/plugin_formatters/html/resolver.rb +0 -55
- data/reports/plugin_formatters/html/timing_attacks.rb +0 -51
- data/reports/plugin_formatters/html/uncommon_headers.rb +0 -47
- data/reports/plugin_formatters/html/uniformity.rb +0 -54
- data/reports/plugin_formatters/html/waf_detector.rb +0 -38
- data/reports/plugin_formatters/stdout/autologin.rb +0 -38
- data/reports/plugin_formatters/stdout/content_types.rb +0 -51
- data/reports/plugin_formatters/stdout/cookie_collector.rb +0 -43
- data/reports/plugin_formatters/stdout/discovery.rb +0 -37
- data/reports/plugin_formatters/stdout/form_dicattack.rb +0 -34
- data/reports/plugin_formatters/stdout/healthmap.rb +0 -49
- data/reports/plugin_formatters/stdout/http_dicattack.rb +0 -34
- data/reports/plugin_formatters/stdout/profiler.rb +0 -66
- data/reports/plugin_formatters/stdout/resolver.rb +0 -29
- data/reports/plugin_formatters/stdout/timing_attacks.rb +0 -37
- data/reports/plugin_formatters/stdout/uncommon_headers.rb +0 -37
- data/reports/plugin_formatters/stdout/uniformity.rb +0 -48
- data/reports/plugin_formatters/stdout/waf_detector.rb +0 -31
- data/reports/plugin_formatters/xml/autologin.rb +0 -41
- data/reports/plugin_formatters/xml/content_types.rb +0 -61
- data/reports/plugin_formatters/xml/cookie_collector.rb +0 -45
- data/reports/plugin_formatters/xml/discovery.rb +0 -38
- data/reports/plugin_formatters/xml/form_dicattack.rb +0 -34
- data/reports/plugin_formatters/xml/healthmap.rb +0 -58
- data/reports/plugin_formatters/xml/http_dicattack.rb +0 -33
- data/reports/plugin_formatters/xml/profiler.rb +0 -80
- data/reports/plugin_formatters/xml/resolver.rb +0 -33
- data/reports/plugin_formatters/xml/timing_attacks.rb +0 -39
- data/reports/plugin_formatters/xml/uncommon_headers.rb +0 -38
- data/reports/plugin_formatters/xml/uniformity.rb +0 -54
- data/reports/plugin_formatters/xml/waf_detector.rb +0 -34
- data/reports/stdout.rb +0 -203
- data/reports/txt.rb +0 -58
- data/reports/xml.rb +0 -176
- data/reports/xml/buffer.rb +0 -97
- data/reports/yaml.rb +0 -46
- data/spec/arachni/audit_store_spec.rb +0 -239
- data/spec/arachni/component/options/enum_spec.rb +0 -51
- data/spec/arachni/element/base_spec.rb +0 -138
- data/spec/arachni/element/capabilities/auditable/rdiff_spec.rb +0 -134
- data/spec/arachni/element/capabilities/auditable/taint_spec.rb +0 -409
- data/spec/arachni/element/capabilities/auditable/timeout_spec.rb +0 -157
- data/spec/arachni/element/capabilities/mutable_spec.rb +0 -284
- data/spec/arachni/http_spec.rb +0 -962
- data/spec/arachni/mixins/observable_spec.rb +0 -75
- data/spec/arachni/mixins/progress_bar_spec.rb +0 -47
- data/spec/arachni/module/auditor_spec.rb +0 -544
- data/spec/arachni/module/manager_spec.rb +0 -150
- data/spec/arachni/module/utilities_spec.rb +0 -30
- data/spec/arachni/report/base_spec.rb +0 -61
- data/spec/arachni/report/manager_spec.rb +0 -82
- data/spec/arachni/rpc/server/dispatcher/handler_spec.rb +0 -102
- data/spec/arachni/rpc/server/framework_hpg_spec.rb +0 -376
- data/spec/arachni/rpc/server/framework_simple_spec.rb +0 -501
- data/spec/arachni/rpc/server/modules/manager_spec.rb +0 -47
- data/spec/arachni/rpc/server/spider_spec.rb +0 -68
- data/spec/arachni/ruby/enumerable_spec.rb +0 -37
- data/spec/arachni/spider_spec.rb +0 -539
- data/spec/arachni/support/cache/base_spec.rb +0 -282
- data/spec/arachni/support/key_filler.rb +0 -60
- data/spec/arachni/support/queue/disk_spec.rb +0 -116
- data/spec/arachni/typhoeus/requrest_spec.rb +0 -58
- data/spec/arachni/typhoeus/response_spec.rb +0 -171
- data/spec/fingerprinters/frameworks/rack_spec.rb +0 -41
- data/spec/fingerprinters/languages/asp_spec.rb +0 -40
- data/spec/fingerprinters/languages/aspx_spec.rb +0 -78
- data/spec/fingerprinters/languages/jsp_spec.rb +0 -58
- data/spec/fingerprinters/languages/php_spec.rb +0 -61
- data/spec/fingerprinters/languages/python_spec.rb +0 -23
- data/spec/fingerprinters/languages/ruby.rb +0 -34
- data/spec/fingerprinters/os/bsd_spec.rb +0 -26
- data/spec/fingerprinters/os/linux_spec.rb +0 -34
- data/spec/fingerprinters/os/solaris_spec.rb +0 -34
- data/spec/fingerprinters/os/unix_spec.rb +0 -26
- data/spec/fingerprinters/os/windows_spec.rb +0 -34
- data/spec/fingerprinters/servers/apache_spec.rb +0 -26
- data/spec/fingerprinters/servers/iis_spec.rb +0 -28
- data/spec/fingerprinters/servers/jetty_spec.rb +0 -28
- data/spec/fingerprinters/servers/nginx_spec.rb +0 -26
- data/spec/fingerprinters/servers/tomcat_spec.rb +0 -28
- data/spec/modules/audit/code_injection_spec.rb +0 -25
- data/spec/modules/audit/code_injection_timing_spec.rb +0 -24
- data/spec/modules/audit/csrf_spec.rb +0 -45
- data/spec/modules/audit/file_inclusion_spec.rb +0 -25
- data/spec/modules/audit/ldapi_spec.rb +0 -19
- data/spec/modules/audit/os_cmd_injection_spec.rb +0 -24
- data/spec/modules/audit/os_cmd_injection_timing_spec.rb +0 -24
- data/spec/modules/audit/path_traversal_spec.rb +0 -23
- data/spec/modules/audit/response_splitting_spec.rb +0 -19
- data/spec/modules/audit/rfi_spec.rb +0 -19
- data/spec/modules/audit/session_fixation_spec.rb +0 -23
- data/spec/modules/audit/source_code_disclosure_spec.rb +0 -24
- data/spec/modules/audit/sqli_blind_rdiff_spec.rb +0 -19
- data/spec/modules/audit/sqli_blind_timing_spec.rb +0 -23
- data/spec/modules/audit/sqli_spec.rb +0 -25
- data/spec/modules/audit/trainer_spec.rb +0 -35
- data/spec/modules/audit/unvalidated_redirect_spec.rb +0 -24
- data/spec/modules/audit/xpath_spec.rb +0 -25
- data/spec/modules/audit/xss_event_spec.rb +0 -19
- data/spec/modules/audit/xss_path_spec.rb +0 -19
- data/spec/modules/audit/xss_script_tag_spec.rb +0 -27
- data/spec/modules/audit/xss_spec.rb +0 -24
- data/spec/modules/audit/xss_tag_spec.rb +0 -19
- data/spec/modules/recon/allowed_methods_spec.rb +0 -19
- data/spec/modules/recon/backdoors_spec.rb +0 -19
- data/spec/modules/recon/backup_files_spec.rb +0 -19
- data/spec/modules/recon/common_directories_spec.rb +0 -19
- data/spec/modules/recon/common_files_spec.rb +0 -19
- data/spec/modules/recon/directory_listing_spec.rb +0 -19
- data/spec/modules/recon/grep/captcha_spec.rb +0 -19
- data/spec/modules/recon/grep/credit_card_spec.rb +0 -19
- data/spec/modules/recon/grep/cvs_svn_users_spec.rb +0 -19
- data/spec/modules/recon/grep/emails_spec.rb +0 -19
- data/spec/modules/recon/grep/form_upload_spec.rb +0 -19
- data/spec/modules/recon/grep/html_objects_spec.rb +0 -19
- data/spec/modules/recon/grep/http_only_cookies_spec.rb +0 -19
- data/spec/modules/recon/grep/insecure_cookies_spec.rb +0 -19
- data/spec/modules/recon/grep/mixed_resource_spec.rb +0 -20
- data/spec/modules/recon/grep/password_autocomplete_spec.rb +0 -19
- data/spec/modules/recon/grep/private_ip_spec.rb +0 -26
- data/spec/modules/recon/grep/ssn_spec.rb +0 -19
- data/spec/modules/recon/grep/unencrypted_password_forms_spec.rb +0 -19
- data/spec/modules/recon/htaccess_limit_spec.rb +0 -19
- data/spec/modules/recon/http_put_spec.rb +0 -19
- data/spec/modules/recon/interesting_responses_spec.rb +0 -30
- data/spec/modules/recon/localstart_asp_spec.rb +0 -19
- data/spec/modules/recon/webdav_spec.rb +0 -19
- data/spec/modules/recon/x_forwarded_for_access_restriction_bypass_spec.rb +0 -19
- data/spec/modules/recon/xst_spec.rb +0 -19
- data/spec/path_extractors/scripts_spec.rb +0 -19
- data/spec/plugins/autologin_spec.rb +0 -94
- data/spec/plugins/autothrottle_spec.rb +0 -45
- data/spec/plugins/content_types_spec.rb +0 -93
- data/spec/plugins/cookie_collector_spec.rb +0 -49
- data/spec/plugins/form_dicattack_spec.rb +0 -60
- data/spec/plugins/healthmap_spec.rb +0 -40
- data/spec/plugins/http_dicattack_spec.rb +0 -40
- data/spec/plugins/meta/remedies/discovery_spec.rb +0 -21
- data/spec/plugins/meta/remedies/timing_attacks_spec.rb +0 -34
- data/spec/plugins/meta/uniformity_spec.rb +0 -83
- data/spec/plugins/profiler_spec.rb +0 -82
- data/spec/plugins/rescan_spec.rb +0 -26
- data/spec/plugins/resolver_spec.rb +0 -16
- data/spec/plugins/script_spec.rb +0 -12
- data/spec/plugins/uncommon_headers_spec.rb +0 -64
- data/spec/plugins/vector_feed_spec.rb +0 -167
- data/spec/plugins/waf_detector_spec.rb +0 -41
- data/spec/reports/afr_spec.rb +0 -13
- data/spec/reports/ap_spec.rb +0 -9
- data/spec/reports/html_spec.rb +0 -13
- data/spec/reports/json_spec.rb +0 -17
- data/spec/reports/marshal_spec.rb +0 -13
- data/spec/reports/stdout_spec.rb +0 -9
- data/spec/reports/txt_spec.rb +0 -8
- data/spec/reports/xml_spec.rb +0 -13
- data/spec/reports/yaml_spec.rb +0 -13
- data/spec/support/fixtures/auditstore.afr +0 -76074
- data/spec/support/fixtures/modules/test.rb +0 -58
- data/spec/support/fixtures/modules/test2.rb +0 -46
- data/spec/support/fixtures/modules/test3.rb +0 -46
- data/spec/support/fixtures/plugins/spider_hook.rb +0 -50
- data/spec/support/fixtures/reports/base_spec/plugin_formatters/with_formatters/foobar.rb +0 -21
- data/spec/support/fixtures/reports/base_spec/with_formatters.rb +0 -23
- data/spec/support/fixtures/reports/base_spec/with_outfile.rb +0 -24
- data/spec/support/fixtures/reports/base_spec/without_outfile.rb +0 -20
- data/spec/support/fixtures/reports/manager_spec/afr.rb +0 -21
- data/spec/support/fixtures/reports/manager_spec/foo.rb +0 -26
- data/spec/support/fixtures/rpcd_handlers/echo.rb +0 -68
- data/spec/support/fixtures/run_mod/body.rb +0 -58
- data/spec/support/fixtures/run_mod/cookies.rb +0 -58
- data/spec/support/fixtures/run_mod/empty.rb +0 -58
- data/spec/support/fixtures/run_mod/flch.rb +0 -63
- data/spec/support/fixtures/run_mod/forms.rb +0 -58
- data/spec/support/fixtures/run_mod/headers.rb +0 -58
- data/spec/support/fixtures/run_mod/links.rb +0 -58
- data/spec/support/fixtures/run_mod/nil.rb +0 -57
- data/spec/support/fixtures/run_mod/path.rb +0 -58
- data/spec/support/fixtures/run_mod/server.rb +0 -58
- data/spec/support/fixtures/taint_module/taint.rb +0 -48
- data/spec/support/fixtures/wait_module/wait.rb +0 -48
- data/spec/support/logs/Dispatcher - 1332-56847.log +0 -9
- data/spec/support/logs/Dispatcher - 1361-63434.log +0 -21
- data/spec/support/logs/Dispatcher - 1545-55308.log +0 -9
- data/spec/support/logs/Dispatcher - 1559-18938.log +0 -19
- data/spec/support/logs/Dispatcher - 1568-25013.log +0 -17
- data/spec/support/logs/Dispatcher - 1577-55689.log +0 -13
- data/spec/support/logs/Dispatcher - 1586-18577.log +0 -9
- data/spec/support/logs/Dispatcher - 1595-49353.log +0 -9
- data/spec/support/logs/Dispatcher - 1604-27831.log +0 -11
- data/spec/support/logs/Dispatcher - 1617-57444.log +0 -11
- data/spec/support/logs/Dispatcher - 1631-28737.log +0 -11
- data/spec/support/logs/Dispatcher - 1644-21815.log +0 -33
- data/spec/support/logs/Dispatcher - 1738-53470.log +0 -21
- data/spec/support/logs/Dispatcher - 1747-64173.log +0 -21
- data/spec/support/logs/Dispatcher - 1756-11866.log +0 -23
- data/spec/support/logs/Dispatcher - 1798-12175.log +0 -19
- data/spec/support/logs/Dispatcher - 1807-22790.log +0 -17
- data/spec/support/logs/Dispatcher - 1816-57823.log +0 -15
- data/spec/support/logs/Dispatcher - 1831-64825.log +0 -11
- data/spec/support/logs/Dispatcher - 1845-27623.log +0 -9
- data/spec/support/logs/Dispatcher - 1854-26066.log +0 -9
- data/spec/support/logs/Dispatcher - 1863-37486.log +0 -9
- data/spec/support/logs/Dispatcher - 1874-22463.log +0 -9
- data/spec/support/logs/Dispatcher - 1883-41263.log +0 -11
- data/spec/support/logs/Dispatcher - 1900-53660.log +0 -9
- data/spec/support/logs/Dispatcher - 1909-44423.log +0 -9
- data/spec/support/logs/Dispatcher - 1921-58931.log +0 -9
- data/spec/support/logs/Dispatcher - 1993-6448.log +0 -63
- data/spec/support/logs/Dispatcher - 2002-19206.log +0 -43
- data/spec/support/logs/Dispatcher - 2011-11852.log +0 -39
- data/spec/support/logs/Dispatcher - 2020-65055.log +0 -34
- data/spec/support/logs/Dispatcher - 2029-48445.log +0 -28
- data/spec/support/logs/Dispatcher - 2038-55271.log +0 -21
- data/spec/support/logs/Dispatcher - 2047-45722.log +0 -13
- data/spec/support/logs/Dispatcher - 2057-48194.log +0 -9
- data/spec/support/logs/Dispatcher - 2189-39843.log +0 -19
- data/spec/support/logs/Dispatcher - 2199-15985.log +0 -21
- data/spec/support/logs/Dispatcher - 2208-22080.log +0 -15
- data/spec/support/logs/Dispatcher - 2221-37690.log +0 -19
- data/spec/support/logs/Dispatcher - 2230-47867.log +0 -21
- data/spec/support/logs/Dispatcher - 2239-27060.log +0 -15
- data/spec/support/logs/Dispatcher - 2358-8967.log +0 -17
- data/spec/support/logs/Dispatcher - 2367-27103.log +0 -21
- data/spec/support/logs/Dispatcher - 2376-16287.log +0 -13
- data/spec/support/logs/Dispatcher - 2389-9109.log +0 -19
- data/spec/support/logs/Dispatcher - 2398-62926.log +0 -21
- data/spec/support/logs/Dispatcher - 2407-48685.log +0 -15
- data/spec/support/logs/Dispatcher - 2459-62480.log +0 -17
- data/spec/support/logs/Dispatcher - 2470-57894.log +0 -21
- data/spec/support/logs/Dispatcher - 2479-51883.log +0 -13
- data/spec/support/logs/Dispatcher - 2493-36944.log +0 -17
- data/spec/support/logs/Dispatcher - 2503-59143.log +0 -21
- data/spec/support/logs/Dispatcher - 2513-33084.log +0 -13
- data/spec/support/logs/Dispatcher - 25430-46306.log +0 -9
- data/spec/support/logs/Dispatcher - 25457-10711.log +0 -23
- data/spec/support/logs/Dispatcher - 25603-48892.log +0 -9
- data/spec/support/logs/Dispatcher - 25613-24775.log +0 -19
- data/spec/support/logs/Dispatcher - 25622-59684.log +0 -17
- data/spec/support/logs/Dispatcher - 25631-23195.log +0 -13
- data/spec/support/logs/Dispatcher - 25640-9810.log +0 -9
- data/spec/support/logs/Dispatcher - 25649-52757.log +0 -9
- data/spec/support/logs/Dispatcher - 25658-58550.log +0 -11
- data/spec/support/logs/Dispatcher - 25671-30871.log +0 -11
- data/spec/support/logs/Dispatcher - 25684-48620.log +0 -11
- data/spec/support/logs/Dispatcher - 25697-18124.log +0 -37
- data/spec/support/logs/Dispatcher - 25762-35321.log +0 -21
- data/spec/support/logs/Dispatcher - 25771-64633.log +0 -21
- data/spec/support/logs/Dispatcher - 25780-43558.log +0 -23
- data/spec/support/logs/Dispatcher - 25821-43561.log +0 -19
- data/spec/support/logs/Dispatcher - 25830-39112.log +0 -17
- data/spec/support/logs/Dispatcher - 25839-44093.log +0 -15
- data/spec/support/logs/Dispatcher - 25852-12057.log +0 -11
- data/spec/support/logs/Dispatcher - 25866-49029.log +0 -9
- data/spec/support/logs/Dispatcher - 25875-32179.log +0 -9
- data/spec/support/logs/Dispatcher - 25884-62703.log +0 -9
- data/spec/support/logs/Dispatcher - 25894-4228.log +0 -9
- data/spec/support/logs/Dispatcher - 25903-6709.log +0 -11
- data/spec/support/logs/Dispatcher - 25917-29651.log +0 -9
- data/spec/support/logs/Dispatcher - 25926-12708.log +0 -9
- data/spec/support/logs/Dispatcher - 25935-54092.log +0 -9
- data/spec/support/logs/Dispatcher - 25990-26756.log +0 -63
- data/spec/support/logs/Dispatcher - 25999-4016.log +0 -43
- data/spec/support/logs/Dispatcher - 26008-52076.log +0 -39
- data/spec/support/logs/Dispatcher - 26017-48497.log +0 -34
- data/spec/support/logs/Dispatcher - 26026-28839.log +0 -28
- data/spec/support/logs/Dispatcher - 26035-54215.log +0 -21
- data/spec/support/logs/Dispatcher - 26044-27216.log +0 -13
- data/spec/support/logs/Dispatcher - 26054-53464.log +0 -9
- data/spec/support/logs/Dispatcher - 26163-65271.log +0 -19
- data/spec/support/logs/Dispatcher - 26173-58105.log +0 -21
- data/spec/support/logs/Dispatcher - 26182-40848.log +0 -15
- data/spec/support/logs/Dispatcher - 26195-2855.log +0 -19
- data/spec/support/logs/Dispatcher - 26204-35297.log +0 -21
- data/spec/support/logs/Dispatcher - 26213-59588.log +0 -15
- data/spec/support/logs/Dispatcher - 26333-40774.log +0 -17
- data/spec/support/logs/Dispatcher - 26342-45541.log +0 -21
- data/spec/support/logs/Dispatcher - 26351-3349.log +0 -13
- data/spec/support/logs/Dispatcher - 26364-37456.log +0 -19
- data/spec/support/logs/Dispatcher - 26373-37340.log +0 -21
- data/spec/support/logs/Dispatcher - 26382-54864.log +0 -15
- data/spec/support/logs/Dispatcher - 26434-3070.log +0 -17
- data/spec/support/logs/Dispatcher - 26448-14295.log +0 -21
- data/spec/support/logs/Dispatcher - 26474-30587.log +0 -13
- data/spec/support/logs/Dispatcher - 26500-32529.log +0 -17
- data/spec/support/logs/Dispatcher - 26509-16952.log +0 -21
- data/spec/support/logs/Dispatcher - 26519-43332.log +0 -13
- data/spec/support/logs/Dispatcher - 26750-61867.log +0 -19
- data/spec/support/logs/Dispatcher - 26759-22532.log +0 -21
- data/spec/support/logs/Dispatcher - 26768-18231.log +0 -15
- data/spec/support/logs/Dispatcher - 26792-41661.log +0 -21
- data/spec/support/logs/Dispatcher - 26801-14384.log +0 -25
- data/spec/support/logs/Dispatcher - 26810-2591.log +0 -15
- data/spec/support/logs/Dispatcher - 26846-14591.log +0 -17
- data/spec/support/logs/Dispatcher - 26855-15708.log +0 -21
- data/spec/support/logs/Dispatcher - 26864-2062.log +0 -13
- data/spec/support/logs/Dispatcher - 26877-14471.log +0 -21
- data/spec/support/logs/Dispatcher - 26886-49795.log +0 -25
- data/spec/support/logs/Dispatcher - 26895-21093.log +0 -15
- data/spec/support/logs/Dispatcher - 26931-30049.log +0 -17
- data/spec/support/logs/Dispatcher - 26940-34273.log +0 -21
- data/spec/support/logs/Dispatcher - 26949-30040.log +0 -13
- data/spec/support/logs/Dispatcher - 26962-8152.log +0 -17
- data/spec/support/logs/Dispatcher - 26971-53062.log +0 -21
- data/spec/support/logs/Dispatcher - 26980-7548.log +0 -13
- data/spec/support/logs/Dispatcher - 2737-20989.log +0 -19
- data/spec/support/logs/Dispatcher - 2746-5423.log +0 -21
- data/spec/support/logs/Dispatcher - 2755-53393.log +0 -15
- data/spec/support/logs/Dispatcher - 27615-41812.log +0 -19
- data/spec/support/logs/Dispatcher - 27624-43683.log +0 -21
- data/spec/support/logs/Dispatcher - 27633-11593.log +0 -15
- data/spec/support/logs/Dispatcher - 27658-12186.log +0 -21
- data/spec/support/logs/Dispatcher - 27667-15575.log +0 -25
- data/spec/support/logs/Dispatcher - 27676-17207.log +0 -15
- data/spec/support/logs/Dispatcher - 27712-2233.log +0 -17
- data/spec/support/logs/Dispatcher - 27721-3842.log +0 -21
- data/spec/support/logs/Dispatcher - 27730-22695.log +0 -13
- data/spec/support/logs/Dispatcher - 27743-8364.log +0 -21
- data/spec/support/logs/Dispatcher - 27752-6140.log +0 -25
- data/spec/support/logs/Dispatcher - 27761-25015.log +0 -15
- data/spec/support/logs/Dispatcher - 27797-9270.log +0 -17
- data/spec/support/logs/Dispatcher - 2780-58168.log +0 -21
- data/spec/support/logs/Dispatcher - 27806-48623.log +0 -21
- data/spec/support/logs/Dispatcher - 27815-58778.log +0 -13
- data/spec/support/logs/Dispatcher - 27828-29742.log +0 -17
- data/spec/support/logs/Dispatcher - 27837-46211.log +0 -21
- data/spec/support/logs/Dispatcher - 27846-16143.log +0 -13
- data/spec/support/logs/Dispatcher - 2789-29375.log +0 -25
- data/spec/support/logs/Dispatcher - 2798-10983.log +0 -15
- data/spec/support/logs/Dispatcher - 2836-2354.log +0 -17
- data/spec/support/logs/Dispatcher - 2845-65341.log +0 -21
- data/spec/support/logs/Dispatcher - 2854-18936.log +0 -13
- data/spec/support/logs/Dispatcher - 2867-51979.log +0 -21
- data/spec/support/logs/Dispatcher - 2876-21086.log +0 -25
- data/spec/support/logs/Dispatcher - 2887-17393.log +0 -15
- data/spec/support/logs/Dispatcher - 2930-37394.log +0 -17
- data/spec/support/logs/Dispatcher - 2943-46737.log +0 -21
- data/spec/support/logs/Dispatcher - 2956-37866.log +0 -13
- data/spec/support/logs/Dispatcher - 2976-21012.log +0 -17
- data/spec/support/logs/Dispatcher - 2990-48082.log +0 -21
- data/spec/support/logs/Dispatcher - 2999-16391.log +0 -13
- data/spec/support/logs/Instance - 2204-45164.error.log +0 -356
- data/spec/support/logs/Instance - 2475-49789.error.log +0 -356
- data/spec/support/logs/Instance - 2509-39450.error.log +0 -455
- data/spec/support/logs/Instance - 2533-5785.error.log +0 -354
- data/spec/support/logs/Instance - 2539-42941.error.log +0 -356
- data/spec/support/logs/Instance - 26178-57631.error.log +0 -324
- data/spec/support/logs/Instance - 26458-60253.error.log +0 -326
- data/spec/support/logs/Instance - 26514-44685.error.log +0 -423
- data/spec/support/logs/Instance - 26538-43093.error.log +0 -322
- data/spec/support/logs/Instance - 26544-52217.error.log +0 -328
- data/spec/support/logs/Instance - 26682-37056.error.log +0 -345
- data/spec/support/logs/Instance - 2669-56818.error.log +0 -354
- data/spec/support/logs/Instance - 27547-3928.error.log +0 -309
- data/spec/support/servers/arachni/element/capabilities/auditable/rdiff.rb +0 -162
- data/spec/support/servers/arachni/element/capabilities/auditable/timeout.rb +0 -34
- data/spec/support/servers/arachni/http.rb +0 -127
- data/spec/support/servers/arachni/http_auth.rb +0 -9
- data/spec/support/servers/arachni/module/auditor.rb +0 -136
- data/spec/support/servers/arachni/rpc/server/framework_simple.rb +0 -30
- data/spec/support/servers/arachni/spider.rb +0 -234
- data/spec/support/servers/arachni/spider_https.rb +0 -58
- data/spec/support/servers/modules/audit/code_injection.rb +0 -139
- data/spec/support/servers/modules/audit/code_injection_timing.rb +0 -110
- data/spec/support/servers/modules/audit/file_inclusion.rb +0 -202
- data/spec/support/servers/modules/audit/ldapi.rb +0 -73
- data/spec/support/servers/modules/audit/os_cmd_injection.rb +0 -140
- data/spec/support/servers/modules/audit/os_cmd_injection_timing.rb +0 -103
- data/spec/support/servers/modules/audit/path_traversal.rb +0 -197
- data/spec/support/servers/modules/audit/response_splitting.rb +0 -114
- data/spec/support/servers/modules/audit/session_fixation.rb +0 -87
- data/spec/support/servers/modules/audit/source_code_disclosure.rb +0 -95
- data/spec/support/servers/modules/audit/sqli.rb +0 -118
- data/spec/support/servers/modules/audit/sqli_blind_timing.rb +0 -121
- data/spec/support/servers/modules/audit/unvalidated_redirect.rb +0 -115
- data/spec/support/servers/modules/audit/xpath.rb +0 -111
- data/spec/support/servers/modules/audit/xss.rb +0 -152
- data/spec/support/servers/modules/audit/xss_event.rb +0 -80
- data/spec/support/servers/modules/audit/xss_script_tag.rb +0 -73
- data/spec/support/servers/modules/module_server.rb +0 -14
- data/spec/support/servers/modules/recon/backdoors.rb +0 -4
- data/spec/support/servers/modules/recon/backup_files.rb +0 -28
- data/spec/support/servers/modules/recon/common_directories.rb +0 -6
- data/spec/support/servers/modules/recon/common_files.rb +0 -6
- data/spec/support/servers/modules/recon/directory_listing.rb +0 -30
- data/spec/support/servers/modules/recon/grep/emails.rb +0 -21
- data/spec/support/servers/modules/recon/grep/insecure_cookies.rb +0 -21
- data/spec/support/servers/modules/recon/grep/mixed_resource.rb +0 -83
- data/spec/support/servers/modules/recon/grep/password_autocomplete.rb +0 -33
- data/spec/support/servers/modules/recon/grep/unencrypted_password_forms.rb +0 -33
- data/spec/support/servers/modules/recon/http_put.rb +0 -7
- data/spec/support/servers/modules/recon/interesting_responses.rb +0 -5
- data/spec/support/servers/modules/recon/webdav.rb +0 -25
- data/spec/support/servers/modules/recon/x_forwarded_for_access_restriction_bypass.rb +0 -16
- data/spec/support/servers/plugins/profiler.rb +0 -82
- data/spec/support/servers/plugins/rescan.rb +0 -31
- data/spec/support/shared/module.rb +0 -162
- data/spec/support/shared/reports.rb +0 -47
@@ -1,137 +0,0 @@
|
|
1
|
-
=begin
|
2
|
-
Copyright 2010-2014 Tasos Laskos <tasos.laskos@gmail.com>
|
3
|
-
|
4
|
-
Licensed under the Apache License, Version 2.0 (the "License");
|
5
|
-
you may not use this file except in compliance with the License.
|
6
|
-
You may obtain a copy of the License at
|
7
|
-
|
8
|
-
http://www.apache.org/licenses/LICENSE-2.0
|
9
|
-
|
10
|
-
Unless required by applicable law or agreed to in writing, software
|
11
|
-
distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
-
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
-
See the License for the specific language governing permissions and
|
14
|
-
limitations under the License.
|
15
|
-
=end
|
16
|
-
|
17
|
-
# It's designed to work with PHP, Perl, Python, Java, ASP and Ruby
|
18
|
-
# but still needs some more testing.
|
19
|
-
#
|
20
|
-
#
|
21
|
-
# @author Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
|
22
|
-
#
|
23
|
-
# @version 0.2.1
|
24
|
-
#
|
25
|
-
# @see http://cwe.mitre.org/data/definitions/94.html
|
26
|
-
# @see http://php.net/manual/en/function.eval.php
|
27
|
-
# @see http://perldoc.perl.org/functions/eval.html
|
28
|
-
# @see http://docs.python.org/py3k/library/functions.html#eval
|
29
|
-
# @see http://www.aspdev.org/asp/asp-eval-execute/
|
30
|
-
# @see http://en.wikipedia.org/wiki/Eval#Ruby
|
31
|
-
class Arachni::Modules::CodeInjection < Arachni::Module::Base
|
32
|
-
|
33
|
-
def self.rand1
|
34
|
-
@rand1 ||= '287630581954'
|
35
|
-
end
|
36
|
-
|
37
|
-
def self.rand2
|
38
|
-
@rand2 ||= '4196403186331128'
|
39
|
-
end
|
40
|
-
|
41
|
-
def self.options
|
42
|
-
@options ||= {
|
43
|
-
substring: (rand1.to_i + rand2.to_i).to_s,
|
44
|
-
format: [Format::APPEND, Format::STRAIGHT],
|
45
|
-
param_flip: false
|
46
|
-
}
|
47
|
-
end
|
48
|
-
|
49
|
-
def self.code_strings
|
50
|
-
# code strings to be injected to the webapp
|
51
|
-
@code_strings ||= {
|
52
|
-
php: "echo #{rand1}+#{rand2};",
|
53
|
-
perl: "print #{rand1}+#{rand2};",
|
54
|
-
python: "print #{rand1}+#{rand2}",
|
55
|
-
asp: "Response.Write\x28#{rand1}+#{rand2}\x29"
|
56
|
-
}
|
57
|
-
end
|
58
|
-
|
59
|
-
def self.payloads
|
60
|
-
return @payloads if @payloads
|
61
|
-
|
62
|
-
@payloads = {}
|
63
|
-
code_strings.each do |platform, payload|
|
64
|
-
@payloads[platform] = [ ';%s', "\";%s#", "';%s#" ].
|
65
|
-
map { |var| var % payload } | [payload]
|
66
|
-
end
|
67
|
-
@payloads
|
68
|
-
end
|
69
|
-
|
70
|
-
def run
|
71
|
-
audit( self.class.payloads, self.class.options )
|
72
|
-
end
|
73
|
-
|
74
|
-
def self.info
|
75
|
-
{
|
76
|
-
name: 'Code injection',
|
77
|
-
description: %q{It tries to inject code snippets into the
|
78
|
-
web application and assess whether or not the injection
|
79
|
-
was successful.},
|
80
|
-
elements: [ Element::FORM, Element::LINK, Element::COOKIE, Element::HEADER ],
|
81
|
-
author: 'Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>',
|
82
|
-
version: '0.2.1',
|
83
|
-
references: {
|
84
|
-
'PHP' => 'http://php.net/manual/en/function.eval.php',
|
85
|
-
'Perl' => 'http://perldoc.perl.org/functions/eval.html',
|
86
|
-
'Python' => 'http://docs.python.org/py3k/library/functions.html#eval',
|
87
|
-
'ASP' => 'http://www.aspdev.org/asp/asp-eval-execute/',
|
88
|
-
},
|
89
|
-
targets: %w(PHP Perl Python ASP),
|
90
|
-
issue: {
|
91
|
-
name: %q{Code injection},
|
92
|
-
description: %q{A modern web application will be reliant on
|
93
|
-
several different programming languages. These languages can
|
94
|
-
be broken up into two flavours. These are client side
|
95
|
-
languages such as those that run in the browser eg.
|
96
|
-
JavaScript and HTML, and server side languages that are
|
97
|
-
executed by the server (ASP, PHP, JSP, etc) to form the
|
98
|
-
dynamic pages (client side code) that are then sent to the
|
99
|
-
client. Because all server side code should be executed by
|
100
|
-
the server, it should only ever come from a trusted source.
|
101
|
-
Code injection occurs when the server takes untrusted server
|
102
|
-
side code (ie. From the client) and executes the code as if
|
103
|
-
it were on the server. Cyber-criminals will abuse this
|
104
|
-
weakness to execute their own arbitrary code on the server,
|
105
|
-
and could result in complete compromise of the server.
|
106
|
-
Arachni was able to inject specific server side code and
|
107
|
-
have the executed output from the code contained within the
|
108
|
-
server response. This indicates that proper input
|
109
|
-
sanitisation is not occurring.},
|
110
|
-
tags: %w(code injection regexp),
|
111
|
-
cwe: '94',
|
112
|
-
severity: Severity::HIGH,
|
113
|
-
cvssv2: '7.5',
|
114
|
-
remedy_guidance: %q{ It is recommended that untrusted or
|
115
|
-
invalidated data is never stored where it may then be
|
116
|
-
executed as server side code. To validate data, the
|
117
|
-
application should ensure that the supplied value contains
|
118
|
-
only the characters that are required to perform the
|
119
|
-
required action. For example, where a username is required,
|
120
|
-
then no non-alpha characters should be accepted.
|
121
|
-
Additionally, within PHP, the "eval" and "preg_replace"
|
122
|
-
functions should be avoided as these functions can easily be
|
123
|
-
used to execute untrusted data. If these functions are used
|
124
|
-
within the application then these parts should be rewritten.
|
125
|
-
The exact way to rewrite the code depends on what the code
|
126
|
-
in question does, so there is no general pattern for doing
|
127
|
-
so. Once the code has been rewritten the eval() function
|
128
|
-
should be disabled. This can be achieved by adding eval to
|
129
|
-
disable_funcions within the php.ini file.},
|
130
|
-
remedy_code: '',
|
131
|
-
metasploitable: 'unix/webapp/arachni_php_eval'
|
132
|
-
}
|
133
|
-
|
134
|
-
}
|
135
|
-
end
|
136
|
-
|
137
|
-
end
|
@@ -1,109 +0,0 @@
|
|
1
|
-
=begin
|
2
|
-
Copyright 2010-2014 Tasos Laskos <tasos.laskos@gmail.com>
|
3
|
-
|
4
|
-
Licensed under the Apache License, Version 2.0 (the "License");
|
5
|
-
you may not use this file except in compliance with the License.
|
6
|
-
You may obtain a copy of the License at
|
7
|
-
|
8
|
-
http://www.apache.org/licenses/LICENSE-2.0
|
9
|
-
|
10
|
-
Unless required by applicable law or agreed to in writing, software
|
11
|
-
distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
-
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
-
See the License for the specific language governing permissions and
|
14
|
-
limitations under the License.
|
15
|
-
=end
|
16
|
-
|
17
|
-
# @see OWASP https://www.owasp.org/index.php/Top_10_2007-Malicious_File_Execution
|
18
|
-
#
|
19
|
-
# @author Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
|
20
|
-
#
|
21
|
-
# @version 0.2
|
22
|
-
class Arachni::Modules::CodeExecutionPHPInputWrapper < Arachni::Module::Base
|
23
|
-
|
24
|
-
def self.options
|
25
|
-
@options ||= {
|
26
|
-
format: [Format::STRAIGHT],
|
27
|
-
body: "<?php echo 'vDBVBsbVdv'; ?> <?php echo chr(80).chr(76).chr(76).chr(33).chr(56).chr(111).chr(55) ?>",
|
28
|
-
substring: 'vDBVBsbVdv PLL!8o7',
|
29
|
-
|
30
|
-
# Add one more mutation (on the fly) which will include the extension
|
31
|
-
# of the original value (if that value was a filename) after a null byte.
|
32
|
-
each_mutation: proc do |mutation|
|
33
|
-
m = mutation.dup
|
34
|
-
|
35
|
-
# Figure out the extension of the default value, if it has one.
|
36
|
-
ext = m.original[m.altered].to_s.split( '.' )
|
37
|
-
ext = ext.size > 1 ? ext.last : nil
|
38
|
-
|
39
|
-
# Null-terminate the injected value and append the ext.
|
40
|
-
m.altered_value += "\x00.#{ext}"
|
41
|
-
|
42
|
-
# Pass our new element back to be audited.
|
43
|
-
m
|
44
|
-
end
|
45
|
-
}
|
46
|
-
end
|
47
|
-
|
48
|
-
def run
|
49
|
-
audit 'php://input', self.class.options
|
50
|
-
end
|
51
|
-
|
52
|
-
def self.info
|
53
|
-
{
|
54
|
-
name: 'Code injection (php://input wrapper)',
|
55
|
-
description: %q{It injects PHP code into the HTTP request body and
|
56
|
-
uses the php://input wrapper to try and load it.},
|
57
|
-
elements: [ Element::FORM, Element::LINK, Element::COOKIE, Element::HEADER ],
|
58
|
-
author: 'Tasos "Zapotek" Laskos <tasos.laskos@gmail.com> ',
|
59
|
-
version: '0.2',
|
60
|
-
references: {
|
61
|
-
'OWASP' => 'https://www.owasp.org/index.php/Top_10_2007-Malicious_File_Execution'
|
62
|
-
},
|
63
|
-
targets: %w(PHP),
|
64
|
-
issue: {
|
65
|
-
name: %q{Code injection (php://input wrapper)},
|
66
|
-
description: %q{A modern web application will be reliant on
|
67
|
-
several different programming languages. These languages can
|
68
|
-
be broken up into two flavours. These are client side
|
69
|
-
languages such as those that run in the browser eg.
|
70
|
-
JavaScript and HTML, and server side languages that are
|
71
|
-
executed by the server (ASP, PHP, JSP, etc) to form the
|
72
|
-
dynamic pages (client side code) that are then sent to the
|
73
|
-
client. Because all server side code should be executed by
|
74
|
-
the server, it should only ever come from a trusted source.
|
75
|
-
Code injection occurs when the server takes untrusted server
|
76
|
-
side code (ie. From the client) and executes the code as if
|
77
|
-
it were on the server. Cyber-criminals will abuse this
|
78
|
-
weakness to execute their own arbitrary code on the server,
|
79
|
-
and could result in complete compromise of the server.
|
80
|
-
Arachni was able to inject specific server side code wrapped
|
81
|
-
within a php wrapper (<?php ... ?>) and have the executed
|
82
|
-
output from the code contained within the server response.
|
83
|
-
This indicates that proper input sanitisation is not
|
84
|
-
occurring..},
|
85
|
-
tags: %w(remote injection php code execution),
|
86
|
-
cwe: '94',
|
87
|
-
severity: Severity::HIGH,
|
88
|
-
remedy_guidance: %q{It is recommended that untrusted or
|
89
|
-
invalidated data is never stored where it may then be
|
90
|
-
executed as server side code. To validate data, the
|
91
|
-
application should ensure that the supplied value contains
|
92
|
-
nly the characters that are required to perform the required
|
93
|
-
action. For example, where a username is required, then no
|
94
|
-
non-alpha characters should be accepted. Additionally,
|
95
|
-
within PHP, the "eval" and "preg_replace" functions should
|
96
|
-
be avoided as these functions can easily be used to execute
|
97
|
-
untrusted data. If these functions are used within the
|
98
|
-
application then these parts should be rewritten. The exact
|
99
|
-
way to rewrite the code depends on what the code in question
|
100
|
-
does, so there is no general pattern for doing so. Once the
|
101
|
-
code has been rewritten the eval() function should be
|
102
|
-
disabled. This can be achieved by adding eval to
|
103
|
-
disable_funcions within the php.ini file.},
|
104
|
-
}
|
105
|
-
|
106
|
-
}
|
107
|
-
end
|
108
|
-
|
109
|
-
end
|
@@ -1,122 +0,0 @@
|
|
1
|
-
=begin
|
2
|
-
Copyright 2010-2014 Tasos Laskos <tasos.laskos@gmail.com>
|
3
|
-
|
4
|
-
Licensed under the Apache License, Version 2.0 (the "License");
|
5
|
-
you may not use this file except in compliance with the License.
|
6
|
-
You may obtain a copy of the License at
|
7
|
-
|
8
|
-
http://www.apache.org/licenses/LICENSE-2.0
|
9
|
-
|
10
|
-
Unless required by applicable law or agreed to in writing, software
|
11
|
-
distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
-
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
-
See the License for the specific language governing permissions and
|
14
|
-
limitations under the License.
|
15
|
-
=end
|
16
|
-
|
17
|
-
#
|
18
|
-
# Tries to inject code strings which, if executed, will cause an identifiable
|
19
|
-
# delay in execution.
|
20
|
-
#
|
21
|
-
# If that delay can be verified then the vector via which it was introduced is
|
22
|
-
# flagged as vulnerable.
|
23
|
-
#
|
24
|
-
# @author Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
|
25
|
-
#
|
26
|
-
# @version 0.4
|
27
|
-
#
|
28
|
-
# @see http://cwe.mitre.org/data/definitions/94.html
|
29
|
-
# @see http://php.net/manual/en/function.eval.php
|
30
|
-
# @see http://perldoc.perl.org/functions/eval.html
|
31
|
-
# @see http://docs.python.org/py3k/library/functions.html#eval
|
32
|
-
# @see http://www.aspdev.org/asp/asp-eval-execute/
|
33
|
-
# @see http://en.wikipedia.org/wiki/Eval#Ruby
|
34
|
-
#
|
35
|
-
class Arachni::Modules::CodeInjectionTiming < Arachni::Module::Base
|
36
|
-
|
37
|
-
prefer :code_injection
|
38
|
-
|
39
|
-
def self.payloads
|
40
|
-
@payloads ||= {
|
41
|
-
ruby: 'sleep(__TIME__/1000);',
|
42
|
-
php: 'sleep(__TIME__/1000);',
|
43
|
-
perl: 'sleep(__TIME__/1000);',
|
44
|
-
python: 'import time;time.sleep(__TIME__/1000);',
|
45
|
-
jsp: 'Thread.sleep(__TIME__);',
|
46
|
-
asp: 'Thread.Sleep(__TIME__);',
|
47
|
-
}.inject({}) do |h, (platform, payload)|
|
48
|
-
h[platform] = [ ' ', ' && ', ';' ].map { |sep| "#{sep} #{payload}" }
|
49
|
-
h
|
50
|
-
end
|
51
|
-
end
|
52
|
-
|
53
|
-
def run
|
54
|
-
audit_timeout( self.class.payloads, format: [Format::STRAIGHT], timeout: 4000 )
|
55
|
-
end
|
56
|
-
|
57
|
-
def self.info
|
58
|
-
{
|
59
|
-
name: 'Code injection (timing)',
|
60
|
-
description: %q{It tries to inject code snippets into the
|
61
|
-
web application and assess whether or not the injection
|
62
|
-
was successful using a time delay.},
|
63
|
-
elements: [ Element::FORM, Element::LINK, Element::COOKIE, Element::HEADER ],
|
64
|
-
author: 'Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>',
|
65
|
-
version: '0.4',
|
66
|
-
references: {
|
67
|
-
'PHP' => 'http://php.net/manual/en/function.eval.php',
|
68
|
-
'Perl' => 'http://perldoc.perl.org/functions/eval.html',
|
69
|
-
'Python' => 'http://docs.python.org/py3k/library/functions.html#eval',
|
70
|
-
'ASP' => 'http://www.aspdev.org/asp/asp-eval-execute/',
|
71
|
-
'Ruby' => 'http://en.wikipedia.org/wiki/Eval#Ruby'
|
72
|
-
},
|
73
|
-
targets: %w(Java ASP Python PHP Perl Ruby),
|
74
|
-
|
75
|
-
issue: {
|
76
|
-
name: %q{Code injection (timing attack)},
|
77
|
-
description: %q{A modern web application will be reliant on
|
78
|
-
several different programming languages. These languages can
|
79
|
-
be broken up into two flavours. These are client side
|
80
|
-
languages such as those that run in the browser eg.
|
81
|
-
JavaScript and HTML, and server side languages that are
|
82
|
-
executed by the server (ASP, PHP, JSP, etc) to form the
|
83
|
-
dynamic pages (client side code) that are then sent to the
|
84
|
-
client. Because all server side code should be executed by
|
85
|
-
the server, it should only ever come from a trusted source.
|
86
|
-
Code injection occurs when the server takes untrusted server
|
87
|
-
side code (ie. From the client) and executes the code as if
|
88
|
-
it were on the server. Cyber-criminals will abuse this
|
89
|
-
weakness to execute their own arbitrary code on the server,
|
90
|
-
and could result in complete compromise of the server. By
|
91
|
-
injecting server side code that is known to take a specific
|
92
|
-
amount of time to execute Arachni was able to detect time
|
93
|
-
based code injection. This indicates that proper input
|
94
|
-
sanitisation is not occurring.},
|
95
|
-
tags: %w(code injection timing blind),
|
96
|
-
cwe: '94',
|
97
|
-
severity: Severity::HIGH,
|
98
|
-
cvssv2: '7.5',
|
99
|
-
remedy_guidance: %q{It is recommended that untrusted or
|
100
|
-
invalidated data is never stored where it may then be
|
101
|
-
executed as server side code. To validate data, the
|
102
|
-
application should ensure that the supplied value contains
|
103
|
-
nly the characters that are required to perform the required
|
104
|
-
action. For example, where a username is required, then no
|
105
|
-
non-alpha characters should be accepted. Additionally,
|
106
|
-
within PHP, the "eval" and "preg_replace" functions should
|
107
|
-
be avoided as these functions can easily be used to execute
|
108
|
-
untrusted data. If these functions are used within the
|
109
|
-
application then these parts should be rewritten. The exact
|
110
|
-
way to rewrite the code depends on what the code in question
|
111
|
-
does, so there is no general pattern for doing so. Once the
|
112
|
-
code has been rewritten the eval() function should be
|
113
|
-
disabled. This can be achieved by adding eval to
|
114
|
-
disable_funcions within the php.ini file.},
|
115
|
-
remedy_code: '',
|
116
|
-
metasploitable: 'unix/webapp/arachni_php_eval'
|
117
|
-
}
|
118
|
-
|
119
|
-
}
|
120
|
-
end
|
121
|
-
|
122
|
-
end
|
data/modules/audit/csrf.rb
DELETED
@@ -1,225 +0,0 @@
|
|
1
|
-
=begin
|
2
|
-
Copyright 2010-2014 Tasos Laskos <tasos.laskos@gmail.com>
|
3
|
-
|
4
|
-
Licensed under the Apache License, Version 2.0 (the "License");
|
5
|
-
you may not use this file except in compliance with the License.
|
6
|
-
You may obtain a copy of the License at
|
7
|
-
|
8
|
-
http://www.apache.org/licenses/LICENSE-2.0
|
9
|
-
|
10
|
-
Unless required by applicable law or agreed to in writing, software
|
11
|
-
distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
-
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
-
See the License for the specific language governing permissions and
|
14
|
-
limitations under the License.
|
15
|
-
=end
|
16
|
-
|
17
|
-
#
|
18
|
-
# Cross-Site Request Forgery audit module.
|
19
|
-
#
|
20
|
-
# It uses 4-pass reverse-diff analysis to determine which forms affect business logic
|
21
|
-
# and audits them for CSRF.
|
22
|
-
#
|
23
|
-
# Using this technique noise/false-positives should be kept to a minimum,
|
24
|
-
# however we do need to jump through some hoops.
|
25
|
-
#
|
26
|
-
# The technique used to identify which forms are CSRF worthy is described bellow.
|
27
|
-
#
|
28
|
-
# === 4-pass rDiff CSRF detection:
|
29
|
-
#
|
30
|
-
# * Request each page *without* cookies
|
31
|
-
# * Extract forms.
|
32
|
-
# * Request each page *with* cookies
|
33
|
-
# * Extract forms.
|
34
|
-
# * Check forms that appear *only* when logged-in for CSRF.
|
35
|
-
#
|
36
|
-
# In order for the module to give meaningful results, a valid cookie-jar of a logged-in
|
37
|
-
# user must be supplied to the framework.
|
38
|
-
#
|
39
|
-
# However, as Arachni goes through the system it will gather
|
40
|
-
# cookies just like a user would, so if there are forms that only appear
|
41
|
-
# after a guest has performed a previous event it will check these too.
|
42
|
-
#
|
43
|
-
# @author Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
|
44
|
-
#
|
45
|
-
# @version 0.3.2
|
46
|
-
#
|
47
|
-
# @see http://en.wikipedia.org/wiki/Cross-site_request_forgery
|
48
|
-
# @see http://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)
|
49
|
-
# @see http://www.cgisecurity.com/csrf-faq.html
|
50
|
-
# @see http://cwe.mitre.org/data/definitions/352.html
|
51
|
-
#
|
52
|
-
class Arachni::Modules::CSRF < Arachni::Module::Base
|
53
|
-
|
54
|
-
def run
|
55
|
-
print_status 'Looking for CSRF candidates...'
|
56
|
-
print_status 'Simulating logged-out user.'
|
57
|
-
|
58
|
-
# request page without cookies, simulating a logged-out user
|
59
|
-
http.get( page.url, cookies: {}, no_cookiejar: true ) do |res|
|
60
|
-
# extract forms from the body of the response
|
61
|
-
logged_out = forms_from_response( res ).reject { |f| f.auditable.empty? }
|
62
|
-
|
63
|
-
print_status "Found #{logged_out.size} context irrelevant forms."
|
64
|
-
|
65
|
-
# get forms that are worthy of testing for CSRF i.e. appear only when the user is logged-in
|
66
|
-
candidates = page.forms - logged_out
|
67
|
-
|
68
|
-
print_status "Found #{candidates.size} CSRF candidates."
|
69
|
-
|
70
|
-
candidates.each { |form| _log( form ) if unsafe?( form ) }
|
71
|
-
end
|
72
|
-
end
|
73
|
-
|
74
|
-
#
|
75
|
-
# Tries to detect if a form is protected using an anti-CSRF token.
|
76
|
-
#
|
77
|
-
# @param [Arachni::Element::Form] form
|
78
|
-
#
|
79
|
-
# @return [Bool] +true+ if the form has no anti-CSRF token, +false+ otherwise
|
80
|
-
#
|
81
|
-
def unsafe?( form )
|
82
|
-
# if a form has a nonce then we're cool, bail out early
|
83
|
-
return false if form.has_nonce?
|
84
|
-
|
85
|
-
#
|
86
|
-
# Nobody says that tokens must be in a +value+ attribute, they can
|
87
|
-
# just as well be in +name+ -- so we check them both...
|
88
|
-
#
|
89
|
-
found_token = (form.raw['auditable'] || []).map do |input|
|
90
|
-
next if !input['type'] || input['type'].downcase != 'hidden'
|
91
|
-
csrf_token?( input['value'] ) || csrf_token?( input['name'] )
|
92
|
-
end.include?( true )
|
93
|
-
|
94
|
-
return false if found_token
|
95
|
-
|
96
|
-
link_vars = parse_url_vars( form.action )
|
97
|
-
if link_vars.any?
|
98
|
-
# and we also need to check for a token in the form action.
|
99
|
-
found_token = link_vars.to_a.flatten.
|
100
|
-
map { |val| csrf_token?( val ) }.include?( true )
|
101
|
-
end
|
102
|
-
|
103
|
-
!found_token
|
104
|
-
end
|
105
|
-
|
106
|
-
#
|
107
|
-
# Checks if the str is an anti-CSRF token of base10/16/32/64.
|
108
|
-
#
|
109
|
-
# @param [String] str
|
110
|
-
#
|
111
|
-
def csrf_token?( str )
|
112
|
-
return false if !str
|
113
|
-
|
114
|
-
# we could use regexps but i kinda like lcamtuf's (Michal's) way
|
115
|
-
base16_len_min = 8
|
116
|
-
base16_len_max = 45
|
117
|
-
base16_digit_num = 2
|
118
|
-
|
119
|
-
base64_len_min = 6
|
120
|
-
base64_len_max = 32
|
121
|
-
base64_digit_num = 1
|
122
|
-
base64_case = 2
|
123
|
-
base64_digit_num2 = 3
|
124
|
-
base64_slash_cnt = 2
|
125
|
-
|
126
|
-
len = str.size
|
127
|
-
digit_cnt = str.scan( /[0-9]+/ ).join.size
|
128
|
-
|
129
|
-
if len >= base16_len_min && len <= base16_len_max && digit_cnt >= base16_digit_num
|
130
|
-
return true
|
131
|
-
end
|
132
|
-
|
133
|
-
upper_cnt = str.scan( /[A-Z]+/ ).join.size
|
134
|
-
slash_cnt = str.scan( /\/+/ ).join.size
|
135
|
-
|
136
|
-
if len >= base64_len_min && len <= base64_len_max &&
|
137
|
-
((digit_cnt >= base64_digit_num && upper_cnt >= base64_case ) ||
|
138
|
-
digit_cnt >= base64_digit_num2) && slash_cnt <= base64_slash_cnt
|
139
|
-
return true
|
140
|
-
end
|
141
|
-
|
142
|
-
false
|
143
|
-
end
|
144
|
-
|
145
|
-
def _log( form )
|
146
|
-
return if !form.raw['attrs']
|
147
|
-
|
148
|
-
url = form.action
|
149
|
-
name = form.raw['attrs']['name'] || form.raw['attrs']['id']
|
150
|
-
|
151
|
-
if audited?( "#{url}::#{name}" )
|
152
|
-
print_info "Skipping already audited form '#{name}' at '#{page.url}'"
|
153
|
-
return
|
154
|
-
end
|
155
|
-
|
156
|
-
audited( "#{url}::#{name}" )
|
157
|
-
|
158
|
-
log( var: name, elem: Element::FORM )
|
159
|
-
print_ok "Found unprotected form with name '#{name}' at '#{page.url}'"
|
160
|
-
end
|
161
|
-
|
162
|
-
def self.info
|
163
|
-
{
|
164
|
-
name: 'CSRF',
|
165
|
-
description: %q{It uses 2-pass rDiff analysis to determine
|
166
|
-
which forms affect business logic and audits them for CSRF.
|
167
|
-
It requires a logged-in user's cookie-jar.},
|
168
|
-
elements: [ Element::FORM ],
|
169
|
-
author: 'Tasos "Zapotek" Laskos <tasos.laskos@gmail.com> ',
|
170
|
-
version: '0.3.2',
|
171
|
-
references: {
|
172
|
-
'Wikipedia' => 'http://en.wikipedia.org/wiki/Cross-site_request_forgery',
|
173
|
-
'OWASP' => 'http://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)',
|
174
|
-
'CGI Security' => 'http://www.cgisecurity.com/csrf-faq.html',
|
175
|
-
'WASC' => 'http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery'
|
176
|
-
},
|
177
|
-
targets: %w(Generic),
|
178
|
-
|
179
|
-
issue: {
|
180
|
-
name: %q{Cross-Site Request Forgery},
|
181
|
-
description: %q{In the majority of today's web applications,
|
182
|
-
clients are required to submit forms. When these forms are
|
183
|
-
submitted that contents within the form are typically
|
184
|
-
processed by the server. An example of such a form is when
|
185
|
-
an administrator wishes to create a new user for the
|
186
|
-
application. In the simplest form the administrator would
|
187
|
-
submit a form with the users Name, Password, and Role (level
|
188
|
-
of access). Cross Site Request Forgery (CSRF) is where an
|
189
|
-
administrator could be tricked into clicking on a link that
|
190
|
-
if logged into the application would automatically submit
|
191
|
-
the form without any further interaction. Cyber-criminals
|
192
|
-
will look for sites where sensitive functions are performed
|
193
|
-
in this vulnerable manner, and then craft malicious requests
|
194
|
-
that will be used against clients in a social engineering
|
195
|
-
attack. There are 3 things that are required for a CSRF
|
196
|
-
attack to occur. 1. The form must perform a sensitive action
|
197
|
-
2. The victim (admin the example above) must have an active
|
198
|
-
session 3. Most importantly, all parameter values must be
|
199
|
-
known or guessable. Arachni discovered that all parameters
|
200
|
-
within the form were known or predictable, and therefore
|
201
|
-
could be vulnerable to CSRF. Manual verification may be
|
202
|
-
required to check whether the submission will then perform a
|
203
|
-
sensitive action such as reset a password, modify user
|
204
|
-
profiles, post content for a forum, etc.},
|
205
|
-
tags: %w(csrf rdiff form token),
|
206
|
-
cwe: '352',
|
207
|
-
severity: Severity::HIGH,
|
208
|
-
remedy_guidance: %q{Based on the risk determined by manual
|
209
|
-
verification of whether the submission will then perform a
|
210
|
-
sensitive action, it is recommended that the server utilise
|
211
|
-
CSRF tokens. These can be configured in such a way that each
|
212
|
-
session generates a new CSRF token or such that each
|
213
|
-
individual request requires a new token. CSRF tokens are
|
214
|
-
passed to the server as a normal parameter and not as a
|
215
|
-
cookie value. It is equally important that the server track
|
216
|
-
and maintain the status of each token, this will enable a
|
217
|
-
server to reject any request that does not contain a valid
|
218
|
-
token, and therefore prevent any cyber-criminal from knowing
|
219
|
-
or guessing all parameter values. For examples of framework
|
220
|
-
specific remediation, refer to the references.}
|
221
|
-
}
|
222
|
-
}
|
223
|
-
end
|
224
|
-
|
225
|
-
end
|