RubyGems - arachni - Versions diffs - 1.1 → 1.2 - Mend

arachni 1.1 → 1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (287) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +159 -0
data/LICENSE.md +126 -196
data/README.md +32 -24
data/arachni.gemspec +7 -7
data/components/checks/active/code_injection_timing.rb +3 -3
data/components/checks/active/csrf.rb +2 -2
data/components/checks/active/file_inclusion.rb +6 -7
data/components/checks/active/os_cmd_injection.rb +3 -3
data/components/checks/active/path_traversal.rb +7 -7
data/components/checks/active/response_splitting.rb +9 -4
data/components/checks/active/session_fixation.rb +7 -3
data/components/checks/active/source_code_disclosure.rb +5 -5
data/components/checks/active/unvalidated_redirect.rb +12 -3
data/components/checks/active/unvalidated_redirect_dom.rb +3 -3
data/components/checks/active/xss.rb +23 -10
data/components/checks/active/xss_dom_inputs.rb +113 -11
data/components/checks/active/xxe.rb +3 -3
data/components/checks/passive/backdoors.rb +6 -5
data/components/checks/passive/backup_directories.rb +6 -6
data/components/checks/passive/backup_files.rb +6 -6
data/components/checks/passive/common_admin_interfaces.rb +58 -0
data/components/checks/passive/common_admin_interfaces/admin-panels.txt +49 -0
data/components/checks/passive/common_directories/directories.txt +0 -16
data/components/checks/passive/common_files.rb +6 -5
data/components/checks/passive/common_files/filenames.txt +0 -2
data/components/checks/passive/directory_listing.rb +6 -6
data/components/checks/passive/grep/cookie_set_for_parent_domain.rb +3 -3
data/components/checks/passive/grep/hsts.rb +6 -3
data/components/checks/passive/grep/http_only_cookies.rb +3 -3
data/components/checks/passive/grep/insecure_cookies.rb +2 -2
data/components/checks/passive/grep/insecure_cors_policy.rb +6 -4
data/components/checks/passive/grep/x_frame_options.rb +6 -4
data/components/checks/passive/htaccess_limit.rb +6 -2
data/components/checks/passive/http_put.rb +8 -4
data/components/checks/passive/interesting_responses.rb +3 -2
data/components/checks/passive/localstart_asp.rb +6 -2
data/components/checks/passive/origin_spoof_access_restriction_bypass.rb +5 -1
data/components/checks/passive/xst.rb +6 -2
data/components/fingerprinters/frameworks/aspx_mvc.rb +43 -0
data/components/fingerprinters/frameworks/cakephp.rb +28 -0
data/components/fingerprinters/frameworks/cherrypy.rb +31 -0
data/components/fingerprinters/frameworks/django.rb +33 -0
data/components/fingerprinters/frameworks/jsf.rb +30 -0
data/components/fingerprinters/frameworks/rack.rb +5 -7
data/components/fingerprinters/frameworks/rails.rb +43 -0
data/components/fingerprinters/languages/aspx.rb +11 -11
data/components/fingerprinters/languages/{jsp.rb → java.rb} +11 -7
data/components/fingerprinters/languages/php.rb +6 -6
data/components/fingerprinters/languages/python.rb +14 -6
data/components/fingerprinters/languages/ruby.rb +3 -5
data/components/fingerprinters/servers/apache.rb +5 -4
data/components/fingerprinters/servers/gunicorn.rb +33 -0
data/components/fingerprinters/servers/jetty.rb +1 -1
data/components/fingerprinters/servers/tomcat.rb +11 -4
data/components/path_extractors/anchors.rb +5 -12
data/components/path_extractors/areas.rb +5 -13
data/components/path_extractors/comments.rb +5 -3
data/components/path_extractors/data_url.rb +21 -0
data/components/path_extractors/forms.rb +5 -13
data/components/path_extractors/frames.rb +6 -13
data/components/path_extractors/generic.rb +3 -12
data/components/path_extractors/links.rb +5 -13
data/components/path_extractors/meta_refresh.rb +5 -13
data/components/path_extractors/scripts.rb +8 -14
data/components/plugins/autologin.rb +17 -5
data/components/plugins/defaults/meta/remedies/discovery.rb +11 -29
data/components/plugins/login_script.rb +40 -10
data/components/plugins/metrics.rb +235 -0
data/components/plugins/proxy.rb +21 -4
data/components/plugins/proxy/panel/page_accordion.html.erb +34 -2
data/components/plugins/restrict_to_dom_state.rb +70 -0
data/components/plugins/vector_feed.rb +38 -9
data/components/reporters/plugin_formatters/html/metrics.rb +290 -0
data/components/reporters/plugin_formatters/stdout/metrics.rb +80 -0
data/components/reporters/plugin_formatters/xml/metrics.rb +29 -0
data/components/reporters/stdout.rb +4 -2
data/components/reporters/xml.rb +4 -4
data/components/reporters/xml/schema.xsd +95 -0
data/lib/arachni.rb +2 -0
data/lib/arachni/browser.rb +132 -77
data/lib/arachni/browser/javascript.rb +173 -45
data/lib/arachni/browser/javascript/scripts/dom_monitor.js +81 -6
data/lib/arachni/browser/javascript/scripts/taint_tracer.js +31 -3
data/lib/arachni/browser_cluster.rb +41 -15
data/lib/arachni/browser_cluster/job.rb +4 -0
data/lib/arachni/browser_cluster/jobs/resource_exploration.rb +0 -9
data/lib/arachni/browser_cluster/worker.rb +8 -5
data/lib/arachni/check/auditor.rb +20 -8
data/lib/arachni/check/base.rb +38 -6
data/lib/arachni/element/base.rb +18 -1
data/lib/arachni/element/capabilities/analyzable/differential.rb +0 -1
data/lib/arachni/element/capabilities/analyzable/taint.rb +40 -10
data/lib/arachni/element/capabilities/analyzable/timeout.rb +27 -23
data/lib/arachni/element/capabilities/auditable/dom.rb +22 -0
data/lib/arachni/element/capabilities/inputtable.rb +6 -2
data/lib/arachni/element/capabilities/submittable.rb +1 -1
data/lib/arachni/element/cookie.rb +37 -23
data/lib/arachni/element/cookie/capabilities/mutable.rb +6 -6
data/lib/arachni/element/cookie/dom.rb +0 -8
data/lib/arachni/element/form.rb +28 -14
data/lib/arachni/element/form/capabilities/auditable.rb +2 -2
data/lib/arachni/element/form/capabilities/mutable.rb +5 -5
data/lib/arachni/element/form/dom.rb +0 -8
data/lib/arachni/element/generic_dom.rb +1 -1
data/lib/arachni/element/json.rb +2 -1
data/lib/arachni/element/json/capabilities/inputtable.rb +6 -6
data/lib/arachni/element/json/capabilities/mutable.rb +1 -1
data/lib/arachni/element/link.rb +13 -16
data/lib/arachni/element/link/dom.rb +1 -14
data/lib/arachni/element/link_template.rb +3 -2
data/lib/arachni/element/link_template/dom.rb +0 -16
data/lib/arachni/element/server.rb +51 -9
data/lib/arachni/element/xml.rb +1 -0
data/lib/arachni/ethon/easy.rb +4 -1
data/lib/arachni/framework/parts/audit.rb +26 -77
data/lib/arachni/framework/parts/browser.rb +50 -55
data/lib/arachni/framework/parts/check.rb +4 -3
data/lib/arachni/framework/parts/data.rb +41 -6
data/lib/arachni/framework/parts/state.rb +16 -7
data/lib/arachni/http/client.rb +66 -38
data/lib/arachni/http/client/dynamic_404_handler.rb +46 -14
data/lib/arachni/http/headers.rb +22 -10
data/lib/arachni/http/proxy_server.rb +67 -22
data/lib/arachni/http/proxy_server/ssl-interceptor-cacert.pem +34 -0
data/lib/arachni/http/proxy_server/ssl-interceptor-cakey.pem +51 -0
data/lib/arachni/http/request.rb +71 -18
data/lib/arachni/issue.rb +17 -3
data/lib/arachni/option_groups/browser_cluster.rb +34 -1
data/lib/arachni/option_groups/http.rb +1 -1
data/lib/arachni/page.rb +26 -13
data/lib/arachni/page/dom/transition.rb +2 -2
data/lib/arachni/parser.rb +28 -11
data/lib/arachni/platform/fingerprinter.rb +5 -0
data/lib/arachni/platform/manager.rb +65 -32
data/lib/arachni/plugin/base.rb +8 -0
data/lib/arachni/processes/instances.rb +25 -11
data/lib/arachni/reporter/manager.rb +2 -2
data/lib/arachni/rpc/client/instance.rb +4 -0
data/lib/arachni/rpc/server/framework/master.rb +3 -3
data/lib/arachni/rpc/server/framework/multi_instance.rb +0 -8
data/lib/arachni/rpc/server/instance.rb +2 -1
data/lib/arachni/ruby/array.rb +5 -0
data/lib/arachni/ruby/hash.rb +5 -0
data/lib/arachni/ruby/string.rb +2 -3
data/lib/arachni/session.rb +32 -6
data/lib/arachni/state/framework.rb +6 -2
data/lib/arachni/support/cache.rb +1 -0
data/lib/arachni/support/cache/base.rb +12 -8
data/lib/arachni/support/cache/least_recently_pushed.rb +29 -0
data/lib/arachni/support/cache/least_recently_used.rb +5 -8
data/lib/arachni/support/cache/preference.rb +1 -1
data/lib/arachni/support/cache/random_replacement.rb +1 -25
data/lib/arachni/support/database/queue.rb +21 -8
data/lib/arachni/support/lookup/base.rb +7 -1
data/lib/arachni/support/mixins/observable.rb +3 -1
data/lib/arachni/support/profiler.rb +51 -10
data/lib/arachni/support/signature.rb +11 -2
data/lib/arachni/trainer.rb +8 -2
data/lib/arachni/uri.rb +28 -25
data/lib/arachni/uri/scope.rb +1 -1
data/lib/arachni/utilities.rb +8 -0
data/lib/arachni/watir/element.rb +1 -1
data/lib/version +1 -1
data/spec/arachni/browser/javascript/dom_monitor_spec.rb +388 -53
data/spec/arachni/browser/javascript/taint_tracer_spec.rb +41 -0
data/spec/arachni/browser/javascript_spec.rb +235 -61
data/spec/arachni/browser_cluster/jobs/resource_exploration_spec.rb +0 -9
data/spec/arachni/browser_cluster_spec.rb +58 -10
data/spec/arachni/browser_spec.rb +170 -26
data/spec/arachni/check/auditor_spec.rb +22 -3
data/spec/arachni/check/base_spec.rb +84 -0
data/spec/arachni/element/body_spec.rb +1 -1
data/spec/arachni/element/capabilities/analyzable/taint_spec.rb +3 -3
data/spec/arachni/element/capabilities/analyzable/timeout_spec.rb +1 -1
data/spec/arachni/element/cookie/dom_spec.rb +0 -9
data/spec/arachni/element/cookie_spec.rb +85 -0
data/spec/arachni/element/form/dom_spec.rb +0 -9
data/spec/arachni/element/form_spec.rb +46 -3
data/spec/arachni/element/json_spec.rb +20 -0
data/spec/arachni/element/link/dom_spec.rb +0 -9
data/spec/arachni/element/link_spec.rb +40 -15
data/spec/arachni/element/link_template/dom_spec.rb +0 -8
data/spec/arachni/element/link_template_spec.rb +2 -6
data/spec/arachni/element/server_spec.rb +94 -8
data/spec/arachni/element/xml_spec.rb +20 -0
data/spec/arachni/framework/parts/audit_spec.rb +12 -14
data/spec/arachni/framework/parts/browser_spec.rb +0 -171
data/spec/arachni/framework/parts/platform_spec.rb +14 -8
data/spec/arachni/framework/parts/report_spec.rb +1 -1
data/spec/arachni/framework/parts/state_spec.rb +0 -9
data/spec/arachni/http/client/dynamic_404_handlers_spec.rb +19 -0
data/spec/arachni/http/client_spec.rb +169 -42
data/spec/arachni/http/headers_spec.rb +18 -0
data/spec/arachni/http/request_spec.rb +23 -0
data/spec/arachni/issue_spec.rb +17 -6
data/spec/arachni/page_spec.rb +22 -2
data/spec/arachni/parser_spec.rb +5 -0
data/spec/arachni/platform/manager_spec.rb +57 -25
data/spec/arachni/reporter/manager_spec.rb +26 -0
data/spec/arachni/rpc/server/active_options_spec.rb +9 -4
data/spec/arachni/state/framework_spec.rb +2 -8
data/spec/arachni/support/cache/least_recently_pushed_spec.rb +90 -0
data/spec/arachni/support/cache/least_recently_used_spec.rb +5 -13
data/spec/arachni/support/database/queue_spec.rb +7 -0
data/spec/arachni/support/mixins/observable_spec.rb +15 -1
data/spec/arachni/trainer_spec.rb +2 -2
data/spec/components/checks/active/code_injection_timing_spec.rb +1 -1
data/spec/components/checks/active/file_inclusion_spec.rb +6 -6
data/spec/components/checks/active/path_traversal_spec.rb +2 -2
data/spec/components/checks/active/source_code_disclosure_spec.rb +2 -2
data/spec/components/checks/active/unvalidated_redirect_spec.rb +6 -6
data/spec/components/checks/active/xss_dom_inputs_spec.rb +3 -5
data/spec/components/checks/active/xss_dom_script_context_spec.rb +1 -1
data/spec/components/checks/active/xss_spec.rb +5 -5
data/spec/components/checks/passive/common_admin_interfaces_spec.rb +15 -0
data/spec/components/checks/passive/interesting_responses_spec.rb +14 -1
data/spec/components/fingerprinters/frameworks/aspx_mvc_spec.rb +31 -0
data/spec/components/fingerprinters/frameworks/cakephp_spec.rb +22 -0
data/spec/components/fingerprinters/frameworks/cherrypy_spec.rb +28 -0
data/spec/components/fingerprinters/frameworks/django_spec.rb +37 -0
data/spec/components/fingerprinters/frameworks/jsf_spec.rb +27 -0
data/spec/components/fingerprinters/frameworks/rack_spec.rb +11 -14
data/spec/components/fingerprinters/frameworks/rails_spec.rb +53 -0
data/spec/components/fingerprinters/languages/asp_spec.rb +7 -9
data/spec/components/fingerprinters/languages/aspx_spec.rb +10 -24
data/spec/components/fingerprinters/languages/java_spec.rb +88 -0
data/spec/components/fingerprinters/languages/php_spec.rb +19 -12
data/spec/components/fingerprinters/languages/python_spec.rb +22 -9
data/spec/components/fingerprinters/languages/ruby.rb +6 -4
data/spec/components/fingerprinters/os/bsd_spec.rb +6 -4
data/spec/components/fingerprinters/os/linux_spec.rb +6 -4
data/spec/components/fingerprinters/os/solaris_spec.rb +6 -4
data/spec/components/fingerprinters/os/unix_spec.rb +6 -4
data/spec/components/fingerprinters/os/windows_spec.rb +6 -4
data/spec/components/fingerprinters/servers/apache_spec.rb +15 -4
data/spec/components/fingerprinters/servers/gunicorn_spec.rb +28 -0
data/spec/components/fingerprinters/servers/iis_spec.rb +6 -6
data/spec/components/fingerprinters/servers/jetty_spec.rb +6 -6
data/spec/components/fingerprinters/servers/nginx_spec.rb +6 -4
data/spec/components/fingerprinters/servers/tomcat_spec.rb +15 -6
data/spec/components/path_extractors/data_url_spec.rb +19 -0
data/spec/components/plugins/autologin_spec.rb +23 -0
data/spec/components/plugins/login_script_spec.rb +112 -24
data/spec/components/plugins/restrict_to_dom_state_spec.rb +16 -0
data/spec/components/plugins/vector_feed_spec.rb +39 -1
data/spec/support/factories/page/dom.rb +9 -4
data/spec/support/factories/page/dom/transition.rb +31 -9
data/spec/support/factories/scan_report.rb +8 -6
data/spec/support/fixtures/empty/placeholder +0 -0
data/spec/support/fixtures/report.afr +0 -0
data/spec/support/fixtures/reporters/manager_spec/error.rb +18 -0
data/spec/support/servers/arachni/browser.rb +117 -11
data/spec/support/servers/arachni/browser/javascript/dom_monitor.rb +148 -4
data/spec/support/servers/arachni/check/auditor.rb +4 -0
data/spec/support/servers/arachni/element/cookie/cookie_dom.rb +1 -1
data/spec/support/servers/arachni/http/client.rb +5 -0
data/spec/support/servers/arachni/http/client/dynamic_404_handler.rb +13 -0
data/spec/support/servers/checks/active/code_injection_timing.rb +1 -1
data/spec/support/servers/checks/active/file_inclusion.rb +2 -2
data/spec/support/servers/checks/active/path_traversal.rb +2 -2
data/spec/support/servers/checks/active/source_code_disclosure.rb +40 -33
data/spec/support/servers/checks/active/trainer_check.rb +9 -10
data/spec/support/servers/checks/active/unvalidated_redirect_dom.rb +7 -4
data/spec/support/servers/checks/active/xss.rb +35 -0
data/spec/support/servers/checks/active/xss_dom.rb +1 -1
data/spec/support/servers/checks/active/xss_dom_inputs.rb +24 -0
data/spec/support/servers/checks/active/xss_dom_script_context.rb +1 -1
data/spec/support/servers/checks/passive/common_admin_interfaces.rb +6 -0
data/spec/support/servers/plugins/autologin.rb +9 -0
data/spec/support/servers/plugins/restrict_to_dom_state.rb +4 -0
data/spec/support/shared/element/base.rb +42 -0
data/spec/support/shared/element/capabilities/auditable.rb +4 -4
data/spec/support/shared/element/capabilities/auditable/dom.rb +26 -0
data/spec/support/shared/element/capabilities/inputtable.rb +16 -11
data/spec/support/shared/element/capabilities/submitable.rb +7 -2
data/spec/support/shared/fingerprinter.rb +8 -0
data/spec/support/shared/path_extractor.rb +1 -1
data/ui/cli/framework.rb +3 -3
data/ui/cli/framework/option_parser.rb +9 -0
data/ui/cli/output.rb +9 -0
data/ui/cli/reporter.rb +5 -2
data/ui/cli/utilities.rb +4 -2
metadata +76 -17
data/lib/arachni/http/proxy_server/ssl-interceptor-cert.pem +0 -34
data/lib/arachni/http/proxy_server/ssl-interceptor-pkey.pem +0 -51
data/spec/components/fingerprinters/languages/jsp_spec.rb +0 -56

data/lib/arachni/element/capabilities/analyzable/timeout.rb CHANGED

@@ -60,6 +60,15 @@ module Analyzable
 # @author Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>
 module Timeout
+    # Override user audit options that don't play nice with this technique.
+    TIMEOUT_OPTIONS =  {
+        skip_original:          true,
+        with_both_http_methods: false,
+        parameter_names:        false,
+        with_extra_parameter:   false,
+        extensively:            false
+    }
     class <<self
         def reset
@@ -322,34 +331,24 @@ module Timeout
     def timing_attack_probe( payloads, options, &block )
         fail ArgumentError, 'Missing block' if !block_given?
-        options                     = options.dup
+        options                     = options.merge( TIMEOUT_OPTIONS )
         options[:delay]             = options.delete(:timeout)
         options[:timeout_divider] ||= 1
         options[:add]             ||= 0
-        options.merge!(
-            # Don't submit the form with its original values, we don't want
-            # any interference during timing attacks.
-            skip_original:     true,
-            # Disable {Arachni::OptionGroups::Audit#cookies_extensively},
-            # there's little to be gained in this case and just causes interference.
-            extensively:       false,
+        # Intercept each element mutation prior to it being submitted and
+        # replace the '__TIME__' stub with the actual delay value.
+        options[:each_mutation] = proc do |mutation|
+            injected = mutation.affected_input_value
-            # Intercept each element mutation prior to it being submitted and
-            # replace the '__TIME__' stub with the actual delay value.
-            each_mutation:     proc do |mutation|
-                injected = mutation.affected_input_value
+            # Preserve the placeholder (__TIME__) payload because it's going to
+            # be needed for the verification phases...
+            mutation.audit_options[:timing_string] = injected
-                # Preserve the placeholder (__TIME__) payload because it's going to
-                # be needed for the verification phases...
-                mutation.audit_options[:timing_string] = injected
-                # ...but update it to use a real payload for this audit.
-                mutation.affected_input_value = injected.
-                    gsub( '__TIME__', payload_delay_from_options( options ) )
-            end
-        )
+            # ...but update it to use a real payload for this audit.
+            mutation.affected_input_value = injected.
+                gsub( '__TIME__', payload_delay_from_options( options ) )
+        end
         # Ignore response bodies to preserve bandwidth since we don't care
         # about them anyways.
@@ -441,7 +440,12 @@ module Timeout
         e = super
         return e if !@timing_attack_remark_data
-        e.timing_attack_remark_data = @timing_attack_remark_data.deep_clone
+        dupped_remark_data = {}
+        @timing_attack_remark_data.each do |k, v|
+            dupped_remark_data[k] = v.dup
+        end
+        e.timing_attack_remark_data = dupped_remark_data
         e
     end

data/lib/arachni/element/capabilities/auditable/dom.rb CHANGED

@@ -35,6 +35,20 @@ module DOM
     # @!method with_browser( &block )
     def_delegator :auditor, :with_browser
+    def self.included( parent )
+        parent.extend ClassMethods
+    end
+    module ClassMethods
+        def encode( string )
+            string
+        end
+        def decode( string )
+            string
+        end
+    end
     def initialize( options )
         options = options.dup
         @parent = options.delete(:parent)
@@ -139,6 +153,14 @@ module DOM
         options
     end
+    def encode( string )
+        self.class.encode( string )
+    end
+    def decode( string )
+        self.class.decode( string )
+    end
     private
     def prepare_browser( browser, options )

data/lib/arachni/element/capabilities/inputtable.rb CHANGED

@@ -37,6 +37,10 @@ module Capabilities::Inputtable
         end
     end
+    INPUTTABLE_CACHE = {
+        inputtable_id: Support::Cache::LeastRecentlyPushed.new( 1_000 )
+    }
     # Frozen version of {#inputs}, has all the original names and values.
     #
     # @return   [Hash]
@@ -223,7 +227,8 @@ module Capabilities::Inputtable
     # @return   [String]
     #   Uniquely identifies the {#inputs}.
     def inputtable_id
-        inputs.sort_by { |k,_| k }.to_s
+        INPUTTABLE_CACHE[:inputtable_id][@inputs] ||=
+            @inputs ? @inputs.sort_by { |k, _| k }.hash.to_s : ''
     end
     def to_h
@@ -255,7 +260,6 @@ module Capabilities::Inputtable
             fail Error::InvalidData::Value,
                  "Invalid value for #{self.class}: #{value.inspect}"
         end
     end
     def copy_inputtable( other )

data/lib/arachni/element/capabilities/submittable.rb CHANGED

@@ -74,7 +74,7 @@ module Capabilities::Submittable
         @auditor ||= options.delete( :auditor )
-        options[:performer] = self
+        options[:performer]      ||= self
         http_request( options, &block )
     end

data/lib/arachni/element/cookie.rb CHANGED

@@ -26,6 +26,7 @@ class Cookie < Base
     # Generic element capabilities.
     include Arachni::Element::Capabilities::Analyzable
+    include Arachni::Element::Capabilities::WithSource
     # Cookie-specific overrides.
     include Capabilities::WithDOM
@@ -49,9 +50,6 @@ class Cookie < Base
         httponly:    false
     }
-    ENCODE_CHARACTERS      = ['+', ';', '%', "\0", "'", '&', '=', ' ', '"']
-    ENCODE_CHARACTERS_LIST = ENCODE_CHARACTERS.join
     attr_reader :data
     # @param    [Hash]  options
@@ -78,7 +76,7 @@ class Cookie < Base
         end
         @data.merge!( DEFAULT.merge( @data ) )
-        @data[:value] = decode( @data[:value].to_s )
+        @data[:value] = decode( @data[:value].to_s ) rescue @data[:value].to_s
         parsed_uri = uri_parse( action )
         if !@data[:path]
@@ -287,8 +285,8 @@ class Cookie < Base
         # @see .from_document
         # @see .from_headers
         def from_response( response )
-            ( from_document( response.url, response.body ) |
-                from_headers( response.url, response.headers ) )
+            from_document( response.url, response.body ) |
+                from_headers( response.url, response.headers )
         end
         # Extracts cookies from a document based on `Set-Cookie` `http-equiv`
@@ -302,21 +300,18 @@ class Cookie < Base
         #
         # @see .parse_set_cookie
         def from_document( url, document )
-            # optimizations in case there are no cookies in the doc,
-            # avoid parsing unless absolutely necessary!
             if !document.is_a?( Nokogiri::HTML::Document )
-                # get get the head in order to check if it has an http-equiv for set-cookie
-                head = document.to_s.match( /<head(.*)<\/head>/imx )
+                document = document.to_s
-                # if it does feed the head to the parser in order to extract the cookies
-                return [] if !head || !head.to_s.downcase.include?( 'set-cookie' )
+                return [] if !(document =~ /set-cookie/i )
-                document = Nokogiri::HTML( head.to_s )
+                document = Nokogiri::HTML( document )
             end
             Arachni::Utilities.exception_jail {
-                document.search( "//meta[@http-equiv]" ).map do |elem|
+                document.search( '//meta[@http-equiv]' ).map do |elem|
                     next if elem['http-equiv'].downcase != 'set-cookie'
                     from_set_cookie( url, elem['content'] )
                 end.flatten.compact
             } rescue []
@@ -358,9 +353,14 @@ class Cookie < Base
                 cookie_hash['path'] ||= '/'
                 cookie_hash['name']  = decode( cookie.name )
-                cookie_hash['value'] = decode( cookie.value )
-                new( { url: url }.merge( cookie_hash.my_symbolize_keys ) )
+                if too_big?( cookie.value )
+                    cookie_hash['value'] = ''
+                else
+                    cookie_hash['value'] = decode( cookie.value )
+                end
+                new( { url: url, source: str }.merge( cookie_hash.my_symbolize_keys ) )
             end.flatten.compact
         end
         alias :parse_set_cookie :from_set_cookie
@@ -376,27 +376,41 @@ class Cookie < Base
         # @return   [Array<Cookie>]
         def from_string( url, string )
             return [] if string.empty?
             string.split( ';' ).map do |cookie_pair|
+                cookie_pair.strip!
                 k, v = *cookie_pair.split( '=', 2 )
-                new( url: url, inputs: { decode( k.strip ) => decode( v.strip ) } )
+                v = '' if too_big?( v )
+                new(
+                    url:    url,
+                    source: cookie_pair,
+                    inputs: { decode( k ) => value_to_v0( v ) }
+                )
             end.flatten.compact
         end
+        def value_to_v0( value )
+            return '' if !value
+            value.start_with?( '"' ) && value.end_with?( '"' ) ?
+                value[1...-1] : decode( value )
+        end
         # Encodes a {String}'s reserved characters in order to prepare it for
         # the `Cookie` header field.
         #
         # @example
         #    p Cookie.encode "+;%=\0 "
-        #    #=> "%2B%3B%25%3D%00+"
+        #    #=> "%2B%3B%25%3D%00%20"
         #
         # @param    [String]    str
         #
         # @return   [String]
         def encode( str )
-            str = str.to_s
-            return str if !ENCODE_CHARACTERS.find { |c| str.include? c }
-            ::URI.encode( str, ENCODE_CHARACTERS_LIST )
+            Arachni::HTTP::Request.encode( str )
         end
         # Decodes a {String} encoded for the `Cookie` header field.
@@ -409,7 +423,7 @@ class Cookie < Base
         #
         # @return   [String]
         def decode( str )
-            ::URI.decode( str.to_s.gsub('+', ' ' ) )
+            ::URI.decode_www_form_component str.to_s
         end
         def keep_for_set_cookie

data/lib/arachni/element/cookie/capabilities/mutable.rb CHANGED

@@ -17,15 +17,15 @@ module Capabilities
 module Mutable
     include Arachni::Element::Capabilities::Mutable
-    # Overrides {Capabilities::Mutable#each_mutation} to handle cookie-specific
+    # Overrides {Arachni::Element::Capabilities::Mutable#each_mutation} to handle cookie-specific
     # limitations and the {Arachni::OptionGroups::Audit#cookies_extensively} option.
     #
-    # @param (see Capabilities::Mutable#each_mutation)
-    # @return (see Capabilities::Mutable#each_mutation)
-    # @yield (see Capabilities::Mutable#each_mutation)
-    # @yieldparam (see Capabilities::Mutable#each_mutation)
+    # @param (see Arachni::Element::Capabilities::Mutable#each_mutation)
+    # @return (see Arachni::Element::Capabilities::Mutable#each_mutation)
+    # @yield (see Arachni::Element::Capabilities::Mutable#each_mutation)
+    # @yieldparam (see Arachni::Element::Capabilities::Mutable#each_mutation)
     #
-    # @see Capabilities::Mutable#each_mutation
+    # @see Arachni::Element::Capabilities::Mutable#each_mutation
     def each_mutation( payload, options = {}, &block )
         options              = prepare_mutation_options( options )
         parameter_names      = options.delete( :parameter_names )

data/lib/arachni/element/cookie/dom.rb CHANGED

@@ -42,14 +42,6 @@ class DOM < Base
         p.to_set_cookie
     end
-    def encode( *args )
-        Cookie.encode( *args )
-    end
-    def decode( *args )
-        Cookie.decode( *args )
-    end
     def type
         self.class.type
     end

data/lib/arachni/element/form.rb CHANGED

@@ -262,7 +262,14 @@ class Form < Base
         #
         # @return   [Array<Form>]
         def from_document( url, document, ignore_scope = false )
-            document = Nokogiri::HTML( document.to_s ) if !document.is_a?( Nokogiri::HTML::Document )
+            if !document.is_a?( Nokogiri::HTML::Document )
+                document = document.to_s
+                return [] if !(document =~ /<\s*form/i)
+                document = Nokogiri::HTML( document )
+            end
             base_url = (document.search( '//base[@href]' )[0]['href'] rescue url)
             base_url = to_absolute( base_url, url )
@@ -305,16 +312,20 @@ class Form < Base
                     # Handle the easy stuff first...
                     if elem.name != 'select'
-                        options[:inputs][name]           = elem_attrs
+                        options[:inputs][name] = elem_attrs
                         if elem_attrs[:type] == :submit
                             multiple_choice_submits[name] ||= Set.new
-                            multiple_choice_submits[name] <<
-                                elem_attrs[:value]
+                            multiple_choice_submits[name] << elem_attrs[:value]
                         end
                         options[:inputs][name][:type]  ||= :text
                         options[:inputs][name][:value] ||= ''
+                        if too_big?( options[:inputs][name][:value] )
+                            options[:inputs][name][:value] = ''
+                        end
                         next
                     end
@@ -322,19 +333,22 @@ class Form < Base
                     if elem.children.css('option').any?
                         elem.children.css('option').each do |child|
                             h = attributes_to_hash( child.attributes )
-                            h[:type] = :select
+                            h[:type]    = :select
+                            h[:value] ||= child.text
+                            if too_big?( h[:value] )
+                                h[:value] = ''
+                            end
                             # Prefer the selected or first option.
                             if h[:selected]
-                                h[:value] ||= child.text
                                 options[:inputs][name] = h
                             else
-                                h[:value] ||= child.text
                                 options[:inputs][name] ||= h
                             end
                         end
-                        # The select has no options, use an empty string.
+                    # The select has no options, use an empty string.
                     else
                         options[:inputs][name] = {
                             type:  :select,
@@ -376,20 +390,20 @@ class Form < Base
         # Encodes a {String}'s reserved characters in order to prepare it
         # to be included in a request body.
         #
-        # @param    [String]    str
+        # @param    [String]    string
         #
         # @return   [String]
-        def encode( str )
-            ::URI.encode_www_form_component str.to_s
+        def encode( string )
+            Arachni::HTTP::Request.encode string
         end
         # Decodes a {String} encoded for an HTTP request's body.
         #
-        # @param    [String]    str
+        # @param    [String]    string
         #
         # @return   [String]
-        def decode( str )
-            ::URI.decode_www_form_component str.to_s
+        def decode( string )
+            ::URI.decode_www_form_component string.to_s
         end
     end

data/lib/arachni/element/form/capabilities/auditable.rb CHANGED

@@ -33,8 +33,8 @@ module Auditable
         end
     end
-    # @param   (see Capabilities::Auditable#audit_id)
-    # @return  (see Capabilities::Auditable#audit_id)
+    # @param   (see Arachni::Element::Capabilities::Auditable#audit_id)
+    # @return  (see Arachni::Element::Capabilities::Auditable#audit_id)
     def audit_id( payload = nil )
         force_train? ? id : super( payload )
     end

data/lib/arachni/element/form/capabilities/mutable.rb CHANGED

@@ -56,12 +56,12 @@ module Mutable
     #   Whether or not to skip adding a mutation holding original values and
     #   sample values.
     #
-    # @param (see Capabilities::Mutable#each_mutation)
-    # @return (see Capabilities::Mutable#each_mutation)
-    # @yield (see Capabilities::Mutable#each_mutation)
-    # @yieldparam (see Capabilities::Mutable#each_mutation)
+    # @param (see Arachni::Element::Capabilities::Mutable#each_mutation)
+    # @return (see Arachni::Element::Capabilities::Mutable#each_mutation)
+    # @yield (see Arachni::Element::Capabilities::Mutable#each_mutation)
+    # @yieldparam (see Arachni::Element::Capabilities::Mutable#each_mutation)
     #
-    # @see Capabilities::Mutable#each_mutation
+    # @see Arachni::Element::Capabilities::Mutable#each_mutation
     # @see Arachni::OptionGroups::Input.fill
     def each_mutation( payload, opts = {} )
         opts = MUTATION_OPTIONS.merge( opts )

data/lib/arachni/element/form/dom.rb CHANGED

@@ -36,14 +36,6 @@ class DOM < Base
         @valid_input_names.include? name.to_s
     end
-    def encode( *args )
-        Form.encode( *args )
-    end
-    def decode( *args )
-        Form.decode( *args )
-    end
     def type
         self.class.type
     end