RubyGems - arachni - Versions diffs - 1.2.1 → 1.3 - Mend

arachni 1.2.1 → 1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (373) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +66 -0
data/Gemfile +1 -1
data/README.md +16 -5
data/components/checks/active/ldap_injection/errors.txt +1 -0
data/components/checks/active/source_code_disclosure.rb +1 -1
data/components/checks/active/unvalidated_redirect.rb +6 -6
data/components/checks/active/unvalidated_redirect_dom.rb +10 -7
data/components/checks/passive/grep/captcha.rb +14 -5
data/components/checks/passive/grep/form_upload.rb +7 -3
data/components/checks/passive/grep/hsts.rb +3 -3
data/components/checks/passive/grep/html_objects.rb +2 -3
data/components/checks/passive/grep/http_only_cookies.rb +2 -3
data/components/checks/passive/grep/insecure_cookies.rb +1 -1
data/components/checks/passive/grep/password_autocomplete.rb +2 -2
data/components/checks/passive/grep/unencrypted_password_forms.rb +7 -7
data/components/checks/passive/grep/x_frame_options.rb +2 -2
data/components/checks/passive/http_put.rb +2 -3
data/components/path_extractors/comments.rb +3 -3
data/components/path_extractors/scripts.rb +10 -1
data/components/plugins/defaults/autothrottle.rb +27 -18
data/components/plugins/defaults/meta/remedies/discovery.rb +30 -33
data/components/plugins/defaults/meta/remedies/timing_attacks.rb +7 -11
data/components/plugins/login_script.rb +9 -3
data/components/plugins/proxy.rb +4 -3
data/components/reporters/html.rb +11 -14
data/components/reporters/html/default/issue.erb +13 -38
data/components/reporters/html/default/issue/info.erb +1 -1
data/components/reporters/html/default/summary/issues/by_name.erb +3 -3
data/components/reporters/stdout.rb +62 -71
data/components/reporters/xml.rb +26 -40
data/components/reporters/xml/schema.xsd +43 -89
data/lib/arachni/browser.rb +52 -3
data/lib/arachni/browser/javascript.rb +3 -3
data/lib/arachni/browser/javascript/scripts/taint_tracer.js +46 -25
data/lib/arachni/browser_cluster.rb +61 -0
data/lib/arachni/browser_cluster/job.rb +21 -1
data/lib/arachni/browser_cluster/jobs/browser_provider.rb +3 -1
data/lib/arachni/browser_cluster/jobs/resource_exploration.rb +2 -1
data/lib/arachni/browser_cluster/jobs/resource_exploration/event_trigger.rb +2 -1
data/lib/arachni/browser_cluster/jobs/taint_trace.rb +3 -2
data/lib/arachni/browser_cluster/jobs/taint_trace/event_trigger.rb +1 -1
data/lib/arachni/browser_cluster/worker.rb +5 -0
data/lib/arachni/check/auditor.rb +22 -12
data/lib/arachni/data/framework.rb +13 -1
data/lib/arachni/data/issues.rb +9 -25
data/lib/arachni/element/base.rb +9 -3
data/lib/arachni/element/capabilities/analyzable.rb +2 -6
data/lib/arachni/element/capabilities/analyzable/differential.rb +24 -7
data/lib/arachni/element/capabilities/analyzable/{taint.rb → signature.rb} +23 -23
data/lib/arachni/element/capabilities/auditable.rb +0 -6
data/lib/arachni/element/capabilities/dom_only.rb +61 -0
data/lib/arachni/element/capabilities/with_dom.rb +3 -1
data/lib/arachni/element/cookie.rb +35 -5
data/lib/arachni/element/cookie/dom.rb +13 -4
data/lib/arachni/element/{capabilities/auditable/dom.rb → dom.rb} +20 -68
data/lib/arachni/element/dom/capabilities/auditable.rb +29 -0
data/lib/arachni/element/dom/capabilities/inputtable.rb +27 -0
data/lib/arachni/element/dom/capabilities/mutable.rb +21 -0
data/lib/arachni/element/dom/capabilities/submittable.rb +52 -0
data/lib/arachni/element/form.rb +12 -1
data/lib/arachni/element/form/capabilities/mutable.rb +2 -1
data/lib/arachni/element/form/capabilities/with_dom.rb +0 -1
data/lib/arachni/element/form/dom.rb +9 -3
data/lib/arachni/element/header.rb +14 -33
data/lib/arachni/element/header/capabilities/inputtable.rb +29 -0
data/lib/arachni/element/header/capabilities/mutable.rb +51 -0
data/lib/arachni/element/input/dom.rb +71 -0
data/lib/arachni/element/json.rb +2 -0
data/lib/arachni/element/link.rb +3 -0
data/lib/arachni/element/link/capabilities/with_dom.rb +0 -1
data/lib/arachni/element/link/dom.rb +16 -3
data/lib/arachni/element/link/dom/capabilities/submittable.rb +29 -0
data/lib/arachni/element/link_template.rb +3 -5
data/lib/arachni/element/link_template/capabilities/inputtable.rb +5 -0
data/lib/arachni/element/link_template/capabilities/with_dom.rb +0 -1
data/lib/arachni/element/link_template/dom.rb +16 -3
data/lib/arachni/element/link_template/dom/capabilities/submittable.rb +29 -0
data/lib/arachni/element/server.rb +3 -5
data/lib/arachni/element/ui_form.rb +106 -0
data/lib/arachni/element/ui_form/dom.rb +107 -0
data/lib/arachni/element/ui_input.rb +62 -0
data/lib/arachni/element/xml.rb +2 -1
data/lib/arachni/framework.rb +7 -5
data/lib/arachni/framework/parts/audit.rb +0 -1
data/lib/arachni/framework/parts/check.rb +1 -0
data/lib/arachni/framework/parts/data.rb +4 -0
data/lib/arachni/framework/parts/state.rb +0 -2
data/lib/arachni/http/client.rb +17 -6
data/lib/arachni/http/proxy_server.rb +52 -5
data/lib/arachni/http/request.rb +1 -1
data/lib/arachni/issue.rb +34 -179
data/lib/arachni/issue/severity.rb +2 -0
data/lib/arachni/option_groups/audit.rb +22 -2
data/lib/arachni/option_groups/browser_cluster.rb +15 -0
data/lib/arachni/page.rb +3 -2
data/lib/arachni/parser.rb +24 -5
data/lib/arachni/platform/manager.rb +1 -2
data/lib/arachni/rpc/server/framework.rb +3 -4
data/lib/arachni/rpc/server/framework/multi_instance.rb +2 -1
data/lib/arachni/session.rb +1 -1
data/lib/arachni/trainer.rb +4 -7
data/lib/arachni/watir/element.rb +12 -1
data/lib/version +1 -1
data/spec/arachni/browser/element_locator_spec.rb +43 -43
data/spec/arachni/browser/javascript/dom_monitor_spec.rb +44 -44
data/spec/arachni/browser/javascript/proxy/stub_spec.rb +17 -14
data/spec/arachni/browser/javascript/proxy_spec.rb +24 -24
data/spec/arachni/browser/javascript/taint_tracer/frame/called_function_spec.rb +11 -11
data/spec/arachni/browser/javascript/taint_tracer/frame_spec.rb +7 -7
data/spec/arachni/browser/javascript/taint_tracer/sink/data_flow_spec.rb +13 -13
data/spec/arachni/browser/javascript/taint_tracer/sink/execution_flow_spec.rb +7 -7
data/spec/arachni/browser/javascript/taint_tracer_spec.rb +568 -558
data/spec/arachni/browser/javascript_spec.rb +73 -63
data/spec/arachni/browser_cluster/job/result_spec.rb +3 -3
data/spec/arachni/browser_cluster/job_spec.rb +68 -48
data/spec/arachni/browser_cluster/jobs/resource_exploration/event_trigger/result_spec.rb +2 -2
data/spec/arachni/browser_cluster/jobs/resource_exploration/event_trigger_spec.rb +5 -4
data/spec/arachni/browser_cluster/jobs/resource_exploration/result_spec.rb +2 -2
data/spec/arachni/browser_cluster/jobs/resource_exploration_spec.rb +5 -5
data/spec/arachni/browser_cluster/worker_spec.rb +87 -70
data/spec/arachni/browser_cluster_spec.rb +64 -39
data/spec/arachni/browser_spec.rb +692 -527
data/spec/arachni/check/auditor_spec.rb +177 -147
data/spec/arachni/check/base_spec.rb +33 -33
data/spec/arachni/check/manager_spec.rb +15 -15
data/spec/arachni/component/base_spec.rb +8 -8
data/spec/arachni/component/manager_spec.rb +100 -99
data/spec/arachni/component/options/address_spec.rb +3 -3
data/spec/arachni/component/options/base_spec.rb +7 -7
data/spec/arachni/component/options/bool_spec.rb +9 -9
data/spec/arachni/component/options/float_spec.rb +6 -6
data/spec/arachni/component/options/int_spec.rb +5 -5
data/spec/arachni/component/options/multiple_choice_spec.rb +12 -12
data/spec/arachni/component/options/object_spec.rb +2 -2
data/spec/arachni/component/options/path_spec.rb +3 -3
data/spec/arachni/component/options/port_spec.rb +5 -5
data/spec/arachni/component/options/string_spec.rb +3 -3
data/spec/arachni/component/options/url_spec.rb +4 -4
data/spec/arachni/component/utilities_spec.rb +2 -2
data/spec/arachni/data/framework/rpc_spec.rb +10 -9
data/spec/arachni/data/framework_spec.rb +65 -46
data/spec/arachni/data/issues_spec.rb +39 -77
data/spec/arachni/data/plugins_spec.rb +11 -11
data/spec/arachni/data/session_spec.rb +6 -6
data/spec/arachni/data_spec.rb +8 -8
data/spec/arachni/element/body_spec.rb +10 -10
data/spec/arachni/element/capabilities/analyzable/differential_spec.rb +39 -21
data/spec/arachni/element/capabilities/analyzable/{taint_spec.rb → signature_spec.rb} +63 -63
data/spec/arachni/element/capabilities/analyzable/timeout_spec.rb +51 -51
data/spec/arachni/element/capabilities/with_scope/scope_spec.rb +5 -5
data/spec/arachni/element/cookie/dom_spec.rb +37 -18
data/spec/arachni/element/cookie_spec.rb +206 -139
data/spec/arachni/element/form/dom_spec.rb +36 -19
data/spec/arachni/element/form_spec.rb +210 -187
data/spec/arachni/element/generic_dom_spec.rb +14 -14
data/spec/arachni/element/header_spec.rb +35 -17
data/spec/arachni/element/json_spec.rb +53 -31
data/spec/arachni/element/link/dom_spec.rb +46 -28
data/spec/arachni/element/link_spec.rb +58 -40
data/spec/arachni/element/link_template/dom_spec.rb +47 -29
data/spec/arachni/element/link_template_spec.rb +79 -61
data/spec/arachni/element/path_spec.rb +1 -1
data/spec/arachni/element/server_spec.rb +33 -32
data/spec/arachni/element/ui_form/ui_form_dom_spec.rb +164 -0
data/spec/arachni/element/ui_form_spec.rb +242 -0
data/spec/arachni/element/ui_input/dom_spec.rb +157 -0
data/spec/arachni/element/ui_input_spec.rb +136 -0
data/spec/arachni/element/xml_spec.rb +42 -24
data/spec/arachni/element_filter_spec.rb +49 -48
data/spec/arachni/error_spec.rb +3 -3
data/spec/arachni/framework/parts/audit_spec.rb +64 -63
data/spec/arachni/framework/parts/browser_spec.rb +16 -16
data/spec/arachni/framework/parts/check_spec.rb +3 -3
data/spec/arachni/framework/parts/data_spec.rb +48 -48
data/spec/arachni/framework/parts/platform_spec.rb +3 -3
data/spec/arachni/framework/parts/plugin_spec.rb +7 -6
data/spec/arachni/framework/parts/report_spec.rb +7 -7
data/spec/arachni/framework/parts/scope_spec.rb +16 -16
data/spec/arachni/framework/parts/state_spec.rb +68 -69
data/spec/arachni/framework_spec.rb +39 -31
data/spec/arachni/http/client/dynamic_404_handlers_spec.rb +32 -32
data/spec/arachni/http/client_spec.rb +219 -208
data/spec/arachni/http/cookie_jar_spec.rb +72 -72
data/spec/arachni/http/headers_spec.rb +14 -14
data/spec/arachni/http/proxy_server_spec.rb +43 -42
data/spec/arachni/http/request_spec.rb +105 -103
data/spec/arachni/http/response/scope_spec.rb +24 -24
data/spec/arachni/http/response_spec.rb +50 -49
data/spec/arachni/issue/severity_spec.rb +10 -9
data/spec/arachni/issue_spec.rb +71 -369
data/spec/arachni/option_groups/audit_spec.rb +114 -114
data/spec/arachni/option_groups/browser_cluster_spec.rb +20 -3
data/spec/arachni/option_groups/datastore_spec.rb +6 -6
data/spec/arachni/option_groups/dispatcher_spec.rb +19 -19
data/spec/arachni/option_groups/http_spec.rb +11 -11
data/spec/arachni/option_groups/input_spec.rb +31 -27
data/spec/arachni/option_groups/output_spec.rb +2 -2
data/spec/arachni/option_groups/paths_spec.rb +17 -17
data/spec/arachni/option_groups/rpc_spec.rb +2 -2
data/spec/arachni/option_groups/scope_spec.rb +40 -40
data/spec/arachni/option_groups/session_spec.rb +6 -5
data/spec/arachni/option_groups/snapshot_spec.rb +4 -4
data/spec/arachni/options_spec.rb +46 -45
data/spec/arachni/page/dom/transition_spec.rb +74 -72
data/spec/arachni/page/dom_spec.rb +35 -35
data/spec/arachni/page/scope_spec.rb +15 -15
data/spec/arachni/page_spec.rb +217 -217
data/spec/arachni/parser_spec.rb +106 -104
data/spec/arachni/platform/fingerprinter_spec.rb +17 -14
data/spec/arachni/platform/list_spec.rb +33 -33
data/spec/arachni/platform/manager_spec.rb +67 -64
data/spec/arachni/plugin/base_spec.rb +10 -10
data/spec/arachni/plugin/manager_spec.rb +38 -37
data/spec/arachni/report_spec.rb +43 -40
data/spec/arachni/reporter/base_spec.rb +15 -15
data/spec/arachni/reporter/manager_spec.rb +4 -4
data/spec/arachni/reporter/options_spec.rb +6 -6
data/spec/arachni/rpc/client/base_spec.rb +6 -6
data/spec/arachni/rpc/client/dispatcher_spec.rb +2 -2
data/spec/arachni/rpc/client/instance_spec.rb +6 -6
data/spec/arachni/rpc/server/active_options_spec.rb +11 -8
data/spec/arachni/rpc/server/base_spec.rb +5 -5
data/spec/arachni/rpc/server/checks/manager_spec.rb +8 -8
data/spec/arachni/rpc/server/dispatcher/node_spec.rb +37 -37
data/spec/arachni/rpc/server/dispatcher/service_spec.rb +15 -14
data/spec/arachni/rpc/server/dispatcher_spec.rb +36 -35
data/spec/arachni/rpc/server/framework/distributor_spec.rb +36 -36
data/spec/arachni/rpc/server/framework_multi_spec.rb +340 -336
data/spec/arachni/rpc/server/framework_spec.rb +90 -85
data/spec/arachni/rpc/server/instance_spec.rb +126 -107
data/spec/arachni/rpc/server/output_spec.rb +1 -1
data/spec/arachni/rpc/server/plugin/manager_spec.rb +6 -6
data/spec/arachni/ruby/array_spec.rb +42 -42
data/spec/arachni/ruby/hash_spec.rb +20 -18
data/spec/arachni/ruby/io_spec.rb +2 -2
data/spec/arachni/ruby/object_spec.rb +1 -1
data/spec/arachni/ruby/set_spec.rb +3 -3
data/spec/arachni/ruby/string_spec.rb +30 -30
data/spec/arachni/ruby/webrick_spec.rb +2 -2
data/spec/arachni/scope_spec.rb +1 -1
data/spec/arachni/session_spec.rb +67 -64
data/spec/arachni/snapshot_spec.rb +15 -15
data/spec/arachni/state/audit_spec.rb +11 -11
data/spec/arachni/state/element_filter_spec.rb +6 -6
data/spec/arachni/state/framework/rpc_spec.rb +12 -12
data/spec/arachni/state/framework_spec.rb +125 -121
data/spec/arachni/state/http_spec.rb +7 -7
data/spec/arachni/state/options_spec.rb +7 -7
data/spec/arachni/state/plugins_spec.rb +8 -8
data/spec/arachni/state_spec.rb +10 -10
data/spec/arachni/support/buffer/autoflush_spec.rb +16 -16
data/spec/arachni/support/buffer/base_spec.rb +39 -39
data/spec/arachni/support/cache/least_cost_replacement_spec.rb +18 -18
data/spec/arachni/support/cache/least_recently_pushed_spec.rb +24 -24
data/spec/arachni/support/cache/least_recently_used_spec.rb +20 -20
data/spec/arachni/support/cache/preference_spec.rb +4 -4
data/spec/arachni/support/cache/random_replacement_spec.rb +8 -8
data/spec/arachni/support/crypto/rsa_aes_cbc_spec.rb +1 -1
data/spec/arachni/support/database/hash_spec.rb +44 -43
data/spec/arachni/support/database/queue_spec.rb +27 -27
data/spec/arachni/support/lookup/hash_set_spec.rb +8 -8
data/spec/arachni/support/lookup/moolb_spec.rb +3 -3
data/spec/arachni/support/mixins/observable_spec.rb +6 -6
data/spec/arachni/support/signature_spec.rb +19 -19
data/spec/arachni/trainer_spec.rb +39 -39
data/spec/arachni/typhoeus/hydra_spec.rb +2 -2
data/spec/arachni/uri/scope_spec.rb +66 -66
data/spec/arachni/uri_spec.rb +107 -105
data/spec/arachni/utilities_spec.rb +40 -40
data/spec/components/checks/active/csrf_spec.rb +8 -8
data/spec/components/checks/active/no_sql_injection_spec.rb +1 -1
data/spec/components/checks/active/sql_injection_spec.rb +16 -16
data/spec/components/checks/active/trainer_spec.rb +4 -4
data/spec/components/checks/active/unvalidated_redirect_dom_spec.rb +4 -2
data/spec/components/checks/active/xpath_injection_spec.rb +1 -1
data/spec/components/checks/active/xss_dom_script_context_spec.rb +51 -21
data/spec/components/checks/active/xss_dom_spec.rb +46 -24
data/spec/components/checks/passive/allowed_methods_spec.rb +1 -1
data/spec/components/checks/passive/grep/cookie_set_for_parent_domain_spec.rb +1 -1
data/spec/components/checks/passive/grep/hsts_spec.rb +2 -2
data/spec/components/checks/passive/grep/http_only_cookies_spec.rb +1 -1
data/spec/components/checks/passive/grep/insecure_cookies_spec.rb +1 -1
data/spec/components/checks/passive/grep/insecure_cors_policy_spec.rb +2 -2
data/spec/components/checks/passive/grep/password_autocomplete_spec.rb +1 -1
data/spec/components/checks/passive/grep/private_ip_spec.rb +3 -3
data/spec/components/checks/passive/grep/unencrypted_password_forms_spec.rb +1 -1
data/spec/components/checks/passive/grep/x_frame_options_spec.rb +2 -2
data/spec/components/checks/passive/interesting_responses_spec.rb +2 -2
data/spec/components/checks/passive/webdav_spec.rb +1 -1
data/spec/components/checks/passive/xst_spec.rb +1 -1
data/spec/components/fingerprinters/servers/apache_spec.rb +2 -2
data/spec/components/path_extractors/comments_spec.rb +5 -1
data/spec/components/path_extractors/scripts_spec.rb +5 -2
data/spec/components/plugins/autologin_spec.rb +22 -22
data/spec/components/plugins/autothrottle_spec.rb +6 -5
data/spec/components/plugins/content_types_spec.rb +4 -4
data/spec/components/plugins/cookie_collector_spec.rb +5 -5
data/spec/components/plugins/exec_spec.rb +12 -12
data/spec/components/plugins/form_dicattack_spec.rb +3 -3
data/spec/components/plugins/headers_collector_spec.rb +8 -8
data/spec/components/plugins/healthmap_spec.rb +3 -3
data/spec/components/plugins/http_dicattack_spec.rb +3 -3
data/spec/components/plugins/login_script_spec.rb +79 -22
data/spec/components/plugins/meta/remedies/discovery_spec.rb +3 -2
data/spec/components/plugins/meta/remedies/timing_attacks_spec.rb +3 -3
data/spec/components/plugins/meta/uniformity_spec.rb +2 -2
data/spec/components/plugins/restrict_to_dom_state_spec.rb +1 -1
data/spec/components/plugins/script_spec.rb +1 -1
data/spec/components/plugins/uncommon_headers_spec.rb +2 -2
data/spec/components/plugins/vector_collector_spec.rb +2 -2
data/spec/components/plugins/vector_feed_spec.rb +40 -40
data/spec/components/plugins/waf_detector_spec.rb +6 -6
data/spec/components/reporters/json_spec.rb +4 -4
data/spec/components/reporters/marshal_spec.rb +2 -2
data/spec/components/reporters/yaml_spec.rb +3 -2
data/spec/external/wavsep/active/sqli_spec.rb +1 -3
data/spec/spec_helper.rb +4 -0
data/spec/support/factories/element/ui_form.rb +14 -0
data/spec/support/factories/element/ui_input.rb +13 -0
data/spec/support/factories/issue.rb +0 -13
data/spec/support/fixtures/report.afr +0 -0
data/spec/support/fixtures/{taint_check/taint.rb → signature_check/signature.rb} +2 -2
data/spec/support/helpers/browser_cluster/jobs/taint_tracer.rb +11 -11
data/spec/support/helpers/framework.rb +1 -1
data/spec/support/helpers/pages.rb +2 -2
data/spec/support/servers/arachni/browser.rb +139 -0
data/spec/support/servers/arachni/browser/javascript/taint_tracer.rb +40 -0
data/spec/support/servers/arachni/element/capabilities/analyzable/{taint.rb → signature.rb} +0 -0
data/spec/support/servers/arachni/element/input/input_dom.rb +102 -0
data/spec/support/servers/arachni/element/ui_form/ui_form_dom.rb +238 -0
data/spec/support/servers/checks/active/trainer_check.rb +7 -7
data/spec/support/servers/checks/active/unvalidated_redirect_dom.rb +22 -6
data/spec/support/servers/checks/active/xss_dom.rb +50 -0
data/spec/support/servers/checks/active/xss_dom_script_context.rb +53 -0
data/spec/support/shared/browser/javascript/taint_tracer/sink/base.rb +6 -6
data/spec/support/shared/check.rb +10 -12
data/spec/support/shared/component/options/base.rb +24 -24
data/spec/support/shared/element/base.rb +25 -25
data/spec/support/shared/element/capabilities/auditable.rb +116 -140
data/spec/support/shared/element/capabilities/dom_only.rb +65 -0
data/spec/support/shared/element/capabilities/inputtable.rb +71 -86
data/spec/support/shared/element/capabilities/mutable.rb +122 -111
data/spec/support/shared/element/capabilities/refreshable.rb +10 -10
data/spec/support/shared/element/capabilities/{submitable.rb → submittable.rb} +26 -26
data/spec/support/shared/element/capabilities/with_auditor.rb +10 -10
data/spec/support/shared/element/capabilities/with_dom.rb +8 -8
data/spec/support/shared/element/capabilities/with_node.rb +4 -6
data/spec/support/shared/element/capabilities/with_scope.rb +2 -2
data/spec/support/shared/element/capabilities/with_source.rb +6 -8
data/spec/support/shared/element/dom.rb +144 -0
data/spec/support/shared/element/dom/auditable.rb +42 -0
data/spec/support/shared/element/dom/inputtable.rb +5 -0
data/spec/support/shared/element/dom/mutable.rb +3 -0
data/spec/support/shared/element/dom/submittable.rb +119 -0
data/spec/support/shared/external/wavsep.rb +3 -3
data/spec/support/shared/fingerprinter.rb +2 -2
data/spec/support/shared/framework.rb +1 -1
data/spec/support/shared/http/message.rb +9 -9
data/spec/support/shared/option_group.rb +17 -17
data/spec/support/shared/path_extractor.rb +1 -1
data/spec/support/shared/plugin.rb +2 -2
data/spec/support/shared/support/cache.rb +57 -57
data/spec/support/shared/support/lookup.rb +25 -25
data/ui/cli/framework.rb +22 -11
data/ui/cli/framework/option_parser.rb +15 -0
data/ui/cli/option_parser.rb +8 -1
data/ui/cli/output.rb +2 -1
metadata +54 -20
data/components/checks/active/xss_dom_inputs.rb +0 -236
data/spec/components/checks/active/xss_dom_inputs_spec.rb +0 -30
data/spec/support/servers/checks/active/xss_dom_inputs.rb +0 -59
data/spec/support/shared/element/capabilities/auditable/dom.rb +0 -322

data/spec/arachni/rpc/server/dispatcher/service_spec.rb CHANGED

@@ -14,32 +14,33 @@ describe Arachni::RPC::Server::Dispatcher::Service do
     describe '#dispatcher' do
         it 'provides access to the parent Dispatcher' do
-            @dispatcher.echo.test_dispatcher.should be_true
+            expect(@dispatcher.echo.test_dispatcher).to be_truthy
         end
     end
     describe '#opts' do
         it 'provides access to the Dispatcher\'s options' do
-            @dispatcher.echo.test_opts.should be_true
+            expect(@dispatcher.echo.test_opts).to be_truthy
         end
     end
     describe '#node' do
         it 'provides access to the Dispatcher\'s node' do
-            @dispatcher.echo.test_node.should be_true
+            expect(@dispatcher.echo.test_node).to be_truthy
         end
     end
     describe '#instances' do
         it 'provides access to the running instances' do
-            @dispatcher.echo.instances.map{ |i| i['pid'] }.should == @dispatcher.jobs.map{ |j| j['pid'] }
+            expect(@dispatcher.echo.instances.map{ |i| i['pid'] }).to eq(@dispatcher.jobs.map{ |j| j['pid'] })
         end
     end
     describe '#map_instances' do
         it 'asynchronously maps all running instances' do
-            @dispatcher.echo.test_map_instances.should ==
+            expect(@dispatcher.echo.test_map_instances).to eq(
                 Hash[@dispatcher.jobs.map { |j| [j['url'], j['token']] }]
+            )
         end
     end
@@ -51,11 +52,11 @@ describe Arachni::RPC::Server::Dispatcher::Service do
                     new( Arachni::Options, j['url'], j['token'] ).options.url
             end
-            urls.size.should == @instance_count
+            expect(urls.size).to eq(@instance_count)
             urls.sort!
             1.upto( @instance_count ).each do |i|
-                urls[i-1].should == "http://stuff.com/#{i}"
+                expect(urls[i-1]).to eq("http://stuff.com/#{i}")
             end
         end
     end
@@ -63,26 +64,26 @@ describe Arachni::RPC::Server::Dispatcher::Service do
     describe '#defer' do
         it 'defers execution of the given block' do
             args = [1, 'stuff']
-            @dispatcher.echo.test_defer( *args ).should == args
+            expect(@dispatcher.echo.test_defer( *args )).to eq(args)
         end
     end
     describe '#run_asap' do
         it 'runs the given block as soon as possible' do
             args = [1, 'stuff']
-            @dispatcher.echo.test_run_asap( *args ).should == args
+            expect(@dispatcher.echo.test_run_asap( *args )).to eq(args)
         end
     end
     describe '#iterator_for' do
         it 'provides an asynchronous iterator' do
-            @dispatcher.echo.test_iterator_for.should be_true
+            expect(@dispatcher.echo.test_iterator_for).to be_truthy
         end
     end
     describe '#connect_to_dispatcher' do
         it 'connects to the a dispatcher by url' do
-            @dispatcher.echo.test_connect_to_dispatcher.should be_true
+            expect(@dispatcher.echo.test_connect_to_dispatcher).to be_truthy
         end
     end
@@ -90,9 +91,9 @@ describe Arachni::RPC::Server::Dispatcher::Service do
         it 'connects to an instance' do
             instance = @dispatcher.jobs.first
-            @dispatcher.echo.test_connect_to_instance( instance ).should be_false
-            @dispatcher.echo.test_connect_to_instance( instance['url'], instance['token'] ).should be_false
-            @dispatcher.echo.test_connect_to_instance( url: instance['url'], token: instance['token'] ).should be_false
+            expect(@dispatcher.echo.test_connect_to_instance( instance )).to be_falsey
+            expect(@dispatcher.echo.test_connect_to_instance( instance['url'], instance['token'] )).to be_falsey
+            expect(@dispatcher.echo.test_connect_to_instance( url: instance['url'], token: instance['token'] )).to be_falsey
         end
     end

data/spec/arachni/rpc/server/dispatcher_spec.rb CHANGED

@@ -16,7 +16,7 @@ describe Arachni::RPC::Server::Dispatcher do
     describe '#alive?' do
         it 'returns true' do
-            dispatcher_light_spawn.alive?.should == true
+            expect(dispatcher_light_spawn.alive?).to eq(true)
         end
     end
@@ -27,14 +27,14 @@ describe Arachni::RPC::Server::Dispatcher do
                 dispatcher_light_spawn( weight: 2, neighbour: dispatcher.url )
                 dispatcher_light_spawn( weight: 3, neighbour: dispatcher.url )
-                dispatcher.preferred.should == dispatcher.url
+                expect(dispatcher.preferred).to eq(dispatcher.url)
             end
         end
         context 'when the dispatcher is not a grid member' do
             it 'returns the URL of the Dispatcher' do
                 dispatcher = dispatcher_light_spawn
-                dispatcher.preferred.should == dispatcher.url
+                expect(dispatcher.preferred).to eq(dispatcher.url)
             end
         end
     end
@@ -42,7 +42,7 @@ describe Arachni::RPC::Server::Dispatcher do
     describe '#handlers' do
         it 'returns an array of loaded handlers' do
             Arachni::Options.paths.services = "#{fixtures_path}services/"
-            dispatcher_light_spawn.services.include?( 'echo' ).should be_true
+            expect(dispatcher_light_spawn.services.include?( 'echo' )).to be_truthy
         end
     end
@@ -55,14 +55,14 @@ describe Arachni::RPC::Server::Dispatcher do
                 sleep 0.1 while !dispatcher.dispatch
             end
-            dispatcher.jobs.size.should == times
+            expect(dispatcher.jobs.size).to eq(times)
         end
         context 'when Options#dispatcher_external_address has been set' do
             it 'advertises that address' do
                 address = '127.0.0.1'
                 dispatcher = dispatcher_light_spawn( external_address: address )
-                dispatcher.dispatch['url'].should start_with "#{address}:"
+                expect(dispatcher.dispatch['url']).to start_with "#{address}:"
             end
         end
         context 'when not a Grid member' do
@@ -70,27 +70,27 @@ describe Arachni::RPC::Server::Dispatcher do
                 info = dispatcher_light_spawn.dispatch
                 %w(token pid port url owner birthdate starttime helpers).each do |k|
-                    info[k].should be_true
+                    expect(info[k]).to be_truthy
                 end
                 instance = instance_connect( info['url'], info['token'] )
-                instance.service.alive?.should be_true
+                expect(instance.service.alive?).to be_truthy
             end
             it 'assigns an optional owner' do
                 owner = 'blah'
-                dispatcher_light_spawn.dispatch( owner )['owner'].should == owner
+                expect(dispatcher_light_spawn.dispatch( owner )['owner']).to eq(owner)
             end
             context 'when the pool is empty' do
                 it 'returns false' do
                     dispatcher = dispatcher_light_spawn
-                    dispatcher.dispatch.should be_kind_of Hash
-                    dispatcher.dispatch.should be_false
+                    expect(dispatcher.dispatch).to be_kind_of Hash
+                    expect(dispatcher.dispatch).to be_falsey
                 end
                 it 'replenishes the pool' do
                     dispatcher = dispatcher_light_spawn
-                    dispatcher.dispatch.should be_kind_of Hash
-                    dispatcher.dispatch.should be_false
+                    expect(dispatcher.dispatch).to be_kind_of Hash
+                    expect(dispatcher.dispatch).to be_falsey
                     hash = nil
                     Timeout.timeout 10 do
@@ -99,7 +99,7 @@ describe Arachni::RPC::Server::Dispatcher do
                         end
                     end
-                    hash.should be_kind_of Hash
+                    expect(hash).to be_kind_of Hash
                 end
             end
         end
@@ -124,12 +124,12 @@ describe Arachni::RPC::Server::Dispatcher do
                 )
                 preferred = d3.url.split( ':' ).first
-                d3.dispatch['url'].split( ':' ).first.should == preferred
-                %W{127.0.0.3 127.0.0.2}.should include d1.dispatch['url'].split( ':' ).first
-                d2.dispatch['url'].split( ':' ).first.should == preferred
-                %W{127.0.0.1 127.0.0.3}.should include d3.dispatch['url'].split( ':' ).first
-                %W{127.0.0.2 127.0.0.3}.should include d3.dispatch['url'].split( ':' ).first
-                %W{127.0.0.2 127.0.0.3}.should include d1.dispatch['url'].split( ':' ).first
+                expect(d3.dispatch['url'].split( ':' ).first).to eq(preferred)
+                expect(%W{127.0.0.3 127.0.0.2}).to include d1.dispatch['url'].split( ':' ).first
+                expect(d2.dispatch['url'].split( ':' ).first).to eq(preferred)
+                expect(%W{127.0.0.1 127.0.0.3}).to include d3.dispatch['url'].split( ':' ).first
+                expect(%W{127.0.0.2 127.0.0.3}).to include d3.dispatch['url'].split( ':' ).first
+                expect(%W{127.0.0.2 127.0.0.3}).to include d1.dispatch['url'].split( ':' ).first
             end
             context 'when the load-balance option is set to false' do
@@ -151,8 +151,8 @@ describe Arachni::RPC::Server::Dispatcher do
                         neighbour: d1.url
                     )
-                    d3.dispatch( nil, {}, false )['url'].
-                        split( ':' ).first.should == '127.0.0.3'
+                    expect(d3.dispatch( nil, {}, false )['url'].
+                        split( ':' ).first).to eq('127.0.0.3')
                 end
             end
         end
@@ -165,7 +165,7 @@ describe Arachni::RPC::Server::Dispatcher do
             job = dispatcher.dispatch
             info = dispatcher.job( job['pid'] )
             @job_info_keys.each do |k|
-                info[k].should be_true
+                expect(info[k]).to be_truthy
             end
         end
     end
@@ -176,7 +176,7 @@ describe Arachni::RPC::Server::Dispatcher do
             dispatcher.jobs.each do |job|
                 @job_info_keys.each do |k|
-                    job[k].should be_true
+                    expect(job[k]).to be_truthy
                 end
             end
         end
@@ -188,7 +188,7 @@ describe Arachni::RPC::Server::Dispatcher do
             3.times { dispatcher.dispatch }
-            dispatcher.running_jobs.size.should == 3
+            expect(dispatcher.running_jobs.size).to eq(3)
         end
     end
@@ -198,7 +198,7 @@ describe Arachni::RPC::Server::Dispatcher do
             3.times { Arachni::Processes::Manager.kill dispatcher.dispatch['pid'] }
-            dispatcher.finished_jobs.size.should == 3
+            expect(dispatcher.finished_jobs.size).to eq(3)
         end
     end
@@ -206,8 +206,9 @@ describe Arachni::RPC::Server::Dispatcher do
         it 'returns a float signifying the amount of workload' do
             dispatcher = dispatcher_light_spawn( weight: 4 )
-            dispatcher.workload_score.should ==
+            expect(dispatcher.workload_score).to eq(
                 ((dispatcher.running_jobs.size + 1) * 4).to_f
+            )
         end
     end
@@ -223,16 +224,16 @@ describe Arachni::RPC::Server::Dispatcher do
             %w(running_jobs finished_jobs init_pool_size node consumed_pids
                 neighbours snapshots).each do |k|
-                stats[k].should be_true
+                expect(stats[k]).to be_truthy
             end
             finished = stats['finished_jobs']
-            finished.size.should == 1
+            expect(finished.size).to eq(1)
-            stats['neighbours'].is_a?( Array ).should be_true
+            expect(stats['neighbours'].is_a?( Array )).to be_truthy
-            stats['node'].delete( 'score' ).should == dispatcher.workload_score
-            stats['node'].keys.should == @node_info_keys
+            expect(stats['node'].delete( 'score' )).to eq(dispatcher.workload_score)
+            expect(stats['node'].keys).to eq(@node_info_keys)
         end
         context 'when there are scan snapshots' do
@@ -249,7 +250,7 @@ describe Arachni::RPC::Server::Dispatcher do
                 sleep 1 while !instance.service.suspended?
                 instance.service.shutdown
-                dispatcher.statistics['snapshots'].should include instance.service.snapshot_path
+                expect(dispatcher.statistics['snapshots']).to include instance.service.snapshot_path
             end
         end
@@ -257,14 +258,14 @@ describe Arachni::RPC::Server::Dispatcher do
             it 'advertises that address' do
                 address = '127.0.0.1'
                 dispatcher = dispatcher_light_spawn( external_address: address )
-                dispatcher.statistics['node']['url'].should start_with "#{address}:"
+                expect(dispatcher.statistics['node']['url']).to start_with "#{address}:"
             end
         end
     end
     describe '#log' do
         it 'returns the contents of the log file' do
-            dispatcher_light_spawn.log.should be_true
+            expect(dispatcher_light_spawn.log).to be_truthy
         end
     end

data/spec/arachni/rpc/server/framework/distributor_spec.rb CHANGED

@@ -112,18 +112,18 @@ describe Arachni::RPC::Server::Framework::Distributor do
     describe '#calculate_workload_size' do
         it 'returns the amount of workload to gather for distribution' do
-            @distributor.calculate_workload_size( 99999 ).should == 30
+            expect(@distributor.calculate_workload_size( 99999 )).to eq(30)
         end
         it 'bases it on the amount of idle instances' do
             distributor = get_distributor
             distributor.done_slaves << distributor.slaves.first[:url]
-            distributor.calculate_workload_size( 99999 ).should == 20
+            expect(distributor.calculate_workload_size( 99999 )).to eq(20)
         end
         context 'when the calculated size exceeds the maximum' do
             it 'returns the maximum' do
-                @distributor.calculate_workload_size( 20 ).should == 20
+                expect(@distributor.calculate_workload_size( 20 )).to eq(20)
             end
         end
     end
@@ -207,7 +207,7 @@ describe Arachni::RPC::Server::Framework::Distributor do
                     distributor.split_page_workload( pages ).map do |page_chunks|
                         workload << Hash[page_chunks.map { |p| [p.url, p.element_audit_whitelist.to_a] }]
                     end
-                    workload.should == [
+                    expect(workload).to eq([
                         {
                             "#{@url}1" => [2720541242, 3706493238],
                             "#{@url}2" => [2299786370]
@@ -219,7 +219,7 @@ describe Arachni::RPC::Server::Framework::Distributor do
                             "#{@url}4" => [2195342275],
                             "#{@url}5" => [659674061]
                         }
-                    ]
+                    ])
                     Arachni::State.clear
                     Arachni::Data.clear
@@ -232,7 +232,7 @@ describe Arachni::RPC::Server::Framework::Distributor do
                     distributor.split_page_workload( pages ).map do |page_chunks|
                         workload << Hash[page_chunks.map { |p| [p.url, p.element_audit_whitelist.to_a] }]
                     end
-                    workload.should == [
+                    expect(workload).to eq([
                         {
                             'http://test.com/1' => [2720541242, 3706493238],
                             'http://test.com/2' => [2299786370],
@@ -243,7 +243,7 @@ describe Arachni::RPC::Server::Framework::Distributor do
                             'http://test.com/4' => [2444203185, 2195342275],
                             'http://test.com/5' => [659674061]
                         }
-                    ]
+                    ])
                 end
             end
@@ -260,11 +260,11 @@ describe Arachni::RPC::Server::Framework::Distributor do
                     distributor.split_page_workload( pages ).map do |page_chunks|
                         workload << page_chunks.map(&:url)
                     end
-                    workload.should == [
+                    expect(workload).to eq([
                         ['http://test.com/1', 'http://test.com/2'],
                         ['http://test.com/3', 'http://test.com/4'],
                         ['http://test.com/5']
-                    ]
+                    ])
                 end
                 it 'does not audit them' do
@@ -280,11 +280,11 @@ describe Arachni::RPC::Server::Framework::Distributor do
                         workload << page_chunks
                     end
                     workload.flatten!
-                    workload.size.should == 5
+                    expect(workload.size).to eq(5)
                     workload.each do |page|
-                        page.elements.should be_any
-                        page.elements.each { |e| page.audit_element?(e).should be_false }
+                        expect(page.elements).to be_any
+                        page.elements.each { |e| expect(page.audit_element?(e)).to be_falsey }
                     end
                 end
             end
@@ -301,7 +301,7 @@ describe Arachni::RPC::Server::Framework::Distributor do
                     get_distributor.split_page_workload( pages ).map do |page_chunks|
                         workload << page_chunks.map(&:url)
                     end
-                    workload.should == [
+                    expect(workload).to eq([
                         [
                             'http://test.com/0',
                             'http://test.com/1',
@@ -328,7 +328,7 @@ describe Arachni::RPC::Server::Framework::Distributor do
                             'http://test.com/18',
                             'http://test.com/19'
                         ]
-                    ]
+                    ])
                 end
             end
         end
@@ -360,10 +360,10 @@ describe Arachni::RPC::Server::Framework::Distributor do
                         workload << Hash[page_chunks.map { |p| [p.url, p.element_audit_whitelist.to_a] }]
                     end
-                    workload.should == [
+                    expect(workload).to eq([
                         { 'http://test.com/1' => [2835048516] },
                         { 'http://test.com/5' => [1397105343] }
-                    ]
+                    ])
                 end
             end
@@ -377,7 +377,7 @@ describe Arachni::RPC::Server::Framework::Distributor do
                     distributor.split_page_workload( pages ).map do |page_chunks|
                         workload << Hash[page_chunks.map { |p| [p.url, p.audit_whitelist.to_a] }]
                     end
-                    workload.should == []
+                    expect(workload).to eq([])
                 end
             end
         end
@@ -396,7 +396,7 @@ describe Arachni::RPC::Server::Framework::Distributor do
     describe '#prepare_slave_options' do
         it 'returns a hash with options suitable for passing to slaves' do
             h = @distributor.prepare_slave_options
-            h['datastore'].should == { 'master_priv_token' => 'secret' }
+            expect(h['datastore']).to eq({ 'master_priv_token' => 'secret' })
         end
         it 'removes plugins which are not distributable'
@@ -413,11 +413,11 @@ describe Arachni::RPC::Server::Framework::Distributor do
             raised = false
             begin
-                Timeout::timeout( 5 ) { q.pop.should == [true, true] }
+                Timeout::timeout( 5 ) { expect(q.pop).to eq([true, true]) }
             rescue Timeout::Error
                 raised = true
             end
-            raised.should be_false
+            expect(raised).to be_falsey
         end
     end
@@ -435,11 +435,11 @@ describe Arachni::RPC::Server::Framework::Distributor do
             raised = false
             begin
-                Timeout::timeout( 5 ) { [q.pop, q.pop].should == [true, true] }
+                Timeout::timeout( 5 ) { expect([q.pop, q.pop]).to eq([true, true]) }
             rescue Timeout::Error
                 raised = true
             end
-            raised.should be_false
+            expect(raised).to be_falsey
         end
         context 'when passed an "after" block' do
@@ -458,11 +458,11 @@ describe Arachni::RPC::Server::Framework::Distributor do
                 raised = false
                 begin
-                    Timeout::timeout( 5 ) { [q.pop, q.pop, q.pop].should == [true, true, :after] }
+                    Timeout::timeout( 5 ) { expect([q.pop, q.pop, q.pop]).to eq([true, true, :after]) }
                 rescue Timeout::Error
                     raised = true
                 end
-                raised.should be_false
+                expect(raised).to be_falsey
             end
         end
@@ -482,11 +482,11 @@ describe Arachni::RPC::Server::Framework::Distributor do
             raised = false
             begin
-                Timeout::timeout( 5 ) { [q.pop, q.pop].sort.should == urls }
+                Timeout::timeout( 5 ) { expect([q.pop, q.pop].sort).to eq(urls) }
             rescue Timeout::Error
                 raised = true
             end
-            raised.should be_false
+            expect(raised).to be_falsey
         end
     end
@@ -504,11 +504,11 @@ describe Arachni::RPC::Server::Framework::Distributor do
             raised = false
             begin
-                Timeout::timeout( 5 ) { [q.pop, q.pop].sort.should == urls }
+                Timeout::timeout( 5 ) { expect([q.pop, q.pop].sort).to eq(urls) }
             rescue Timeout::Error
                 raised = true
             end
-            raised.should be_false
+            expect(raised).to be_falsey
         end
     end
@@ -567,10 +567,10 @@ describe Arachni::RPC::Server::Framework::Distributor do
                 raised = true
             end
-            raised.should be_false
+            expect(raised).to be_falsey
-            pref_dispatchers.size.should == 4
-            pref_dispatchers.should == dispatchers
+            expect(pref_dispatchers.size).to eq(4)
+            expect(pref_dispatchers).to eq(dispatchers)
         end
     end
@@ -582,18 +582,18 @@ describe Arachni::RPC::Server::Framework::Distributor do
             dispatchers << { 'node' => { 'score' => 2 } }
             dispatchers << { 'node' => { 'score' => 1 } }
-            @distributor.pick_dispatchers( dispatchers ).
-                map { |d| d['node']['score'] }.should == [0, 1, 2, 3]
+            expect(@distributor.pick_dispatchers( dispatchers ).
+                map { |d| d['node']['score'] }).to eq([0, 1, 2, 3])
             @opts.spawns = 2
-            @distributor.pick_dispatchers( dispatchers ).
-                map { |d| d['node']['score'] }.should == [0, 1]
+            expect(@distributor.pick_dispatchers( dispatchers ).
+                map { |d| d['node']['score'] }).to eq([0, 1])
         end
     end
     describe '#initialize_slaves' do
         #before( :all ) do
-        #    @opts.paths.checks = fixtures_path + 'taint_check/'
+        #    @opts.paths.checks = fixtures_path + 'signature_check/'
         #
         #    @dispatcher_url = dispatcher_light_spawn.url
         #