arachni 1.5 → 1.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/CHANGELOG.md +63 -0
- data/Gemfile +2 -4
- data/LICENSE.md +1 -1
- data/README.md +112 -111
- data/Rakefile +1 -43
- data/arachni.gemspec +26 -26
- data/bin/arachni +1 -1
- data/bin/arachni_console +1 -1
- data/bin/arachni_multi +1 -1
- data/bin/arachni_reporter +1 -1
- data/bin/arachni_reproduce +1 -1
- data/bin/arachni_rest_server +1 -1
- data/bin/arachni_restore +1 -1
- data/bin/arachni_rpc +1 -1
- data/bin/arachni_rpcd +1 -1
- data/bin/arachni_rpcd_monitor +1 -1
- data/bin/arachni_script +1 -1
- data/components/checks/active/code_injection.rb +1 -1
- data/components/checks/active/code_injection_php_input_wrapper.rb +1 -1
- data/components/checks/active/code_injection_timing.rb +1 -1
- data/components/checks/active/csrf.rb +7 -2
- data/components/checks/active/file_inclusion.rb +1 -1
- data/components/checks/active/ldap_injection.rb +1 -1
- data/components/checks/active/no_sql_injection.rb +1 -1
- data/components/checks/active/no_sql_injection_differential.rb +3 -3
- data/components/checks/active/os_cmd_injection.rb +1 -1
- data/components/checks/active/os_cmd_injection_timing.rb +1 -1
- data/components/checks/active/path_traversal.rb +1 -1
- data/components/checks/active/response_splitting.rb +1 -1
- data/components/checks/active/rfi.rb +1 -1
- data/components/checks/active/session_fixation.rb +1 -1
- data/components/checks/active/source_code_disclosure.rb +1 -1
- data/components/checks/active/sql_injection.rb +1 -1
- data/components/checks/active/sql_injection_differential.rb +3 -3
- data/components/checks/active/sql_injection_timing.rb +1 -1
- data/components/checks/active/trainer.rb +1 -1
- data/components/checks/active/unvalidated_redirect.rb +1 -1
- data/components/checks/active/unvalidated_redirect_dom.rb +1 -1
- data/components/checks/active/xpath_injection.rb +1 -1
- data/components/checks/active/xss.rb +4 -4
- data/components/checks/active/xss_dom.rb +1 -1
- data/components/checks/active/xss_dom_script_context.rb +1 -1
- data/components/checks/active/xss_event.rb +3 -3
- data/components/checks/active/xss_path.rb +1 -1
- data/components/checks/active/xss_script_context.rb +3 -3
- data/components/checks/active/xss_tag.rb +4 -3
- data/components/checks/active/xxe.rb +1 -1
- data/components/checks/passive/allowed_methods.rb +1 -1
- data/components/checks/passive/backdoors.rb +1 -1
- data/components/checks/passive/backup_directories.rb +1 -1
- data/components/checks/passive/backup_files.rb +2 -2
- data/components/checks/passive/common_admin_interfaces.rb +1 -1
- data/components/checks/passive/common_directories/directories.txt +1 -0
- data/components/checks/passive/common_directories.rb +1 -1
- data/components/checks/passive/common_files.rb +1 -1
- data/components/checks/passive/directory_listing.rb +1 -1
- data/components/checks/passive/grep/captcha.rb +1 -1
- data/components/checks/passive/grep/cookie_set_for_parent_domain.rb +1 -1
- data/components/checks/passive/grep/credit_card.rb +1 -1
- data/components/checks/passive/grep/cvs_svn_users.rb +1 -1
- data/components/checks/passive/grep/emails.rb +1 -1
- data/components/checks/passive/grep/form_upload.rb +1 -1
- data/components/checks/passive/grep/hsts.rb +1 -1
- data/components/checks/passive/grep/html_objects.rb +1 -1
- data/components/checks/passive/grep/http_only_cookies.rb +1 -1
- data/components/checks/passive/grep/insecure_cookies.rb +1 -1
- data/components/checks/passive/grep/insecure_cors_policy.rb +1 -1
- data/components/checks/passive/grep/mixed_resource.rb +1 -1
- data/components/checks/passive/grep/password_autocomplete.rb +1 -1
- data/components/checks/passive/grep/private_ip.rb +1 -1
- data/components/checks/passive/grep/ssn.rb +1 -1
- data/components/checks/passive/grep/unencrypted_password_forms.rb +1 -1
- data/components/checks/passive/grep/x_frame_options.rb +4 -4
- data/components/checks/passive/htaccess_limit.rb +1 -1
- data/components/checks/passive/http_put.rb +1 -1
- data/components/checks/passive/insecure_client_access_policy.rb +1 -1
- data/components/checks/passive/insecure_cross_domain_policy_access.rb +1 -1
- data/components/checks/passive/insecure_cross_domain_policy_headers.rb +1 -1
- data/components/checks/passive/interesting_responses.rb +1 -1
- data/components/checks/passive/localstart_asp.rb +1 -1
- data/components/checks/passive/origin_spoof_access_restriction_bypass.rb +1 -1
- data/components/checks/passive/webdav.rb +1 -1
- data/components/checks/passive/xst.rb +1 -1
- data/components/fingerprinters/frameworks/aspx_mvc.rb +1 -1
- data/components/fingerprinters/frameworks/cakephp.rb +1 -1
- data/components/fingerprinters/frameworks/cherrypy.rb +1 -1
- data/components/fingerprinters/frameworks/django.rb +1 -1
- data/components/fingerprinters/frameworks/jsf.rb +1 -1
- data/components/fingerprinters/frameworks/nette.rb +1 -1
- data/components/fingerprinters/frameworks/rack.rb +1 -1
- data/components/fingerprinters/frameworks/rails.rb +1 -1
- data/components/fingerprinters/frameworks/symfony.rb +1 -1
- data/components/fingerprinters/languages/asp.rb +1 -1
- data/components/fingerprinters/languages/aspx.rb +1 -1
- data/components/fingerprinters/languages/java.rb +1 -1
- data/components/fingerprinters/languages/php.rb +1 -1
- data/components/fingerprinters/languages/python.rb +1 -1
- data/components/fingerprinters/languages/ruby.rb +1 -1
- data/components/fingerprinters/os/bsd.rb +1 -1
- data/components/fingerprinters/os/linux.rb +1 -1
- data/components/fingerprinters/os/solaris.rb +1 -1
- data/components/fingerprinters/os/unix.rb +1 -1
- data/components/fingerprinters/os/windows.rb +1 -1
- data/components/fingerprinters/servers/apache.rb +1 -1
- data/components/fingerprinters/servers/gunicorn.rb +1 -1
- data/components/fingerprinters/servers/iis.rb +1 -1
- data/components/fingerprinters/servers/jetty.rb +1 -1
- data/components/fingerprinters/servers/nginx.rb +1 -1
- data/components/fingerprinters/servers/tomcat.rb +1 -1
- data/components/path_extractors/anchors.rb +1 -1
- data/components/path_extractors/areas.rb +1 -1
- data/components/path_extractors/comments.rb +1 -1
- data/components/path_extractors/data_url.rb +1 -1
- data/components/path_extractors/forms.rb +1 -1
- data/components/path_extractors/frames.rb +1 -1
- data/components/path_extractors/generic.rb +1 -1
- data/components/path_extractors/links.rb +1 -1
- data/components/path_extractors/meta_refresh.rb +1 -1
- data/components/path_extractors/scripts.rb +2 -2
- data/components/plugins/autologin.rb +1 -1
- data/components/plugins/beep_notify.rb +1 -1
- data/components/plugins/content_types.rb +1 -1
- data/components/plugins/cookie_collector.rb +1 -1
- data/components/plugins/debug/browser_cluster_job_monitor.rb +1 -1
- data/components/plugins/defaults/autothrottle.rb +1 -1
- data/components/plugins/defaults/healthmap.rb +2 -2
- data/components/plugins/defaults/meta/remedies/discovery.rb +1 -1
- data/components/plugins/defaults/meta/remedies/timing_attacks.rb +1 -1
- data/components/plugins/defaults/meta/uniformity.rb +1 -1
- data/components/plugins/email_notify.rb +1 -1
- data/components/plugins/exec.rb +1 -1
- data/components/plugins/form_dicattack.rb +1 -1
- data/components/plugins/headers_collector.rb +1 -1
- data/components/plugins/http_dicattack.rb +1 -1
- data/components/plugins/login_script.rb +1 -1
- data/components/plugins/metrics.rb +20 -20
- data/components/plugins/page_dump.rb +1 -1
- data/components/plugins/proxy/panel/verify_login_sequence.html.erb +1 -1
- data/components/plugins/proxy/template_scope.rb +1 -1
- data/components/plugins/proxy.rb +3 -2
- data/components/plugins/rate_limiter.rb +1 -1
- data/components/plugins/restrict_to_dom_state.rb +1 -1
- data/components/plugins/script.rb +1 -1
- data/components/plugins/uncommon_headers.rb +1 -1
- data/components/plugins/vector_collector.rb +1 -1
- data/components/plugins/vector_feed.rb +1 -1
- data/components/plugins/waf_detector.rb +1 -1
- data/components/plugins/webhook_notify.rb +1 -1
- data/components/reporters/ap.rb +1 -1
- data/components/reporters/html/default.erb +3 -1
- data/components/reporters/html.rb +5 -7
- data/components/reporters/json.rb +1 -1
- data/components/reporters/marshal.rb +1 -1
- data/components/reporters/plugin_formatters/html/autologin.rb +1 -1
- data/components/reporters/plugin_formatters/html/content_types.rb +1 -1
- data/components/reporters/plugin_formatters/html/cookie_collector.rb +1 -1
- data/components/reporters/plugin_formatters/html/exec.rb +1 -1
- data/components/reporters/plugin_formatters/html/form_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/html/healthmap.rb +1 -1
- data/components/reporters/plugin_formatters/html/http_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/html/login_script.rb +1 -1
- data/components/reporters/plugin_formatters/html/metrics.rb +1 -1
- data/components/reporters/plugin_formatters/html/uncommon_headers.rb +1 -1
- data/components/reporters/plugin_formatters/html/uniformity.rb +1 -1
- data/components/reporters/plugin_formatters/html/vector_collector.rb +1 -1
- data/components/reporters/plugin_formatters/html/waf_detector.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/autologin.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/content_types.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/cookie_collector.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/exec.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/form_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/healthmap.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/http_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/login_script.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/metrics.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/uncommon_headers.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/uniformity.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/vector_collector.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/waf_detector.rb +1 -1
- data/components/reporters/plugin_formatters/xml/autologin.rb +1 -1
- data/components/reporters/plugin_formatters/xml/content_types.rb +1 -1
- data/components/reporters/plugin_formatters/xml/cookie_collector.rb +1 -1
- data/components/reporters/plugin_formatters/xml/exec.rb +1 -1
- data/components/reporters/plugin_formatters/xml/form_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/xml/healthmap.rb +1 -1
- data/components/reporters/plugin_formatters/xml/http_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/xml/login_script.rb +1 -1
- data/components/reporters/plugin_formatters/xml/metrics.rb +1 -1
- data/components/reporters/plugin_formatters/xml/uncommon_headers.rb +1 -1
- data/components/reporters/plugin_formatters/xml/uniformity.rb +1 -1
- data/components/reporters/plugin_formatters/xml/vector_collector.rb +1 -1
- data/components/reporters/plugin_formatters/xml/waf_detector.rb +1 -1
- data/components/reporters/stdout.rb +1 -1
- data/components/reporters/txt.rb +1 -1
- data/components/reporters/xml/schema.xsd +1 -0
- data/components/reporters/xml.rb +3 -3
- data/components/reporters/yaml.rb +1 -1
- data/config/write_paths.yml +4 -0
- data/lib/arachni/banner.rb +1 -1
- data/lib/arachni/browser/element_locator.rb +1 -1
- data/lib/arachni/browser/javascript/dom_monitor.rb +1 -1
- data/lib/arachni/browser/javascript/proxy/stub.rb +1 -1
- data/lib/arachni/browser/javascript/proxy.rb +1 -1
- data/lib/arachni/browser/javascript/scripts/dom_monitor.js +39 -26
- data/lib/arachni/browser/javascript/scripts/taint_tracer.js +58 -40
- data/lib/arachni/browser/javascript/taint_tracer/frame/called_function.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/frame.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/sink/base.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/sink/data_flow.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/sink/execution_flow.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer.rb +1 -1
- data/lib/arachni/browser/javascript.rb +14 -36
- data/lib/arachni/browser.rb +133 -216
- data/lib/arachni/browser_cluster/job/result.rb +1 -1
- data/lib/arachni/browser_cluster/job.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/browser_provider.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/dom_exploration/event_trigger/result.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/dom_exploration/event_trigger.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/dom_exploration/result.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/dom_exploration.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/taint_trace/event_trigger/result.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/taint_trace/event_trigger.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/taint_trace/result.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/taint_trace.rb +1 -1
- data/lib/arachni/browser_cluster/worker.rb +11 -26
- data/lib/arachni/browser_cluster.rb +2 -3
- data/lib/arachni/check/auditor.rb +28 -66
- data/lib/arachni/check/base.rb +1 -1
- data/lib/arachni/check/manager.rb +1 -1
- data/lib/arachni/check.rb +1 -1
- data/lib/arachni/component/base.rb +1 -1
- data/lib/arachni/component/manager.rb +1 -1
- data/lib/arachni/component/options/address.rb +1 -1
- data/lib/arachni/component/options/base.rb +1 -1
- data/lib/arachni/component/options/bool.rb +1 -1
- data/lib/arachni/component/options/float.rb +1 -1
- data/lib/arachni/component/options/int.rb +1 -1
- data/lib/arachni/component/options/multiple_choice.rb +1 -1
- data/lib/arachni/component/options/object.rb +1 -1
- data/lib/arachni/component/options/path.rb +1 -1
- data/lib/arachni/component/options/port.rb +1 -1
- data/lib/arachni/component/options/string.rb +1 -1
- data/lib/arachni/component/options/url.rb +1 -1
- data/lib/arachni/component/options.rb +1 -1
- data/lib/arachni/component/output.rb +1 -1
- data/lib/arachni/component/utilities.rb +1 -1
- data/lib/arachni/component.rb +1 -1
- data/lib/arachni/data/framework/rpc.rb +2 -2
- data/lib/arachni/data/framework.rb +2 -2
- data/lib/arachni/data/issues.rb +1 -1
- data/lib/arachni/data/plugins.rb +1 -1
- data/lib/arachni/data/session.rb +1 -1
- data/lib/arachni/data.rb +1 -1
- data/lib/arachni/element/base.rb +1 -1
- data/lib/arachni/element/body.rb +1 -1
- data/lib/arachni/element/capabilities/analyzable/differential.rb +1 -1
- data/lib/arachni/element/capabilities/analyzable/signature.rb +2 -2
- data/lib/arachni/element/capabilities/analyzable/timeout.rb +1 -1
- data/lib/arachni/element/capabilities/analyzable.rb +1 -1
- data/lib/arachni/element/capabilities/auditable/buffered.rb +1 -1
- data/lib/arachni/element/capabilities/auditable/line_buffered.rb +1 -1
- data/lib/arachni/element/capabilities/auditable.rb +1 -1
- data/lib/arachni/element/capabilities/dom_only.rb +1 -1
- data/lib/arachni/element/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/capabilities/mutable.rb +1 -1
- data/lib/arachni/element/capabilities/refreshable.rb +1 -1
- data/lib/arachni/element/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/capabilities/with_auditor/output.rb +1 -1
- data/lib/arachni/element/capabilities/with_auditor.rb +1 -1
- data/lib/arachni/element/capabilities/with_dom.rb +1 -1
- data/lib/arachni/element/capabilities/with_node.rb +1 -1
- data/lib/arachni/element/capabilities/with_scope/scope.rb +1 -1
- data/lib/arachni/element/capabilities/with_scope.rb +1 -1
- data/lib/arachni/element/capabilities/with_source.rb +1 -1
- data/lib/arachni/element/cookie/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/cookie/capabilities/mutable.rb +1 -1
- data/lib/arachni/element/cookie/capabilities/with_dom.rb +1 -1
- data/lib/arachni/element/cookie/dom.rb +1 -1
- data/lib/arachni/element/cookie.rb +1 -1
- data/lib/arachni/element/dom/capabilities/auditable.rb +1 -1
- data/lib/arachni/element/dom/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/dom/capabilities/locatable.rb +1 -1
- data/lib/arachni/element/dom/capabilities/mutable.rb +1 -1
- data/lib/arachni/element/dom/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/dom.rb +1 -1
- data/lib/arachni/element/form/capabilities/auditable.rb +1 -1
- data/lib/arachni/element/form/capabilities/mutable.rb +1 -1
- data/lib/arachni/element/form/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/form/capabilities/with_dom.rb +1 -1
- data/lib/arachni/element/form/dom.rb +1 -1
- data/lib/arachni/element/form.rb +1 -1
- data/lib/arachni/element/generic_dom.rb +1 -1
- data/lib/arachni/element/header/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/header/capabilities/mutable.rb +1 -1
- data/lib/arachni/element/header.rb +1 -1
- data/lib/arachni/element/json/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/json/capabilities/mutable.rb +1 -1
- data/lib/arachni/element/json.rb +1 -1
- data/lib/arachni/element/link/capabilities/auditable.rb +1 -1
- data/lib/arachni/element/link/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/link/capabilities/with_dom.rb +1 -1
- data/lib/arachni/element/link/dom/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/link/dom.rb +1 -1
- data/lib/arachni/element/link.rb +1 -1
- data/lib/arachni/element/link_template/capabilities/auditable.rb +1 -1
- data/lib/arachni/element/link_template/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/link_template/capabilities/with_dom.rb +1 -1
- data/lib/arachni/element/link_template/dom/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/link_template/dom.rb +1 -1
- data/lib/arachni/element/link_template.rb +1 -1
- data/lib/arachni/element/nested_cookie/capabilities/submittable.rb +35 -0
- data/lib/arachni/element/nested_cookie.rb +370 -0
- data/lib/arachni/element/path.rb +1 -1
- data/lib/arachni/element/server.rb +1 -1
- data/lib/arachni/element/ui_form/dom.rb +1 -1
- data/lib/arachni/element/ui_form.rb +1 -1
- data/lib/arachni/element/ui_input/dom.rb +1 -1
- data/lib/arachni/element/ui_input.rb +1 -1
- data/lib/arachni/element/xml/capabilities/inputtable.rb +1 -1
- data/lib/arachni/element/xml/capabilities/mutable.rb +1 -1
- data/lib/arachni/element/xml.rb +1 -1
- data/lib/arachni/element_filter.rb +1 -1
- data/lib/arachni/error.rb +1 -1
- data/lib/arachni/ethon/easy.rb +1 -1
- data/lib/arachni/framework/parts/audit.rb +1 -1
- data/lib/arachni/framework/parts/browser.rb +1 -1
- data/lib/arachni/framework/parts/check.rb +1 -1
- data/lib/arachni/framework/parts/data.rb +1 -1
- data/lib/arachni/framework/parts/platform.rb +1 -1
- data/lib/arachni/framework/parts/plugin.rb +1 -1
- data/lib/arachni/framework/parts/report.rb +2 -2
- data/lib/arachni/framework/parts/scope.rb +1 -1
- data/lib/arachni/framework/parts/state.rb +1 -1
- data/lib/arachni/framework.rb +1 -1
- data/lib/arachni/http/client/dynamic_404_handler.rb +1 -1
- data/lib/arachni/http/client.rb +7 -5
- data/lib/arachni/http/cookie_jar.rb +1 -1
- data/lib/arachni/http/headers.rb +1 -1
- data/lib/arachni/http/message/scope.rb +1 -1
- data/lib/arachni/http/message.rb +2 -2
- data/lib/arachni/http/proxy_server/connection.rb +3 -8
- data/lib/arachni/http/proxy_server/ssl-interceptor-cacert.pem +18 -32
- data/lib/arachni/http/proxy_server/ssl-interceptor-cakey.pem +28 -49
- data/lib/arachni/http/proxy_server/ssl_interceptor.rb +7 -6
- data/lib/arachni/http/proxy_server/tunnel.rb +1 -1
- data/lib/arachni/http/proxy_server.rb +1 -1
- data/lib/arachni/http/request/scope.rb +1 -1
- data/lib/arachni/http/request.rb +8 -2
- data/lib/arachni/http/response/scope.rb +1 -1
- data/lib/arachni/http/response.rb +3 -3
- data/lib/arachni/http.rb +1 -1
- data/lib/arachni/issue/severity/base.rb +1 -1
- data/lib/arachni/issue/severity.rb +1 -1
- data/lib/arachni/issue.rb +1 -1
- data/lib/arachni/option_group.rb +1 -1
- data/lib/arachni/option_groups/audit.rb +11 -2
- data/lib/arachni/option_groups/browser_cluster.rb +28 -4
- data/lib/arachni/option_groups/datastore.rb +1 -1
- data/lib/arachni/option_groups/dispatcher.rb +1 -1
- data/lib/arachni/option_groups/http.rb +5 -5
- data/lib/arachni/option_groups/input.rb +1 -1
- data/lib/arachni/option_groups/output.rb +1 -1
- data/lib/arachni/option_groups/paths.rb +12 -1
- data/lib/arachni/option_groups/rpc.rb +1 -1
- data/lib/arachni/option_groups/scope.rb +46 -4
- data/lib/arachni/option_groups/session.rb +1 -1
- data/lib/arachni/option_groups/snapshot.rb +1 -1
- data/lib/arachni/option_groups.rb +1 -1
- data/lib/arachni/options.rb +2 -2
- data/lib/arachni/page/dom/transition.rb +1 -1
- data/lib/arachni/page/dom.rb +1 -1
- data/lib/arachni/page/scope.rb +1 -1
- data/lib/arachni/page.rb +3 -3
- data/lib/arachni/parser/document.rb +1 -1
- data/lib/arachni/parser/extractors/base.rb +1 -1
- data/lib/arachni/parser/nodes/base.rb +1 -1
- data/lib/arachni/parser/nodes/comment.rb +1 -1
- data/lib/arachni/parser/nodes/element/with_attributes/attributes.rb +2 -2
- data/lib/arachni/parser/nodes/element/with_attributes.rb +1 -1
- data/lib/arachni/parser/nodes/element.rb +1 -1
- data/lib/arachni/parser/nodes/text.rb +2 -2
- data/lib/arachni/parser/nodes/with_value.rb +2 -2
- data/lib/arachni/parser/sax.rb +2 -1
- data/lib/arachni/parser/with_children/search.rb +1 -1
- data/lib/arachni/parser/with_children.rb +2 -2
- data/lib/arachni/parser.rb +33 -10
- data/lib/arachni/platform/fingerprinter.rb +1 -1
- data/lib/arachni/platform/list.rb +1 -1
- data/lib/arachni/platform/manager.rb +1 -1
- data/lib/arachni/platform.rb +1 -1
- data/lib/arachni/plugin/base.rb +1 -1
- data/lib/arachni/plugin/formatter.rb +1 -1
- data/lib/arachni/plugin/manager.rb +1 -1
- data/lib/arachni/plugin.rb +1 -1
- data/lib/arachni/processes/dispatchers.rb +1 -1
- data/lib/arachni/processes/executables/base.rb +2 -1
- data/lib/arachni/processes/helpers/dispatchers.rb +1 -1
- data/lib/arachni/processes/helpers/instances.rb +1 -1
- data/lib/arachni/processes/helpers/processes.rb +1 -1
- data/lib/arachni/processes/helpers.rb +1 -1
- data/lib/arachni/processes/instances.rb +1 -1
- data/lib/arachni/processes/manager.rb +9 -5
- data/lib/arachni/processes.rb +1 -1
- data/lib/arachni/report.rb +1 -1
- data/lib/arachni/reporter/base.rb +1 -1
- data/lib/arachni/reporter/formatter_manager.rb +1 -1
- data/lib/arachni/reporter/manager.rb +1 -1
- data/lib/arachni/reporter/options.rb +1 -10
- data/lib/arachni/reporter.rb +1 -1
- data/lib/arachni/rest/server/instance_helpers.rb +10 -1
- data/lib/arachni/rest/server.rb +7 -1
- data/lib/arachni/rpc/client/base.rb +1 -1
- data/lib/arachni/rpc/client/dispatcher.rb +1 -1
- data/lib/arachni/rpc/client/instance/framework.rb +1 -1
- data/lib/arachni/rpc/client/instance/service.rb +1 -1
- data/lib/arachni/rpc/client/instance.rb +1 -1
- data/lib/arachni/rpc/serializer.rb +1 -1
- data/lib/arachni/rpc/server/active_options.rb +1 -1
- data/lib/arachni/rpc/server/base.rb +1 -1
- data/lib/arachni/rpc/server/check/manager.rb +1 -1
- data/lib/arachni/rpc/server/dispatcher/node.rb +1 -1
- data/lib/arachni/rpc/server/dispatcher/service.rb +1 -1
- data/lib/arachni/rpc/server/dispatcher.rb +1 -1
- data/lib/arachni/rpc/server/framework/distributor.rb +1 -1
- data/lib/arachni/rpc/server/framework/master.rb +1 -1
- data/lib/arachni/rpc/server/framework/multi_instance.rb +1 -1
- data/lib/arachni/rpc/server/framework/slave.rb +1 -1
- data/lib/arachni/rpc/server/framework.rb +1 -1
- data/lib/arachni/rpc/server/instance.rb +1 -1
- data/lib/arachni/rpc/server/output.rb +1 -1
- data/lib/arachni/rpc/server/plugin/manager.rb +1 -1
- data/lib/arachni/ruby/array.rb +1 -1
- data/lib/arachni/ruby/hash.rb +1 -1
- data/lib/arachni/ruby/object.rb +1 -1
- data/lib/arachni/ruby/set.rb +1 -1
- data/lib/arachni/ruby/string.rb +1 -1
- data/lib/arachni/ruby/webrick/cookie.rb +1 -1
- data/lib/arachni/ruby/webrick/httprequest.rb +1 -1
- data/lib/arachni/ruby/webrick.rb +1 -1
- data/lib/arachni/ruby.rb +1 -1
- data/lib/arachni/scope.rb +1 -1
- data/lib/arachni/selenium/webdriver/remote/typhoeus.rb +6 -16
- data/lib/arachni/session.rb +1 -1
- data/lib/arachni/snapshot.rb +2 -2
- data/lib/arachni/state/audit.rb +1 -1
- data/lib/arachni/state/element_filter.rb +1 -1
- data/lib/arachni/state/framework/rpc.rb +1 -1
- data/lib/arachni/state/framework.rb +1 -1
- data/lib/arachni/state/http.rb +1 -1
- data/lib/arachni/state/options.rb +1 -1
- data/lib/arachni/state/plugins.rb +1 -1
- data/lib/arachni/state.rb +1 -1
- data/lib/arachni/support/buffer/autoflush.rb +1 -1
- data/lib/arachni/support/buffer/base.rb +1 -1
- data/lib/arachni/support/buffer.rb +1 -1
- data/lib/arachni/support/cache/base.rb +1 -1
- data/lib/arachni/support/cache/least_cost_replacement.rb +1 -1
- data/lib/arachni/support/cache/least_recently_pushed.rb +1 -1
- data/lib/arachni/support/cache/least_recently_used.rb +1 -1
- data/lib/arachni/support/cache/preference.rb +1 -1
- data/lib/arachni/support/cache/random_replacement.rb +1 -1
- data/lib/arachni/support/cache.rb +1 -1
- data/lib/arachni/support/crypto/rsa_aes_cbc.rb +1 -1
- data/lib/arachni/support/crypto.rb +1 -1
- data/lib/arachni/support/database/base.rb +16 -10
- data/lib/arachni/support/database/hash.rb +1 -1
- data/lib/arachni/support/database/queue.rb +1 -1
- data/lib/arachni/support/database.rb +1 -1
- data/lib/arachni/support/glob.rb +1 -1
- data/lib/arachni/support/lookup/base.rb +1 -1
- data/lib/arachni/support/lookup/hash_set.rb +1 -1
- data/lib/arachni/support/lookup/moolb.rb +1 -1
- data/lib/arachni/support/lookup.rb +1 -1
- data/lib/arachni/support/mixins/observable.rb +1 -1
- data/lib/arachni/support/mixins/terminal.rb +1 -1
- data/lib/arachni/support/mixins.rb +1 -1
- data/lib/arachni/support/profiler.rb +1 -1
- data/lib/arachni/support/signature.rb +1 -1
- data/lib/arachni/support.rb +1 -1
- data/lib/arachni/trainer.rb +1 -1
- data/lib/arachni/ui/foo/output.rb +1 -1
- data/lib/arachni/uri/scope.rb +1 -1
- data/lib/arachni/uri.rb +6 -9
- data/lib/arachni/utilities.rb +1 -1
- data/lib/arachni/version.rb +1 -1
- data/lib/arachni.rb +1 -7
- data/lib/version +1 -1
- data/spec/arachni/browser/javascript/dom_monitor_spec.rb +81 -77
- data/spec/arachni/browser/javascript/proxy_spec.rb +0 -10
- data/spec/arachni/browser/javascript/taint_tracer_spec.rb +68 -90
- data/spec/arachni/browser/javascript_spec.rb +10 -16
- data/spec/arachni/browser_cluster/worker_spec.rb +23 -55
- data/spec/arachni/browser_spec.rb +160 -158
- data/spec/arachni/check/auditor_spec.rb +44 -165
- data/spec/arachni/data/framework/rpc_spec.rb +1 -1
- data/spec/arachni/data/framework_spec.rb +1 -1
- data/spec/arachni/element/cookie_spec.rb +1 -1
- data/spec/arachni/element/nested_cookie_spec.rb +687 -0
- data/spec/arachni/element/ui_form_spec.rb +2 -2
- data/spec/arachni/element/ui_input_spec.rb +1 -1
- data/spec/arachni/http/client_spec.rb +14 -26
- data/spec/arachni/http/cookie_jar_spec.rb +2 -2
- data/spec/arachni/http/proxy_server_spec.rb +2 -0
- data/spec/arachni/http/request_spec.rb +3 -2
- data/spec/arachni/issue_spec.rb +1 -1
- data/spec/arachni/option_groups/browser_cluster_spec.rb +17 -0
- data/spec/arachni/option_groups/http_spec.rb +6 -6
- data/spec/arachni/option_groups/paths_spec.rb +23 -1
- data/spec/arachni/option_groups/scope_spec.rb +1 -6
- data/spec/arachni/page_spec.rb +3 -2
- data/spec/arachni/parser_spec.rb +45 -1
- data/spec/arachni/platform/list_spec.rb +1 -2
- data/spec/arachni/reporter/options_spec.rb +0 -14
- data/spec/arachni/rest/server_spec.rb +39 -2
- data/spec/arachni/snapshot_spec.rb +1 -1
- data/spec/arachni/state/framework_spec.rb +2 -2
- data/spec/arachni/uri_spec.rb +1 -1
- data/spec/components/checks/active/code_injection_spec.rb +12 -7
- data/spec/components/checks/active/code_injection_timing_spec.rb +4 -3
- data/spec/components/checks/active/file_inclusion_spec.rb +15 -10
- data/spec/components/checks/active/ldap_injection_spec.rb +5 -4
- data/spec/components/checks/active/no_sql_injection_differential_spec.rb +1 -1
- data/spec/components/checks/active/no_sql_injection_spec.rb +5 -4
- data/spec/components/checks/active/os_cmd_injection_spec.rb +6 -4
- data/spec/components/checks/active/os_cmd_injection_timing_spec.rb +4 -3
- data/spec/components/checks/active/path_traversal_spec.rb +10 -7
- data/spec/components/checks/active/response_splitting_spec.rb +5 -4
- data/spec/components/checks/active/rfi_spec.rb +9 -8
- data/spec/components/checks/active/source_code_disclosure_spec.rb +33 -10
- data/spec/components/checks/active/sql_injection_differential_spec.rb +1 -1
- data/spec/components/checks/active/sql_injection_spec.rb +53 -36
- data/spec/components/checks/active/sql_injection_timing_spec.rb +11 -8
- data/spec/components/checks/active/unvalidated_redirect_spec.rb +9 -8
- data/spec/components/checks/active/xpath_injection_spec.rb +5 -4
- data/spec/components/checks/active/xss_dom_script_context_spec.rb +5 -5
- data/spec/components/checks/active/xss_event_spec.rb +5 -3
- data/spec/components/checks/active/xss_script_context_spec.rb +4 -3
- data/spec/components/checks/active/xss_spec.rb +5 -4
- data/spec/components/checks/active/xss_tag_spec.rb +11 -3
- data/spec/components/checks/passive/backup_files_spec.rb +0 -4
- data/spec/components/checks/passive/grep/x_frame_options_spec.rb +6 -0
- data/spec/spec_helper.rb +2 -1
- data/spec/support/factories/http/response.rb +1 -1
- data/spec/support/factories/issue.rb +1 -2
- data/spec/support/fixtures/check_with_invalid_platforms/with_invalid_platforms.rb +1 -1
- data/spec/support/fixtures/checks/test.rb +4 -4
- data/spec/support/fixtures/checks/test2.rb +1 -1
- data/spec/support/fixtures/checks/test3.rb +1 -1
- data/spec/support/fixtures/cookies.txt +1 -1
- data/spec/support/fixtures/executables/node.rb +2 -3
- data/spec/support/fixtures/fingerprinters/test.rb +1 -1
- data/spec/support/fixtures/nested_cookies.txt +11 -0
- data/spec/support/fixtures/plugins/bad.rb +1 -1
- data/spec/support/fixtures/plugins/defaults/default.rb +1 -1
- data/spec/support/fixtures/plugins/distributable.rb +1 -1
- data/spec/support/fixtures/plugins/loop.rb +1 -1
- data/spec/support/fixtures/plugins/suspendable.rb +1 -1
- data/spec/support/fixtures/plugins/wait.rb +1 -1
- data/spec/support/fixtures/plugins/with_options.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p0.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p00.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p1.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p2.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p22.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p222.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p_nil.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p_nil2.rb +1 -1
- data/spec/support/fixtures/report.afr +0 -0
- data/spec/support/fixtures/reporters/base_spec/plugin_formatters/with_formatters/foobar.rb +1 -1
- data/spec/support/fixtures/reporters/base_spec/with_formatters.rb +1 -1
- data/spec/support/fixtures/reporters/base_spec/with_outfile.rb +1 -1
- data/spec/support/fixtures/reporters/base_spec/without_outfile.rb +1 -1
- data/spec/support/fixtures/reporters/manager_spec/afr.rb +1 -1
- data/spec/support/fixtures/reporters/manager_spec/error.rb +1 -1
- data/spec/support/fixtures/reporters/manager_spec/foo.rb +1 -1
- data/spec/support/fixtures/run_check/body.rb +1 -1
- data/spec/support/fixtures/run_check/cookies.rb +1 -1
- data/spec/support/fixtures/run_check/empty.rb +1 -1
- data/spec/support/fixtures/run_check/flch.rb +1 -1
- data/spec/support/fixtures/run_check/forms.rb +1 -1
- data/spec/support/fixtures/run_check/headers.rb +1 -1
- data/spec/support/fixtures/run_check/links.rb +1 -1
- data/spec/support/fixtures/run_check/nil.rb +1 -1
- data/spec/support/fixtures/run_check/path.rb +1 -1
- data/spec/support/fixtures/run_check/server.rb +1 -1
- data/spec/support/fixtures/signature_check/signature.rb +1 -1
- data/spec/support/fixtures/wait_check/wait.rb +1 -1
- data/spec/support/helpers/framework.rb +1 -1
- data/spec/support/helpers/misc.rb +1 -1
- data/spec/support/helpers/paths.rb +1 -1
- data/spec/support/helpers/requires.rb +1 -1
- data/spec/support/helpers/resets.rb +1 -1
- data/spec/support/helpers/web_server.rb +1 -1
- data/spec/support/lib/factory.rb +1 -1
- data/spec/support/lib/web_server_client.rb +1 -1
- data/spec/support/lib/web_server_dispatcher.rb +1 -1
- data/spec/support/lib/web_server_manager.rb +1 -1
- data/spec/support/servers/arachni/check/auditor.rb +1 -0
- data/spec/support/servers/arachni/element/form/form_dom.rb +1 -0
- data/spec/support/servers/arachni/element/form.rb +4 -4
- data/spec/support/servers/arachni/element/header.rb +1 -1
- data/spec/support/servers/arachni/element/nested_cookie.rb +84 -0
- data/spec/support/servers/arachni/parser.rb +6 -0
- data/spec/support/servers/checks/active/code_injection.rb +18 -0
- data/spec/support/servers/checks/active/code_injection_timing.rb +18 -0
- data/spec/support/servers/checks/active/file_inclusion.rb +19 -1
- data/spec/support/servers/checks/active/ldap_injection.rb +18 -0
- data/spec/support/servers/checks/active/no_sql_injection.rb +27 -0
- data/spec/support/servers/checks/active/no_sql_injection_differential.rb +19 -0
- data/spec/support/servers/checks/active/os_cmd_injection.rb +29 -0
- data/spec/support/servers/checks/active/os_cmd_injection_timing.rb +18 -1
- data/spec/support/servers/checks/active/path_traversal.rb +30 -3
- data/spec/support/servers/checks/active/response_splitting.rb +30 -1
- data/spec/support/servers/checks/active/rfi.rb +30 -2
- data/spec/support/servers/checks/active/session_fixation.rb +1 -3
- data/spec/support/servers/checks/active/source_code_disclosure.rb +16 -0
- data/spec/support/servers/checks/active/sql_injection.rb +27 -0
- data/spec/support/servers/checks/active/sql_injection_differential.rb +19 -0
- data/spec/support/servers/checks/active/sql_injection_timing.rb +19 -1
- data/spec/support/servers/checks/active/unvalidated_redirect.rb +40 -1
- data/spec/support/servers/checks/active/xpath_injection.rb +27 -0
- data/spec/support/servers/checks/active/xss.rb +40 -0
- data/spec/support/servers/checks/active/xss_event.rb +22 -1
- data/spec/support/servers/checks/active/xss_script_context.rb +18 -0
- data/spec/support/servers/checks/active/xss_tag.rb +40 -0
- data/spec/support/servers/checks/passive/grep/x_frame_options.rb +5 -0
- data/spec/support/shared/check.rb +1 -0
- data/spec/support/shared/element/capabilities/auditable/buffered.rb +2 -2
- data/spec/support/shared/element/capabilities/auditable/line_buffered.rb +2 -2
- data/spec/support/shared/element/capabilities/auditable.rb +2 -2
- data/ui/cli/framework/option_parser.rb +44 -8
- data/ui/cli/framework.rb +6 -5
- data/ui/cli/option_parser.rb +1 -1
- data/ui/cli/output.rb +1 -1
- data/ui/cli/reporter/option_parser.rb +1 -1
- data/ui/cli/reporter.rb +1 -1
- data/ui/cli/reproduce/option_parser.rb +1 -1
- data/ui/cli/reproduce.rb +1 -1
- data/ui/cli/rest/server/option_parser.rb +1 -1
- data/ui/cli/rest/server.rb +1 -1
- data/ui/cli/restored_framework/option_parser.rb +1 -1
- data/ui/cli/restored_framework.rb +1 -1
- data/ui/cli/rpc/client/dispatcher_monitor/option_parser.rb +1 -1
- data/ui/cli/rpc/client/dispatcher_monitor.rb +1 -1
- data/ui/cli/rpc/client/instance.rb +7 -4
- data/ui/cli/rpc/client/local/option_parser.rb +1 -1
- data/ui/cli/rpc/client/local.rb +1 -1
- data/ui/cli/rpc/client/remote/option_parser.rb +1 -1
- data/ui/cli/rpc/client/remote.rb +1 -1
- data/ui/cli/rpc/server/dispatcher/option_parser.rb +1 -1
- data/ui/cli/rpc/server/dispatcher.rb +1 -1
- data/ui/cli/utilities.rb +1 -1
- metadata +602 -707
- data/logs/error-11897.log +0 -2006
- data/logs/error-3855.log +0 -382
- data/spec/support/logs/Dispatcher - 1024-31864.log +0 -10
- data/spec/support/logs/Dispatcher - 1047-41465.log +0 -10
- data/spec/support/logs/Dispatcher - 1274-60799.log +0 -64
- data/spec/support/logs/Dispatcher - 1295-1058.log +0 -44
- data/spec/support/logs/Dispatcher - 1313-27076.log +0 -40
- data/spec/support/logs/Dispatcher - 1332-17127.log +0 -35
- data/spec/support/logs/Dispatcher - 1350-7351.log +0 -29
- data/spec/support/logs/Dispatcher - 1368-38528.log +0 -22
- data/spec/support/logs/Dispatcher - 1386-17419.log +0 -14
- data/spec/support/logs/Dispatcher - 31030-26156.log +0 -10
- data/spec/support/logs/Dispatcher - 321-27189.log +0 -12
- data/spec/support/logs/Dispatcher - 32353-50061.log +0 -20
- data/spec/support/logs/Dispatcher - 32450-61574.log +0 -10
- data/spec/support/logs/Dispatcher - 32470-53874.log +0 -20
- data/spec/support/logs/Dispatcher - 32491-10523.log +0 -18
- data/spec/support/logs/Dispatcher - 32509-8583.log +0 -14
- data/spec/support/logs/Dispatcher - 32536-21209.log +0 -10
- data/spec/support/logs/Dispatcher - 32556-53881.log +0 -10
- data/spec/support/logs/Dispatcher - 32579-49083.log +0 -50
- data/spec/support/logs/Dispatcher - 32761-20025.log +0 -12
- data/spec/support/logs/Dispatcher - 347-17512.log +0 -12
- data/spec/support/logs/Dispatcher - 3489-43230.log +0 -24
- data/spec/support/logs/Dispatcher - 3524-57459.log +0 -26
- data/spec/support/logs/Dispatcher - 3559-21544.log +0 -20
- data/spec/support/logs/Dispatcher - 3764-33844.log +0 -25
- data/spec/support/logs/Dispatcher - 3798-45350.log +0 -26
- data/spec/support/logs/Dispatcher - 382-15725.log +0 -12
- data/spec/support/logs/Dispatcher - 3836-6205.log +0 -21
- data/spec/support/logs/Dispatcher - 4112-45433.log +0 -22
- data/spec/support/logs/Dispatcher - 4148-53510.log +0 -26
- data/spec/support/logs/Dispatcher - 415-29873.log +0 -14
- data/spec/support/logs/Dispatcher - 4185-29736.log +0 -18
- data/spec/support/logs/Dispatcher - 4268-60912.log +0 -25
- data/spec/support/logs/Dispatcher - 4303-39372.log +0 -26
- data/spec/support/logs/Dispatcher - 4342-42190.log +0 -21
- data/spec/support/logs/Dispatcher - 463-55220.log +0 -26
- data/spec/support/logs/Dispatcher - 4649-12104.log +0 -22
- data/spec/support/logs/Dispatcher - 4683-32355.log +0 -26
- data/spec/support/logs/Dispatcher - 4724-41636.log +0 -18
- data/spec/support/logs/Dispatcher - 4881-57692.log +0 -22
- data/spec/support/logs/Dispatcher - 4961-64665.log +0 -26
- data/spec/support/logs/Dispatcher - 502-8742.log +0 -25
- data/spec/support/logs/Dispatcher - 5052-61726.log +0 -18
- data/spec/support/logs/Dispatcher - 536-15972.log +0 -22
- data/spec/support/logs/Dispatcher - 620-2220.log +0 -20
- data/spec/support/logs/Dispatcher - 638-17826.log +0 -18
- data/spec/support/logs/Dispatcher - 656-23967.log +0 -16
- data/spec/support/logs/Dispatcher - 700-15701.log +0 -12
- data/spec/support/logs/Dispatcher - 726-6080.log +0 -10
- data/spec/support/logs/Dispatcher - 749-56590.log +0 -18
- data/spec/support/logs/Dispatcher - 807-19073.log +0 -18
- data/spec/support/logs/Dispatcher - 871-8764.log +0 -10
- data/spec/support/logs/Dispatcher - 898-21496.log +0 -12
- data/spec/support/logs/Dispatcher - 933-64070.log +0 -12
- data/spec/support/logs/Instance - 1577-32284.error.log +0 -151
- data/spec/support/logs/Instance - 1625-58174.error.log +0 -154
- data/spec/support/logs/Instance - 2727-57968.error.log +0 -151
- data/spec/support/logs/Instance - 2898-20648.error.log +0 -303
- data/spec/support/logs/Instance - 2901-30845.error.log +0 -429
- data/spec/support/logs/Instance - 31185-37600.error.log +0 -174
- data/spec/support/logs/Instance - 3319-20111.error.log +0 -175
- data/spec/support/logs/error-3855.log +0 -5132
|
@@ -121,7 +121,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
121
121
|
])
|
|
122
122
|
expect(entry.tainted_value).to eq(taint2)
|
|
123
123
|
expect(entry.taint).to eq(taint2)
|
|
124
|
-
expect(@browser.source.split("\n")[entry.trace[0].line
|
|
124
|
+
expect(@browser.source.split("\n")[entry.trace[0].line]).to include 'process('
|
|
125
125
|
|
|
126
126
|
entry = sink[1]
|
|
127
127
|
expect(entry.object).to eq('Window')
|
|
@@ -135,7 +135,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
135
135
|
])
|
|
136
136
|
expect(entry.tainted_value).to eq(taint2)
|
|
137
137
|
expect(entry.taint).to eq(taint2)
|
|
138
|
-
expect(@browser.source.split("\n")[entry.trace[0].line
|
|
138
|
+
expect(@browser.source.split("\n")[entry.trace[0].line]).to include 'process('
|
|
139
139
|
end
|
|
140
140
|
end
|
|
141
141
|
|
|
@@ -168,7 +168,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
168
168
|
])
|
|
169
169
|
expect(entry.tainted_value).to eq(taint)
|
|
170
170
|
expect(entry.taint).to eq(taint)
|
|
171
|
-
expect(@browser.source.split("\n")[entry.trace[0].line
|
|
171
|
+
expect(@browser.source.split("\n")[entry.trace[0].line]).to include 'process('
|
|
172
172
|
end
|
|
173
173
|
end
|
|
174
174
|
|
|
@@ -187,7 +187,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
187
187
|
expect(entry.function.arguments).to eq([ taint ])
|
|
188
188
|
expect(entry.tainted_value).to eq(taint)
|
|
189
189
|
expect(entry.taint).to eq(taint)
|
|
190
|
-
expect(@browser.source.split("\n")[entry.trace[0].line
|
|
190
|
+
expect(@browser.source.split("\n")[entry.trace[0].line]).to include "#{function}("
|
|
191
191
|
end
|
|
192
192
|
end
|
|
193
193
|
end
|
|
@@ -201,7 +201,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
201
201
|
sink = subject.data_flow_sinks[taint]
|
|
202
202
|
|
|
203
203
|
entry = sink[0]
|
|
204
|
-
expect(entry.object).to eq('
|
|
204
|
+
expect(entry.object).to eq('XMLHttpRequest')
|
|
205
205
|
expect(entry.function.name).to eq('open')
|
|
206
206
|
expect(entry.function.arguments).to eq([
|
|
207
207
|
'GET', "/?taint=#{taint}", true
|
|
@@ -210,7 +210,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
210
210
|
expect(entry.taint).to eq(taint)
|
|
211
211
|
|
|
212
212
|
trace = entry.trace[0]
|
|
213
|
-
expect(@browser.source.split("\n")[trace.line
|
|
213
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'open('
|
|
214
214
|
expect(trace.url).to eq(@browser.url)
|
|
215
215
|
end
|
|
216
216
|
end
|
|
@@ -222,14 +222,14 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
222
222
|
sink = subject.data_flow_sinks[taint]
|
|
223
223
|
|
|
224
224
|
entry = sink[0]
|
|
225
|
-
expect(entry.object).to eq('
|
|
225
|
+
expect(entry.object).to eq('XMLHttpRequest')
|
|
226
226
|
expect(entry.function.name).to eq('send')
|
|
227
227
|
expect(entry.function.arguments).to eq([ "taint=#{taint}" ])
|
|
228
228
|
expect(entry.tainted_value).to eq("taint=#{taint}")
|
|
229
229
|
expect(entry.taint).to eq(taint)
|
|
230
230
|
|
|
231
231
|
trace = entry.trace[0]
|
|
232
|
-
expect(@browser.source.split("\n")[trace.line
|
|
232
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'send('
|
|
233
233
|
expect(trace.url).to eq(@browser.url)
|
|
234
234
|
end
|
|
235
235
|
end
|
|
@@ -241,14 +241,14 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
241
241
|
sink = subject.data_flow_sinks[taint]
|
|
242
242
|
|
|
243
243
|
entry = sink[0]
|
|
244
|
-
expect(entry.object).to eq('
|
|
244
|
+
expect(entry.object).to eq('XMLHttpRequest')
|
|
245
245
|
expect(entry.function.name).to eq('setRequestHeader')
|
|
246
246
|
expect(entry.function.arguments).to eq([ 'X-My-Header', "stuff-#{taint}" ])
|
|
247
247
|
expect(entry.tainted_value).to eq("stuff-#{taint}")
|
|
248
248
|
expect(entry.taint).to eq(taint)
|
|
249
249
|
|
|
250
250
|
trace = entry.trace[0]
|
|
251
|
-
expect(@browser.source.split("\n")[trace.line
|
|
251
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'setRequestHeader('
|
|
252
252
|
expect(trace.url).to eq(@browser.url)
|
|
253
253
|
end
|
|
254
254
|
end
|
|
@@ -269,7 +269,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
269
269
|
expect(entry.taint).to eq(taint)
|
|
270
270
|
|
|
271
271
|
trace = entry.trace[0]
|
|
272
|
-
expect(@browser.source.split("\n")[trace.line
|
|
272
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'angular.element('
|
|
273
273
|
expect(trace.url).to eq(@browser.url)
|
|
274
274
|
end
|
|
275
275
|
end
|
|
@@ -290,7 +290,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
290
290
|
expect(entry.trace[0].url).to eq(@browser.url)
|
|
291
291
|
|
|
292
292
|
entry = sink[3]
|
|
293
|
-
expect(entry.object).to eq('
|
|
293
|
+
expect(entry.object).to eq('XMLHttpRequest')
|
|
294
294
|
expect(entry.function.name).to eq('open')
|
|
295
295
|
expect(entry.function.arguments).to eq([
|
|
296
296
|
'DELETE', "/#{taint}", true
|
|
@@ -316,7 +316,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
316
316
|
expect(entry.trace[0].url).to eq(@browser.url)
|
|
317
317
|
|
|
318
318
|
entry = sink[3]
|
|
319
|
-
expect(entry.object).to eq('
|
|
319
|
+
expect(entry.object).to eq('XMLHttpRequest')
|
|
320
320
|
expect(entry.function.name).to eq('open')
|
|
321
321
|
expect(entry.function.arguments).to eq([
|
|
322
322
|
'HEAD', "/#{taint}", true
|
|
@@ -342,7 +342,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
342
342
|
expect(entry.trace[0].url).to eq(@browser.url)
|
|
343
343
|
|
|
344
344
|
entry = sink[2]
|
|
345
|
-
expect(entry.object).to eq('
|
|
345
|
+
expect(entry.object).to eq('Element')
|
|
346
346
|
expect(entry.function.name).to eq('setAttribute')
|
|
347
347
|
expect(entry.function.arguments).to eq([
|
|
348
348
|
'href', "/jsonp-#{taint}"
|
|
@@ -370,7 +370,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
370
370
|
expect(entry.trace[0].url).to eq(@browser.url)
|
|
371
371
|
|
|
372
372
|
entry = sink[2]
|
|
373
|
-
expect(entry.object).to eq('
|
|
373
|
+
expect(entry.object).to eq('XMLHttpRequest')
|
|
374
374
|
expect(entry.function.name).to eq('send')
|
|
375
375
|
expect(entry.function.arguments).to eq([ "Stuff #{taint}" ])
|
|
376
376
|
expect(entry.tainted_value).to eq("Stuff #{taint}")
|
|
@@ -394,7 +394,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
394
394
|
expect(entry.trace[0].url).to eq(@browser.url)
|
|
395
395
|
|
|
396
396
|
entry = sink[3]
|
|
397
|
-
expect(entry.object).to eq('
|
|
397
|
+
expect(entry.object).to eq('XMLHttpRequest')
|
|
398
398
|
expect(entry.function.name).to eq('open')
|
|
399
399
|
expect(entry.function.arguments).to eq([
|
|
400
400
|
'GET', "/#{taint}", true
|
|
@@ -430,7 +430,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
430
430
|
expect(entry.trace[0].url).to eq(@browser.url)
|
|
431
431
|
|
|
432
432
|
entry = sink[3]
|
|
433
|
-
expect(entry.object).to eq('
|
|
433
|
+
expect(entry.object).to eq('XMLHttpRequest')
|
|
434
434
|
expect(entry.function.name).to eq('open')
|
|
435
435
|
expect(entry.function.arguments).to eq([
|
|
436
436
|
'POST', "/?stuff=Stuff+#{taint}", true
|
|
@@ -452,7 +452,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
452
452
|
# ngRoute module first schedules an HTTP request to grab
|
|
453
453
|
# the template from the given 'templateUrl'...
|
|
454
454
|
entry = sink[6]
|
|
455
|
-
expect(entry.object).to eq('
|
|
455
|
+
expect(entry.object).to eq('XMLHttpRequest')
|
|
456
456
|
expect(entry.function.name).to eq('open')
|
|
457
457
|
expect(entry.function.arguments).to eq([
|
|
458
458
|
'GET', "template.html?taint=#{taint}", true
|
|
@@ -488,7 +488,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
488
488
|
expect(entry.taint).to eq(taint)
|
|
489
489
|
|
|
490
490
|
trace = entry.trace[0]
|
|
491
|
-
expect(@browser.source.split("\n")[trace.line -
|
|
491
|
+
expect(@browser.source.split("\n")[trace.line - 1]).to include 'html('
|
|
492
492
|
expect(trace.url).to eq(@browser.url)
|
|
493
493
|
end
|
|
494
494
|
end
|
|
@@ -507,7 +507,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
507
507
|
expect(entry.taint).to eq(taint)
|
|
508
508
|
|
|
509
509
|
trace = entry.trace[0]
|
|
510
|
-
expect(@browser.source.split("\n")[trace.line -
|
|
510
|
+
expect(@browser.source.split("\n")[trace.line - 1]).to include 'text('
|
|
511
511
|
expect(trace.url).to eq(@browser.url)
|
|
512
512
|
end
|
|
513
513
|
end
|
|
@@ -526,7 +526,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
526
526
|
expect(entry.taint).to eq(taint)
|
|
527
527
|
|
|
528
528
|
trace = entry.trace[0]
|
|
529
|
-
expect(@browser.source.split("\n")[trace.line
|
|
529
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'append('
|
|
530
530
|
expect(trace.url).to eq(@browser.url)
|
|
531
531
|
end
|
|
532
532
|
end
|
|
@@ -545,7 +545,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
545
545
|
expect(entry.taint).to eq(taint)
|
|
546
546
|
|
|
547
547
|
trace = entry.trace[0]
|
|
548
|
-
expect(@browser.source.split("\n")[trace.line
|
|
548
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'prepend('
|
|
549
549
|
expect(trace.url).to eq(@browser.url)
|
|
550
550
|
end
|
|
551
551
|
end
|
|
@@ -564,7 +564,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
564
564
|
expect(entry.taint).to eq(taint)
|
|
565
565
|
|
|
566
566
|
trace = entry.trace[0]
|
|
567
|
-
expect(@browser.source.split("\n")[trace.line
|
|
567
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'prop('
|
|
568
568
|
expect(trace.url).to eq(@browser.url)
|
|
569
569
|
end
|
|
570
570
|
end
|
|
@@ -583,7 +583,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
583
583
|
expect(entry.taint).to eq(taint)
|
|
584
584
|
|
|
585
585
|
trace = entry.trace[0]
|
|
586
|
-
expect(@browser.source.split("\n")[trace.line -
|
|
586
|
+
expect(@browser.source.split("\n")[trace.line - 1]).to include 'replaceWith('
|
|
587
587
|
expect(trace.url).to eq(@browser.url)
|
|
588
588
|
end
|
|
589
589
|
end
|
|
@@ -602,7 +602,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
602
602
|
expect(entry.taint).to eq(taint)
|
|
603
603
|
|
|
604
604
|
trace = entry.trace[0]
|
|
605
|
-
expect(@browser.source.split("\n")[trace.line
|
|
605
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'val('
|
|
606
606
|
expect(trace.url).to eq(@browser.url)
|
|
607
607
|
end
|
|
608
608
|
end
|
|
@@ -624,7 +624,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
624
624
|
expect(entry.taint).to eq(taint)
|
|
625
625
|
|
|
626
626
|
trace = entry.trace[0]
|
|
627
|
-
expect(@browser.source.split("\n")[trace.line
|
|
627
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'cookie('
|
|
628
628
|
expect(trace.url).to eq(@browser.url)
|
|
629
629
|
end
|
|
630
630
|
end
|
|
@@ -650,7 +650,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
650
650
|
expect(entry.taint).to eq(taint)
|
|
651
651
|
|
|
652
652
|
trace = entry.trace[0]
|
|
653
|
-
expect(@browser.source.split("\n")[trace.line
|
|
653
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'ajax('
|
|
654
654
|
expect(trace.url).to eq(@browser.url)
|
|
655
655
|
end
|
|
656
656
|
end
|
|
@@ -672,7 +672,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
672
672
|
expect(entry.taint).to eq(taint)
|
|
673
673
|
|
|
674
674
|
trace = entry.trace[0]
|
|
675
|
-
expect(@browser.source.split("\n")[trace.line
|
|
675
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'get('
|
|
676
676
|
expect(trace.url).to eq(@browser.url)
|
|
677
677
|
end
|
|
678
678
|
end
|
|
@@ -691,7 +691,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
691
691
|
expect(entry.taint).to eq(taint)
|
|
692
692
|
|
|
693
693
|
trace = entry.trace[0]
|
|
694
|
-
expect(@browser.source.split("\n")[trace.line
|
|
694
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'post('
|
|
695
695
|
expect(trace.url).to eq(@browser.url)
|
|
696
696
|
end
|
|
697
697
|
end
|
|
@@ -710,7 +710,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
710
710
|
expect(entry.taint).to eq(taint)
|
|
711
711
|
|
|
712
712
|
trace = entry.trace[0]
|
|
713
|
-
expect(@browser.source.split("\n")[trace.line
|
|
713
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'load('
|
|
714
714
|
expect(trace.url).to eq(@browser.url)
|
|
715
715
|
end
|
|
716
716
|
end
|
|
@@ -729,7 +729,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
729
729
|
expect(entry.taint).to eq(taint)
|
|
730
730
|
|
|
731
731
|
trace = entry.trace[0]
|
|
732
|
-
expect(@browser.source.split("\n")[trace.line -
|
|
732
|
+
expect(@browser.source.split("\n")[trace.line - 1]).to include 'html('
|
|
733
733
|
expect(trace.url).to eq(@browser.url)
|
|
734
734
|
end
|
|
735
735
|
end
|
|
@@ -748,7 +748,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
748
748
|
expect(entry.taint).to eq(taint)
|
|
749
749
|
|
|
750
750
|
trace = entry.trace[0]
|
|
751
|
-
expect(@browser.source.split("\n")[trace.line -
|
|
751
|
+
expect(@browser.source.split("\n")[trace.line - 1]).to include 'text('
|
|
752
752
|
expect(trace.url).to eq(@browser.url)
|
|
753
753
|
end
|
|
754
754
|
end
|
|
@@ -767,7 +767,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
767
767
|
expect(entry.taint).to eq(taint)
|
|
768
768
|
|
|
769
769
|
trace = entry.trace[0]
|
|
770
|
-
expect(@browser.source.split("\n")[trace.line
|
|
770
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'append('
|
|
771
771
|
expect(trace.url).to eq(@browser.url)
|
|
772
772
|
end
|
|
773
773
|
end
|
|
@@ -786,7 +786,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
786
786
|
expect(entry.taint).to eq(taint)
|
|
787
787
|
|
|
788
788
|
trace = entry.trace[0]
|
|
789
|
-
expect(@browser.source.split("\n")[trace.line
|
|
789
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'prepend('
|
|
790
790
|
expect(trace.url).to eq(@browser.url)
|
|
791
791
|
end
|
|
792
792
|
end
|
|
@@ -805,7 +805,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
805
805
|
expect(entry.taint).to eq(taint)
|
|
806
806
|
|
|
807
807
|
trace = entry.trace[0]
|
|
808
|
-
expect(@browser.source.split("\n")[trace.line
|
|
808
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'before('
|
|
809
809
|
expect(trace.url).to eq(@browser.url)
|
|
810
810
|
end
|
|
811
811
|
end
|
|
@@ -824,7 +824,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
824
824
|
expect(entry.taint).to eq(taint)
|
|
825
825
|
|
|
826
826
|
trace = entry.trace[0]
|
|
827
|
-
expect(@browser.source.split("\n")[trace.line
|
|
827
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'prop('
|
|
828
828
|
expect(trace.url).to eq(@browser.url)
|
|
829
829
|
end
|
|
830
830
|
end
|
|
@@ -843,7 +843,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
843
843
|
expect(entry.taint).to eq(taint)
|
|
844
844
|
|
|
845
845
|
trace = entry.trace[0]
|
|
846
|
-
expect(@browser.source.split("\n")[trace.line -
|
|
846
|
+
expect(@browser.source.split("\n")[trace.line - 1]).to include 'replaceWith('
|
|
847
847
|
expect(trace.url).to eq(@browser.url)
|
|
848
848
|
end
|
|
849
849
|
end
|
|
@@ -862,7 +862,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
862
862
|
expect(entry.taint).to eq(taint)
|
|
863
863
|
|
|
864
864
|
trace = entry.trace[0]
|
|
865
|
-
expect(@browser.source.split("\n")[trace.line
|
|
865
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'val('
|
|
866
866
|
expect(trace.url).to eq(@browser.url)
|
|
867
867
|
end
|
|
868
868
|
end
|
|
@@ -886,7 +886,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
886
886
|
expect(entry.taint).to eq(taint)
|
|
887
887
|
|
|
888
888
|
trace = entry.trace[0]
|
|
889
|
-
expect(@browser.source.split("\n")[trace.line
|
|
889
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'replace('
|
|
890
890
|
expect(trace.url).to eq(@browser.url)
|
|
891
891
|
end
|
|
892
892
|
end
|
|
@@ -906,7 +906,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
906
906
|
expect(entry.taint).to eq(taint)
|
|
907
907
|
|
|
908
908
|
trace = entry.trace[0]
|
|
909
|
-
expect(@browser.source.split("\n")[trace.line
|
|
909
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'concat('
|
|
910
910
|
expect(trace.url).to eq(@browser.url)
|
|
911
911
|
end
|
|
912
912
|
end
|
|
@@ -926,7 +926,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
926
926
|
expect(entry.taint).to eq(taint)
|
|
927
927
|
|
|
928
928
|
trace = entry.trace[0]
|
|
929
|
-
expect(@browser.source.split("\n")[trace.line
|
|
929
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'indexOf('
|
|
930
930
|
expect(trace.url).to eq(@browser.url)
|
|
931
931
|
end
|
|
932
932
|
end
|
|
@@ -946,7 +946,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
946
946
|
expect(entry.taint).to eq(taint)
|
|
947
947
|
|
|
948
948
|
trace = entry.trace[0]
|
|
949
|
-
expect(@browser.source.split("\n")[trace.line
|
|
949
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'lastIndexOf('
|
|
950
950
|
expect(trace.url).to eq(@browser.url)
|
|
951
951
|
end
|
|
952
952
|
end
|
|
@@ -960,7 +960,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
960
960
|
sink = subject.data_flow_sinks[taint]
|
|
961
961
|
|
|
962
962
|
entry = sink[0]
|
|
963
|
-
expect(entry.object).to eq('
|
|
963
|
+
expect(entry.object).to eq('HTMLElement')
|
|
964
964
|
expect(entry.function.name).to eq('insertAdjacentHTML')
|
|
965
965
|
expect(entry.function.source).to start_with 'function insertAdjacentHTML'
|
|
966
966
|
expect(entry.function.arguments).to eq([
|
|
@@ -970,7 +970,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
970
970
|
expect(entry.taint).to eq(taint)
|
|
971
971
|
|
|
972
972
|
trace = entry.trace[0]
|
|
973
|
-
expect(@browser.source.split("\n")[trace.line
|
|
973
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'insertAdjacentHTML('
|
|
974
974
|
expect(trace.url).to eq(@browser.url)
|
|
975
975
|
end
|
|
976
976
|
end
|
|
@@ -984,7 +984,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
984
984
|
sink = subject.data_flow_sinks[taint]
|
|
985
985
|
|
|
986
986
|
entry = sink[0]
|
|
987
|
-
expect(entry.object).to eq('
|
|
987
|
+
expect(entry.object).to eq('Element')
|
|
988
988
|
expect(entry.function.name).to eq('setAttribute')
|
|
989
989
|
expect(entry.function.source).to start_with 'function setAttribute'
|
|
990
990
|
expect(entry.function.arguments).to eq([
|
|
@@ -994,7 +994,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
994
994
|
expect(entry.taint).to eq(taint)
|
|
995
995
|
|
|
996
996
|
trace = entry.trace[0]
|
|
997
|
-
expect(@browser.source.split("\n")[trace.line
|
|
997
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'setAttribute('
|
|
998
998
|
expect(trace.url).to eq(@browser.url)
|
|
999
999
|
end
|
|
1000
1000
|
end
|
|
@@ -1008,7 +1008,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1008
1008
|
sink = subject.data_flow_sinks[taint]
|
|
1009
1009
|
|
|
1010
1010
|
entry = sink[0]
|
|
1011
|
-
expect(entry.object).to eq('
|
|
1011
|
+
expect(entry.object).to eq('Document')
|
|
1012
1012
|
expect(entry.function.name).to eq('createTextNode')
|
|
1013
1013
|
expect(entry.function.source).to start_with 'function createTextNode'
|
|
1014
1014
|
expect(entry.function.arguments).to eq([ "node #{taint}" ])
|
|
@@ -1016,7 +1016,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1016
1016
|
expect(entry.taint).to eq(taint)
|
|
1017
1017
|
|
|
1018
1018
|
trace = entry.trace[0]
|
|
1019
|
-
expect(@browser.source.split("\n")[trace.line
|
|
1019
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'document.createTextNode('
|
|
1020
1020
|
expect(trace.url).to eq(@browser.url)
|
|
1021
1021
|
end
|
|
1022
1022
|
end
|
|
@@ -1030,7 +1030,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1030
1030
|
sink = subject.data_flow_sinks[taint]
|
|
1031
1031
|
|
|
1032
1032
|
entry = sink[0]
|
|
1033
|
-
expect(entry.object).to eq('
|
|
1033
|
+
expect(entry.object).to eq('CharacterData')
|
|
1034
1034
|
expect(entry.function.name).to eq('insertData')
|
|
1035
1035
|
expect(entry.function.source).to start_with 'function insertData'
|
|
1036
1036
|
expect(entry.function.arguments).to eq([ "Stuff #{taint}" ])
|
|
@@ -1038,7 +1038,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1038
1038
|
expect(entry.taint).to eq(taint)
|
|
1039
1039
|
|
|
1040
1040
|
trace = entry.trace[0]
|
|
1041
|
-
expect(@browser.source.split("\n")[trace.line
|
|
1041
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'insertData('
|
|
1042
1042
|
expect(trace.url).to eq(@browser.url)
|
|
1043
1043
|
end
|
|
1044
1044
|
end
|
|
@@ -1050,7 +1050,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1050
1050
|
sink = subject.data_flow_sinks[taint]
|
|
1051
1051
|
|
|
1052
1052
|
entry = sink[0]
|
|
1053
|
-
expect(entry.object).to eq('
|
|
1053
|
+
expect(entry.object).to eq('CharacterData')
|
|
1054
1054
|
expect(entry.function.name).to eq('appendData')
|
|
1055
1055
|
expect(entry.function.source).to start_with 'function appendData'
|
|
1056
1056
|
expect(entry.function.arguments).to eq([ "Stuff #{taint}" ])
|
|
@@ -1058,7 +1058,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1058
1058
|
expect(entry.taint).to eq(taint)
|
|
1059
1059
|
|
|
1060
1060
|
trace = entry.trace[0]
|
|
1061
|
-
expect(@browser.source.split("\n")[trace.line
|
|
1061
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'appendData('
|
|
1062
1062
|
expect(trace.url).to eq(@browser.url)
|
|
1063
1063
|
end
|
|
1064
1064
|
end
|
|
@@ -1070,7 +1070,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1070
1070
|
sink = subject.data_flow_sinks[taint]
|
|
1071
1071
|
|
|
1072
1072
|
entry = sink[0]
|
|
1073
|
-
expect(entry.object).to eq('
|
|
1073
|
+
expect(entry.object).to eq('CharacterData')
|
|
1074
1074
|
expect(entry.function.name).to eq('replaceData')
|
|
1075
1075
|
expect(entry.function.source).to start_with 'function replaceData'
|
|
1076
1076
|
expect(entry.function.arguments).to eq([ 0, 0, "Stuff #{taint}" ])
|
|
@@ -1078,29 +1078,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1078
1078
|
expect(entry.taint).to eq(taint)
|
|
1079
1079
|
|
|
1080
1080
|
trace = entry.trace[0]
|
|
1081
|
-
expect(@browser.source.split("\n")[trace.line
|
|
1082
|
-
expect(trace.url).to eq(@browser.url)
|
|
1083
|
-
end
|
|
1084
|
-
end
|
|
1085
|
-
end
|
|
1086
|
-
|
|
1087
|
-
context 'Text' do
|
|
1088
|
-
context '.replaceWholeText' do
|
|
1089
|
-
it 'logs it' do
|
|
1090
|
-
load_with_taint 'data_trace/Text.replaceWholeText'
|
|
1091
|
-
|
|
1092
|
-
sink = subject.data_flow_sinks[taint]
|
|
1093
|
-
|
|
1094
|
-
entry = sink[0]
|
|
1095
|
-
expect(entry.object).to eq('TextPrototype')
|
|
1096
|
-
expect(entry.function.name).to eq('replaceWholeText')
|
|
1097
|
-
expect(entry.function.source).to start_with 'function replaceWholeText'
|
|
1098
|
-
expect(entry.function.arguments).to eq([ "Stuff #{taint}" ])
|
|
1099
|
-
expect(entry.tainted_value).to eq("Stuff #{taint}")
|
|
1100
|
-
expect(entry.taint).to eq(taint)
|
|
1101
|
-
|
|
1102
|
-
trace = entry.trace[0]
|
|
1103
|
-
expect(@browser.source.split("\n")[trace.line - 1]).to include 'replaceWholeText('
|
|
1081
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'replaceData('
|
|
1104
1082
|
expect(trace.url).to eq(@browser.url)
|
|
1105
1083
|
end
|
|
1106
1084
|
end
|
|
@@ -1114,7 +1092,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1114
1092
|
sink = subject.data_flow_sinks[taint]
|
|
1115
1093
|
|
|
1116
1094
|
entry = sink[0]
|
|
1117
|
-
expect(entry.object).to eq('
|
|
1095
|
+
expect(entry.object).to eq('HTMLDocument')
|
|
1118
1096
|
expect(entry.function.name).to eq('write')
|
|
1119
1097
|
expect(entry.function.source).to start_with 'function write'
|
|
1120
1098
|
expect(entry.function.arguments).to eq([
|
|
@@ -1126,7 +1104,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1126
1104
|
expect(entry.taint).to eq(taint)
|
|
1127
1105
|
|
|
1128
1106
|
trace = entry.trace[0]
|
|
1129
|
-
expect(@browser.source.split("\n")[trace.line
|
|
1107
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'document.write('
|
|
1130
1108
|
expect(trace.url).to eq(@browser.url)
|
|
1131
1109
|
end
|
|
1132
1110
|
end
|
|
@@ -1138,7 +1116,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1138
1116
|
sink = subject.data_flow_sinks[taint]
|
|
1139
1117
|
|
|
1140
1118
|
entry = sink[0]
|
|
1141
|
-
expect(entry.object).to eq('
|
|
1119
|
+
expect(entry.object).to eq('HTMLDocument')
|
|
1142
1120
|
expect(entry.function.name).to eq('writeln')
|
|
1143
1121
|
expect(entry.function.source).to start_with 'function writeln'
|
|
1144
1122
|
expect(entry.function.arguments).to eq([
|
|
@@ -1150,7 +1128,7 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1150
1128
|
expect(entry.taint).to eq(taint)
|
|
1151
1129
|
|
|
1152
1130
|
trace = entry.trace[0]
|
|
1153
|
-
expect(@browser.source.split("\n")[trace.line
|
|
1131
|
+
expect(@browser.source.split("\n")[trace.line]).to include 'document.writeln('
|
|
1154
1132
|
expect(trace.url).to eq(@browser.url)
|
|
1155
1133
|
end
|
|
1156
1134
|
end
|
|
@@ -1228,12 +1206,12 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1228
1206
|
|
|
1229
1207
|
expect(first_entry.trace[0].function.name).to eq('onClick')
|
|
1230
1208
|
expect(first_entry.trace[0].function.source).to start_with 'function onClick'
|
|
1231
|
-
expect(@browser.source.split("\n")[first_entry.trace[0].line
|
|
1209
|
+
expect(@browser.source.split("\n")[first_entry.trace[0].line]).to include 'log_data_flow_sink'
|
|
1232
1210
|
expect(first_entry.trace[0].function.arguments).to eq(%w(some-arg arguments-arg here-arg))
|
|
1233
1211
|
|
|
1234
1212
|
expect(first_entry.trace[1].function.name).to eq('onsubmit')
|
|
1235
1213
|
expect(first_entry.trace[1].function.source).to start_with 'function onsubmit'
|
|
1236
|
-
expect(@browser.source.split("\n")[first_entry.trace[1].line
|
|
1214
|
+
expect(@browser.source.split("\n")[first_entry.trace[1].line]).to include 'onsubmit'
|
|
1237
1215
|
expect(first_entry.trace[1].function.arguments.size).to eq(1)
|
|
1238
1216
|
|
|
1239
1217
|
event = first_entry.trace[1].function.arguments.first
|
|
@@ -1265,12 +1243,12 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1265
1243
|
|
|
1266
1244
|
expect(first_entry.trace[0].function.name).to eq('onClick')
|
|
1267
1245
|
expect(first_entry.trace[0].function.source).to start_with 'function onClick'
|
|
1268
|
-
expect(@browser.source.split("\n")[first_entry.trace[0].line
|
|
1246
|
+
expect(@browser.source.split("\n")[first_entry.trace[0].line]).to include 'log_execution_flow_sink(1)'
|
|
1269
1247
|
expect(first_entry.trace[0].function.arguments).to eq(%w(some-arg arguments-arg here-arg))
|
|
1270
1248
|
|
|
1271
1249
|
expect(first_entry.trace[1].function.name).to eq('onsubmit')
|
|
1272
1250
|
expect(first_entry.trace[1].function.source).to start_with 'function onsubmit'
|
|
1273
|
-
expect(@browser.source.split("\n")[first_entry.trace[1].line
|
|
1251
|
+
expect(@browser.source.split("\n")[first_entry.trace[1].line]).to include 'onsubmit'
|
|
1274
1252
|
expect(first_entry.trace[1].function.arguments.size).to eq(1)
|
|
1275
1253
|
|
|
1276
1254
|
event = first_entry.trace[1].function.arguments.first
|
|
@@ -1302,12 +1280,12 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1302
1280
|
|
|
1303
1281
|
expect(first_entry.trace[0].function.name).to eq('onClick')
|
|
1304
1282
|
expect(first_entry.trace[0].function.source).to start_with 'function onClick'
|
|
1305
|
-
expect(@browser.source.split("\n")[first_entry.trace[0].line
|
|
1283
|
+
expect(@browser.source.split("\n")[first_entry.trace[0].line]).to include 'log_execution_flow_sink(1)'
|
|
1306
1284
|
expect(first_entry.trace[0].function.arguments).to eq(%w(some-arg arguments-arg here-arg))
|
|
1307
1285
|
|
|
1308
1286
|
expect(first_entry.trace[1].function.name).to eq('onsubmit')
|
|
1309
1287
|
expect(first_entry.trace[1].function.source).to start_with 'function onsubmit'
|
|
1310
|
-
expect(@browser.source.split("\n")[first_entry.trace[1].line
|
|
1288
|
+
expect(@browser.source.split("\n")[first_entry.trace[1].line]).to include 'onsubmit'
|
|
1311
1289
|
expect(first_entry.trace[1].function.arguments.size).to eq(1)
|
|
1312
1290
|
|
|
1313
1291
|
event = first_entry.trace[1].function.arguments.first
|
|
@@ -1351,12 +1329,12 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1351
1329
|
|
|
1352
1330
|
expect(first_entry.trace[0].function.name).to eq('onClick')
|
|
1353
1331
|
expect(first_entry.trace[0].function.source).to start_with 'function onClick'
|
|
1354
|
-
expect(@browser.source.split("\n")[first_entry.trace[0].line
|
|
1332
|
+
expect(@browser.source.split("\n")[first_entry.trace[0].line]).to include 'log_data_flow_sink'
|
|
1355
1333
|
expect(first_entry.trace[0].function.arguments).to eq(%w(some-arg arguments-arg here-arg))
|
|
1356
1334
|
|
|
1357
1335
|
expect(first_entry.trace[1].function.name).to eq('onsubmit')
|
|
1358
1336
|
expect(first_entry.trace[1].function.source).to start_with 'function onsubmit'
|
|
1359
|
-
expect(@browser.source.split("\n")[first_entry.trace[1].line
|
|
1337
|
+
expect(@browser.source.split("\n")[first_entry.trace[1].line]).to include 'onsubmit'
|
|
1360
1338
|
expect(first_entry.trace[1].function.arguments.size).to eq(1)
|
|
1361
1339
|
|
|
1362
1340
|
event = first_entry.trace[1].function.arguments.first
|
|
@@ -1425,12 +1403,12 @@ describe Arachni::Browser::Javascript::TaintTracer do
|
|
|
1425
1403
|
|
|
1426
1404
|
expect(first_entry.trace[0].function.name).to eq('onClick')
|
|
1427
1405
|
expect(first_entry.trace[0].function.source).to start_with 'function onClick'
|
|
1428
|
-
expect(@browser.source.split("\n")[first_entry.trace[0].line
|
|
1406
|
+
expect(@browser.source.split("\n")[first_entry.trace[0].line]).to include 'debug(1)'
|
|
1429
1407
|
expect(first_entry.trace[0].function.arguments).to eq(%w(some-arg arguments-arg here-arg))
|
|
1430
1408
|
|
|
1431
1409
|
expect(first_entry.trace[1].function.name).to eq('onsubmit')
|
|
1432
1410
|
expect(first_entry.trace[1].function.source).to start_with 'function onsubmit'
|
|
1433
|
-
expect(@browser.source.split("\n")[first_entry.trace[1].line
|
|
1411
|
+
expect(@browser.source.split("\n")[first_entry.trace[1].line]).to include 'onClick('
|
|
1434
1412
|
expect(first_entry.trace[1].function.arguments.size).to eq(1)
|
|
1435
1413
|
|
|
1436
1414
|
event = first_entry.trace[1].function.arguments.first
|