arachni 1.1 → 1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +159 -0
- data/LICENSE.md +126 -196
- data/README.md +32 -24
- data/arachni.gemspec +7 -7
- data/components/checks/active/code_injection_timing.rb +3 -3
- data/components/checks/active/csrf.rb +2 -2
- data/components/checks/active/file_inclusion.rb +6 -7
- data/components/checks/active/os_cmd_injection.rb +3 -3
- data/components/checks/active/path_traversal.rb +7 -7
- data/components/checks/active/response_splitting.rb +9 -4
- data/components/checks/active/session_fixation.rb +7 -3
- data/components/checks/active/source_code_disclosure.rb +5 -5
- data/components/checks/active/unvalidated_redirect.rb +12 -3
- data/components/checks/active/unvalidated_redirect_dom.rb +3 -3
- data/components/checks/active/xss.rb +23 -10
- data/components/checks/active/xss_dom_inputs.rb +113 -11
- data/components/checks/active/xxe.rb +3 -3
- data/components/checks/passive/backdoors.rb +6 -5
- data/components/checks/passive/backup_directories.rb +6 -6
- data/components/checks/passive/backup_files.rb +6 -6
- data/components/checks/passive/common_admin_interfaces.rb +58 -0
- data/components/checks/passive/common_admin_interfaces/admin-panels.txt +49 -0
- data/components/checks/passive/common_directories/directories.txt +0 -16
- data/components/checks/passive/common_files.rb +6 -5
- data/components/checks/passive/common_files/filenames.txt +0 -2
- data/components/checks/passive/directory_listing.rb +6 -6
- data/components/checks/passive/grep/cookie_set_for_parent_domain.rb +3 -3
- data/components/checks/passive/grep/hsts.rb +6 -3
- data/components/checks/passive/grep/http_only_cookies.rb +3 -3
- data/components/checks/passive/grep/insecure_cookies.rb +2 -2
- data/components/checks/passive/grep/insecure_cors_policy.rb +6 -4
- data/components/checks/passive/grep/x_frame_options.rb +6 -4
- data/components/checks/passive/htaccess_limit.rb +6 -2
- data/components/checks/passive/http_put.rb +8 -4
- data/components/checks/passive/interesting_responses.rb +3 -2
- data/components/checks/passive/localstart_asp.rb +6 -2
- data/components/checks/passive/origin_spoof_access_restriction_bypass.rb +5 -1
- data/components/checks/passive/xst.rb +6 -2
- data/components/fingerprinters/frameworks/aspx_mvc.rb +43 -0
- data/components/fingerprinters/frameworks/cakephp.rb +28 -0
- data/components/fingerprinters/frameworks/cherrypy.rb +31 -0
- data/components/fingerprinters/frameworks/django.rb +33 -0
- data/components/fingerprinters/frameworks/jsf.rb +30 -0
- data/components/fingerprinters/frameworks/rack.rb +5 -7
- data/components/fingerprinters/frameworks/rails.rb +43 -0
- data/components/fingerprinters/languages/aspx.rb +11 -11
- data/components/fingerprinters/languages/{jsp.rb → java.rb} +11 -7
- data/components/fingerprinters/languages/php.rb +6 -6
- data/components/fingerprinters/languages/python.rb +14 -6
- data/components/fingerprinters/languages/ruby.rb +3 -5
- data/components/fingerprinters/servers/apache.rb +5 -4
- data/components/fingerprinters/servers/gunicorn.rb +33 -0
- data/components/fingerprinters/servers/jetty.rb +1 -1
- data/components/fingerprinters/servers/tomcat.rb +11 -4
- data/components/path_extractors/anchors.rb +5 -12
- data/components/path_extractors/areas.rb +5 -13
- data/components/path_extractors/comments.rb +5 -3
- data/components/path_extractors/data_url.rb +21 -0
- data/components/path_extractors/forms.rb +5 -13
- data/components/path_extractors/frames.rb +6 -13
- data/components/path_extractors/generic.rb +3 -12
- data/components/path_extractors/links.rb +5 -13
- data/components/path_extractors/meta_refresh.rb +5 -13
- data/components/path_extractors/scripts.rb +8 -14
- data/components/plugins/autologin.rb +17 -5
- data/components/plugins/defaults/meta/remedies/discovery.rb +11 -29
- data/components/plugins/login_script.rb +40 -10
- data/components/plugins/metrics.rb +235 -0
- data/components/plugins/proxy.rb +21 -4
- data/components/plugins/proxy/panel/page_accordion.html.erb +34 -2
- data/components/plugins/restrict_to_dom_state.rb +70 -0
- data/components/plugins/vector_feed.rb +38 -9
- data/components/reporters/plugin_formatters/html/metrics.rb +290 -0
- data/components/reporters/plugin_formatters/stdout/metrics.rb +80 -0
- data/components/reporters/plugin_formatters/xml/metrics.rb +29 -0
- data/components/reporters/stdout.rb +4 -2
- data/components/reporters/xml.rb +4 -4
- data/components/reporters/xml/schema.xsd +95 -0
- data/lib/arachni.rb +2 -0
- data/lib/arachni/browser.rb +132 -77
- data/lib/arachni/browser/javascript.rb +173 -45
- data/lib/arachni/browser/javascript/scripts/dom_monitor.js +81 -6
- data/lib/arachni/browser/javascript/scripts/taint_tracer.js +31 -3
- data/lib/arachni/browser_cluster.rb +41 -15
- data/lib/arachni/browser_cluster/job.rb +4 -0
- data/lib/arachni/browser_cluster/jobs/resource_exploration.rb +0 -9
- data/lib/arachni/browser_cluster/worker.rb +8 -5
- data/lib/arachni/check/auditor.rb +20 -8
- data/lib/arachni/check/base.rb +38 -6
- data/lib/arachni/element/base.rb +18 -1
- data/lib/arachni/element/capabilities/analyzable/differential.rb +0 -1
- data/lib/arachni/element/capabilities/analyzable/taint.rb +40 -10
- data/lib/arachni/element/capabilities/analyzable/timeout.rb +27 -23
- data/lib/arachni/element/capabilities/auditable/dom.rb +22 -0
- data/lib/arachni/element/capabilities/inputtable.rb +6 -2
- data/lib/arachni/element/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/cookie.rb +37 -23
- data/lib/arachni/element/cookie/capabilities/mutable.rb +6 -6
- data/lib/arachni/element/cookie/dom.rb +0 -8
- data/lib/arachni/element/form.rb +28 -14
- data/lib/arachni/element/form/capabilities/auditable.rb +2 -2
- data/lib/arachni/element/form/capabilities/mutable.rb +5 -5
- data/lib/arachni/element/form/dom.rb +0 -8
- data/lib/arachni/element/generic_dom.rb +1 -1
- data/lib/arachni/element/json.rb +2 -1
- data/lib/arachni/element/json/capabilities/inputtable.rb +6 -6
- data/lib/arachni/element/json/capabilities/mutable.rb +1 -1
- data/lib/arachni/element/link.rb +13 -16
- data/lib/arachni/element/link/dom.rb +1 -14
- data/lib/arachni/element/link_template.rb +3 -2
- data/lib/arachni/element/link_template/dom.rb +0 -16
- data/lib/arachni/element/server.rb +51 -9
- data/lib/arachni/element/xml.rb +1 -0
- data/lib/arachni/ethon/easy.rb +4 -1
- data/lib/arachni/framework/parts/audit.rb +26 -77
- data/lib/arachni/framework/parts/browser.rb +50 -55
- data/lib/arachni/framework/parts/check.rb +4 -3
- data/lib/arachni/framework/parts/data.rb +41 -6
- data/lib/arachni/framework/parts/state.rb +16 -7
- data/lib/arachni/http/client.rb +66 -38
- data/lib/arachni/http/client/dynamic_404_handler.rb +46 -14
- data/lib/arachni/http/headers.rb +22 -10
- data/lib/arachni/http/proxy_server.rb +67 -22
- data/lib/arachni/http/proxy_server/ssl-interceptor-cacert.pem +34 -0
- data/lib/arachni/http/proxy_server/ssl-interceptor-cakey.pem +51 -0
- data/lib/arachni/http/request.rb +71 -18
- data/lib/arachni/issue.rb +17 -3
- data/lib/arachni/option_groups/browser_cluster.rb +34 -1
- data/lib/arachni/option_groups/http.rb +1 -1
- data/lib/arachni/page.rb +26 -13
- data/lib/arachni/page/dom/transition.rb +2 -2
- data/lib/arachni/parser.rb +28 -11
- data/lib/arachni/platform/fingerprinter.rb +5 -0
- data/lib/arachni/platform/manager.rb +65 -32
- data/lib/arachni/plugin/base.rb +8 -0
- data/lib/arachni/processes/instances.rb +25 -11
- data/lib/arachni/reporter/manager.rb +2 -2
- data/lib/arachni/rpc/client/instance.rb +4 -0
- data/lib/arachni/rpc/server/framework/master.rb +3 -3
- data/lib/arachni/rpc/server/framework/multi_instance.rb +0 -8
- data/lib/arachni/rpc/server/instance.rb +2 -1
- data/lib/arachni/ruby/array.rb +5 -0
- data/lib/arachni/ruby/hash.rb +5 -0
- data/lib/arachni/ruby/string.rb +2 -3
- data/lib/arachni/session.rb +32 -6
- data/lib/arachni/state/framework.rb +6 -2
- data/lib/arachni/support/cache.rb +1 -0
- data/lib/arachni/support/cache/base.rb +12 -8
- data/lib/arachni/support/cache/least_recently_pushed.rb +29 -0
- data/lib/arachni/support/cache/least_recently_used.rb +5 -8
- data/lib/arachni/support/cache/preference.rb +1 -1
- data/lib/arachni/support/cache/random_replacement.rb +1 -25
- data/lib/arachni/support/database/queue.rb +21 -8
- data/lib/arachni/support/lookup/base.rb +7 -1
- data/lib/arachni/support/mixins/observable.rb +3 -1
- data/lib/arachni/support/profiler.rb +51 -10
- data/lib/arachni/support/signature.rb +11 -2
- data/lib/arachni/trainer.rb +8 -2
- data/lib/arachni/uri.rb +28 -25
- data/lib/arachni/uri/scope.rb +1 -1
- data/lib/arachni/utilities.rb +8 -0
- data/lib/arachni/watir/element.rb +1 -1
- data/lib/version +1 -1
- data/spec/arachni/browser/javascript/dom_monitor_spec.rb +388 -53
- data/spec/arachni/browser/javascript/taint_tracer_spec.rb +41 -0
- data/spec/arachni/browser/javascript_spec.rb +235 -61
- data/spec/arachni/browser_cluster/jobs/resource_exploration_spec.rb +0 -9
- data/spec/arachni/browser_cluster_spec.rb +58 -10
- data/spec/arachni/browser_spec.rb +170 -26
- data/spec/arachni/check/auditor_spec.rb +22 -3
- data/spec/arachni/check/base_spec.rb +84 -0
- data/spec/arachni/element/body_spec.rb +1 -1
- data/spec/arachni/element/capabilities/analyzable/taint_spec.rb +3 -3
- data/spec/arachni/element/capabilities/analyzable/timeout_spec.rb +1 -1
- data/spec/arachni/element/cookie/dom_spec.rb +0 -9
- data/spec/arachni/element/cookie_spec.rb +85 -0
- data/spec/arachni/element/form/dom_spec.rb +0 -9
- data/spec/arachni/element/form_spec.rb +46 -3
- data/spec/arachni/element/json_spec.rb +20 -0
- data/spec/arachni/element/link/dom_spec.rb +0 -9
- data/spec/arachni/element/link_spec.rb +40 -15
- data/spec/arachni/element/link_template/dom_spec.rb +0 -8
- data/spec/arachni/element/link_template_spec.rb +2 -6
- data/spec/arachni/element/server_spec.rb +94 -8
- data/spec/arachni/element/xml_spec.rb +20 -0
- data/spec/arachni/framework/parts/audit_spec.rb +12 -14
- data/spec/arachni/framework/parts/browser_spec.rb +0 -171
- data/spec/arachni/framework/parts/platform_spec.rb +14 -8
- data/spec/arachni/framework/parts/report_spec.rb +1 -1
- data/spec/arachni/framework/parts/state_spec.rb +0 -9
- data/spec/arachni/http/client/dynamic_404_handlers_spec.rb +19 -0
- data/spec/arachni/http/client_spec.rb +169 -42
- data/spec/arachni/http/headers_spec.rb +18 -0
- data/spec/arachni/http/request_spec.rb +23 -0
- data/spec/arachni/issue_spec.rb +17 -6
- data/spec/arachni/page_spec.rb +22 -2
- data/spec/arachni/parser_spec.rb +5 -0
- data/spec/arachni/platform/manager_spec.rb +57 -25
- data/spec/arachni/reporter/manager_spec.rb +26 -0
- data/spec/arachni/rpc/server/active_options_spec.rb +9 -4
- data/spec/arachni/state/framework_spec.rb +2 -8
- data/spec/arachni/support/cache/least_recently_pushed_spec.rb +90 -0
- data/spec/arachni/support/cache/least_recently_used_spec.rb +5 -13
- data/spec/arachni/support/database/queue_spec.rb +7 -0
- data/spec/arachni/support/mixins/observable_spec.rb +15 -1
- data/spec/arachni/trainer_spec.rb +2 -2
- data/spec/components/checks/active/code_injection_timing_spec.rb +1 -1
- data/spec/components/checks/active/file_inclusion_spec.rb +6 -6
- data/spec/components/checks/active/path_traversal_spec.rb +2 -2
- data/spec/components/checks/active/source_code_disclosure_spec.rb +2 -2
- data/spec/components/checks/active/unvalidated_redirect_spec.rb +6 -6
- data/spec/components/checks/active/xss_dom_inputs_spec.rb +3 -5
- data/spec/components/checks/active/xss_dom_script_context_spec.rb +1 -1
- data/spec/components/checks/active/xss_spec.rb +5 -5
- data/spec/components/checks/passive/common_admin_interfaces_spec.rb +15 -0
- data/spec/components/checks/passive/interesting_responses_spec.rb +14 -1
- data/spec/components/fingerprinters/frameworks/aspx_mvc_spec.rb +31 -0
- data/spec/components/fingerprinters/frameworks/cakephp_spec.rb +22 -0
- data/spec/components/fingerprinters/frameworks/cherrypy_spec.rb +28 -0
- data/spec/components/fingerprinters/frameworks/django_spec.rb +37 -0
- data/spec/components/fingerprinters/frameworks/jsf_spec.rb +27 -0
- data/spec/components/fingerprinters/frameworks/rack_spec.rb +11 -14
- data/spec/components/fingerprinters/frameworks/rails_spec.rb +53 -0
- data/spec/components/fingerprinters/languages/asp_spec.rb +7 -9
- data/spec/components/fingerprinters/languages/aspx_spec.rb +10 -24
- data/spec/components/fingerprinters/languages/java_spec.rb +88 -0
- data/spec/components/fingerprinters/languages/php_spec.rb +19 -12
- data/spec/components/fingerprinters/languages/python_spec.rb +22 -9
- data/spec/components/fingerprinters/languages/ruby.rb +6 -4
- data/spec/components/fingerprinters/os/bsd_spec.rb +6 -4
- data/spec/components/fingerprinters/os/linux_spec.rb +6 -4
- data/spec/components/fingerprinters/os/solaris_spec.rb +6 -4
- data/spec/components/fingerprinters/os/unix_spec.rb +6 -4
- data/spec/components/fingerprinters/os/windows_spec.rb +6 -4
- data/spec/components/fingerprinters/servers/apache_spec.rb +15 -4
- data/spec/components/fingerprinters/servers/gunicorn_spec.rb +28 -0
- data/spec/components/fingerprinters/servers/iis_spec.rb +6 -6
- data/spec/components/fingerprinters/servers/jetty_spec.rb +6 -6
- data/spec/components/fingerprinters/servers/nginx_spec.rb +6 -4
- data/spec/components/fingerprinters/servers/tomcat_spec.rb +15 -6
- data/spec/components/path_extractors/data_url_spec.rb +19 -0
- data/spec/components/plugins/autologin_spec.rb +23 -0
- data/spec/components/plugins/login_script_spec.rb +112 -24
- data/spec/components/plugins/restrict_to_dom_state_spec.rb +16 -0
- data/spec/components/plugins/vector_feed_spec.rb +39 -1
- data/spec/support/factories/page/dom.rb +9 -4
- data/spec/support/factories/page/dom/transition.rb +31 -9
- data/spec/support/factories/scan_report.rb +8 -6
- data/spec/support/fixtures/empty/placeholder +0 -0
- data/spec/support/fixtures/report.afr +0 -0
- data/spec/support/fixtures/reporters/manager_spec/error.rb +18 -0
- data/spec/support/servers/arachni/browser.rb +117 -11
- data/spec/support/servers/arachni/browser/javascript/dom_monitor.rb +148 -4
- data/spec/support/servers/arachni/check/auditor.rb +4 -0
- data/spec/support/servers/arachni/element/cookie/cookie_dom.rb +1 -1
- data/spec/support/servers/arachni/http/client.rb +5 -0
- data/spec/support/servers/arachni/http/client/dynamic_404_handler.rb +13 -0
- data/spec/support/servers/checks/active/code_injection_timing.rb +1 -1
- data/spec/support/servers/checks/active/file_inclusion.rb +2 -2
- data/spec/support/servers/checks/active/path_traversal.rb +2 -2
- data/spec/support/servers/checks/active/source_code_disclosure.rb +40 -33
- data/spec/support/servers/checks/active/trainer_check.rb +9 -10
- data/spec/support/servers/checks/active/unvalidated_redirect_dom.rb +7 -4
- data/spec/support/servers/checks/active/xss.rb +35 -0
- data/spec/support/servers/checks/active/xss_dom.rb +1 -1
- data/spec/support/servers/checks/active/xss_dom_inputs.rb +24 -0
- data/spec/support/servers/checks/active/xss_dom_script_context.rb +1 -1
- data/spec/support/servers/checks/passive/common_admin_interfaces.rb +6 -0
- data/spec/support/servers/plugins/autologin.rb +9 -0
- data/spec/support/servers/plugins/restrict_to_dom_state.rb +4 -0
- data/spec/support/shared/element/base.rb +42 -0
- data/spec/support/shared/element/capabilities/auditable.rb +4 -4
- data/spec/support/shared/element/capabilities/auditable/dom.rb +26 -0
- data/spec/support/shared/element/capabilities/inputtable.rb +16 -11
- data/spec/support/shared/element/capabilities/submitable.rb +7 -2
- data/spec/support/shared/fingerprinter.rb +8 -0
- data/spec/support/shared/path_extractor.rb +1 -1
- data/ui/cli/framework.rb +3 -3
- data/ui/cli/framework/option_parser.rb +9 -0
- data/ui/cli/output.rb +9 -0
- data/ui/cli/reporter.rb +5 -2
- data/ui/cli/utilities.rb +4 -2
- metadata +76 -17
- data/lib/arachni/http/proxy_server/ssl-interceptor-cert.pem +0 -34
- data/lib/arachni/http/proxy_server/ssl-interceptor-pkey.pem +0 -51
- data/spec/components/fingerprinters/languages/jsp_spec.rb +0 -56
|
@@ -3,15 +3,18 @@ require 'spec_helper'
|
|
|
3
3
|
describe Arachni::Platform::Fingerprinters::Linux do
|
|
4
4
|
include_examples 'fingerprinter'
|
|
5
5
|
|
|
6
|
+
def platforms
|
|
7
|
+
[:linux]
|
|
8
|
+
end
|
|
9
|
+
|
|
6
10
|
context 'when there is an Server header' do
|
|
7
11
|
described_class::IDs.each do |id|
|
|
8
12
|
context "and it contains #{id}" do
|
|
9
13
|
it 'identifies it as Linux' do
|
|
10
|
-
|
|
14
|
+
check_platforms Arachni::Page.from_data(
|
|
11
15
|
url: 'http://stuff.com/blah',
|
|
12
16
|
response: { headers: { 'Server' => "Apache/2.2.21 (#{id})" } }
|
|
13
17
|
)
|
|
14
|
-
platforms_for( page ).should include :linux
|
|
15
18
|
end
|
|
16
19
|
end
|
|
17
20
|
end
|
|
@@ -21,11 +24,10 @@ describe Arachni::Platform::Fingerprinters::Linux do
|
|
|
21
24
|
described_class::IDs.each do |id|
|
|
22
25
|
context "and it contains #{id}" do
|
|
23
26
|
it 'identifies it as Linux' do
|
|
24
|
-
|
|
27
|
+
check_platforms Arachni::Page.from_data(
|
|
25
28
|
url: 'http://stuff.com/blah',
|
|
26
29
|
response: { headers: { 'X-Powered-By' => "Apache/2.2.21 (#{id})" } }
|
|
27
30
|
)
|
|
28
|
-
platforms_for( page ).should include :linux
|
|
29
31
|
end
|
|
30
32
|
end
|
|
31
33
|
end
|
|
@@ -3,15 +3,18 @@ require 'spec_helper'
|
|
|
3
3
|
describe Arachni::Platform::Fingerprinters::Solaris do
|
|
4
4
|
include_examples 'fingerprinter'
|
|
5
5
|
|
|
6
|
+
def platforms
|
|
7
|
+
[:solaris]
|
|
8
|
+
end
|
|
9
|
+
|
|
6
10
|
context 'when there is an Server header' do
|
|
7
11
|
described_class::IDs.each do |id|
|
|
8
12
|
context "and it contains #{id}" do
|
|
9
13
|
it 'identifies it as Solaris' do
|
|
10
|
-
|
|
14
|
+
check_platforms Arachni::Page.from_data(
|
|
11
15
|
url: 'http://stuff.com/blah',
|
|
12
16
|
response: { headers: { 'Server' => "Apache/2.2.21 (#{id})" } }
|
|
13
17
|
)
|
|
14
|
-
platforms_for( page ).should include :solaris
|
|
15
18
|
end
|
|
16
19
|
end
|
|
17
20
|
end
|
|
@@ -21,11 +24,10 @@ describe Arachni::Platform::Fingerprinters::Solaris do
|
|
|
21
24
|
described_class::IDs.each do |id|
|
|
22
25
|
context "and it contains #{id}" do
|
|
23
26
|
it 'identifies it as Solaris' do
|
|
24
|
-
|
|
27
|
+
check_platforms Arachni::Page.from_data(
|
|
25
28
|
url: 'http://stuff.com/blah',
|
|
26
29
|
response: { headers: { 'X-Powered-By' => "Apache/2.2.21 (#{id})" } }
|
|
27
30
|
)
|
|
28
|
-
platforms_for( page ).should include :solaris
|
|
29
31
|
end
|
|
30
32
|
end
|
|
31
33
|
end
|
|
@@ -3,23 +3,25 @@ require 'spec_helper'
|
|
|
3
3
|
describe Arachni::Platform::Fingerprinters::Unix do
|
|
4
4
|
include_examples 'fingerprinter'
|
|
5
5
|
|
|
6
|
+
def platforms
|
|
7
|
+
[:unix]
|
|
8
|
+
end
|
|
9
|
+
|
|
6
10
|
context 'when there is an Server header' do
|
|
7
11
|
it 'identifies it as Unix' do
|
|
8
|
-
|
|
12
|
+
check_platforms Arachni::Page.from_data(
|
|
9
13
|
url: 'http://stuff.com/blah',
|
|
10
14
|
response: { headers: { 'Server' => 'Apache/2.2.21 (Unix)' } }
|
|
11
15
|
)
|
|
12
|
-
platforms_for( page ).should include :unix
|
|
13
16
|
end
|
|
14
17
|
end
|
|
15
18
|
|
|
16
19
|
context 'when there is a X-Powered-By header' do
|
|
17
20
|
it 'identifies it as Unix' do
|
|
18
|
-
|
|
21
|
+
check_platforms Arachni::Page.from_data(
|
|
19
22
|
url: 'http://stuff.com/blah',
|
|
20
23
|
response: { headers: { 'X-Powered-By' => 'Stuf/0.4 (Unix)' } }
|
|
21
24
|
)
|
|
22
|
-
platforms_for( page ).should include :unix
|
|
23
25
|
end
|
|
24
26
|
end
|
|
25
27
|
|
|
@@ -3,15 +3,18 @@ require 'spec_helper'
|
|
|
3
3
|
describe Arachni::Platform::Fingerprinters::Windows do
|
|
4
4
|
include_examples 'fingerprinter'
|
|
5
5
|
|
|
6
|
+
def platforms
|
|
7
|
+
[:windows]
|
|
8
|
+
end
|
|
9
|
+
|
|
6
10
|
context 'when there is an Server header' do
|
|
7
11
|
described_class::IDs.each do |id|
|
|
8
12
|
context "and it contains #{id}" do
|
|
9
13
|
it 'identifies it as Windows' do
|
|
10
|
-
|
|
14
|
+
check_platforms Arachni::Page.from_data(
|
|
11
15
|
url: 'http://stuff.com/blah',
|
|
12
16
|
response: { headers: { 'Server' => "Apache/2.2.21 (#{id})" } }
|
|
13
17
|
)
|
|
14
|
-
platforms_for( page ).should include :windows
|
|
15
18
|
end
|
|
16
19
|
end
|
|
17
20
|
end
|
|
@@ -21,11 +24,10 @@ describe Arachni::Platform::Fingerprinters::Windows do
|
|
|
21
24
|
described_class::IDs.each do |id|
|
|
22
25
|
context "and it contains #{id}" do
|
|
23
26
|
it 'identifies it as Windows' do
|
|
24
|
-
|
|
27
|
+
check_platforms Arachni::Page.from_data(
|
|
25
28
|
url: 'http://stuff.com/blah',
|
|
26
29
|
response: { headers: { 'X-Powered-By' => "PHP/5.0 (#{id})" } }
|
|
27
30
|
)
|
|
28
|
-
platforms_for( page ).should include :windows
|
|
29
31
|
end
|
|
30
32
|
end
|
|
31
33
|
end
|
|
@@ -3,23 +3,34 @@ require 'spec_helper'
|
|
|
3
3
|
describe Arachni::Platform::Fingerprinters::Apache do
|
|
4
4
|
include_examples 'fingerprinter'
|
|
5
5
|
|
|
6
|
+
def platforms
|
|
7
|
+
[:apache]
|
|
8
|
+
end
|
|
9
|
+
|
|
6
10
|
context 'when there is an Server header' do
|
|
7
11
|
it 'identifies it as Apache' do
|
|
8
|
-
|
|
12
|
+
check_platforms Arachni::Page.from_data(
|
|
9
13
|
url: 'http://stuff.com/blah',
|
|
10
14
|
response: { headers: { 'Server' => 'Apache/2.2.21' } }
|
|
11
15
|
)
|
|
12
|
-
platforms_for( page ).should include :apache
|
|
13
16
|
end
|
|
14
17
|
end
|
|
15
18
|
|
|
16
19
|
context 'when there is a X-Powered-By header' do
|
|
17
20
|
it 'identifies it as Apache' do
|
|
18
|
-
|
|
21
|
+
check_platforms Arachni::Page.from_data(
|
|
19
22
|
url: 'http://stuff.com/blah',
|
|
20
23
|
response: { headers: { 'X-Powered-By' => 'Stuf/0.4 (Apache)' } }
|
|
21
24
|
)
|
|
22
|
-
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
context 'when there is an Server header that includes Coyote' do
|
|
29
|
+
it 'does not identify it as Apache' do
|
|
30
|
+
platforms_for( Arachni::Page.from_data(
|
|
31
|
+
url: 'http://stuff.com/blah',
|
|
32
|
+
response: { headers: { 'Server' => 'Apache-Coyote/1.1' } }
|
|
33
|
+
)).to_a.should be_empty
|
|
23
34
|
end
|
|
24
35
|
end
|
|
25
36
|
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe Arachni::Platform::Fingerprinters::Gunicorn do
|
|
4
|
+
include_examples 'fingerprinter'
|
|
5
|
+
|
|
6
|
+
def platforms
|
|
7
|
+
[:python, :gunicorn]
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
context 'when there is a Server header' do
|
|
11
|
+
it 'identifies it as Gunicorn' do
|
|
12
|
+
check_platforms Arachni::Page.from_data(
|
|
13
|
+
url: 'http://stuff.com/blah',
|
|
14
|
+
response: { headers: { 'Server' => 'gunicorn/18.0' } }
|
|
15
|
+
)
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
context 'when there are X-Gunicorn headers' do
|
|
20
|
+
it 'identifies it as Gunicorn' do
|
|
21
|
+
check_platforms Arachni::Page.from_data(
|
|
22
|
+
url: 'http://stuff.com/blah',
|
|
23
|
+
response: { headers: { 'X-Gunicorn-Stuff' => 'Blah' } }
|
|
24
|
+
)
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
end
|
|
@@ -3,25 +3,25 @@ require 'spec_helper'
|
|
|
3
3
|
describe Arachni::Platform::Fingerprinters::IIS do
|
|
4
4
|
include_examples 'fingerprinter'
|
|
5
5
|
|
|
6
|
+
def platforms
|
|
7
|
+
[:iis, :windows]
|
|
8
|
+
end
|
|
9
|
+
|
|
6
10
|
context 'when there is an Server header' do
|
|
7
11
|
it 'identifies it as IIS' do
|
|
8
|
-
|
|
12
|
+
check_platforms Arachni::Page.from_data(
|
|
9
13
|
url: 'http://stuff.com/blah',
|
|
10
14
|
response: { headers: { 'Server' => 'IIS/2.2.21' } }
|
|
11
15
|
)
|
|
12
|
-
platforms_for( page ).should include :iis
|
|
13
|
-
platforms_for( page ).should include :windows
|
|
14
16
|
end
|
|
15
17
|
end
|
|
16
18
|
|
|
17
19
|
context 'when there is a X-Powered-By header' do
|
|
18
20
|
it 'identifies it as IIS' do
|
|
19
|
-
|
|
21
|
+
check_platforms Arachni::Page.from_data(
|
|
20
22
|
url: 'http://stuff.com/blah',
|
|
21
23
|
response: { headers: { 'X-Powered-By' => 'Stuf/0.4 (IIS)' } }
|
|
22
24
|
)
|
|
23
|
-
platforms_for( page ).should include :iis
|
|
24
|
-
platforms_for( page ).should include :windows
|
|
25
25
|
end
|
|
26
26
|
end
|
|
27
27
|
|
|
@@ -3,25 +3,25 @@ require 'spec_helper'
|
|
|
3
3
|
describe Arachni::Platform::Fingerprinters::Jetty do
|
|
4
4
|
include_examples 'fingerprinter'
|
|
5
5
|
|
|
6
|
+
def platforms
|
|
7
|
+
[:jetty, :java]
|
|
8
|
+
end
|
|
9
|
+
|
|
6
10
|
context 'when there is an Server header' do
|
|
7
11
|
it 'identifies it as Jetty' do
|
|
8
|
-
|
|
12
|
+
check_platforms Arachni::Page.from_data(
|
|
9
13
|
url: 'http://stuff.com/blah',
|
|
10
14
|
response: { headers: { 'Server' => 'Jetty/2.2.21' } }
|
|
11
15
|
)
|
|
12
|
-
platforms_for( page ).should include :jetty
|
|
13
|
-
platforms_for( page ).should include :jsp
|
|
14
16
|
end
|
|
15
17
|
end
|
|
16
18
|
|
|
17
19
|
context 'when there is a X-Powered-By header' do
|
|
18
20
|
it 'identifies it as Jetty' do
|
|
19
|
-
|
|
21
|
+
check_platforms Arachni::Page.from_data(
|
|
20
22
|
url: 'http://stuff.com/blah',
|
|
21
23
|
response: { headers: { 'X-Powered-By' => 'Stuff/0.4 (Jetty)' } }
|
|
22
24
|
)
|
|
23
|
-
platforms_for( page ).should include :jetty
|
|
24
|
-
platforms_for( page ).should include :jsp
|
|
25
25
|
end
|
|
26
26
|
end
|
|
27
27
|
|
|
@@ -3,23 +3,25 @@ require 'spec_helper'
|
|
|
3
3
|
describe Arachni::Platform::Fingerprinters::Nginx do
|
|
4
4
|
include_examples 'fingerprinter'
|
|
5
5
|
|
|
6
|
+
def platforms
|
|
7
|
+
[:nginx]
|
|
8
|
+
end
|
|
9
|
+
|
|
6
10
|
context 'when there is an Server header' do
|
|
7
11
|
it 'identifies it as Nginx' do
|
|
8
|
-
|
|
12
|
+
check_platforms Arachni::Page.from_data(
|
|
9
13
|
url: 'http://stuff.com/blah',
|
|
10
14
|
response: { headers: { 'Server' => 'Nginx/2.2.21' } }
|
|
11
15
|
)
|
|
12
|
-
platforms_for( page ).should include :nginx
|
|
13
16
|
end
|
|
14
17
|
end
|
|
15
18
|
|
|
16
19
|
context 'when there is a X-Powered-By header' do
|
|
17
20
|
it 'identifies it as Nginx' do
|
|
18
|
-
|
|
21
|
+
check_platforms Arachni::Page.from_data(
|
|
19
22
|
url: 'http://stuff.com/blah',
|
|
20
23
|
response: { headers: { 'X-Powered-By' => 'Stuf/0.4 (Nginx)' } }
|
|
21
24
|
)
|
|
22
|
-
platforms_for( page ).should include :nginx
|
|
23
25
|
end
|
|
24
26
|
end
|
|
25
27
|
|
|
@@ -3,25 +3,34 @@ require 'spec_helper'
|
|
|
3
3
|
describe Arachni::Platform::Fingerprinters::Tomcat do
|
|
4
4
|
include_examples 'fingerprinter'
|
|
5
5
|
|
|
6
|
+
def platforms
|
|
7
|
+
[:tomcat, :java]
|
|
8
|
+
end
|
|
9
|
+
|
|
6
10
|
context 'when there is an Server header' do
|
|
7
11
|
it 'identifies it as Tomcat' do
|
|
8
|
-
|
|
12
|
+
check_platforms Arachni::Page.from_data(
|
|
9
13
|
url: 'http://stuff.com/blah',
|
|
10
14
|
response: { headers: { 'Server' => 'Tomcat/2.2.21' } }
|
|
11
15
|
)
|
|
12
|
-
platforms_for( page ).should include :tomcat
|
|
13
|
-
platforms_for( page ).should include :jsp
|
|
14
16
|
end
|
|
15
17
|
end
|
|
16
18
|
|
|
17
19
|
context 'when there is a X-Powered-By header' do
|
|
18
20
|
it 'identifies it as Tomcat' do
|
|
19
|
-
|
|
21
|
+
check_platforms Arachni::Page.from_data(
|
|
20
22
|
url: 'http://stuff.com/blah',
|
|
21
23
|
response: { headers: { 'X-Powered-By' => 'Stuf/0.4 (Tomcat)' } }
|
|
22
24
|
)
|
|
23
|
-
|
|
24
|
-
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
context 'when there is an Server header' do
|
|
29
|
+
it 'identifies it as Tomcat' do
|
|
30
|
+
check_platforms Arachni::Page.from_data(
|
|
31
|
+
url: 'http://stuff.com/blah',
|
|
32
|
+
response: { headers: { 'Server' => 'Apache-Coyote/1.1' } }
|
|
33
|
+
)
|
|
25
34
|
end
|
|
26
35
|
end
|
|
27
36
|
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe name_from_filename do
|
|
4
|
+
include_examples 'path_extractor'
|
|
5
|
+
|
|
6
|
+
def results
|
|
7
|
+
[
|
|
8
|
+
'http://test.com',
|
|
9
|
+
'test',
|
|
10
|
+
'test.com'
|
|
11
|
+
]
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def text
|
|
15
|
+
results.map { |u| "<a data-url='#{u}'>Stuff</a>" }.join
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
easy_test
|
|
19
|
+
end
|
|
@@ -76,6 +76,29 @@ describe name_from_filename do
|
|
|
76
76
|
end
|
|
77
77
|
end
|
|
78
78
|
|
|
79
|
+
context 'when the form is not visible' do
|
|
80
|
+
before do
|
|
81
|
+
options.plugins[component_name] = {
|
|
82
|
+
'url' => url + '/hidden_login',
|
|
83
|
+
'parameters' => 'username=john&password=doe',
|
|
84
|
+
'check' => 'Hi there logged-in user'
|
|
85
|
+
}
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
it 'complains about not the form being invisible' do
|
|
89
|
+
run
|
|
90
|
+
|
|
91
|
+
actual_results['status'].should == 'form_not_visible'
|
|
92
|
+
actual_results['message'].should == plugin::STATUSES[:form_not_visible]
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
it 'aborts the scan' do
|
|
96
|
+
run
|
|
97
|
+
|
|
98
|
+
framework.status.should == :aborted
|
|
99
|
+
end
|
|
100
|
+
end
|
|
101
|
+
|
|
79
102
|
context 'when the verifier does not match' do
|
|
80
103
|
before do
|
|
81
104
|
options.plugins[component_name] = {
|
|
@@ -14,6 +14,8 @@ describe name_from_filename do
|
|
|
14
14
|
IO.write( script_path, script )
|
|
15
15
|
|
|
16
16
|
options.plugins[component_name] = { 'script' => script_path }
|
|
17
|
+
|
|
18
|
+
framework.options.scope.dom_depth_limit = 1
|
|
17
19
|
end
|
|
18
20
|
|
|
19
21
|
after(:each) { FileUtils.rm_f script_path }
|
|
@@ -22,27 +24,84 @@ describe name_from_filename do
|
|
|
22
24
|
let(:script_path) { "#{Dir.tmpdir}/login_script_#{Time.now.to_i}" }
|
|
23
25
|
|
|
24
26
|
context 'when a browser' do
|
|
25
|
-
|
|
26
|
-
|
|
27
|
+
context 'is available' do
|
|
28
|
+
context 'when using a Ruby script' do
|
|
29
|
+
let(:script) do
|
|
30
|
+
<<EOSCRIPT
|
|
27
31
|
framework.options.datastore.browser = browser
|
|
28
32
|
EOSCRIPT
|
|
29
|
-
|
|
33
|
+
end
|
|
30
34
|
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
run
|
|
35
|
+
it "exposes a Watir::Browser interface via the 'browser' variable" do
|
|
36
|
+
run
|
|
34
37
|
|
|
35
|
-
|
|
38
|
+
options.datastore.browser.should be_kind_of Watir::Browser
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
context 'when using a Javascript script' do
|
|
43
|
+
let(:script) do
|
|
44
|
+
<<EOSCRIPT
|
|
45
|
+
document.cookie = 'mycookie=myvalue'
|
|
46
|
+
EOSCRIPT
|
|
47
|
+
end
|
|
48
|
+
let(:script_path) { "#{super()}.js" }
|
|
49
|
+
|
|
50
|
+
it 'runs the code' do
|
|
51
|
+
run
|
|
52
|
+
|
|
53
|
+
framework.http.cookies.
|
|
54
|
+
find { |c| c.name == 'mycookie' }.value.should == 'myvalue'
|
|
55
|
+
end
|
|
36
56
|
end
|
|
37
57
|
end
|
|
38
58
|
|
|
39
59
|
context 'is not available' do
|
|
40
|
-
|
|
60
|
+
before do
|
|
41
61
|
framework.options.scope.dom_depth_limit = 0
|
|
42
|
-
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
context 'when using a Ruby script' do
|
|
65
|
+
let(:script) do
|
|
66
|
+
<<EOSCRIPT
|
|
67
|
+
framework.options.datastore.browser = browser
|
|
68
|
+
EOSCRIPT
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
it "sets 'browser' to 'nil'" do
|
|
72
|
+
run
|
|
43
73
|
|
|
44
|
-
|
|
74
|
+
options.datastore.browser.should be_nil
|
|
75
|
+
end
|
|
45
76
|
end
|
|
77
|
+
|
|
78
|
+
context 'when using a Javascript script' do
|
|
79
|
+
let(:script) do
|
|
80
|
+
<<EOSCRIPT
|
|
81
|
+
document.cookie = 'mycookie=myvalue'
|
|
82
|
+
EOSCRIPT
|
|
83
|
+
end
|
|
84
|
+
let(:script_path) { "#{super()}.js" }
|
|
85
|
+
|
|
86
|
+
it 'sets the status' do
|
|
87
|
+
run
|
|
88
|
+
|
|
89
|
+
actual_results['status'].should == 'missing_browser'
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
it 'sets the message' do
|
|
93
|
+
run
|
|
94
|
+
|
|
95
|
+
actual_results['message'].should == plugin::STATUSES[:missing_browser]
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
it 'aborts the scan' do
|
|
99
|
+
run
|
|
100
|
+
|
|
101
|
+
framework.status.should == :aborted
|
|
102
|
+
end
|
|
103
|
+
end
|
|
104
|
+
|
|
46
105
|
end
|
|
47
106
|
end
|
|
48
107
|
|
|
@@ -129,28 +188,57 @@ EOSCRIPT
|
|
|
129
188
|
end
|
|
130
189
|
|
|
131
190
|
context 'when there is a runtime error in the script' do
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
191
|
+
context 'when using Ruby' do
|
|
192
|
+
let(:script) do
|
|
193
|
+
<<EOSCRIPT
|
|
194
|
+
fail
|
|
135
195
|
EOSCRIPT
|
|
136
|
-
|
|
196
|
+
end
|
|
137
197
|
|
|
138
|
-
|
|
139
|
-
|
|
198
|
+
it 'sets the status' do
|
|
199
|
+
run
|
|
140
200
|
|
|
141
|
-
|
|
142
|
-
|
|
201
|
+
actual_results['status'].should == 'error'
|
|
202
|
+
end
|
|
143
203
|
|
|
144
|
-
|
|
145
|
-
|
|
204
|
+
it 'sets the message' do
|
|
205
|
+
run
|
|
206
|
+
|
|
207
|
+
actual_results['message'].should == plugin::STATUSES[:error]
|
|
208
|
+
end
|
|
146
209
|
|
|
147
|
-
|
|
210
|
+
it 'aborts the scan' do
|
|
211
|
+
run
|
|
212
|
+
|
|
213
|
+
framework.status.should == :aborted
|
|
214
|
+
end
|
|
148
215
|
end
|
|
149
216
|
|
|
150
|
-
|
|
151
|
-
|
|
217
|
+
context 'when using Javascript' do
|
|
218
|
+
let(:script) do
|
|
219
|
+
<<EOSCRIPT
|
|
220
|
+
document.cookie = '
|
|
221
|
+
EOSCRIPT
|
|
222
|
+
end
|
|
223
|
+
let(:script_path) { "#{super()}.js" }
|
|
152
224
|
|
|
153
|
-
|
|
225
|
+
it 'sets the status' do
|
|
226
|
+
run
|
|
227
|
+
|
|
228
|
+
actual_results['status'].should == 'error'
|
|
229
|
+
end
|
|
230
|
+
|
|
231
|
+
it 'sets the message' do
|
|
232
|
+
run
|
|
233
|
+
|
|
234
|
+
actual_results['message'].should == plugin::STATUSES[:error]
|
|
235
|
+
end
|
|
236
|
+
|
|
237
|
+
it 'aborts the scan' do
|
|
238
|
+
run
|
|
239
|
+
|
|
240
|
+
framework.status.should == :aborted
|
|
241
|
+
end
|
|
154
242
|
end
|
|
155
243
|
end
|
|
156
244
|
|