arachni 1.0.5 → 1.0.6

data/spec/arachni/framework/parts/data_spec.rb

@@ -0,0 +1,187 @@
+require 'spec_helper'
+
+describe Arachni::Framework::Parts::Data do
+    include_examples 'framework'
+
+    describe '#data' do
+        it "returns #{Arachni::Data::Framework}" do
+            subject.data.should be_kind_of Arachni::Data::Framework
+        end
+    end
+
+    describe '#sitemap' do
+        it 'returns a hash with covered URLs and HTTP status codes' do
+            Arachni::Framework.new do |f|
+                f.options.url = "#{@url}/"
+                f.options.audit.elements :links, :forms, :cookies
+                f.checks.load :taint
+
+                f.run
+                f.sitemap.should == { "#{@url}/" => 200 }
+            end
+        end
+    end
+
+    describe '#push_to_page_queue' do
+        let(:page) { Arachni::Page.from_url( @url + '/train/true' ) }
+
+        it 'pushes it to the page audit queue and returns true' do
+            subject.options.audit.elements :links, :forms, :cookies
+            subject.checks.load :taint
+
+            subject.page_queue_total_size.should == 0
+            subject.push_to_page_queue( page ).should be_true
+            subject.run
+
+            subject.report.issues.size.should == 1
+            subject.page_queue_total_size.should > 0
+        end
+
+        it 'updates the #sitemap with the DOM URL' do
+            subject.options.audit.elements :links, :forms, :cookies
+            subject.checks.load :taint
+
+            subject.sitemap.should be_empty
+
+            page = Arachni::Page.from_url( @url + '/link' )
+            page.dom.url = @url + '/link/#/stuff'
+
+            subject.push_to_page_queue page
+            subject.sitemap.should include @url + '/link/#/stuff'
+        end
+
+        it "passes it to #{Arachni::ElementFilter}#update_from_page_cache" do
+            page = Arachni::Page.from_url( @url + '/link' )
+
+            Arachni::ElementFilter.should receive(:update_from_page_cache).with(page)
+
+            subject.push_to_page_queue page
+        end
+
+        context 'when the page has already been seen' do
+            it 'ignores it' do
+                page = Arachni::Page.from_url( @url + '/stuff' )
+
+                subject.page_queue_total_size.should == 0
+                subject.push_to_page_queue( page )
+                subject.push_to_page_queue( page )
+                subject.push_to_page_queue( page )
+                subject.page_queue_total_size.should == 1
+            end
+
+            it 'returns false' do
+                page = Arachni::Page.from_url( @url + '/stuff' )
+
+                subject.page_queue_total_size.should == 0
+                subject.push_to_page_queue( page ).should be_true
+                subject.push_to_page_queue( page ).should be_false
+                subject.push_to_page_queue( page ).should be_false
+                subject.page_queue_total_size.should == 1
+            end
+        end
+
+        context 'when #accepts_more_pages?' do
+            context false do
+                it 'returns false' do
+                    subject.stub(:accepts_more_pages?) { false }
+                    subject.push_to_page_queue( page ).should be_false
+                end
+            end
+
+            context true do
+                it 'returns true' do
+                    subject.stub(:accepts_more_pages?) { true }
+                    subject.push_to_page_queue( page ).should be_true
+                end
+            end
+        end
+
+        context "when #{Arachni::Page::Scope}#out? is true" do
+            it 'returns false' do
+                Arachni::Page::Scope.any_instance.stub(:out?) { true }
+                subject.push_to_page_queue( page ).should be_false
+            end
+        end
+
+        context "when #{Arachni::URI::Scope}#redundant? is true" do
+            it 'returns false' do
+                Arachni::Page::Scope.any_instance.stub(:redundant?) { true }
+                subject.push_to_page_queue( page ).should be_false
+            end
+        end
+
+        context "when #{Arachni::Page::Scope}#auto_redundant? is true" do
+            it 'returns false' do
+                Arachni::Page::Scope.any_instance.stub(:auto_redundant?) { true }
+                subject.push_to_page_queue( page ).should be_false
+            end
+        end
+    end
+
+    describe '#push_to_url_queue' do
+        it 'pushes a URL to the URL audit queue' do
+            subject.options.audit.elements :links, :forms, :cookies
+            subject.checks.load :taint
+
+            subject.url_queue_total_size.should == 0
+            subject.push_to_url_queue(  @url + '/link' ).should be_true
+            subject.run
+
+            subject.report.issues.size.should == 1
+            subject.url_queue_total_size.should == 3
+        end
+
+        context 'when the URL has already been seen' do
+            it 'returns false' do
+                subject.push_to_url_queue( @url + '/link' ).should be_true
+                subject.push_to_url_queue( @url + '/link' ).should be_false
+            end
+
+            it 'ignores it' do
+                subject.url_queue_total_size.should == 0
+                subject.push_to_url_queue( @url + '/link' )
+                subject.push_to_url_queue( @url + '/link' )
+                subject.push_to_url_queue( @url + '/link' )
+                subject.url_queue_total_size.should == 1
+            end
+        end
+
+        context 'when #accepts_more_pages?' do
+            context false do
+                it 'returns false' do
+                    subject.stub(:accepts_more_pages?) { false }
+                    subject.push_to_url_queue( @url ).should be_false
+                end
+            end
+
+            context true do
+                it 'returns true' do
+                    subject.stub(:accepts_more_pages?) { true }
+                    subject.push_to_url_queue( @url ).should be_true
+                end
+            end
+        end
+
+        context "when #{Arachni::URI::Scope}#out? is true" do
+            it 'returns false' do
+                Arachni::URI::Scope.any_instance.stub(:out?) { true }
+                subject.push_to_url_queue( @url ).should be_false
+            end
+        end
+
+        context "when #{Arachni::URI::Scope}#redundant? is true" do
+            it 'returns false' do
+                Arachni::URI::Scope.any_instance.stub(:redundant?) { true }
+                subject.push_to_url_queue( @url ).should be_false
+            end
+        end
+
+        context "when #{Arachni::URI::Scope}#auto_redundant? is true" do
+            it 'returns false' do
+                Arachni::URI::Scope.any_instance.stub(:auto_redundant?) { true }
+                subject.push_to_url_queue( @url ).should be_false
+            end
+        end
+    end
+
+end

data/spec/arachni/framework/parts/platform_spec.rb

@@ -0,0 +1,62 @@
+require 'spec_helper'
+
+describe Arachni::Framework::Parts::Platform do
+    include_examples 'framework'
+
+    describe '#list_platforms' do
+        it 'returns information about all valid platforms' do
+            subject.list_platforms.should == {
+                'Operating systems' => {
+                    unix:    'Generic Unix family',
+                    linux:   'Linux',
+                    bsd:     'Generic BSD family',
+                    aix:     'IBM AIX',
+                    solaris: 'Solaris',
+                    windows: 'MS Windows'
+                },
+                'Databases' => {
+                    sql:        'Generic SQL family',
+                    access:     'MS Access',
+                    db2:        'DB2',
+                    emc:        'EMC',
+                    firebird:   'Firebird',
+                    frontbase:  'Frontbase',
+                    hsqldb:     'HSQLDB',
+                    informix:   'Informix',
+                    ingres:     'IngresDB',
+                    interbase:  'InterBase',
+                    maxdb:      'SaP Max DB',
+                    mssql:      'MSSQL',
+                    mysql:      'MySQL',
+                    oracle:     'Oracle',
+                    pgsql:      'Postgresql',
+                    sqlite:     'SQLite',
+                    sybase:     'Sybase',
+                    nosql:      'Generic NoSQL family',
+                    mongodb:    'MongoDB'
+                },
+                'Web servers' => {
+                    apache: 'Apache',
+                    iis:    'IIS',
+                    jetty:  'Jetty',
+                    nginx:  'Nginx',
+                    tomcat: 'TomCat'
+                },
+                'Programming languages' => {
+                    asp:    'ASP',
+                    aspx:   'ASP.NET',
+                    jsp:    'JSP',
+                    perl:   'Perl',
+                    php:    'PHP',
+                    python: 'Python',
+                    ruby:   'Ruby'
+                },
+                'Frameworks' => {
+                    rack: 'Rack'
+                }
+            }
+
+        end
+    end
+
+end

data/spec/arachni/framework/parts/plugin_spec.rb

@@ -0,0 +1,41 @@
+require 'spec_helper'
+
+describe Arachni::Framework::Parts::Plugin do
+    include_examples 'framework'
+
+    describe '#plugins' do
+        it 'provides access to the plugin manager' do
+            subject.plugins.is_a?( Arachni::Plugin::Manager ).should be_true
+            subject.plugins.available.sort.should ==
+                %w(wait bad with_options distributable loop default suspendable).sort
+        end
+    end
+
+    describe '#list_plugins' do
+        it 'returns info on all plugins' do
+            subject.list_plugins.size.should == subject.plugins.available.size
+
+            info   = subject.list_plugins.find { |p| p[:options].any? }
+            plugin = subject.plugins[info[:shortname]]
+
+            plugin.info.each do |k, v|
+                if k == :author
+                    info[k].should == [v].flatten
+                    next
+                end
+
+                info[k].should == v
+            end
+
+            info[:shortname].should == plugin.shortname
+        end
+
+        context 'when a pattern is given' do
+            it 'uses it to filter out plugins that do not match it' do
+                subject.list_plugins( 'bad|foo' ).size == 2
+                subject.list_plugins( 'boo' ).size == 0
+            end
+        end
+    end
+
+end

data/spec/arachni/framework/parts/report_spec.rb

@@ -0,0 +1,66 @@
+require 'spec_helper'
+
+describe Arachni::Framework::Parts::Report do
+    include_examples 'framework'
+
+    describe '#reporters' do
+        it 'provides access to the reporter manager' do
+            subject.reporters.is_a?( Arachni::Reporter::Manager ).should be_true
+            subject.reporters.available.sort.should == %w(afr foo).sort
+        end
+    end
+
+    describe '#list_reporters' do
+        it 'returns info on all reporters' do
+            subject.list_reporters.size.should == subject.reporters.available.size
+
+            info   = subject.list_reporters.find { |p| p[:options].any? }
+            report = subject.reporters[info[:shortname]]
+
+            report.info.each do |k, v|
+                if k == :author
+                    info[k].should == [v].flatten
+                    next
+                end
+
+                info[k].should == v
+            end
+
+            info[:shortname].should == report.shortname
+        end
+
+        context 'when a pattern is given' do
+            it 'uses it to filter out reporters that do not match it' do
+                subject.list_reporters( 'foo' ).size == 1
+                subject.list_reporters( 'boo' ).size == 0
+            end
+        end
+    end
+
+    describe '#report_as' do
+        before( :each ) do
+            reset_options
+            @new_framework = Arachni::Framework.new
+        end
+
+        context 'when passed a valid reporter name' do
+            it 'returns the reporter as a string' do
+                json = @new_framework.report_as( :json )
+                JSON.load( json )['issues'].size.should == @new_framework.report.issues.size
+            end
+
+            context 'which does not support the \'outfile\' option' do
+                it 'raises Arachni::Component::Options::Error::Invalid' do
+                    expect { @new_framework.report_as( :stdout ) }.to raise_error Arachni::Component::Options::Error::Invalid
+                end
+            end
+        end
+
+        context 'when passed an invalid reporter name' do
+            it 'raises Arachni::Component::Error::NotFound' do
+                expect { @new_framework.report_as( :blah ) }.to raise_error Arachni::Component::Error::NotFound
+            end
+        end
+    end
+
+end

data/spec/arachni/framework/parts/scope_spec.rb

@@ -0,0 +1,86 @@
+require 'spec_helper'
+
+describe Arachni::Framework::Parts::Scope do
+    include_examples 'framework'
+
+    describe '#page_limit_reached?' do
+        context "when the #{Arachni::OptionGroups::Scope}#page_limit has" do
+            context 'been reached' do
+                it 'returns true' do
+                    Arachni::Framework.new do |f|
+                        f.options.url = web_server_url_for :framework_multi
+                        f.options.audit.elements :links
+                        f.options.scope.page_limit = 10
+
+                        f.page_limit_reached?.should be_false
+                        f.run
+                        f.page_limit_reached?.should be_true
+
+                        f.sitemap.size.should == 10
+                    end
+                end
+            end
+
+            context 'not been reached' do
+                it 'returns false' do
+                    Arachni::Framework.new do |f|
+                        f.options.url = web_server_url_for :framework
+                        f.options.audit.elements :links
+                        f.options.scope.page_limit = 100
+
+                        f.checks.load :taint
+
+                        f.page_limit_reached?.should be_false
+                        f.run
+                        f.page_limit_reached?.should be_false
+                    end
+                end
+            end
+
+            context 'not been set' do
+                it 'returns false' do
+                    Arachni::Framework.new do |f|
+                        f.options.url = web_server_url_for :framework
+                        f.options.audit.elements :links
+
+                        f.checks.load :taint
+
+                        f.page_limit_reached?.should be_false
+                        f.run
+                        f.page_limit_reached?.should be_false
+                    end
+                end
+            end
+        end
+    end
+
+    describe '#accepts_more_pages?' do
+        context 'when #page_limit_reached? and #crawl?' do
+            it 'return true' do
+                subject.stub(:page_limit_reached?) { false }
+                subject.stub(:crawl?) { true }
+
+                subject.accepts_more_pages?.should be_true
+            end
+        end
+
+        context 'when #page_limit_reached?' do
+            context true do
+                it 'returns false' do
+                    subject.stub(:page_limit_reached?) { true }
+                    subject.accepts_more_pages?.should be_false
+                end
+            end
+        end
+
+        context 'when #crawl?' do
+            context false do
+                it 'returns false' do
+                    subject.stub(:crawl?) { false }
+                    subject.accepts_more_pages?.should be_false
+                end
+            end
+        end
+    end
+
+end

data/spec/arachni/framework/parts/state_spec.rb

@@ -0,0 +1,528 @@
+require 'spec_helper'
+
+describe Arachni::Framework::Parts::State do
+    include_examples 'framework'
+
+    describe '#scanning?' do
+        it "delegates to #{Arachni::State::Framework}#scanning?" do
+            subject.state.stub(:scanning?) { :stuff }
+            subject.scanning?.should == :stuff
+        end
+    end
+
+    describe '#done?' do
+        it "delegates to #{Arachni::State::Framework}#done?" do
+            subject.state.stub(:done?) { :stuff }
+            subject.done?.should == :stuff
+        end
+    end
+
+    describe '#paused?' do
+        it "delegates to #{Arachni::State::Framework}#paused?" do
+            subject.state.stub(:paused?) { :stuff }
+            subject.paused?.should == :stuff
+        end
+    end
+
+    describe '#state' do
+        it "returns #{Arachni::State::Framework}" do
+            subject.state.should be_kind_of Arachni::State::Framework
+        end
+    end
+
+    describe '#abort' do
+        it 'aborts the system' do
+            @options.paths.checks  = fixtures_path + '/taint_check/'
+
+            Arachni::Framework.new do |f|
+                f.options.url = web_server_url_for :framework_multi
+                f.options.audit.elements :links
+
+                f.plugins.load :wait
+                f.checks.load :taint
+
+                t = Thread.new do
+                    f.run
+                end
+
+                sleep 0.1 while Arachni::Data.issues.size < 2
+
+                f.abort
+                t.join
+
+                Arachni::Data.issues.size.should < 500
+            end
+        end
+
+        it 'sets #status to :aborted' do
+            Arachni::Framework.new do |f|
+                f.options.url = web_server_url_for :framework_multi
+                f.options.audit.elements :links
+                f.checks.load :taint
+
+                t = Thread.new do
+                    f.run
+                end
+                sleep 0.1 while f.status != :scanning
+
+                f.abort
+                f.status.should == :aborted
+
+                t.join
+                f.status.should == :aborted
+            end
+        end
+    end
+
+    describe '#suspend' do
+        it 'suspends the system' do
+            @options.paths.checks  = fixtures_path + '/taint_check/'
+
+            Arachni::Framework.new do |f|
+                f.options.url = web_server_url_for :framework_multi
+                f.options.audit.elements :links
+
+                f.plugins.load :wait
+                f.checks.load :taint
+
+                t = Thread.new do
+                    f.run
+                end
+
+                sleep 0.1 while Arachni::Data.issues.size < 2
+
+                @snapshot = f.suspend
+                t.join
+
+                Arachni::Data.issues.size.should < 500
+            end
+
+            Arachni::Snapshot.load( @snapshot ).should be_true
+        end
+
+        it 'sets #status to :suspended' do
+            Arachni::Framework.new do |f|
+                f.options.url = web_server_url_for :framework_multi
+                f.options.audit.elements :links
+                f.checks.load :taint
+
+                t = Thread.new do
+                    f.run
+                end
+                sleep 0.1 while f.status != :scanning
+
+                @snapshot = f.suspend
+                f.status.should == :suspended
+
+                t.join
+                f.status.should == :suspended
+            end
+        end
+
+        it 'suspends plugins' do
+            Arachni::Options.plugins['suspendable'] = {
+                'my_option' => 'my value'
+            }
+
+            Arachni::Framework.new do |f|
+                f.options.url = web_server_url_for :framework_multi
+                f.options.audit.elements :links
+
+                f.checks.load  :taint
+                f.plugins.load :suspendable
+
+                t = Thread.new do
+                    f.run
+                end
+
+                sleep 0.1 while f.status != :scanning
+
+                f.suspend
+                t.join
+
+                Arachni::State.plugins.runtime[:suspendable][:data].should == 1
+            end
+        end
+
+        it 'waits for the BrowserCluster jobs to finish'
+
+        context "when #{Arachni::OptionGroups::Snapshot}#save_path" do
+            context 'is a directory' do
+                it 'stores the snapshot under it' do
+                    @options.paths.checks       = fixtures_path + '/taint_check/'
+                    @options.snapshot.save_path = Dir.tmpdir
+
+                    Arachni::Framework.new do |f|
+                        f.options.url = web_server_url_for :framework_multi
+                        f.options.audit.elements :links
+
+                        f.plugins.load :wait
+                        f.checks.load :taint
+
+                        t = Thread.new do
+                            f.run
+                        end
+
+                        sleep 0.1 while Arachni::Data.issues.size < 2
+
+                        @snapshot = f.suspend
+                        t.join
+
+                        Arachni::Data.issues.size.should < 500
+                    end
+
+                    File.dirname( @snapshot ).should == Dir.tmpdir
+                    Arachni::Snapshot.load( @snapshot ).should be_true
+                end
+            end
+
+            context 'is a file path' do
+                it 'stores the snapshot there' do
+                    @options.paths.checks       = fixtures_path + '/taint_check/'
+                    @options.snapshot.save_path = "#{Dir.tmpdir}/snapshot"
+
+                    Arachni::Framework.new do |f|
+                        f.options.url = web_server_url_for :framework_multi
+                        f.options.audit.elements :links
+
+                        f.plugins.load :wait
+                        f.checks.load :taint
+
+                        t = Thread.new do
+                            f.run
+                        end
+
+                        sleep 0.1 while Arachni::Data.issues.size < 2
+
+                        @snapshot = f.suspend
+                        t.join
+
+                        Arachni::Data.issues.size.should < 500
+                    end
+
+                    @snapshot.should == "#{Dir.tmpdir}/snapshot"
+                    Arachni::Snapshot.load( @snapshot ).should be_true
+                end
+            end
+        end
+    end
+
+    describe '#restore' do
+        it 'restores a suspended scan' do
+            @options.paths.checks  = fixtures_path + '/taint_check/'
+
+            logged_issues = 0
+            Arachni::Framework.new do |f|
+                f.options.url = web_server_url_for :framework_multi
+                f.options.audit.elements :links
+
+                f.plugins.load :wait
+                f.checks.load :taint
+
+                Arachni::Data.issues.on_new do
+                    logged_issues += 1
+                end
+
+                t = Thread.new do
+                    f.run
+                end
+
+                sleep 0.1 while logged_issues < 200
+
+                @snapshot = f.suspend
+                t.join
+
+                logged_issues.should < 500
+            end
+
+            reset_options
+            @options.paths.checks  = fixtures_path + '/taint_check/'
+
+            Arachni::Framework.new do |f|
+                f.restore @snapshot
+
+                Arachni::Data.issues.on_new do
+                    logged_issues += 1
+                end
+                f.run
+
+                # logged_issues.should == 500
+                Arachni::Data.issues.size.should == 500
+
+                f.report.plugins[:wait][:results].should == { 'stuff' => true }
+            end
+        end
+
+        it 'restores options' do
+            options_hash = nil
+
+            Arachni::Framework.new do |f|
+                f.options.url = @url + '/with_ajax'
+                f.options.audit.elements :links, :forms, :cookies
+                f.options.datastore.my_custom_option = 'my custom value'
+                options_hash = f.options.update( f.options.to_rpc_data ).to_h.deep_clone
+
+                f.checks.load :taint
+
+                t = Thread.new { f.run }
+
+                sleep 0.1 while f.browser_cluster.done?
+                @snapshot = f.suspend
+
+                t.join
+            end
+
+            Arachni::Framework.restore( @snapshot ) do |f|
+                f.options.to_h.should == options_hash.merge( checks: ['taint'] )
+                f.browser_job_skip_states.should be_any
+            end
+        end
+
+        it 'restores BrowserCluster skip states' do
+            Arachni::Framework.new do |f|
+                f.options.url = @url + '/with_ajax'
+                f.options.audit.elements :links, :forms, :cookies
+
+                f.checks.load :taint
+
+                t = Thread.new { f.run }
+
+                sleep 0.1 while f.browser_cluster.done?
+                @snapshot = f.suspend
+
+                t.join
+            end
+
+            Arachni::Framework.restore( @snapshot ) do |f|
+                f.browser_job_skip_states.should be_any
+            end
+        end
+
+        it 'restores loaded checks' do
+            Arachni::Framework.new do |f|
+                f.options.url = @url
+                f.checks.load :taint
+
+                t = Thread.new { f.run }
+                sleep 0.1 while f.status != :scanning
+
+                @snapshot = f.suspend
+
+                t.join
+            end
+
+            Arachni::Framework.restore( @snapshot ) do |f|
+                f.checks.loaded.should == ['taint']
+            end
+        end
+
+        it 'restores loaded plugins' do
+            Arachni::Framework.new do |f|
+                f.options.url = @url
+                f.plugins.load :wait
+
+                t = Thread.new { f.run }
+                sleep 0.1 while f.status != :scanning
+
+                @snapshot = f.suspend
+                t.join
+            end
+
+            Arachni::Framework.restore( @snapshot ) do |f|
+                f.plugins.loaded.should == ['wait']
+            end
+        end
+
+        it 'restores plugin states' do
+            Arachni::Options.plugins['suspendable'] = {
+                'my_option' => 'my value'
+            }
+
+            Arachni::Framework.new do |f|
+                f.options.url = web_server_url_for :framework_multi
+                f.options.audit.elements :links
+
+                f.checks.load  :taint
+                f.plugins.load :suspendable
+
+                t = Thread.new do
+                    f.run
+                end
+
+                sleep 0.1 while f.status != :scanning
+
+                @snapshot = f.suspend
+                t.join
+
+                Arachni::State.plugins.runtime[:suspendable][:data].should == 1
+            end
+
+            Arachni::Framework.restore( @snapshot ) do |f|
+                t = Thread.new do
+                    f.run
+                end
+
+                sleep 0.1 while f.status != :scanning
+
+                f.plugins.jobs[:suspendable][:instance].counter.should == 2
+
+                f.abort
+                t.join
+            end
+        end
+    end
+
+    describe '#pause' do
+        it 'pauses the system' do
+            Arachni::Framework.new do |f|
+                f.options.url = @url + '/elem_combo'
+                f.options.audit.elements :links, :forms, :cookies
+                f.checks.load :taint
+
+                t = Thread.new do
+                    f.run
+                end
+
+                f.pause
+
+                sleep 10
+
+                f.running?.should be_true
+                t.kill
+            end
+        end
+
+        it 'returns an Integer request ID' do
+            Arachni::Framework.new do |f|
+                f.options.url = @url + '/elem_combo'
+                f.options.audit.elements :links, :forms, :cookies
+                f.checks.load :taint
+
+                t = Thread.new do
+                    f.run
+                end
+
+                f.pause.should be_kind_of Integer
+
+                sleep 10
+
+                f.running?.should be_true
+                t.kill
+            end
+        end
+
+        it 'sets #status to :paused' do
+            Arachni::Framework.new do |f|
+                f.options.url = @url + '/elem_combo'
+                f.options.audit.elements :links, :forms, :cookies
+                f.checks.load :taint
+
+                t = Thread.new do
+                    f.run
+                end
+                sleep 0.1 while f.status != :scanning
+
+                f.pause
+                f.status.should == :paused
+
+                t.kill
+            end
+        end
+    end
+
+    describe '#resume' do
+        it 'resumes the system' do
+            Arachni::Framework.new do |f|
+                f.options.url = @url + '/elem_combo'
+                f.options.audit.elements :links, :forms, :cookies
+                f.checks.load :taint
+
+                t = Thread.new do
+                    f.run
+                end
+
+                id = f.pause
+
+                sleep 10
+
+                f.running?.should be_true
+                f.resume id
+                t.join
+            end
+        end
+
+        it 'sets #status to scanning' do
+            Arachni::Framework.new do |f|
+                f.options.url = @url + '/elem_combo'
+                f.options.audit.elements :links, :forms, :cookies
+                f.checks.load :taint
+
+                t = Thread.new do
+                    f.run
+                end
+
+                id = f.pause
+                f.status.should == :paused
+
+                f.resume id
+                Timeout.timeout( 5 ) do
+                    sleep 0.1 while f.status != :scanning
+                end
+                t.join
+            end
+        end
+    end
+
+    describe '#clean_up' do
+        it 'stops the #plugins' do
+            Arachni::Framework.new do |f|
+                f.options.url = @url + '/elem_combo'
+                f.plugins.load :wait
+
+                f.plugins.run
+                f.clean_up
+                f.plugins.jobs.should be_empty
+            end
+        end
+
+        it 'sets the status to cleanup' do
+            Arachni::Framework.new do |f|
+                f.options.url = @url + '/elem_combo'
+
+                f.clean_up
+                f.status.should == :cleanup
+            end
+        end
+
+        it 'clears the page queue' do
+            Arachni::Framework.new do |f|
+                f.options.url = @url + '/elem_combo'
+                f.push_to_page_queue Arachni::Page.from_url( f.options.url )
+
+                f.data.page_queue.should_not be_empty
+                f.clean_up
+                f.data.page_queue.should be_empty
+            end
+        end
+
+        it 'clears the URL queue' do
+            Arachni::Framework.new do |f|
+                f.options.url = @url + '/elem_combo'
+                f.push_to_url_queue f.options.url
+
+                f.data.url_queue.should_not be_empty
+                f.clean_up
+                f.data.url_queue.should be_empty
+            end
+        end
+
+        it 'sets #running? to false' do
+            Arachni::Framework.new do |f|
+                f.options.url = @url + '/elem_combo'
+                f.clean_up
+                f.should_not be_running
+            end
+        end
+    end
+
+end