arachni 1.4 → 1.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/CHANGELOG.md +195 -0
- data/Gemfile +4 -4
- data/LICENSE.md +1 -1
- data/README.md +7 -3
- data/Rakefile +1 -43
- data/arachni.gemspec +35 -30
- data/bin/arachni +1 -1
- data/bin/arachni_console +1 -1
- data/bin/arachni_multi +6 -1
- data/bin/arachni_reporter +1 -1
- data/bin/arachni_reproduce +12 -0
- data/bin/arachni_rest_server +1 -1
- data/bin/arachni_restore +1 -1
- data/bin/arachni_rpc +6 -1
- data/bin/arachni_rpcd +1 -1
- data/bin/arachni_rpcd_monitor +6 -1
- data/bin/arachni_script +1 -1
- data/components/checks/active/code_injection.rb +1 -1
- data/components/checks/active/code_injection_php_input_wrapper.rb +1 -1
- data/components/checks/active/code_injection_timing.rb +1 -1
- data/components/checks/active/csrf.rb +20 -75
- data/components/checks/active/file_inclusion.rb +1 -1
- data/components/checks/active/ldap_injection.rb +1 -1
- data/components/checks/active/no_sql_injection.rb +1 -1
- data/components/checks/active/no_sql_injection_differential.rb +3 -3
- data/components/checks/active/os_cmd_injection.rb +1 -1
- data/components/checks/active/os_cmd_injection_timing.rb +1 -1
- data/components/checks/active/path_traversal.rb +3 -3
- data/components/checks/active/response_splitting.rb +1 -1
- data/components/checks/active/rfi.rb +1 -1
- data/components/checks/active/session_fixation.rb +1 -1
- data/components/checks/active/source_code_disclosure.rb +1 -1
- data/components/checks/active/sql_injection/regexps/hsqldb.yaml +1 -0
- data/components/checks/active/sql_injection/substrings/hsqldb +1 -0
- data/components/checks/active/sql_injection/substrings/java +4 -0
- data/components/checks/active/sql_injection/substrings/oracle +0 -1
- data/components/checks/active/sql_injection/substrings/sqlite +1 -0
- data/components/checks/active/sql_injection.rb +1 -1
- data/components/checks/active/sql_injection_differential.rb +3 -3
- data/components/checks/active/sql_injection_timing.rb +1 -1
- data/components/checks/active/trainer.rb +1 -1
- data/components/checks/active/unvalidated_redirect.rb +34 -11
- data/components/checks/active/unvalidated_redirect_dom.rb +4 -4
- data/components/checks/active/xpath_injection.rb +1 -1
- data/components/checks/active/xss.rb +54 -29
- data/components/checks/active/xss_dom.rb +15 -11
- data/components/checks/active/xss_dom_script_context.rb +4 -6
- data/components/checks/active/xss_event.rb +46 -34
- data/components/checks/active/xss_path.rb +9 -6
- data/components/checks/active/xss_script_context.rb +100 -47
- data/components/checks/active/xss_tag.rb +41 -15
- data/components/checks/active/xxe.rb +1 -1
- data/components/checks/passive/allowed_methods.rb +1 -1
- data/components/checks/passive/backdoors.rb +1 -1
- data/components/checks/passive/backup_directories.rb +15 -3
- data/components/checks/passive/backup_files.rb +39 -6
- data/components/checks/passive/common_admin_interfaces/admin-panels.txt +1 -0
- data/components/checks/passive/common_admin_interfaces.rb +1 -1
- data/components/checks/passive/common_directories/directories.txt +1 -0
- data/components/checks/passive/common_directories.rb +1 -1
- data/components/checks/passive/common_files.rb +1 -1
- data/components/checks/passive/directory_listing.rb +1 -1
- data/components/checks/passive/grep/captcha.rb +8 -9
- data/components/checks/passive/grep/cookie_set_for_parent_domain.rb +1 -1
- data/components/checks/passive/grep/credit_card.rb +1 -1
- data/components/checks/passive/grep/cvs_svn_users.rb +1 -1
- data/components/checks/passive/grep/emails.rb +1 -1
- data/components/checks/passive/grep/form_upload.rb +3 -5
- data/components/checks/passive/grep/hsts.rb +1 -1
- data/components/checks/passive/grep/html_objects.rb +1 -1
- data/components/checks/passive/grep/http_only_cookies.rb +1 -1
- data/components/checks/passive/grep/insecure_cookies.rb +5 -5
- data/components/checks/passive/grep/insecure_cors_policy.rb +1 -1
- data/components/checks/passive/grep/mixed_resource.rb +4 -4
- data/components/checks/passive/grep/password_autocomplete.rb +1 -1
- data/components/checks/passive/grep/private_ip.rb +1 -1
- data/components/checks/passive/grep/ssn.rb +1 -1
- data/components/checks/passive/grep/unencrypted_password_forms.rb +3 -3
- data/components/checks/passive/grep/x_frame_options.rb +4 -4
- data/components/checks/passive/htaccess_limit.rb +1 -1
- data/components/checks/passive/http_put.rb +1 -1
- data/components/checks/passive/insecure_client_access_policy.rb +2 -2
- data/components/checks/passive/insecure_cross_domain_policy_access.rb +2 -2
- data/components/checks/passive/insecure_cross_domain_policy_headers.rb +2 -2
- data/components/checks/passive/interesting_responses.rb +1 -1
- data/components/checks/passive/localstart_asp.rb +1 -1
- data/components/checks/passive/origin_spoof_access_restriction_bypass.rb +1 -1
- data/components/checks/passive/webdav.rb +1 -1
- data/components/checks/passive/xst.rb +10 -12
- data/components/fingerprinters/frameworks/aspx_mvc.rb +1 -1
- data/components/fingerprinters/frameworks/cakephp.rb +1 -1
- data/components/fingerprinters/frameworks/cherrypy.rb +1 -1
- data/components/fingerprinters/frameworks/django.rb +1 -1
- data/components/fingerprinters/frameworks/jsf.rb +1 -1
- data/components/fingerprinters/frameworks/nette.rb +1 -1
- data/components/fingerprinters/frameworks/rack.rb +1 -1
- data/components/fingerprinters/frameworks/rails.rb +1 -1
- data/components/fingerprinters/frameworks/symfony.rb +1 -1
- data/components/fingerprinters/languages/asp.rb +1 -1
- data/components/fingerprinters/languages/aspx.rb +1 -1
- data/components/fingerprinters/languages/java.rb +1 -1
- data/components/fingerprinters/languages/php.rb +1 -1
- data/components/fingerprinters/languages/python.rb +1 -1
- data/components/fingerprinters/languages/ruby.rb +1 -1
- data/components/fingerprinters/os/bsd.rb +1 -1
- data/components/fingerprinters/os/linux.rb +1 -1
- data/components/fingerprinters/os/solaris.rb +1 -1
- data/components/fingerprinters/os/unix.rb +1 -1
- data/components/fingerprinters/os/windows.rb +1 -1
- data/components/fingerprinters/servers/apache.rb +1 -1
- data/components/fingerprinters/servers/gunicorn.rb +1 -1
- data/components/fingerprinters/servers/iis.rb +1 -1
- data/components/fingerprinters/servers/jetty.rb +1 -1
- data/components/fingerprinters/servers/nginx.rb +1 -1
- data/components/fingerprinters/servers/tomcat.rb +1 -1
- data/components/path_extractors/anchors.rb +3 -5
- data/components/path_extractors/areas.rb +3 -4
- data/components/path_extractors/comments.rb +4 -5
- data/components/path_extractors/data_url.rb +4 -5
- data/components/path_extractors/forms.rb +3 -4
- data/components/path_extractors/frames.rb +3 -5
- data/components/path_extractors/generic.rb +3 -1
- data/components/path_extractors/links.rb +3 -4
- data/components/path_extractors/meta_refresh.rb +11 -17
- data/components/path_extractors/scripts.rb +18 -15
- data/components/plugins/autologin.rb +3 -2
- data/components/plugins/beep_notify.rb +1 -1
- data/components/plugins/content_types.rb +1 -1
- data/components/plugins/cookie_collector.rb +1 -1
- data/components/plugins/debug/browser_cluster_job_monitor.rb +60 -0
- data/components/plugins/defaults/autothrottle.rb +1 -1
- data/components/plugins/defaults/healthmap.rb +3 -1
- data/components/plugins/defaults/meta/remedies/discovery.rb +1 -1
- data/components/plugins/defaults/meta/remedies/timing_attacks.rb +1 -1
- data/components/plugins/defaults/meta/uniformity.rb +1 -1
- data/components/plugins/email_notify.rb +26 -9
- data/components/plugins/exec.rb +1 -1
- data/components/plugins/form_dicattack.rb +3 -4
- data/components/plugins/headers_collector.rb +1 -1
- data/components/plugins/http_dicattack.rb +4 -5
- data/components/plugins/login_script.rb +2 -2
- data/components/plugins/metrics.rb +44 -18
- data/components/plugins/page_dump.rb +60 -0
- data/components/plugins/proxy/panel/verify_login_sequence.html.erb +1 -1
- data/components/plugins/proxy/template_scope.rb +6 -1
- data/components/plugins/proxy.rb +44 -31
- data/components/plugins/rate_limiter.rb +80 -0
- data/components/plugins/restrict_to_dom_state.rb +1 -1
- data/components/plugins/script.rb +1 -1
- data/components/plugins/uncommon_headers.rb +1 -1
- data/components/plugins/vector_collector.rb +1 -1
- data/components/plugins/vector_feed.rb +1 -1
- data/components/plugins/waf_detector.rb +3 -3
- data/components/plugins/webhook_notify.rb +99 -0
- data/components/reporters/ap.rb +1 -1
- data/components/reporters/html/default/configuration.erb +2 -0
- data/components/reporters/html/default.erb +3 -2
- data/components/reporters/html.rb +5 -8
- data/components/reporters/json.rb +1 -1
- data/components/reporters/marshal.rb +1 -1
- data/components/reporters/plugin_formatters/html/autologin.rb +1 -1
- data/components/reporters/plugin_formatters/html/content_types.rb +1 -1
- data/components/reporters/plugin_formatters/html/cookie_collector.rb +1 -1
- data/components/reporters/plugin_formatters/html/exec.rb +1 -1
- data/components/reporters/plugin_formatters/html/form_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/html/healthmap.rb +1 -1
- data/components/reporters/plugin_formatters/html/http_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/html/login_script.rb +1 -1
- data/components/reporters/plugin_formatters/html/metrics.rb +46 -1
- data/components/reporters/plugin_formatters/html/uncommon_headers.rb +1 -1
- data/components/reporters/plugin_formatters/html/uniformity.rb +1 -1
- data/components/reporters/plugin_formatters/html/vector_collector.rb +1 -1
- data/components/reporters/plugin_formatters/html/waf_detector.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/autologin.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/content_types.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/cookie_collector.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/exec.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/form_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/healthmap.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/http_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/login_script.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/metrics.rb +11 -1
- data/components/reporters/plugin_formatters/stdout/uncommon_headers.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/uniformity.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/vector_collector.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/waf_detector.rb +1 -1
- data/components/reporters/plugin_formatters/xml/autologin.rb +1 -1
- data/components/reporters/plugin_formatters/xml/content_types.rb +10 -7
- data/components/reporters/plugin_formatters/xml/cookie_collector.rb +6 -3
- data/components/reporters/plugin_formatters/xml/exec.rb +1 -1
- data/components/reporters/plugin_formatters/xml/form_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/xml/healthmap.rb +1 -1
- data/components/reporters/plugin_formatters/xml/http_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/xml/login_script.rb +1 -1
- data/components/reporters/plugin_formatters/xml/metrics.rb +1 -1
- data/components/reporters/plugin_formatters/xml/uncommon_headers.rb +5 -2
- data/components/reporters/plugin_formatters/xml/uniformity.rb +1 -1
- data/components/reporters/plugin_formatters/xml/vector_collector.rb +8 -5
- data/components/reporters/plugin_formatters/xml/waf_detector.rb +1 -1
- data/components/reporters/stdout.rb +3 -2
- data/components/reporters/txt.rb +1 -1
- data/components/reporters/xml/schema.xsd +29 -13
- data/components/reporters/xml.rb +40 -23
- data/components/reporters/yaml.rb +1 -1
- data/config/write_paths.yml +4 -0
- data/lib/arachni/banner.rb +1 -1
- data/lib/arachni/browser/element_locator.rb +9 -5
- data/lib/arachni/browser/javascript/dom_monitor.rb +1 -1
- data/lib/arachni/browser/javascript/proxy/stub.rb +1 -1
- data/lib/arachni/browser/javascript/proxy.rb +1 -1
- data/lib/arachni/browser/javascript/scripts/dom_monitor.js +329 -72
- data/lib/arachni/browser/javascript/scripts/polyfills.js +0 -28
- data/lib/arachni/browser/javascript/scripts/taint_tracer.js +81 -25
- data/lib/arachni/browser/javascript/taint_tracer/frame/called_function.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/frame.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/sink/base.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/sink/data_flow.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/sink/execution_flow.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer.rb +1 -1
- data/lib/arachni/browser/javascript.rb +111 -198
- data/lib/arachni/browser.rb +309 -382
- data/lib/arachni/browser_cluster/job/result.rb +1 -1
- data/lib/arachni/browser_cluster/job.rb +9 -2
- data/lib/arachni/browser_cluster/jobs/browser_provider.rb +8 -2
- data/lib/arachni/browser_cluster/jobs/dom_exploration/event_trigger/result.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/dom_exploration/event_trigger.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/dom_exploration/result.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/dom_exploration.rb +13 -1
- data/lib/arachni/browser_cluster/jobs/taint_trace/event_trigger/result.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/taint_trace/event_trigger.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/taint_trace/result.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/taint_trace.rb +1 -1
- data/lib/arachni/browser_cluster/worker.rb +97 -87
- data/lib/arachni/browser_cluster.rb +79 -62
- data/lib/arachni/check/auditor.rb +161 -155
- data/lib/arachni/check/base.rb +1 -1
- data/lib/arachni/check/manager.rb +1 -1
- data/lib/arachni/check.rb +1 -1
- data/lib/arachni/component/base.rb +3 -1
- data/lib/arachni/component/manager.rb +1 -1
- data/lib/arachni/component/options/address.rb +1 -1
- data/lib/arachni/component/options/base.rb +1 -1
- data/lib/arachni/component/options/bool.rb +1 -1
- data/lib/arachni/component/options/float.rb +1 -1
- data/lib/arachni/component/options/int.rb +1 -1
- data/lib/arachni/component/options/multiple_choice.rb +1 -1
- data/lib/arachni/component/options/object.rb +1 -1
- data/lib/arachni/component/options/path.rb +1 -1
- data/lib/arachni/component/options/port.rb +1 -1
- data/lib/arachni/component/options/string.rb +1 -1
- data/lib/arachni/component/options/url.rb +1 -1
- data/lib/arachni/component/options.rb +1 -1
- data/lib/arachni/component/output.rb +8 -2
- data/lib/arachni/component/utilities.rb +1 -1
- data/lib/arachni/component.rb +1 -1
- data/lib/arachni/data/framework/rpc.rb +2 -2
- data/lib/arachni/data/framework.rb +3 -2
- data/lib/arachni/data/issues.rb +1 -1
- data/lib/arachni/data/plugins.rb +1 -1
- data/lib/arachni/data/session.rb +1 -1
- data/lib/arachni/data.rb +1 -1
- data/lib/arachni/element/base.rb +1 -1
- data/lib/arachni/element/body.rb +1 -1
- data/lib/arachni/element/capabilities/analyzable/differential.rb +142 -175
- data/lib/arachni/element/capabilities/analyzable/signature.rb +40 -18
- data/lib/arachni/element/capabilities/analyzable/timeout.rb +1 -1
- data/lib/arachni/element/capabilities/analyzable.rb +1 -1
- data/lib/arachni/element/capabilities/auditable/buffered.rb +92 -0
- data/lib/arachni/element/capabilities/auditable/line_buffered.rb +103 -0
- data/lib/arachni/element/capabilities/auditable.rb +2 -8
- data/lib/arachni/element/capabilities/dom_only.rb +1 -1
- data/lib/arachni/element/capabilities/inputtable.rb +6 -2
- data/lib/arachni/element/capabilities/mutable.rb +1 -1
- data/lib/arachni/element/capabilities/refreshable.rb +1 -1
- data/lib/arachni/element/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/capabilities/with_auditor/output.rb +4 -3
- data/lib/arachni/element/capabilities/with_auditor.rb +1 -1
- data/lib/arachni/element/capabilities/with_dom.rb +1 -1
- data/lib/arachni/element/capabilities/with_node.rb +3 -3
- data/lib/arachni/element/capabilities/with_scope/scope.rb +1 -1
- data/lib/arachni/element/capabilities/with_scope.rb +1 -1
- data/lib/arachni/element/capabilities/with_source.rb +2 -2
- data/lib/arachni/element/cookie/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/cookie/capabilities/mutable.rb +1 -1
- data/lib/arachni/element/cookie/capabilities/with_dom.rb +1 -1
- data/lib/arachni/element/cookie/dom.rb +1 -1
- data/lib/arachni/element/cookie.rb +49 -24
- data/lib/arachni/element/dom/capabilities/auditable.rb +44 -3
- data/lib/arachni/element/dom/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/dom/capabilities/locatable.rb +1 -1
- data/lib/arachni/element/dom/capabilities/mutable.rb +7 -3
- data/lib/arachni/element/dom/capabilities/submittable.rb +51 -22
- data/lib/arachni/element/dom.rb +1 -1
- data/lib/arachni/element/form/capabilities/auditable.rb +1 -1
- data/lib/arachni/element/form/capabilities/mutable.rb +16 -11
- data/lib/arachni/element/form/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/form/capabilities/with_dom.rb +1 -1
- data/lib/arachni/element/form/dom.rb +1 -1
- data/lib/arachni/element/form.rb +21 -32
- data/lib/arachni/element/generic_dom.rb +1 -1
- data/lib/arachni/element/header/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/header/capabilities/mutable.rb +1 -1
- data/lib/arachni/element/header.rb +3 -1
- data/lib/arachni/element/json/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/json/capabilities/mutable.rb +1 -1
- data/lib/arachni/element/json.rb +4 -8
- data/lib/arachni/element/link/capabilities/auditable.rb +1 -1
- data/lib/arachni/element/link/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/link/capabilities/with_dom.rb +1 -1
- data/lib/arachni/element/link/dom/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/link/dom.rb +1 -1
- data/lib/arachni/element/link.rb +11 -30
- data/lib/arachni/element/link_template/capabilities/auditable.rb +1 -1
- data/lib/arachni/element/link_template/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/link_template/capabilities/with_dom.rb +1 -1
- data/lib/arachni/element/link_template/dom/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/link_template/dom.rb +2 -2
- data/lib/arachni/element/link_template.rb +10 -19
- data/lib/arachni/element/nested_cookie/capabilities/submittable.rb +35 -0
- data/lib/arachni/element/nested_cookie.rb +370 -0
- data/lib/arachni/element/path.rb +1 -1
- data/lib/arachni/element/server.rb +11 -11
- data/lib/arachni/element/ui_form/dom.rb +1 -1
- data/lib/arachni/element/ui_form.rb +5 -6
- data/lib/arachni/element/ui_input/dom.rb +1 -1
- data/lib/arachni/element/ui_input.rb +4 -6
- data/lib/arachni/element/xml/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/xml/capabilities/mutable.rb +1 -1
- data/lib/arachni/element/xml.rb +3 -7
- data/lib/arachni/element_filter.rb +1 -1
- data/lib/arachni/error.rb +1 -1
- data/lib/arachni/ethon/easy.rb +1 -1
- data/lib/arachni/framework/parts/audit.rb +6 -1
- data/lib/arachni/framework/parts/browser.rb +14 -14
- data/lib/arachni/framework/parts/check.rb +1 -1
- data/lib/arachni/framework/parts/data.rb +1 -1
- data/lib/arachni/framework/parts/platform.rb +1 -1
- data/lib/arachni/framework/parts/plugin.rb +1 -1
- data/lib/arachni/framework/parts/report.rb +3 -3
- data/lib/arachni/framework/parts/scope.rb +1 -1
- data/lib/arachni/framework/parts/state.rb +1 -1
- data/lib/arachni/framework.rb +1 -1
- data/lib/arachni/http/client/dynamic_404_handler.rb +74 -16
- data/lib/arachni/http/client.rb +38 -11
- data/lib/arachni/http/cookie_jar.rb +13 -8
- data/lib/arachni/http/headers.rb +11 -5
- data/lib/arachni/http/message/scope.rb +1 -1
- data/lib/arachni/http/message.rb +10 -9
- data/lib/arachni/http/proxy_server/connection.rb +110 -82
- data/lib/arachni/http/proxy_server/ssl-interceptor-cacert.pem +18 -32
- data/lib/arachni/http/proxy_server/ssl-interceptor-cakey.pem +28 -49
- data/lib/arachni/http/proxy_server/ssl_interceptor.rb +8 -6
- data/lib/arachni/http/proxy_server/tunnel.rb +4 -4
- data/lib/arachni/http/proxy_server.rb +44 -11
- data/lib/arachni/http/request/scope.rb +1 -1
- data/lib/arachni/http/request.rb +239 -41
- data/lib/arachni/http/response/scope.rb +1 -1
- data/lib/arachni/http/response.rb +73 -10
- data/lib/arachni/http.rb +1 -1
- data/lib/arachni/issue/severity/base.rb +1 -1
- data/lib/arachni/issue/severity.rb +1 -1
- data/lib/arachni/issue.rb +42 -14
- data/lib/arachni/option_group.rb +1 -1
- data/lib/arachni/option_groups/audit.rb +11 -2
- data/lib/arachni/option_groups/browser_cluster.rb +32 -4
- data/lib/arachni/option_groups/datastore.rb +1 -1
- data/lib/arachni/option_groups/dispatcher.rb +1 -1
- data/lib/arachni/option_groups/http.rb +39 -10
- data/lib/arachni/option_groups/input.rb +1 -1
- data/lib/arachni/option_groups/output.rb +1 -1
- data/lib/arachni/option_groups/paths.rb +12 -1
- data/lib/arachni/option_groups/rpc.rb +1 -1
- data/lib/arachni/option_groups/scope.rb +58 -4
- data/lib/arachni/option_groups/session.rb +1 -1
- data/lib/arachni/option_groups/snapshot.rb +1 -1
- data/lib/arachni/option_groups.rb +1 -1
- data/lib/arachni/options.rb +23 -4
- data/lib/arachni/page/dom/transition.rb +5 -2
- data/lib/arachni/page/dom.rb +46 -54
- data/lib/arachni/page/scope.rb +1 -1
- data/lib/arachni/page.rb +10 -8
- data/lib/arachni/parser/document.rb +34 -0
- data/lib/arachni/parser/extractors/base.rb +48 -0
- data/lib/arachni/parser/nodes/base.rb +22 -0
- data/lib/arachni/parser/nodes/comment.rb +32 -0
- data/lib/arachni/parser/nodes/element/with_attributes/attributes.rb +31 -0
- data/lib/arachni/parser/nodes/element/with_attributes.rb +35 -0
- data/lib/arachni/parser/nodes/element.rb +48 -0
- data/lib/arachni/parser/nodes/text.rb +32 -0
- data/lib/arachni/parser/nodes/with_value.rb +29 -0
- data/lib/arachni/parser/sax.rb +76 -0
- data/lib/arachni/parser/with_children/search.rb +92 -0
- data/lib/arachni/parser/with_children.rb +35 -0
- data/lib/arachni/parser.rb +181 -78
- data/lib/arachni/platform/fingerprinter.rb +1 -1
- data/lib/arachni/platform/list.rb +1 -1
- data/lib/arachni/platform/manager.rb +2 -2
- data/lib/arachni/platform.rb +1 -1
- data/lib/arachni/plugin/base.rb +2 -2
- data/lib/arachni/plugin/formatter.rb +1 -1
- data/lib/arachni/plugin/manager.rb +8 -5
- data/lib/arachni/plugin.rb +1 -1
- data/lib/arachni/processes/dispatchers.rb +1 -1
- data/lib/arachni/processes/executables/base.rb +2 -1
- data/lib/arachni/processes/executables/browser.rb +0 -2
- data/lib/arachni/processes/helpers/dispatchers.rb +1 -1
- data/lib/arachni/processes/helpers/instances.rb +1 -1
- data/lib/arachni/processes/helpers/processes.rb +1 -1
- data/lib/arachni/processes/helpers.rb +1 -1
- data/lib/arachni/processes/instances.rb +1 -1
- data/lib/arachni/processes/manager.rb +18 -9
- data/lib/arachni/processes.rb +1 -1
- data/lib/arachni/report.rb +8 -1
- data/lib/arachni/reporter/base.rb +1 -1
- data/lib/arachni/reporter/formatter_manager.rb +1 -1
- data/lib/arachni/reporter/manager.rb +1 -1
- data/lib/arachni/reporter/options.rb +1 -10
- data/lib/arachni/reporter.rb +1 -1
- data/lib/arachni/rest/server/instance_helpers.rb +10 -1
- data/lib/arachni/rest/server.rb +13 -1
- data/lib/arachni/rpc/client/base.rb +1 -1
- data/lib/arachni/rpc/client/dispatcher.rb +1 -1
- data/lib/arachni/rpc/client/instance/framework.rb +1 -1
- data/lib/arachni/rpc/client/instance/service.rb +1 -1
- data/lib/arachni/rpc/client/instance.rb +1 -1
- data/lib/arachni/rpc/serializer.rb +1 -1
- data/lib/arachni/rpc/server/active_options.rb +1 -1
- data/lib/arachni/rpc/server/base.rb +1 -1
- data/lib/arachni/rpc/server/check/manager.rb +1 -1
- data/lib/arachni/rpc/server/dispatcher/node.rb +1 -1
- data/lib/arachni/rpc/server/dispatcher/service.rb +1 -1
- data/lib/arachni/rpc/server/dispatcher.rb +1 -1
- data/lib/arachni/rpc/server/framework/distributor.rb +1 -1
- data/lib/arachni/rpc/server/framework/master.rb +1 -1
- data/lib/arachni/rpc/server/framework/multi_instance.rb +1 -1
- data/lib/arachni/rpc/server/framework/slave.rb +1 -1
- data/lib/arachni/rpc/server/framework.rb +1 -1
- data/lib/arachni/rpc/server/instance.rb +1 -1
- data/lib/arachni/rpc/server/output.rb +1 -1
- data/lib/arachni/rpc/server/plugin/manager.rb +1 -1
- data/lib/arachni/ruby/array.rb +1 -1
- data/lib/arachni/ruby/hash.rb +1 -1
- data/lib/arachni/ruby/object.rb +1 -1
- data/lib/arachni/ruby/set.rb +1 -1
- data/lib/arachni/ruby/string.rb +9 -5
- data/lib/arachni/ruby/webrick/cookie.rb +1 -1
- data/lib/arachni/ruby/webrick/httprequest.rb +1 -1
- data/lib/arachni/ruby/webrick.rb +1 -1
- data/lib/arachni/ruby.rb +1 -1
- data/lib/arachni/scope.rb +1 -1
- data/lib/arachni/selenium/webdriver/element.rb +4 -4
- data/lib/arachni/selenium/webdriver/remote/typhoeus.rb +59 -0
- data/lib/arachni/session.rb +32 -13
- data/lib/arachni/snapshot.rb +2 -2
- data/lib/arachni/state/audit.rb +1 -1
- data/lib/arachni/state/element_filter.rb +1 -1
- data/lib/arachni/state/framework/rpc.rb +1 -1
- data/lib/arachni/state/framework.rb +1 -1
- data/lib/arachni/state/http.rb +2 -2
- data/lib/arachni/state/options.rb +1 -1
- data/lib/arachni/state/plugins.rb +1 -1
- data/lib/arachni/state.rb +1 -1
- data/lib/arachni/support/buffer/autoflush.rb +1 -1
- data/lib/arachni/support/buffer/base.rb +1 -1
- data/lib/arachni/support/buffer.rb +1 -1
- data/lib/arachni/support/cache/base.rb +1 -1
- data/lib/arachni/support/cache/least_cost_replacement.rb +1 -1
- data/lib/arachni/support/cache/least_recently_pushed.rb +1 -1
- data/lib/arachni/support/cache/least_recently_used.rb +1 -1
- data/lib/arachni/support/cache/preference.rb +1 -1
- data/lib/arachni/support/cache/random_replacement.rb +1 -1
- data/lib/arachni/support/cache.rb +1 -1
- data/lib/arachni/support/crypto/rsa_aes_cbc.rb +1 -1
- data/lib/arachni/support/crypto.rb +1 -1
- data/lib/arachni/support/database/base.rb +16 -10
- data/lib/arachni/support/database/hash.rb +1 -1
- data/lib/arachni/support/database/queue.rb +1 -1
- data/lib/arachni/support/database.rb +1 -1
- data/lib/arachni/support/glob.rb +1 -1
- data/lib/arachni/support/lookup/base.rb +1 -1
- data/lib/arachni/support/lookup/hash_set.rb +1 -1
- data/lib/arachni/support/lookup/moolb.rb +1 -1
- data/lib/arachni/support/lookup.rb +1 -1
- data/lib/arachni/support/mixins/observable.rb +1 -1
- data/lib/arachni/support/mixins/terminal.rb +1 -1
- data/lib/arachni/support/mixins.rb +1 -1
- data/lib/arachni/support/profiler.rb +52 -13
- data/lib/arachni/support/signature.rb +18 -6
- data/lib/arachni/support.rb +1 -1
- data/lib/arachni/trainer.rb +55 -39
- data/lib/arachni/ui/foo/output.rb +1 -1
- data/lib/arachni/uri/scope.rb +15 -13
- data/lib/arachni/uri.rb +129 -103
- data/lib/arachni/utilities.rb +10 -10
- data/lib/arachni/version.rb +1 -1
- data/lib/arachni.rb +1 -7
- data/lib/version +1 -1
- data/spec/arachni/browser/element_locator_spec.rb +42 -18
- data/spec/arachni/browser/javascript/dom_monitor_spec.rb +264 -109
- data/spec/arachni/browser/javascript/polyfills_spec.rb +0 -15
- data/spec/arachni/browser/javascript/proxy_spec.rb +0 -10
- data/spec/arachni/browser/javascript/taint_tracer_spec.rb +43 -118
- data/spec/arachni/browser/javascript_spec.rb +95 -60
- data/spec/arachni/browser_cluster/job_spec.rb +23 -8
- data/spec/arachni/browser_cluster/jobs/dom_exploration_spec.rb +6 -1
- data/spec/arachni/browser_cluster/worker_spec.rb +29 -87
- data/spec/arachni/browser_cluster_spec.rb +124 -43
- data/spec/arachni/browser_spec.rb +463 -421
- data/spec/arachni/check/auditor_spec.rb +162 -198
- data/spec/arachni/data/framework/rpc_spec.rb +1 -1
- data/spec/arachni/data/framework_spec.rb +1 -1
- data/spec/arachni/element/capabilities/analyzable/signature_spec.rb +46 -3
- data/spec/arachni/element/cookie/dom_spec.rb +1 -1
- data/spec/arachni/element/cookie_spec.rb +159 -64
- data/spec/arachni/element/form/dom_spec.rb +1 -1
- data/spec/arachni/element/form_spec.rb +101 -54
- data/spec/arachni/element/header_spec.rb +3 -1
- data/spec/arachni/element/json_spec.rb +2 -0
- data/spec/arachni/element/link/dom_spec.rb +2 -2
- data/spec/arachni/element/link_spec.rb +46 -15
- data/spec/arachni/element/link_template/dom_spec.rb +1 -1
- data/spec/arachni/element/link_template_spec.rb +36 -12
- data/spec/arachni/element/nested_cookie_spec.rb +687 -0
- data/spec/arachni/element/server_spec.rb +22 -5
- data/spec/arachni/element/ui_form/dom_spec.rb +1 -1
- data/spec/arachni/element/ui_form_spec.rb +2 -2
- data/spec/arachni/element/ui_input/dom_spec.rb +1 -1
- data/spec/arachni/element/ui_input_spec.rb +1 -1
- data/spec/arachni/element/xml_spec.rb +5 -3
- data/spec/arachni/framework/parts/audit_spec.rb +2 -14
- data/spec/arachni/framework/parts/data_spec.rb +0 -6
- data/spec/arachni/http/client/dynamic_404_handlers_spec.rb +126 -0
- data/spec/arachni/http/client_spec.rb +96 -36
- data/spec/arachni/http/cookie_jar_spec.rb +2 -2
- data/spec/arachni/http/headers_spec.rb +59 -12
- data/spec/arachni/http/proxy_server_spec.rb +58 -25
- data/spec/arachni/http/request_spec.rb +382 -35
- data/spec/arachni/http/response_spec.rb +135 -7
- data/spec/arachni/issue_spec.rb +21 -2
- data/spec/arachni/option_groups/browser_cluster_spec.rb +17 -0
- data/spec/arachni/option_groups/http_spec.rb +21 -6
- data/spec/arachni/option_groups/paths_spec.rb +23 -1
- data/spec/arachni/option_groups/scope_spec.rb +27 -7
- data/spec/arachni/options_spec.rb +8 -1
- data/spec/arachni/page/dom_spec.rb +20 -6
- data/spec/arachni/page_spec.rb +8 -7
- data/spec/arachni/parser/document_spec.rb +49 -0
- data/spec/arachni/parser/nodes/comment_spec.rb +24 -0
- data/spec/arachni/parser/nodes/element/with_attributes/attributes_spec.rb +40 -0
- data/spec/arachni/parser/nodes/element/with_attributes_spec.rb +50 -0
- data/spec/arachni/parser/nodes/element_spec.rb +18 -0
- data/spec/arachni/parser/nodes/text_spec.rb +24 -0
- data/spec/arachni/parser/sax_spec.rb +88 -0
- data/spec/arachni/parser/with_children/search_spec.rb +146 -0
- data/spec/arachni/parser/with_children_spec.rb +37 -0
- data/spec/arachni/parser_spec.rb +211 -27
- data/spec/arachni/platform/list_spec.rb +1 -2
- data/spec/arachni/report_spec.rb +9 -2
- data/spec/arachni/reporter/options_spec.rb +0 -14
- data/spec/arachni/rest/server_spec.rb +91 -8
- data/spec/arachni/rpc/server/active_options_spec.rb +1 -1
- data/spec/arachni/rpc/server/framework/distributor_spec.rb +6 -6
- data/spec/arachni/ruby/string_spec.rb +6 -0
- data/spec/arachni/session_spec.rb +69 -8
- data/spec/arachni/snapshot_spec.rb +1 -1
- data/spec/arachni/state/framework_spec.rb +2 -2
- data/spec/arachni/support/signature_spec.rb +58 -0
- data/spec/arachni/trainer_spec.rb +102 -21
- data/spec/arachni/uri_spec.rb +11 -8
- data/spec/arachni/utilities_spec.rb +3 -3
- data/spec/components/checks/active/code_injection_spec.rb +12 -7
- data/spec/components/checks/active/code_injection_timing_spec.rb +4 -3
- data/spec/components/checks/active/csrf_spec.rb +1 -21
- data/spec/components/checks/active/file_inclusion_spec.rb +15 -10
- data/spec/components/checks/active/ldap_injection_spec.rb +5 -4
- data/spec/components/checks/active/no_sql_injection_differential_spec.rb +1 -1
- data/spec/components/checks/active/no_sql_injection_spec.rb +5 -4
- data/spec/components/checks/active/os_cmd_injection_spec.rb +6 -4
- data/spec/components/checks/active/os_cmd_injection_timing_spec.rb +4 -3
- data/spec/components/checks/active/path_traversal_spec.rb +18 -15
- data/spec/components/checks/active/response_splitting_spec.rb +5 -4
- data/spec/components/checks/active/rfi_spec.rb +9 -8
- data/spec/components/checks/active/source_code_disclosure_spec.rb +33 -10
- data/spec/components/checks/active/sql_injection_differential_spec.rb +1 -1
- data/spec/components/checks/active/sql_injection_spec.rb +61 -35
- data/spec/components/checks/active/sql_injection_timing_spec.rb +11 -8
- data/spec/components/checks/active/unvalidated_redirect_spec.rb +9 -8
- data/spec/components/checks/active/xpath_injection_spec.rb +5 -4
- data/spec/components/checks/active/xss_dom_script_context_spec.rb +6 -10
- data/spec/components/checks/active/xss_dom_spec.rb +2 -2
- data/spec/components/checks/active/xss_event_spec.rb +11 -3
- data/spec/components/checks/active/xss_script_context_spec.rb +8 -7
- data/spec/components/checks/active/xss_spec.rb +7 -6
- data/spec/components/checks/active/xss_tag_spec.rb +11 -3
- data/spec/components/checks/passive/backup_directories_spec.rb +3 -1
- data/spec/components/checks/passive/backup_files_spec.rb +4 -1
- data/spec/components/checks/passive/grep/insecure_cookies_spec.rb +2 -2
- data/spec/components/checks/passive/grep/x_frame_options_spec.rb +6 -0
- data/spec/components/path_extractors/comments_spec.rb +3 -1
- data/spec/components/path_extractors/data_url_spec.rb +6 -2
- data/spec/components/path_extractors/links_spec.rb +1 -1
- data/spec/components/plugins/autologin_spec.rb +2 -2
- data/spec/components/plugins/webhook_notify_spec.rb +69 -0
- data/spec/spec_helper.rb +2 -1
- data/spec/support/factories/http/response.rb +1 -1
- data/spec/support/factories/issue.rb +1 -2
- data/spec/support/factories/page/dom.rb +6 -0
- data/spec/support/factories/scan_report.rb +1 -0
- data/spec/support/factories/vector.rb +7 -3
- data/spec/support/fixtures/check_with_invalid_platforms/with_invalid_platforms.rb +1 -1
- data/spec/support/fixtures/checks/test.rb +4 -4
- data/spec/support/fixtures/checks/test2.rb +1 -1
- data/spec/support/fixtures/checks/test3.rb +1 -1
- data/spec/support/fixtures/cookies.txt +2 -2
- data/spec/support/fixtures/executables/node.rb +2 -3
- data/spec/support/fixtures/fingerprinters/test.rb +1 -1
- data/spec/support/fixtures/nested_cookies.txt +11 -0
- data/spec/support/fixtures/plugins/bad.rb +1 -1
- data/spec/support/fixtures/plugins/defaults/default.rb +1 -1
- data/spec/support/fixtures/plugins/distributable.rb +1 -1
- data/spec/support/fixtures/plugins/loop.rb +1 -1
- data/spec/support/fixtures/plugins/suspendable.rb +1 -1
- data/spec/support/fixtures/plugins/wait.rb +1 -1
- data/spec/support/fixtures/plugins/with_options.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p0.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p00.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p1.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p2.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p22.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p222.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p_nil.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p_nil2.rb +1 -1
- data/spec/support/fixtures/report.afr +0 -0
- data/spec/support/fixtures/reporters/base_spec/plugin_formatters/with_formatters/foobar.rb +1 -1
- data/spec/support/fixtures/reporters/base_spec/with_formatters.rb +1 -1
- data/spec/support/fixtures/reporters/base_spec/with_outfile.rb +1 -1
- data/spec/support/fixtures/reporters/base_spec/without_outfile.rb +1 -1
- data/spec/support/fixtures/reporters/manager_spec/afr.rb +1 -1
- data/spec/support/fixtures/reporters/manager_spec/error.rb +1 -1
- data/spec/support/fixtures/reporters/manager_spec/foo.rb +1 -1
- data/spec/support/fixtures/run_check/body.rb +1 -1
- data/spec/support/fixtures/run_check/cookies.rb +1 -1
- data/spec/support/fixtures/run_check/empty.rb +1 -1
- data/spec/support/fixtures/run_check/flch.rb +1 -1
- data/spec/support/fixtures/run_check/forms.rb +1 -1
- data/spec/support/fixtures/run_check/headers.rb +1 -1
- data/spec/support/fixtures/run_check/links.rb +1 -1
- data/spec/support/fixtures/run_check/nil.rb +1 -1
- data/spec/support/fixtures/run_check/path.rb +1 -1
- data/spec/support/fixtures/run_check/server.rb +1 -1
- data/spec/support/fixtures/signature_check/signature.rb +1 -1
- data/spec/support/fixtures/wait_check/wait.rb +1 -1
- data/spec/support/helpers/browser_cluster/jobs/taint_tracer.rb +0 -3
- data/spec/support/helpers/framework.rb +1 -1
- data/spec/support/helpers/misc.rb +1 -1
- data/spec/support/helpers/paths.rb +1 -1
- data/spec/support/helpers/requires.rb +1 -1
- data/spec/support/helpers/resets.rb +1 -1
- data/spec/support/helpers/web_server.rb +1 -1
- data/spec/support/lib/factory.rb +1 -1
- data/spec/support/lib/web_server_client.rb +1 -1
- data/spec/support/lib/web_server_dispatcher.rb +1 -1
- data/spec/support/lib/web_server_manager.rb +4 -2
- data/spec/support/servers/arachni/browser/javascript/dom_monitor.rb +48 -0
- data/spec/support/servers/arachni/browser/javascript/taint_tracer.rb +15 -3
- data/spec/support/servers/arachni/browser.rb +275 -4
- data/spec/support/servers/arachni/check/auditor.rb +9 -0
- data/spec/support/servers/arachni/element/cookie.rb +34 -0
- data/spec/support/servers/arachni/element/form/form_dom.rb +1 -0
- data/spec/support/servers/arachni/element/form.rb +36 -2
- data/spec/support/servers/arachni/element/header.rb +36 -1
- data/spec/support/servers/arachni/element/json.rb +33 -0
- data/spec/support/servers/arachni/element/link.rb +33 -1
- data/spec/support/servers/arachni/element/link_template.rb +37 -5
- data/spec/support/servers/arachni/element/nested_cookie.rb +84 -0
- data/spec/support/servers/arachni/element/xml.rb +33 -0
- data/spec/support/servers/arachni/http/client/dynamic_404_handler.rb +36 -0
- data/spec/support/servers/arachni/http/client/dynamic_404_handler_redirect_1.rb +18 -0
- data/spec/support/servers/arachni/http/client/dynamic_404_handler_redirect_2.rb +11 -0
- data/spec/support/servers/arachni/http/client.rb +43 -4
- data/spec/support/servers/arachni/http/proxy_server.rb +12 -0
- data/spec/support/servers/arachni/parser.rb +6 -0
- data/spec/support/servers/arachni/session.rb +24 -1
- data/spec/support/servers/checks/active/code_injection.rb +18 -0
- data/spec/support/servers/checks/active/code_injection_timing.rb +18 -0
- data/spec/support/servers/checks/active/csrf.rb +0 -76
- data/spec/support/servers/checks/active/file_inclusion.rb +19 -1
- data/spec/support/servers/checks/active/ldap_injection.rb +18 -0
- data/spec/support/servers/checks/active/no_sql_injection.rb +27 -0
- data/spec/support/servers/checks/active/no_sql_injection_differential.rb +19 -0
- data/spec/support/servers/checks/active/os_cmd_injection.rb +29 -0
- data/spec/support/servers/checks/active/os_cmd_injection_timing.rb +18 -1
- data/spec/support/servers/checks/active/path_traversal.rb +30 -3
- data/spec/support/servers/checks/active/response_splitting.rb +30 -1
- data/spec/support/servers/checks/active/rfi.rb +30 -2
- data/spec/support/servers/checks/active/session_fixation.rb +1 -3
- data/spec/support/servers/checks/active/source_code_disclosure.rb +16 -0
- data/spec/support/servers/checks/active/sql_injection/java +2 -0
- data/spec/support/servers/checks/active/sql_injection.rb +27 -0
- data/spec/support/servers/checks/active/sql_injection_differential.rb +19 -0
- data/spec/support/servers/checks/active/sql_injection_timing.rb +19 -1
- data/spec/support/servers/checks/active/unvalidated_redirect.rb +121 -1
- data/spec/support/servers/checks/active/xpath_injection.rb +27 -0
- data/spec/support/servers/checks/active/xss.rb +40 -0
- data/spec/support/servers/checks/active/xss_event.rb +23 -2
- data/spec/support/servers/checks/active/xss_script_context.rb +18 -0
- data/spec/support/servers/checks/active/xss_tag.rb +40 -0
- data/spec/support/servers/checks/passive/backup_files.rb +20 -1
- data/spec/support/servers/checks/passive/grep/cookie_set_for_parent_domain.rb +3 -5
- data/spec/support/servers/checks/passive/grep/insecure_cookies_https.rb +9 -0
- data/spec/support/servers/checks/passive/grep/x_frame_options.rb +5 -0
- data/spec/support/servers/plugins/autologin.rb +17 -1
- data/spec/support/servers/plugins/webhook_notify.rb +9 -0
- data/spec/support/shared/check.rb +1 -0
- data/spec/support/shared/element/capabilities/auditable/buffered.rb +791 -0
- data/spec/support/shared/element/capabilities/auditable/line_buffered.rb +797 -0
- data/spec/support/shared/element/capabilities/auditable.rb +28 -34
- data/spec/support/shared/element/capabilities/inputtable.rb +26 -0
- data/spec/support/shared/element/capabilities/with_node.rb +2 -2
- data/spec/support/shared/element/dom/submittable.rb +10 -10
- data/spec/support/shared/path_extractor.rb +17 -5
- data/ui/cli/framework/option_parser.rb +78 -13
- data/ui/cli/framework.rb +29 -8
- data/ui/cli/option_parser.rb +1 -1
- data/ui/cli/output.rb +10 -3
- data/ui/cli/reporter/option_parser.rb +1 -1
- data/ui/cli/reporter.rb +1 -1
- data/ui/cli/reproduce/option_parser.rb +90 -0
- data/ui/cli/reproduce.rb +228 -0
- data/ui/cli/rest/server/option_parser.rb +1 -1
- data/ui/cli/rest/server.rb +1 -1
- data/ui/cli/restored_framework/option_parser.rb +1 -1
- data/ui/cli/restored_framework.rb +1 -1
- data/ui/cli/rpc/client/dispatcher_monitor/option_parser.rb +1 -1
- data/ui/cli/rpc/client/dispatcher_monitor.rb +9 -11
- data/ui/cli/rpc/client/instance.rb +7 -4
- data/ui/cli/rpc/client/local/option_parser.rb +1 -1
- data/ui/cli/rpc/client/local.rb +1 -1
- data/ui/cli/rpc/client/remote/option_parser.rb +1 -1
- data/ui/cli/rpc/client/remote.rb +1 -1
- data/ui/cli/rpc/server/dispatcher/option_parser.rb +1 -1
- data/ui/cli/rpc/server/dispatcher.rb +1 -1
- data/ui/cli/utilities.rb +1 -1
- metadata +178 -79
- data/ACKNOWLEDGMENTS.md +0 -21
- data/AUTHORS.md +0 -3
- data/CONTRIBUTORS.md +0 -22
data/spec/spec_helper.rb
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -40,6 +40,7 @@ RSpec.configure do |config|
|
|
|
40
40
|
config.add_formatter :documentation
|
|
41
41
|
config.include PageHelpers
|
|
42
42
|
config.alias_example_to :expect_it
|
|
43
|
+
config.filter_run_including focus: true
|
|
43
44
|
|
|
44
45
|
config.mock_with :rspec do |mocks|
|
|
45
46
|
mocks.yield_receiver_to_any_instance_implementation_blocks = true
|
|
@@ -1,5 +1,11 @@
|
|
|
1
1
|
Factory.define :dom_data do
|
|
2
2
|
{
|
|
3
|
+
cookies: [
|
|
4
|
+
Arachni::Element::Cookie.new(
|
|
5
|
+
url: 'http://test/dom',
|
|
6
|
+
inputs: { 'name' => 'val' }
|
|
7
|
+
)
|
|
8
|
+
],
|
|
3
9
|
skip_states: Arachni::Support::LookUp::HashSet.new.tap { |h| h << 0 },
|
|
4
10
|
transitions: [
|
|
5
11
|
Factory[:page_load_with_cookies_transition].complete,
|
|
@@ -1,13 +1,17 @@
|
|
|
1
1
|
Factory.define :vector do |type = :Form|
|
|
2
2
|
Arachni::Element.const_get( type ).new( url: 'http://test.com', inputs: { stuff: 1 } )
|
|
3
3
|
end
|
|
4
|
-
Factory.alias :passive_vector, :vector
|
|
5
4
|
|
|
6
|
-
Factory.define :
|
|
5
|
+
Factory.define :passive_vector do
|
|
7
6
|
v = Factory[:vector]
|
|
8
7
|
v.affected_input_name = :stuff
|
|
9
8
|
v.affected_input_value = 2
|
|
10
|
-
v
|
|
9
|
+
v
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
Factory.define :active_vector do
|
|
13
|
+
v = Factory[:passive_vector]
|
|
14
|
+
v.seed = 2
|
|
11
15
|
v
|
|
12
16
|
end
|
|
13
17
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -21,7 +21,7 @@ class Arachni::Checks::Test < Arachni::Check::Base
|
|
|
21
21
|
|
|
22
22
|
def clean_up
|
|
23
23
|
return if !@ran
|
|
24
|
-
|
|
24
|
+
log( vector: vector )
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def vector
|
|
@@ -36,7 +36,7 @@ class Arachni::Checks::Test < Arachni::Check::Base
|
|
|
36
36
|
{
|
|
37
37
|
name: 'Test check',
|
|
38
38
|
description: %q{Test description},
|
|
39
|
-
author: 'Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>
|
|
39
|
+
author: 'Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>',
|
|
40
40
|
version: '0.1',
|
|
41
41
|
|
|
42
42
|
issue: {
|
|
@@ -48,7 +48,7 @@ class Arachni::Checks::Test < Arachni::Check::Base
|
|
|
48
48
|
tags: ['some', 'tag'],
|
|
49
49
|
cwe: '0',
|
|
50
50
|
severity: Issue::Severity::HIGH,
|
|
51
|
-
remedy_guidance: %q{Watch out
|
|
51
|
+
remedy_guidance: %q{Watch out!},
|
|
52
52
|
remedy_code: ''
|
|
53
53
|
}
|
|
54
54
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
another-domain.com FALSE / FALSE second_name second_value
|
|
6
6
|
|
|
7
7
|
# with expiry date as seconds since epoch
|
|
8
|
-
.blah-domain TRUE / FALSE
|
|
8
|
+
.blah-domain TRUE / FALSE 2596981560 coo%40ki+e2 blah+val2%40
|
|
9
9
|
|
|
10
10
|
# with expiry date of 0
|
|
11
|
-
192.168.1.1 FALSE / FALSE 0 _superapp_session
|
|
11
|
+
192.168.1.1 FALSE / FALSE 0 _superapp_session MzE4OjEzNzU0Mzc0OTc4NDI6MmY3YzkxMTkwZDE5MTRmNjBlYjY4OGQ5ZjczMTU1ZTQzNGM2Y2IwNA%3D%3D
|
|
@@ -27,9 +27,8 @@ class Node < Arachni::RPC::Server::Dispatcher::Node
|
|
|
27
27
|
end
|
|
28
28
|
|
|
29
29
|
def shutdown
|
|
30
|
-
Reactor.global.
|
|
31
|
-
|
|
32
|
-
end
|
|
30
|
+
Reactor.global.stop
|
|
31
|
+
Arachni::Processes::Manager.kill Process.pid
|
|
33
32
|
end
|
|
34
33
|
|
|
35
34
|
def connect_to_peer( url )
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
# comment, should be ignored
|
|
2
|
+
.domain.com TRUE /path/to/somewhere TRUE Tue, 02 Oct 9999 19:25:57 GMT name first_name=first_value
|
|
3
|
+
|
|
4
|
+
# ignored again
|
|
5
|
+
another-domain.com FALSE / FALSE name second_name=second_value
|
|
6
|
+
|
|
7
|
+
# with expiry date as seconds since epoch
|
|
8
|
+
.blah-domain TRUE / FALSE 1596981560 name coo%40ki+e2=blah+val2%40
|
|
9
|
+
|
|
10
|
+
# with expiry date of 0
|
|
11
|
+
192.168.1.1 FALSE / FALSE 0 name third_name=third_value
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
Binary file
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -6,7 +6,6 @@ def browser_cluster_job_taint_tracer_execution_flow_check_pages( pages )
|
|
|
6
6
|
expect(sink.size).to eq(1)
|
|
7
7
|
|
|
8
8
|
trace = sink.first.trace
|
|
9
|
-
expect(trace.size).to eq(2)
|
|
10
9
|
expect(trace[0].function.source).to include 'log_execution_flow_sink()'
|
|
11
10
|
expect(trace[1].function.source).to start_with 'function onsubmit'
|
|
12
11
|
end
|
|
@@ -16,7 +15,6 @@ def browser_cluster_job_taint_tracer_data_flow_check_pages( pages )
|
|
|
16
15
|
expect(page.dom.execution_flow_sinks).to be_empty
|
|
17
16
|
|
|
18
17
|
sink = page.dom.data_flow_sinks
|
|
19
|
-
expect(sink.size).to eq(1)
|
|
20
18
|
|
|
21
19
|
expect(sink.first.function.name).to eq('process')
|
|
22
20
|
end
|
|
@@ -26,7 +24,6 @@ def browser_cluster_job_taint_tracer_data_flow_with_injector_check_pages( pages
|
|
|
26
24
|
expect(page.dom.execution_flow_sinks).to be_empty
|
|
27
25
|
|
|
28
26
|
sink = page.dom.data_flow_sinks
|
|
29
|
-
expect(sink.size).to eq(1)
|
|
30
27
|
|
|
31
28
|
expect(sink.first.function.name).to eq('onClick')
|
|
32
29
|
end
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
data/spec/support/lib/factory.rb
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
=begin
|
|
2
|
-
Copyright 2010-
|
|
2
|
+
Copyright 2010-2022 Ecsypno <http://www.ecsypno.com>
|
|
3
3
|
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
|
@@ -18,6 +18,8 @@ class WebServerManager
|
|
|
18
18
|
@servers = {}
|
|
19
19
|
@consumed_ports = Set.new
|
|
20
20
|
|
|
21
|
+
@address = Socket.gethostbyname( Socket.gethostname ).first
|
|
22
|
+
|
|
21
23
|
Dir.glob( File.join( @lib + '**', '*.rb' ) ) do |path|
|
|
22
24
|
{} while @consumed_ports.include?( (port = Arachni::Utilities.available_port) )
|
|
23
25
|
@consumed_ports << port
|
|
@@ -54,7 +56,7 @@ class WebServerManager
|
|
|
54
56
|
end
|
|
55
57
|
|
|
56
58
|
def address_for( name )
|
|
57
|
-
@address
|
|
59
|
+
@address
|
|
58
60
|
end
|
|
59
61
|
|
|
60
62
|
def port_for( name )
|