arachni 1.0.6 → 1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +193 -0
- data/Gemfile +0 -1
- data/LICENSE.md +1 -1
- data/README.md +23 -18
- data/Rakefile +5 -3
- data/arachni.gemspec +11 -8
- data/bin/arachni +1 -1
- data/bin/arachni_console +1 -1
- data/bin/arachni_multi +1 -1
- data/bin/arachni_reporter +1 -1
- data/bin/arachni_restore +1 -1
- data/bin/arachni_rpc +1 -1
- data/bin/arachni_rpcd +1 -1
- data/bin/arachni_rpcd_monitor +1 -1
- data/bin/arachni_script +1 -1
- data/components/checks/active/code_injection.rb +5 -7
- data/components/checks/active/code_injection_php_input_wrapper.rb +1 -1
- data/components/checks/active/code_injection_timing.rb +2 -3
- data/components/checks/active/csrf.rb +9 -5
- data/components/checks/active/file_inclusion.rb +4 -5
- data/components/checks/active/ldap_injection.rb +6 -8
- data/components/checks/active/no_sql_injection.rb +4 -6
- data/components/checks/active/no_sql_injection_differential.rb +1 -1
- data/components/checks/active/os_cmd_injection.rb +7 -9
- data/components/checks/active/os_cmd_injection_timing.rb +6 -8
- data/components/checks/active/path_traversal.rb +6 -7
- data/components/checks/active/response_splitting.rb +7 -15
- data/components/checks/active/rfi.rb +4 -8
- data/components/checks/active/session_fixation.rb +1 -1
- data/components/checks/active/source_code_disclosure.rb +9 -7
- data/components/checks/active/sql_injection.rb +6 -9
- data/components/checks/active/sql_injection_differential.rb +3 -3
- data/components/checks/active/sql_injection_timing.rb +6 -8
- data/components/checks/active/trainer.rb +4 -4
- data/components/checks/active/unvalidated_redirect.rb +7 -6
- data/components/checks/active/unvalidated_redirect_dom.rb +97 -0
- data/components/checks/active/xpath_injection.rb +7 -8
- data/components/checks/active/xss.rb +11 -10
- data/components/checks/active/xss_dom.rb +3 -4
- data/components/checks/active/xss_dom_inputs.rb +1 -1
- data/components/checks/active/xss_dom_script_context.rb +6 -7
- data/components/checks/active/xss_event.rb +4 -4
- data/components/checks/active/xss_path.rb +1 -1
- data/components/checks/active/xss_script_context.rb +11 -4
- data/components/checks/active/xss_tag.rb +6 -6
- data/components/checks/active/xxe.rb +110 -0
- data/components/checks/passive/allowed_methods.rb +1 -1
- data/components/checks/passive/backdoors.rb +1 -1
- data/components/checks/passive/backup_directories.rb +1 -1
- data/components/checks/passive/backup_files.rb +1 -1
- data/components/checks/passive/common_directories.rb +1 -1
- data/components/checks/passive/common_directories/directories.txt +2 -0
- data/components/checks/passive/common_files.rb +1 -1
- data/components/checks/passive/directory_listing.rb +1 -1
- data/components/checks/passive/grep/captcha.rb +2 -2
- data/components/checks/passive/grep/cookie_set_for_parent_domain.rb +1 -1
- data/components/checks/passive/grep/credit_card.rb +1 -1
- data/components/checks/passive/grep/cvs_svn_users.rb +1 -1
- data/components/checks/passive/grep/emails.rb +1 -1
- data/components/checks/passive/grep/form_upload.rb +2 -2
- data/components/checks/passive/grep/hsts.rb +2 -2
- data/components/checks/passive/grep/html_objects.rb +4 -4
- data/components/checks/passive/grep/http_only_cookies.rb +1 -1
- data/components/checks/passive/grep/insecure_cookies.rb +1 -1
- data/components/checks/passive/grep/insecure_cors_policy.rb +66 -0
- data/components/checks/passive/grep/mixed_resource.rb +1 -1
- data/components/checks/passive/grep/password_autocomplete.rb +2 -2
- data/components/checks/passive/grep/private_ip.rb +1 -1
- data/components/checks/passive/grep/ssn.rb +1 -1
- data/components/checks/passive/grep/unencrypted_password_forms.rb +2 -2
- data/components/checks/passive/grep/x_frame_options.rb +61 -0
- data/components/checks/passive/htaccess_limit.rb +1 -1
- data/components/checks/passive/http_put.rb +10 -3
- data/components/checks/passive/insecure_client_access_policy.rb +91 -0
- data/components/checks/passive/insecure_cross_domain_policy_access.rb +91 -0
- data/components/checks/passive/insecure_cross_domain_policy_headers.rb +91 -0
- data/components/checks/passive/interesting_responses.rb +1 -1
- data/components/checks/passive/localstart_asp.rb +1 -1
- data/components/checks/passive/origin_spoof_access_restriction_bypass.rb +1 -1
- data/components/checks/passive/webdav.rb +1 -1
- data/components/checks/passive/xst.rb +1 -1
- data/components/fingerprinters/frameworks/rack.rb +1 -1
- data/components/fingerprinters/languages/asp.rb +1 -1
- data/components/fingerprinters/languages/aspx.rb +1 -1
- data/components/fingerprinters/languages/jsp.rb +1 -1
- data/components/fingerprinters/languages/php.rb +1 -1
- data/components/fingerprinters/languages/python.rb +1 -1
- data/components/fingerprinters/languages/ruby.rb +1 -1
- data/components/fingerprinters/os/bsd.rb +1 -1
- data/components/fingerprinters/os/linux.rb +1 -1
- data/components/fingerprinters/os/solaris.rb +1 -1
- data/components/fingerprinters/os/unix.rb +1 -1
- data/components/fingerprinters/os/windows.rb +1 -1
- data/components/fingerprinters/servers/apache.rb +1 -1
- data/components/fingerprinters/servers/iis.rb +1 -1
- data/components/fingerprinters/servers/jetty.rb +1 -1
- data/components/fingerprinters/servers/nginx.rb +1 -1
- data/components/fingerprinters/servers/tomcat.rb +1 -1
- data/components/path_extractors/anchors.rb +1 -1
- data/components/path_extractors/areas.rb +1 -1
- data/components/path_extractors/comments.rb +5 -5
- data/components/path_extractors/forms.rb +1 -1
- data/components/path_extractors/frames.rb +1 -1
- data/components/path_extractors/generic.rb +1 -1
- data/components/path_extractors/links.rb +1 -1
- data/components/path_extractors/meta_refresh.rb +1 -1
- data/components/path_extractors/scripts.rb +1 -1
- data/components/plugins/autologin.rb +6 -6
- data/components/plugins/beep_notify.rb +1 -1
- data/components/plugins/content_types.rb +1 -1
- data/components/plugins/cookie_collector.rb +1 -1
- data/components/plugins/defaults/autothrottle.rb +1 -1
- data/components/plugins/defaults/healthmap.rb +1 -1
- data/components/plugins/defaults/meta/remedies/discovery.rb +2 -4
- data/components/plugins/defaults/meta/remedies/timing_attacks.rb +1 -1
- data/components/plugins/defaults/meta/uniformity.rb +1 -1
- data/components/plugins/email_notify.rb +24 -12
- data/components/plugins/exec.rb +153 -0
- data/components/plugins/form_dicattack.rb +4 -4
- data/components/plugins/headers_collector.rb +102 -0
- data/components/plugins/http_dicattack.rb +4 -4
- data/components/plugins/login_script.rb +4 -5
- data/components/plugins/proxy.rb +19 -7
- data/components/plugins/proxy/template_scope.rb +1 -1
- data/components/plugins/script.rb +1 -1
- data/components/plugins/uncommon_headers.rb +9 -2
- data/components/plugins/vector_collector.rb +73 -0
- data/components/plugins/vector_feed.rb +3 -5
- data/components/plugins/waf_detector.rb +3 -3
- data/components/reporters/ap.rb +1 -1
- data/components/reporters/html.rb +138 -14
- data/components/reporters/html/default.erb +1 -1
- data/components/reporters/html/default/configuration.erb +2 -2
- data/components/reporters/html/default/issue/page.erb +1 -1
- data/components/reporters/html/default/issue/vector.erb +2 -2
- data/components/reporters/html/default/js/charts.js.erb +7 -4
- data/components/reporters/html/default/js/helpers.js +2 -0
- data/components/reporters/html/default/summary.erb +7 -0
- data/components/reporters/html/default/summary/charts.erb +3 -3
- data/components/reporters/html/default/summary/issues.erb +1 -91
- data/components/reporters/html/default/summary/issues/by_name.erb +90 -0
- data/components/reporters/html/default/summary/owasp_top_10.erb +43 -0
- data/components/reporters/json.rb +1 -1
- data/components/reporters/marshal.rb +1 -1
- data/components/reporters/plugin_formatters/html/autologin.rb +1 -1
- data/components/reporters/plugin_formatters/html/content_types.rb +1 -1
- data/components/reporters/plugin_formatters/html/cookie_collector.rb +1 -1
- data/components/reporters/plugin_formatters/html/exec.rb +63 -0
- data/components/reporters/plugin_formatters/html/form_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/html/healthmap.rb +1 -1
- data/components/reporters/plugin_formatters/html/http_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/html/login_script.rb +1 -1
- data/components/reporters/plugin_formatters/html/uncommon_headers.rb +1 -1
- data/components/reporters/plugin_formatters/html/uniformity.rb +1 -1
- data/components/reporters/plugin_formatters/html/vector_collector.rb +59 -0
- data/components/reporters/plugin_formatters/html/waf_detector.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/autologin.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/content_types.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/cookie_collector.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/exec.rb +26 -0
- data/components/reporters/plugin_formatters/stdout/form_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/healthmap.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/http_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/login_script.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/uncommon_headers.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/uniformity.rb +1 -1
- data/components/reporters/plugin_formatters/stdout/vector_collector.rb +40 -0
- data/components/reporters/plugin_formatters/stdout/waf_detector.rb +1 -1
- data/components/reporters/plugin_formatters/xml/autologin.rb +1 -1
- data/components/reporters/plugin_formatters/xml/content_types.rb +1 -1
- data/components/reporters/plugin_formatters/xml/cookie_collector.rb +1 -1
- data/components/reporters/plugin_formatters/xml/exec.rb +26 -0
- data/components/reporters/plugin_formatters/xml/form_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/xml/healthmap.rb +1 -1
- data/components/reporters/plugin_formatters/xml/http_dicattack.rb +1 -1
- data/components/reporters/plugin_formatters/xml/login_script.rb +1 -1
- data/components/reporters/plugin_formatters/xml/uncommon_headers.rb +1 -1
- data/components/reporters/plugin_formatters/xml/uniformity.rb +1 -1
- data/components/reporters/plugin_formatters/xml/vector_collector.rb +44 -0
- data/components/reporters/plugin_formatters/xml/waf_detector.rb +1 -1
- data/components/reporters/stdout.rb +1 -1
- data/components/reporters/txt.rb +1 -1
- data/components/reporters/xml.rb +18 -9
- data/components/reporters/xml/schema.xsd +73 -8
- data/components/reporters/yaml.rb +1 -1
- data/config/write_paths.yml +15 -0
- data/lib/arachni.rb +1 -1
- data/lib/arachni/banner.rb +1 -1
- data/lib/arachni/browser.rb +221 -77
- data/lib/arachni/browser/element_locator.rb +7 -2
- data/lib/arachni/browser/javascript.rb +40 -24
- data/lib/arachni/browser/javascript/dom_monitor.rb +1 -1
- data/lib/arachni/browser/javascript/proxy.rb +1 -1
- data/lib/arachni/browser/javascript/proxy/stub.rb +1 -1
- data/lib/arachni/browser/javascript/scripts/dom_monitor.js +8 -3
- data/lib/arachni/browser/javascript/scripts/taint_tracer.js +57 -39
- data/lib/arachni/browser/javascript/taint_tracer.rb +12 -8
- data/lib/arachni/browser/javascript/taint_tracer/frame.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/frame/called_function.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/sink/base.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/sink/data_flow.rb +1 -1
- data/lib/arachni/browser/javascript/taint_tracer/sink/execution_flow.rb +1 -1
- data/lib/arachni/browser_cluster.rb +5 -3
- data/lib/arachni/browser_cluster/job.rb +1 -1
- data/lib/arachni/browser_cluster/job/result.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/browser_provider.rb +2 -1
- data/lib/arachni/browser_cluster/jobs/resource_exploration.rb +2 -1
- data/lib/arachni/browser_cluster/jobs/resource_exploration/event_trigger.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/resource_exploration/event_trigger/result.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/resource_exploration/result.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/taint_trace.rb +2 -1
- data/lib/arachni/browser_cluster/jobs/taint_trace/event_trigger.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/taint_trace/event_trigger/result.rb +1 -1
- data/lib/arachni/browser_cluster/jobs/taint_trace/result.rb +1 -1
- data/lib/arachni/browser_cluster/worker.rb +16 -16
- data/lib/arachni/check.rb +1 -1
- data/lib/arachni/check/auditor.rb +40 -17
- data/lib/arachni/check/base.rb +1 -1
- data/lib/arachni/check/manager.rb +1 -1
- data/lib/arachni/component.rb +1 -1
- data/lib/arachni/component/base.rb +1 -1
- data/lib/arachni/component/manager.rb +1 -1
- data/lib/arachni/component/options.rb +1 -1
- data/lib/arachni/component/options/address.rb +1 -1
- data/lib/arachni/component/options/base.rb +1 -1
- data/lib/arachni/component/options/bool.rb +1 -1
- data/lib/arachni/component/options/float.rb +1 -1
- data/lib/arachni/component/options/int.rb +1 -1
- data/lib/arachni/component/options/multiple_choice.rb +1 -1
- data/lib/arachni/component/options/object.rb +1 -1
- data/lib/arachni/component/options/path.rb +1 -1
- data/lib/arachni/component/options/port.rb +1 -1
- data/lib/arachni/component/options/string.rb +1 -1
- data/lib/arachni/component/options/url.rb +1 -1
- data/lib/arachni/component/output.rb +1 -1
- data/lib/arachni/component/utilities.rb +1 -1
- data/lib/arachni/data.rb +1 -1
- data/lib/arachni/data/framework.rb +1 -1
- data/lib/arachni/data/framework/rpc.rb +1 -1
- data/lib/arachni/data/issues.rb +1 -1
- data/lib/arachni/data/plugins.rb +1 -1
- data/lib/arachni/data/session.rb +1 -1
- data/lib/arachni/element/base.rb +10 -4
- data/lib/arachni/element/body.rb +1 -6
- data/lib/arachni/element/capabilities/analyzable.rb +1 -1
- data/lib/arachni/element/capabilities/analyzable/differential.rb +41 -6
- data/lib/arachni/element/capabilities/analyzable/taint.rb +10 -2
- data/lib/arachni/element/capabilities/analyzable/timeout.rb +61 -8
- data/lib/arachni/element/capabilities/auditable.rb +9 -2
- data/lib/arachni/element/capabilities/auditable/dom.rb +6 -7
- data/lib/arachni/element/capabilities/inputtable.rb +5 -3
- data/lib/arachni/element/capabilities/mutable.rb +182 -67
- data/lib/arachni/element/capabilities/refreshable.rb +1 -1
- data/lib/arachni/element/capabilities/submittable.rb +3 -3
- data/lib/arachni/element/capabilities/with_auditor.rb +1 -1
- data/lib/arachni/element/capabilities/with_auditor/output.rb +1 -1
- data/lib/arachni/element/capabilities/with_dom.rb +17 -5
- data/lib/arachni/element/capabilities/with_node.rb +6 -31
- data/lib/arachni/element/capabilities/with_scope.rb +1 -1
- data/lib/arachni/element/capabilities/with_scope/scope.rb +8 -2
- data/lib/arachni/element/capabilities/with_source.rb +55 -0
- data/lib/arachni/element/cookie.rb +39 -112
- data/lib/arachni/element/cookie/capabilities/inputtable.rb +53 -0
- data/lib/arachni/element/cookie/capabilities/mutable.rb +95 -0
- data/lib/arachni/element/cookie/capabilities/with_dom.rb +31 -0
- data/lib/arachni/element/cookie/dom.rb +2 -2
- data/lib/arachni/element/form.rb +65 -153
- data/lib/arachni/element/form/capabilities/auditable.rb +45 -0
- data/lib/arachni/element/form/capabilities/mutable.rb +126 -0
- data/lib/arachni/element/form/capabilities/submittable.rb +36 -0
- data/lib/arachni/element/form/capabilities/with_dom.rb +32 -0
- data/lib/arachni/element/form/dom.rb +13 -4
- data/lib/arachni/element/generic_dom.rb +5 -3
- data/lib/arachni/element/header.rb +16 -11
- data/lib/arachni/element/json.rb +145 -0
- data/lib/arachni/element/json/capabilities/inputtable.rb +139 -0
- data/lib/arachni/element/json/capabilities/mutable.rb +121 -0
- data/lib/arachni/element/link.rb +14 -40
- data/lib/arachni/element/link/capabilities/auditable.rb +27 -0
- data/lib/arachni/element/link/capabilities/submittable.rb +37 -0
- data/lib/arachni/element/link/capabilities/with_dom.rb +43 -0
- data/lib/arachni/element/link/dom.rb +9 -2
- data/lib/arachni/element/link_template.rb +23 -51
- data/lib/arachni/element/link_template/capabilities/auditable.rb +27 -0
- data/lib/arachni/element/link_template/capabilities/inputtable.rb +47 -0
- data/lib/arachni/element/link_template/capabilities/with_dom.rb +42 -0
- data/lib/arachni/element/link_template/dom.rb +3 -2
- data/lib/arachni/element/path.rb +1 -1
- data/lib/arachni/element/server.rb +99 -18
- data/lib/arachni/element/xml.rb +195 -0
- data/lib/arachni/element/xml/capabilities/inputtable.rb +34 -0
- data/lib/arachni/element/xml/capabilities/mutable.rb +39 -0
- data/lib/arachni/element_filter.rb +54 -3
- data/lib/arachni/error.rb +1 -1
- data/lib/arachni/ethon/easy.rb +1 -1
- data/lib/arachni/framework.rb +20 -1
- data/lib/arachni/framework/parts/audit.rb +29 -22
- data/lib/arachni/framework/parts/browser.rb +53 -5
- data/lib/arachni/framework/parts/check.rb +11 -2
- data/lib/arachni/framework/parts/data.rb +8 -6
- data/lib/arachni/framework/parts/platform.rb +1 -1
- data/lib/arachni/framework/parts/plugin.rb +1 -1
- data/lib/arachni/framework/parts/report.rb +1 -1
- data/lib/arachni/framework/parts/scope.rb +1 -1
- data/lib/arachni/framework/parts/state.rb +5 -4
- data/lib/arachni/http.rb +1 -1
- data/lib/arachni/http/client.rb +13 -242
- data/lib/arachni/http/client/dynamic_404_handler.rb +474 -0
- data/lib/arachni/http/cookie_jar.rb +1 -1
- data/lib/arachni/http/headers.rb +11 -2
- data/lib/arachni/http/message.rb +1 -1
- data/lib/arachni/http/message/scope.rb +1 -1
- data/lib/arachni/http/proxy_server.rb +7 -4
- data/lib/arachni/http/request.rb +39 -8
- data/lib/arachni/http/request/scope.rb +1 -1
- data/lib/arachni/http/response.rb +10 -4
- data/lib/arachni/http/response/scope.rb +1 -1
- data/lib/arachni/issue.rb +17 -7
- data/lib/arachni/issue/severity.rb +1 -1
- data/lib/arachni/issue/severity/base.rb +1 -1
- data/lib/arachni/option_group.rb +1 -1
- data/lib/arachni/option_groups.rb +1 -1
- data/lib/arachni/option_groups/audit.rb +74 -6
- data/lib/arachni/option_groups/browser_cluster.rb +2 -2
- data/lib/arachni/option_groups/datastore.rb +1 -1
- data/lib/arachni/option_groups/dispatcher.rb +1 -1
- data/lib/arachni/option_groups/http.rb +143 -7
- data/lib/arachni/option_groups/input.rb +1 -1
- data/lib/arachni/option_groups/output.rb +1 -1
- data/lib/arachni/option_groups/paths.rb +1 -1
- data/lib/arachni/option_groups/rpc.rb +1 -1
- data/lib/arachni/option_groups/scope.rb +9 -9
- data/lib/arachni/option_groups/session.rb +1 -1
- data/lib/arachni/option_groups/snapshot.rb +1 -1
- data/lib/arachni/options.rb +1 -1
- data/lib/arachni/page.rb +81 -45
- data/lib/arachni/page/dom.rb +13 -3
- data/lib/arachni/page/dom/transition.rb +1 -1
- data/lib/arachni/page/scope.rb +1 -1
- data/lib/arachni/parser.rb +11 -1
- data/lib/arachni/platform.rb +1 -1
- data/lib/arachni/platform/fingerprinter.rb +1 -1
- data/lib/arachni/platform/list.rb +1 -1
- data/lib/arachni/platform/manager.rb +1 -1
- data/lib/arachni/plugin.rb +1 -1
- data/lib/arachni/plugin/base.rb +11 -4
- data/lib/arachni/plugin/formatter.rb +1 -1
- data/lib/arachni/plugin/manager.rb +13 -5
- data/lib/arachni/processes.rb +1 -1
- data/lib/arachni/processes/dispatchers.rb +1 -1
- data/lib/arachni/processes/helpers.rb +1 -1
- data/lib/arachni/processes/helpers/dispatchers.rb +1 -1
- data/lib/arachni/processes/helpers/instances.rb +1 -1
- data/lib/arachni/processes/helpers/processes.rb +1 -1
- data/lib/arachni/processes/instances.rb +1 -1
- data/lib/arachni/processes/manager.rb +8 -3
- data/lib/arachni/report.rb +12 -2
- data/lib/arachni/reporter.rb +1 -1
- data/lib/arachni/reporter/base.rb +1 -1
- data/lib/arachni/reporter/formatter_manager.rb +1 -1
- data/lib/arachni/reporter/manager.rb +1 -1
- data/lib/arachni/reporter/options.rb +1 -1
- data/lib/arachni/rpc/client/base.rb +1 -1
- data/lib/arachni/rpc/client/dispatcher.rb +1 -1
- data/lib/arachni/rpc/client/instance.rb +1 -1
- data/lib/arachni/rpc/client/instance/framework.rb +1 -1
- data/lib/arachni/rpc/client/instance/service.rb +1 -1
- data/lib/arachni/rpc/serializer.rb +3 -1
- data/lib/arachni/rpc/server/active_options.rb +1 -25
- data/lib/arachni/rpc/server/base.rb +1 -1
- data/lib/arachni/rpc/server/check/manager.rb +1 -1
- data/lib/arachni/rpc/server/dispatcher.rb +1 -1
- data/lib/arachni/rpc/server/dispatcher/node.rb +1 -1
- data/lib/arachni/rpc/server/dispatcher/service.rb +1 -1
- data/lib/arachni/rpc/server/framework.rb +1 -1
- data/lib/arachni/rpc/server/framework/distributor.rb +2 -6
- data/lib/arachni/rpc/server/framework/master.rb +1 -1
- data/lib/arachni/rpc/server/framework/multi_instance.rb +1 -1
- data/lib/arachni/rpc/server/framework/slave.rb +1 -1
- data/lib/arachni/rpc/server/instance.rb +9 -1
- data/lib/arachni/rpc/server/output.rb +1 -1
- data/lib/arachni/rpc/server/plugin/manager.rb +1 -1
- data/lib/arachni/ruby.rb +1 -1
- data/lib/arachni/ruby/array.rb +1 -1
- data/lib/arachni/ruby/hash.rb +1 -1
- data/lib/arachni/ruby/io.rb +1 -1
- data/lib/arachni/ruby/object.rb +1 -1
- data/lib/arachni/ruby/set.rb +1 -1
- data/lib/arachni/ruby/string.rb +1 -1
- data/lib/arachni/ruby/webrick.rb +1 -1
- data/lib/arachni/ruby/webrick/cookie.rb +1 -1
- data/lib/arachni/ruby/webrick/httprequest.rb +1 -1
- data/lib/arachni/scope.rb +1 -1
- data/lib/arachni/selenium/webdriver/remote/http/typhoeus.rb +19 -2
- data/lib/arachni/session.rb +8 -3
- data/lib/arachni/snapshot.rb +1 -1
- data/lib/arachni/state.rb +1 -1
- data/lib/arachni/state/audit.rb +1 -1
- data/lib/arachni/state/element_filter.rb +12 -20
- data/lib/arachni/state/framework.rb +1 -1
- data/lib/arachni/state/framework/rpc.rb +1 -1
- data/lib/arachni/state/http.rb +1 -1
- data/lib/arachni/state/options.rb +1 -1
- data/lib/arachni/state/plugins.rb +1 -1
- data/lib/arachni/support.rb +1 -1
- data/lib/arachni/support/buffer.rb +1 -1
- data/lib/arachni/support/buffer/autoflush.rb +1 -1
- data/lib/arachni/support/buffer/base.rb +1 -1
- data/lib/arachni/support/cache.rb +1 -1
- data/lib/arachni/support/cache/base.rb +1 -1
- data/lib/arachni/support/cache/least_cost_replacement.rb +1 -1
- data/lib/arachni/support/cache/least_recently_used.rb +1 -1
- data/lib/arachni/support/cache/preference.rb +1 -1
- data/lib/arachni/support/cache/random_replacement.rb +1 -1
- data/lib/arachni/support/crypto.rb +1 -1
- data/lib/arachni/support/crypto/rsa_aes_cbc.rb +1 -1
- data/lib/arachni/support/database.rb +1 -1
- data/lib/arachni/support/database/base.rb +1 -1
- data/lib/arachni/support/database/hash.rb +1 -1
- data/lib/arachni/support/database/queue.rb +1 -1
- data/lib/arachni/support/lookup.rb +1 -1
- data/lib/arachni/support/lookup/base.rb +1 -1
- data/lib/arachni/support/lookup/hash_set.rb +1 -1
- data/lib/arachni/support/lookup/moolb.rb +1 -1
- data/lib/arachni/support/mixins.rb +1 -1
- data/lib/arachni/support/mixins/observable.rb +1 -1
- data/lib/arachni/support/mixins/terminal.rb +1 -1
- data/lib/arachni/support/profiler.rb +1 -1
- data/lib/arachni/support/signature.rb +1 -1
- data/lib/arachni/trainer.rb +8 -1
- data/lib/arachni/ui/foo/output.rb +1 -1
- data/lib/arachni/uri.rb +79 -57
- data/lib/arachni/uri/scope.rb +17 -6
- data/lib/arachni/utilities.rb +8 -3
- data/lib/arachni/version.rb +1 -1
- data/lib/arachni/watir/element.rb +22 -1
- data/lib/version +1 -1
- data/spec/arachni/browser/element_locator_spec.rb +38 -1
- data/spec/arachni/browser/javascript/dom_monitor_spec.rb +21 -6
- data/spec/arachni/browser/javascript/taint_tracer_spec.rb +351 -216
- data/spec/arachni/browser/javascript_spec.rb +26 -6
- data/spec/arachni/browser_spec.rb +205 -53
- data/spec/arachni/check/auditor_spec.rb +36 -12
- data/spec/arachni/element/capabilities/analyzable/differential_spec.rb +84 -42
- data/spec/arachni/element/capabilities/analyzable/taint_spec.rb +2 -0
- data/spec/arachni/element/capabilities/analyzable/timeout_spec.rb +87 -19
- data/spec/arachni/element/capabilities/with_scope/scope_spec.rb +9 -0
- data/spec/arachni/element/cookie/dom_spec.rb +2 -2
- data/spec/arachni/element/cookie_spec.rb +28 -7
- data/spec/arachni/element/form/dom_spec.rb +2 -2
- data/spec/arachni/element/form_spec.rb +39 -7
- data/spec/arachni/element/generic_dom_spec.rb +13 -6
- data/spec/arachni/element/header_spec.rb +2 -2
- data/spec/arachni/element/json_spec.rb +522 -0
- data/spec/arachni/element/link/dom_spec.rb +2 -2
- data/spec/arachni/element/link_spec.rb +12 -12
- data/spec/arachni/element/link_template/dom_spec.rb +1 -1
- data/spec/arachni/element/link_template_spec.rb +13 -13
- data/spec/arachni/element/server_spec.rb +50 -8
- data/spec/arachni/element/xml_spec.rb +247 -0
- data/spec/arachni/framework/parts/audit_spec.rb +13 -6
- data/spec/arachni/framework/parts/browser_spec.rb +276 -10
- data/spec/arachni/framework/parts/state_spec.rb +20 -2
- data/spec/arachni/http/client/dynamic_404_handlers_spec.rb +274 -0
- data/spec/arachni/http/client_spec.rb +4 -241
- data/spec/arachni/http/proxy_server_spec.rb +8 -0
- data/spec/arachni/http/request_spec.rb +129 -1
- data/spec/arachni/http/response_spec.rb +20 -0
- data/spec/arachni/issue_spec.rb +3 -3
- data/spec/arachni/option_groups/audit_spec.rb +32 -0
- data/spec/arachni/option_groups/http_spec.rb +70 -4
- data/spec/arachni/options_spec.rb +6 -6
- data/spec/arachni/page_spec.rb +89 -1
- data/spec/arachni/report_spec.rb +17 -0
- data/spec/arachni/session_spec.rb +3 -14
- data/spec/arachni/trainer_spec.rb +24 -5
- data/spec/arachni/uri/scope_spec.rb +97 -7
- data/spec/arachni/uri_spec.rb +41 -0
- data/spec/arachni/utilities_spec.rb +2 -1
- data/spec/components/checks/active/code_injection_spec.rb +47 -7
- data/spec/components/checks/active/code_injection_timing_spec.rb +4 -2
- data/spec/components/checks/active/file_inclusion_spec.rb +16 -6
- data/spec/components/checks/active/ldap_injection_spec.rb +13 -4
- data/spec/components/checks/active/no_sql_injection_spec.rb +4 -2
- data/spec/components/checks/active/os_cmd_injection_spec.rb +15 -11
- data/spec/components/checks/active/os_cmd_injection_timing_spec.rb +4 -2
- data/spec/components/checks/active/path_traversal_spec.rb +11 -5
- data/spec/components/checks/active/response_splitting_spec.rb +4 -2
- data/spec/components/checks/active/rfi_spec.rb +5 -2
- data/spec/components/checks/active/source_code_disclosure_spec.rb +6 -4
- data/spec/components/checks/active/sql_injection_spec.rb +52 -26
- data/spec/components/checks/active/sql_injection_timing_spec.rb +29 -5
- data/spec/components/checks/active/unvalidated_redirect_dom_spec.rb +19 -0
- data/spec/components/checks/active/unvalidated_redirect_spec.rb +5 -2
- data/spec/components/checks/active/xpath_injection_spec.rb +11 -3
- data/spec/components/checks/active/xss_dom_script_context_spec.rb +4 -4
- data/spec/components/checks/active/xss_script_context_spec.rb +5 -5
- data/spec/components/checks/active/xss_tag_spec.rb +1 -1
- data/spec/components/checks/active/xxe_spec.rb +19 -0
- data/spec/components/checks/passive/grep/hsts_spec.rb +10 -2
- data/spec/components/checks/passive/grep/insecure_cors_policy_spec.rb +25 -0
- data/spec/components/checks/passive/grep/x_frame_options_spec.rb +25 -0
- data/spec/components/checks/passive/insecure_client_access_policy_spec.rb +15 -0
- data/spec/components/checks/passive/insecure_cross_domain_policy_access_spec.rb +15 -0
- data/spec/components/checks/passive/insecure_cross_domain_policy_headers_spec.rb +15 -0
- data/spec/components/plugins/exec_spec.rb +56 -0
- data/spec/components/plugins/headers_collector_spec.rb +126 -0
- data/spec/components/plugins/vector_collector_spec.rb +55 -0
- data/spec/spec_helper.rb +2 -1
- data/spec/support/factories/element/form.rb +1 -1
- data/spec/support/factories/element/json.rb +5 -0
- data/spec/support/factories/element/link.rb +1 -1
- data/spec/support/factories/element/link_template.rb +1 -1
- data/spec/support/factories/element/xml.rb +5 -0
- data/spec/support/factories/page.rb +11 -2
- data/spec/support/fixtures/check_with_invalid_platforms/with_invalid_platforms.rb +1 -1
- data/spec/support/fixtures/checks/test.rb +1 -1
- data/spec/support/fixtures/checks/test2.rb +1 -1
- data/spec/support/fixtures/checks/test3.rb +1 -1
- data/spec/support/fixtures/fingerprinters/test.rb +1 -1
- data/spec/support/fixtures/plugins/bad.rb +1 -1
- data/spec/support/fixtures/plugins/defaults/default.rb +1 -1
- data/spec/support/fixtures/plugins/distributable.rb +1 -1
- data/spec/support/fixtures/plugins/loop.rb +1 -1
- data/spec/support/fixtures/plugins/suspendable.rb +1 -1
- data/spec/support/fixtures/plugins/wait.rb +1 -1
- data/spec/support/fixtures/plugins/with_options.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p0.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p00.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p1.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p2.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p22.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p222.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p_nil.rb +1 -1
- data/spec/support/fixtures/plugins_with_priorities/p_nil2.rb +1 -1
- data/spec/support/fixtures/report.afr +0 -0
- data/spec/support/fixtures/reporters/base_spec/plugin_formatters/with_formatters/foobar.rb +1 -1
- data/spec/support/fixtures/reporters/base_spec/with_formatters.rb +1 -1
- data/spec/support/fixtures/reporters/base_spec/with_outfile.rb +1 -1
- data/spec/support/fixtures/reporters/base_spec/without_outfile.rb +1 -1
- data/spec/support/fixtures/reporters/manager_spec/afr.rb +1 -1
- data/spec/support/fixtures/reporters/manager_spec/foo.rb +1 -1
- data/spec/support/fixtures/run_check/body.rb +1 -1
- data/spec/support/fixtures/run_check/cookies.rb +1 -1
- data/spec/support/fixtures/run_check/empty.rb +1 -1
- data/spec/support/fixtures/run_check/flch.rb +1 -1
- data/spec/support/fixtures/run_check/forms.rb +1 -1
- data/spec/support/fixtures/run_check/headers.rb +1 -1
- data/spec/support/fixtures/run_check/links.rb +1 -1
- data/spec/support/fixtures/run_check/nil.rb +1 -1
- data/spec/support/fixtures/run_check/path.rb +1 -1
- data/spec/support/fixtures/run_check/server.rb +1 -1
- data/spec/support/fixtures/taint_check/taint.rb +1 -1
- data/spec/support/fixtures/wait_check/wait.rb +1 -1
- data/spec/support/helpers/framework.rb +1 -1
- data/spec/support/helpers/misc.rb +1 -1
- data/spec/support/helpers/pages.rb +23 -14
- data/spec/support/helpers/paths.rb +1 -1
- data/spec/support/helpers/requires.rb +1 -1
- data/spec/support/helpers/resets.rb +1 -1
- data/spec/support/helpers/web_server.rb +1 -1
- data/spec/support/lib/factory.rb +1 -1
- data/spec/support/lib/web_server_client.rb +1 -1
- data/spec/support/lib/web_server_dispatcher.rb +1 -1
- data/spec/support/lib/web_server_manager.rb +1 -1
- data/spec/support/servers/arachni/browser.rb +77 -3
- data/spec/support/servers/arachni/browser/javascript/angular-1.2.8.js +1 -1
- data/spec/support/servers/arachni/browser/javascript/angular-route.js +1 -1
- data/spec/support/servers/arachni/browser/javascript/dom_monitor.rb +24 -1
- data/spec/support/servers/arachni/browser/javascript/jquery.cookie.js +117 -0
- data/spec/support/servers/arachni/browser/javascript/taint_tracer.rb +58 -1
- data/spec/support/servers/arachni/element/capabilities/analyzable/timeout.rb +6 -0
- data/spec/support/servers/arachni/element/json.rb +5 -0
- data/spec/support/servers/arachni/element/xml.rb +5 -0
- data/spec/support/servers/arachni/http/client.rb +0 -22
- data/spec/support/servers/arachni/http/client/dynamic_404_handler.rb +47 -0
- data/spec/support/servers/arachni/trainer.rb +10 -0
- data/spec/support/servers/checks/active/code_injection.rb +69 -42
- data/spec/support/servers/checks/active/code_injection_timing.rb +115 -0
- data/spec/support/servers/checks/active/file_inclusion.rb +117 -2
- data/spec/support/servers/checks/active/ldap_injection.rb +114 -0
- data/spec/support/servers/checks/active/no_sql_injection.rb +81 -0
- data/spec/support/servers/checks/active/os_cmd_injection.rb +116 -0
- data/spec/support/servers/checks/active/os_cmd_injection_timing.rb +77 -5
- data/spec/support/servers/checks/active/path_traversal.rb +154 -2
- data/spec/support/servers/checks/active/response_splitting.rb +117 -0
- data/spec/support/servers/checks/active/rfi.rb +117 -0
- data/spec/support/servers/checks/active/source_code_disclosure.rb +109 -0
- data/spec/support/servers/checks/active/sql_injection.rb +125 -0
- data/spec/support/servers/checks/active/sql_injection_timing.rb +114 -0
- data/spec/support/servers/checks/active/unvalidated_redirect.rb +117 -1
- data/spec/support/servers/checks/active/unvalidated_redirect_dom.rb +115 -0
- data/spec/support/servers/checks/active/xpath_injection.rb +117 -0
- data/spec/support/servers/checks/active/xss_script_context.rb +16 -32
- data/spec/support/servers/checks/active/xss_tag.rb +12 -12
- data/spec/support/servers/checks/active/xxe.rb +85 -0
- data/spec/support/servers/checks/passive/grep/insecure_cors_policy.rb +8 -0
- data/spec/support/servers/checks/passive/grep/x_frame_options.rb +9 -0
- data/spec/support/servers/checks/passive/insecure_client_access_policy.rb +9 -0
- data/spec/support/servers/checks/passive/insecure_cross_domain_policy_access.rb +13 -0
- data/spec/support/servers/checks/passive/insecure_cross_domain_policy_headers.rb +13 -0
- data/spec/support/servers/plugins/headers_collector.rb +16 -0
- data/spec/support/servers/plugins/vector_collector.rb +13 -0
- data/spec/support/shared/check.rb +6 -1
- data/spec/support/shared/element/base.rb +16 -9
- data/spec/support/shared/element/capabilities/auditable.rb +22 -15
- data/spec/support/shared/element/capabilities/auditable/dom.rb +7 -14
- data/spec/support/shared/element/capabilities/inputtable.rb +46 -61
- data/spec/support/shared/element/capabilities/mutable.rb +159 -64
- data/spec/support/shared/element/capabilities/with_dom.rb +52 -3
- data/spec/support/shared/element/capabilities/with_node.rb +2 -44
- data/spec/support/shared/element/capabilities/with_scope.rb +1 -1
- data/spec/support/shared/element/capabilities/with_source.rb +55 -0
- data/ui/cli/framework.rb +9 -9
- data/ui/cli/framework/option_parser.rb +75 -3
- data/ui/cli/option_parser.rb +1 -1
- data/ui/cli/output.rb +1 -1
- data/ui/cli/reporter.rb +1 -1
- data/ui/cli/reporter/option_parser.rb +1 -1
- data/ui/cli/restored_framework.rb +1 -1
- data/ui/cli/restored_framework/option_parser.rb +1 -1
- data/ui/cli/rpc/client/dispatcher_monitor.rb +1 -1
- data/ui/cli/rpc/client/dispatcher_monitor/option_parser.rb +1 -1
- data/ui/cli/rpc/client/instance.rb +5 -4
- data/ui/cli/rpc/client/local.rb +1 -1
- data/ui/cli/rpc/client/local/option_parser.rb +1 -1
- data/ui/cli/rpc/client/remote.rb +1 -1
- data/ui/cli/rpc/client/remote/option_parser.rb +1 -1
- data/ui/cli/rpc/server/dispatcher.rb +1 -1
- data/ui/cli/rpc/server/dispatcher/option_parser.rb +1 -1
- data/ui/cli/utilities.rb +4 -1
- metadata +129 -19
- data/lib/arachni/nokogiri/xml/node.rb +0 -42
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8f24a93602ee05ee80f03367f6076200362efff6
|
4
|
+
data.tar.gz: 0e6c3ee901415342be5661d62bf41925cc6b36f2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ab0b21531f7be52bbe924d1a58f58de719222b72df67431c22898d519dd66bd47f297166b083a68add14cf64ee64ea3497c66350f3c68ec9da0eeda85a56751c
|
7
|
+
data.tar.gz: 54e4aff6b4437087c2f32919c2eb669648fc88e4fb42c397ec27a64058741af717bd750eb1a0c5d4f1cefa46cfb44750049e024a57c4538409b9686daee17b54
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,198 @@
|
|
1
1
|
# ChangeLog
|
2
2
|
|
3
|
+
## 1.1 _(May 1, 2015)_
|
4
|
+
|
5
|
+
- `gemspec` -- Require Ruby >= 2.0.0.
|
6
|
+
- Options
|
7
|
+
- `--authorized-by` -- Fixed expected type (`Integer` => `String`).
|
8
|
+
- HTTP
|
9
|
+
- `request_timeout` -- Lowered from 50 to 10 seconds.
|
10
|
+
- `response_max_size` -- Set to 500KB.
|
11
|
+
- BrowserCluster
|
12
|
+
- `job_timeout` -- Lowered from 120 to 15 seconds.
|
13
|
+
- Scope
|
14
|
+
- `dom_depth_limit` -- Lowered from 10 to 5.
|
15
|
+
- Added:
|
16
|
+
- Audit
|
17
|
+
- `--audit-parameter-names` -- Injects payloads into parameter names.
|
18
|
+
- `--audit-with-extra-parameter` -- Injects payloads into an extra parameter.
|
19
|
+
- HTTP
|
20
|
+
- `--http-ssl-verify-peer` -- Verify SSL peer.
|
21
|
+
- `--http-ssl-verify-host` -- Verify SSL host.
|
22
|
+
- `--http-ssl-certificate` -- SSL certificate to use.
|
23
|
+
- `--http-ssl-certificate-type` -- SSL certificate type.
|
24
|
+
- `--http-ssl-key` -- SSL private key to use.
|
25
|
+
- `--http-ssl-key-type` -- SSL key type.
|
26
|
+
- `--http-ssl-key-password` -- Password for the SSL private key.
|
27
|
+
- `--http-ssl-ca` -- File holding one or more certificates with which to verify the peer.
|
28
|
+
- `--http-ssl-ca-directory` -- Directory holding multiple certificate files with which to verify the peer.
|
29
|
+
- `--http-ssl-version` -- SSL version to use.
|
30
|
+
- `URI`
|
31
|
+
- Added `#resource_name`.
|
32
|
+
- Added `.full_and_absolute?`.
|
33
|
+
- `Scope`
|
34
|
+
- `#redundant?` -- No longer updates counter by default.
|
35
|
+
- `#auto_redundant?`
|
36
|
+
- No longer updates counter by default.
|
37
|
+
- Only consider URLs with query parameters.
|
38
|
+
- `HTTP`
|
39
|
+
- `Client`
|
40
|
+
- Overhauled custom-404 identification and moved to `Dynamic404Handler`.
|
41
|
+
- `Framework`
|
42
|
+
- `Parts`
|
43
|
+
- `Data`
|
44
|
+
- `#push_to_page_queue` -- Update redundancy scope counters.
|
45
|
+
- `#push_to_url_queue` -- Update redundancy scope counters.
|
46
|
+
- `Audit`
|
47
|
+
- `#audit_page`
|
48
|
+
- Apply DOM metadata to pages not originated from `Browser#to_page`.
|
49
|
+
- `Browser`
|
50
|
+
- Added utility `#browser`.
|
51
|
+
- Added `#use_browsers?`, determining whether system options and
|
52
|
+
capabilities allow for browsers to be used.
|
53
|
+
- `#wait_for_browsers?` => `#wait_for_browser_cluster?`
|
54
|
+
- `Element`
|
55
|
+
- All
|
56
|
+
- Renamed `#html` to `#source`.
|
57
|
+
- Moved element-specific capabilities to their own files.
|
58
|
+
- `Cookie`
|
59
|
+
- `.encode` -- Encode `=` even when in value.
|
60
|
+
- `JSON` -- Represents JSON input vectors.
|
61
|
+
- `XML` -- Represents XML input vectors.
|
62
|
+
- `Form`
|
63
|
+
- Support forms with multiple values for `submit` inputs with sa
|
64
|
+
me names.
|
65
|
+
- `Server`
|
66
|
+
- `#log_remote_file_if_exists` -- Perform some rudimentary meta-analysis
|
67
|
+
on possible issues and only feed the identified resources back to the
|
68
|
+
system if they are above a certain threshold of similarity.
|
69
|
+
This fixes infinite loop scenarios when dealing with unreliable
|
70
|
+
custom-404 fingerprints.
|
71
|
+
- `Capabilities`
|
72
|
+
- `Mutable`
|
73
|
+
- `:param_flip` => `:parameter_names`
|
74
|
+
- Added `:parameter_values` option.
|
75
|
+
- Added `:with_extra_parameter` option.
|
76
|
+
- `Analyzable`
|
77
|
+
- `Timeout`
|
78
|
+
- Updated algorithm to be resilient to WAF/IDS/IPS filtering.
|
79
|
+
- Added remarks to each issue containing extra information
|
80
|
+
regarding the state of the web application during analysis.
|
81
|
+
- `Differential` -- Added remarks to each issue containing extra information
|
82
|
+
regarding the used payloads.
|
83
|
+
- `Taint`
|
84
|
+
- Don't log issues when unable to get a verification response.
|
85
|
+
- Provide all matched data as proof, not only the regexp captured ones.
|
86
|
+
- `WithDOM`
|
87
|
+
- Added `#skip_dom` (set via `Browser#to_page`), to prevent `DOM`s
|
88
|
+
from being loaded and audited when there are no associated events.
|
89
|
+
- `Page`
|
90
|
+
- Added `#update_metadata`, updating `#metadata` from `#cache` elements.
|
91
|
+
- Added `#reload_metadata`, updating `#cache` elements from `#metadata`.
|
92
|
+
- Added `#import_metadata`, importing `#metadata` from other page.
|
93
|
+
- `DOM`
|
94
|
+
- `#restore` -- Added debugging messages.
|
95
|
+
- `Utilities`
|
96
|
+
- Added `.full_and_absolute_url?`.
|
97
|
+
- `Browser`
|
98
|
+
- Updated to extract JSON and XML input vectors from HTTP requests.
|
99
|
+
- `#shutdown` -- Fixed Selenium exceptions on dead browser process.
|
100
|
+
- `#to_page` -- Apply DOM metadata to page elements.
|
101
|
+
- `#spawn_phantomjs` -- Enabled `--disk-cache` option for `phantomjs`.
|
102
|
+
- `#fire_event` -- Recode input values to fix encoding errors.
|
103
|
+
- `#to_page` -- Return empty page on unavailable response data instead of `nil`.
|
104
|
+
- `#snapshot_id` -- Updated to only consider important element attributes
|
105
|
+
(depending on type) instead of all of them.
|
106
|
+
- `ElementLocator`
|
107
|
+
- `#css` -- Returns a CSS locator.
|
108
|
+
- `#locate` -- Updated to use `#css`.
|
109
|
+
- `Javascript`
|
110
|
+
- Added `.select_event_attributes`.
|
111
|
+
- `DOMMonitor`
|
112
|
+
- `#digest` -- Removed `data-arachni-id` from digest.
|
113
|
+
- `TaintTracer`
|
114
|
+
- Added support for tracing multiple taints in groups.
|
115
|
+
- Added tracing for:
|
116
|
+
- `escape()`
|
117
|
+
- `unescape()`
|
118
|
+
- `String`
|
119
|
+
- `indexOf()`
|
120
|
+
- `lastIndexOf()`
|
121
|
+
- `jQuery`
|
122
|
+
- `cookie()` plugin.
|
123
|
+
- `BrowserCluster`
|
124
|
+
- `Worker`
|
125
|
+
- `#browser_respawn` -- Catch Watir/Selenium errors.
|
126
|
+
- `Session`
|
127
|
+
- Ensure the browser is shut-down after each login operation.
|
128
|
+
- `Check`
|
129
|
+
- `Auditor`
|
130
|
+
- `#each_candidate_dom_element` -- Yield element DOMs instead of parent elements.
|
131
|
+
- `Plugin`
|
132
|
+
- `Manager`
|
133
|
+
- `#run` -- Optimized plugin initialization by using a queue to signal
|
134
|
+
a ready-state, instead of blocking for 1 second.
|
135
|
+
- Checks
|
136
|
+
- Active
|
137
|
+
- Added
|
138
|
+
- `unvalidated_redirect_dom` -- Logs DOM-based unvalidated redirects.
|
139
|
+
- `xxe` -- Logs XML External Entity vulnerabilities.
|
140
|
+
- `trainer` -- Disabled parameter flip for the payload to avoid parameter
|
141
|
+
pollution.
|
142
|
+
- `os_cmd_injection` -- Only use straight payload injection instead
|
143
|
+
of straight and append.
|
144
|
+
- `code_injection` -- Only use straight payload injection instead
|
145
|
+
of straight and append.
|
146
|
+
- `xss` -- When auditing links don't require a tainted response for
|
147
|
+
browser analysis.
|
148
|
+
- `xss_script_context`
|
149
|
+
- Updated payloads.
|
150
|
+
- Only use straight payload injection instead of straight and append.
|
151
|
+
- `xss_dom_script_context` -- Only use straight payload injection instead
|
152
|
+
of straight and append.
|
153
|
+
- `xss_tag` -- Updated payloads to handle cases when more data are appended
|
154
|
+
to the landed value.
|
155
|
+
- `xss_event` -- Added proof to the issue.
|
156
|
+
- Passive
|
157
|
+
- Added
|
158
|
+
- `insecure_cross_domain_policy_access` -- Checks `crossdomain.xml`
|
159
|
+
files for `allow-access-from` wildcard policies.
|
160
|
+
- `insecure_cross_domain_policy_headers` -- Checks `crossdomain.xml`
|
161
|
+
files for wildcard `allow-http-request-headers-from` policies.
|
162
|
+
- `insecure_client_access_policy` -- Checks `clientaccesspolicy.xml`
|
163
|
+
files for wildcard domain policies.
|
164
|
+
- `insecure_cors_policy` -- Logs wildcard `Access-Control-Allow-Origin`
|
165
|
+
headers per host.
|
166
|
+
- `x_frame_options` -- Logs missing `X-Frame-Options` headers per host.
|
167
|
+
- `common_directories` -- Added:
|
168
|
+
- `rails/info/routes`
|
169
|
+
- `rails/info/properties`
|
170
|
+
- `http_put` -- Try to `DELETE` the `PUT` file.
|
171
|
+
- `html_objects` -- Updated regexp to use non-capturing groups.
|
172
|
+
- Plugins
|
173
|
+
- All
|
174
|
+
- Updated `#prepare` methods to not block, in accordance with the new
|
175
|
+
`Plugin::Manager#run` behavior.
|
176
|
+
- `email_notify`
|
177
|
+
- Added `domain` option.
|
178
|
+
- Fixed extension for `html` reporter.
|
179
|
+
- Added support for `afr` report type.
|
180
|
+
- `proxy` -- Added XML and JSON input vector extraction.
|
181
|
+
- Added:
|
182
|
+
- `vector_collector` -- Collects information about all seen input vectors
|
183
|
+
which are within the scan scope.
|
184
|
+
- `headers_collector` -- Collects response headers based on specified criteria.
|
185
|
+
- `exec` -- Calls external executables at different scan stages.
|
186
|
+
- Report -- Renamed `#html` to `#source` for all elements.
|
187
|
+
- `html`
|
188
|
+
- Updated chart rendering to only take place when visiting the chart page.
|
189
|
+
- Fixed broken links.
|
190
|
+
- Cleaned up chart severity handling.
|
191
|
+
- Summary
|
192
|
+
- Added OWASP Top 10 tab.
|
193
|
+
- `xml`
|
194
|
+
- Schema update for issue remarks.
|
195
|
+
|
3
196
|
## 1.0.6 _(December 07, 2014)_
|
4
197
|
|
5
198
|
- `arachni_rpcd` -- Fixed bug causing the `--nickname` option to not be understood.
|
data/Gemfile
CHANGED
data/LICENSE.md
CHANGED
data/README.md
CHANGED
@@ -1,17 +1,9 @@
|
|
1
|
-
**NOTICE**:
|
2
|
-
|
3
|
-
* Arachni's license has changed, please see the _LICENSE_ file before working
|
4
|
-
with the project.
|
5
|
-
* v1.0 is not backwards compatible with v0.4.
|
6
|
-
|
7
|
-
<hr/>
|
8
|
-
|
9
1
|
# Arachni - Web Application Security Scanner Framework
|
10
2
|
|
11
3
|
<table>
|
12
4
|
<tr>
|
13
5
|
<th>Version</th>
|
14
|
-
<td>1.
|
6
|
+
<td>1.1</td>
|
15
7
|
</tr>
|
16
8
|
<tr>
|
17
9
|
<th>Homepage</th>
|
@@ -46,7 +38,7 @@
|
|
46
38
|
</tr>
|
47
39
|
<tr>
|
48
40
|
<th>Copyright</th>
|
49
|
-
<td>2010-
|
41
|
+
<td>2010-2015 Tasos Laskos</td>
|
50
42
|
</tr>
|
51
43
|
<tr>
|
52
44
|
<th>License</th>
|
@@ -123,11 +115,11 @@ you with its findings.
|
|
123
115
|
|
124
116
|
- Cookie-jar/cookie-string support.
|
125
117
|
- Custom header support.
|
126
|
-
- SSL support.
|
118
|
+
- SSL support with fine-grained options.
|
127
119
|
- User Agent spoofing.
|
128
120
|
- Proxy support for SOCKS4, SOCKS4A, SOCKS5, HTTP/1.1 and HTTP/1.0.
|
129
121
|
- Proxy authentication.
|
130
|
-
- Site authentication (
|
122
|
+
- Site authentication (SSL-based, form-based, Cookie-Jar, Basic-Digest, NTLMv1, Kerberos and others).
|
131
123
|
- Automatic log-out detection and re-login during the scan (when the initial
|
132
124
|
login was performed via the `autologin`, `login_script` or `proxy` plugins).
|
133
125
|
- Custom 404 page detection.
|
@@ -233,6 +225,8 @@ Arachni is able to extract and audit the following elements and their inputs:
|
|
233
225
|
- Headers
|
234
226
|
- Generic client-side elements like `input`s which have associated DOM events.
|
235
227
|
- AJAX-request parameters.
|
228
|
+
- JSON request data.
|
229
|
+
- XML request data.
|
236
230
|
|
237
231
|
### Open [distributed architecture](https://github.com/Arachni/arachni/wiki/Distributed-components)
|
238
232
|
|
@@ -293,6 +287,8 @@ Arachni is able to extract and audit the following elements and their inputs:
|
|
293
287
|
- Can load them via the integrated browser environment.
|
294
288
|
- Headers
|
295
289
|
- Generic client-side DOM elements like `input`s.
|
290
|
+
- JSON request data.
|
291
|
+
- XML request data.
|
296
292
|
- Can ignore binary/non-text pages.
|
297
293
|
- Can optionally audit elements using both `GET` and `POST` HTTP methods.
|
298
294
|
- Can optionally submit all links and forms of the page along with the cookie
|
@@ -416,6 +412,7 @@ Active checks engage the web application via its inputs.
|
|
416
412
|
- Windows
|
417
413
|
- Remote file inclusion (`rfi`).
|
418
414
|
- Unvalidated redirects (`unvalidated_redirect`).
|
415
|
+
- Unvalidated DOM redirects (`unvalidated_redirect_dom`).
|
419
416
|
- XPath injection (`xpath_injection`).
|
420
417
|
- Generic
|
421
418
|
- PHP
|
@@ -431,6 +428,11 @@ Active checks engage the web application via its inputs.
|
|
431
428
|
- DOM XSS inputs (`xss_dom_inputs`).
|
432
429
|
- DOM XSS script context (`xss_dom_script_context`).
|
433
430
|
- Source code disclosure (`source_code_disclosure`)
|
431
|
+
- XML External Entity (`xxe`).
|
432
|
+
- Linux
|
433
|
+
- *BSD
|
434
|
+
- Solaris
|
435
|
+
- Windows
|
434
436
|
|
435
437
|
##### Passive
|
436
438
|
|
@@ -464,6 +466,11 @@ Passive checks look for the existence of files, folders and signatures.
|
|
464
466
|
- localstart.asp (`localstart_asp`)
|
465
467
|
- Cookie set for parent domain (`cookie_set_for_parent_domain`)
|
466
468
|
- Missing `Strict-Transport-Security` headers for HTTPS sites (`hsts`).
|
469
|
+
- Missing `X-Frame-Options` headers (`x_frame_options`).
|
470
|
+
- Insecure CORS policy (`insecure_cors_policy`).
|
471
|
+
- Insecure cross-domain policy (allow-access-from) (`insecure_cross_domain_policy_access`)
|
472
|
+
- Insecure cross-domain policy (allow-http-request-headers-from) (`insecure_cross_domain_policy_headers`)
|
473
|
+
- Insecure client-access policy (`insecure_client_access_policy`)
|
467
474
|
|
468
475
|
#### Reporters
|
469
476
|
|
@@ -503,6 +510,10 @@ core remains lean and makes it easy for anyone to add arbitrary functionality.
|
|
503
510
|
- Uncommon headers (`uncommon_headers`) -- Logs uncommon headers.
|
504
511
|
- Content-types (`content_types`) -- Logs content-types of server responses aiding in the
|
505
512
|
identification of interesting (possibly leaked) files.
|
513
|
+
- Vector collector (`vector_collector`) -- Collects information about all seen input vectors
|
514
|
+
which are within the scan scope.
|
515
|
+
- Headers collector (`headers_collector`) -- Collects response headers based on specified criteria.
|
516
|
+
- Exec (`exec`) -- Calls external executables at different scan stages.
|
506
517
|
|
507
518
|
##### Defaults
|
508
519
|
|
@@ -585,9 +596,3 @@ need to follow in order to contribute code:
|
|
585
596
|
|
586
597
|
Dual-licensed (Apache License v2.0/Commercial) -- please see the _LICENSE_ file
|
587
598
|
for more information.
|
588
|
-
|
589
|
-
## Disclaimer
|
590
|
-
|
591
|
-
This is free software and you are allowed to use it as you see fit.
|
592
|
-
However, neither the development team nor any of our contributors can be held
|
593
|
-
responsible for your actions nor for any damage caused by the use of this software.
|
data/Rakefile
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
=begin
|
2
|
-
Copyright 2010-
|
2
|
+
Copyright 2010-2015 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
3
3
|
|
4
4
|
This file is part of the Arachni Framework project and is subject to
|
5
5
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
@@ -145,7 +145,6 @@ begin
|
|
145
145
|
begin
|
146
146
|
$spec_issues = []
|
147
147
|
|
148
|
-
# Rake::Task['spec:checks'].execute rescue nil
|
149
148
|
RSpec::Core::Runner.run(FileList[ 'spec/components/checks/**/*_spec.rb' ])
|
150
149
|
|
151
150
|
($spec_issues.size / 3).times do |i|
|
@@ -154,6 +153,9 @@ begin
|
|
154
153
|
issue.add_remark( :stuff, 'Blah' )
|
155
154
|
issue.add_remark( :stuff, 'Blah2' )
|
156
155
|
|
156
|
+
issue.add_remark( :stuff2, '2 Blah' )
|
157
|
+
issue.add_remark( :stuff2, '2 Blah2' )
|
158
|
+
|
157
159
|
# Flag some issues as untrusted.
|
158
160
|
$spec_issues.sample.trusted = false
|
159
161
|
end
|
@@ -162,7 +164,7 @@ begin
|
|
162
164
|
$spec_issues.each { |i| Arachni::Data.issues << i }
|
163
165
|
|
164
166
|
Arachni::Options.url = 'http://test.com'
|
165
|
-
Arachni::Options.audit.elements
|
167
|
+
Arachni::Options.audit.elements Arachni::Page::ELEMENTS - [:link_templates]
|
166
168
|
Arachni::Options.audit.link_templates = [
|
167
169
|
/\/input\/(?<input>.+)\//,
|
168
170
|
/input\|(?<input>.+)/
|
data/arachni.gemspec
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# coding: utf-8
|
2
2
|
=begin
|
3
|
-
Copyright 2010-
|
3
|
+
Copyright 2010-2015 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
4
4
|
|
5
5
|
This file is part of the Arachni Framework project and is subject to
|
6
6
|
redistribution and commercial restrictions. Please see the Arachni Framework
|
@@ -10,7 +10,7 @@
|
|
10
10
|
Gem::Specification.new do |s|
|
11
11
|
require File.expand_path( File.dirname( __FILE__ ) ) + '/lib/arachni/version'
|
12
12
|
|
13
|
-
s.required_ruby_version = '>=
|
13
|
+
s.required_ruby_version = '>= 2.0.0'
|
14
14
|
|
15
15
|
s.name = 'arachni'
|
16
16
|
s.version = Arachni::VERSION
|
@@ -24,6 +24,7 @@ Gem::Specification.new do |s|
|
|
24
24
|
s.authors = [ 'Tasos Laskos' ]
|
25
25
|
s.licenses = ['Apache-2.0', 'Proprietary']
|
26
26
|
|
27
|
+
s.files += Dir.glob( 'config/**/**' )
|
27
28
|
s.files += Dir.glob( 'gfx/**/**' )
|
28
29
|
s.files += Dir.glob( 'lib/**/**' )
|
29
30
|
s.files += Dir.glob( 'ui/**/**' )
|
@@ -43,6 +44,8 @@ Gem::Specification.new do |s|
|
|
43
44
|
|
44
45
|
s.rdoc_options = [ '--charset=UTF-8' ]
|
45
46
|
|
47
|
+
s.add_dependency 'rack'
|
48
|
+
|
46
49
|
s.add_dependency 'bundler'
|
47
50
|
|
48
51
|
# For compressing/decompressing system state archives.
|
@@ -61,7 +64,7 @@ Gem::Specification.new do |s|
|
|
61
64
|
end
|
62
65
|
|
63
66
|
# RPC client/server implementation.
|
64
|
-
s.add_dependency 'arachni-rpc', '0.2.1.
|
67
|
+
s.add_dependency 'arachni-rpc', '0.2.1.2'
|
65
68
|
|
66
69
|
# HTTP client.
|
67
70
|
s.add_dependency 'typhoeus', '0.6.9'
|
@@ -73,16 +76,16 @@ Gem::Specification.new do |s|
|
|
73
76
|
s.add_dependency 'pony', '1.8'
|
74
77
|
|
75
78
|
# Printing complex objects.
|
76
|
-
s.add_dependency 'awesome_print', '1.2.0'
|
79
|
+
s.add_dependency 'awesome_print', '~> 1.2.0'
|
77
80
|
|
78
81
|
# JSON reporter.
|
79
|
-
s.add_dependency 'json', '1.8.1'
|
82
|
+
s.add_dependency 'json', '~> 1.8.1'
|
80
83
|
|
81
84
|
# For the Arachni console (arachni_console).
|
82
85
|
s.add_dependency 'rb-readline', '0.5.1'
|
83
86
|
|
84
87
|
# Markup parsing.
|
85
|
-
s.add_dependency 'nokogiri', '1.6.
|
88
|
+
s.add_dependency 'nokogiri', '~> 1.6.5'
|
86
89
|
|
87
90
|
# Outputting data in table format (arachni_rpcd_monitor).
|
88
91
|
s.add_dependency 'terminal-table', '1.4.5'
|
@@ -95,7 +98,7 @@ Gem::Specification.new do |s|
|
|
95
98
|
s.add_dependency 'kramdown', '1.4.1'
|
96
99
|
|
97
100
|
# Used to scrub Markdown for XSS etc.
|
98
|
-
s.add_dependency 'loofah', '2.0.0'
|
101
|
+
s.add_dependency 'loofah', '~> 2.0.0'
|
99
102
|
|
100
103
|
s.post_install_message = <<MSG
|
101
104
|
|
@@ -112,7 +115,7 @@ License - Apache License v2.0/Proprietary
|
|
112
115
|
(https://github.com/Arachni/arachni/blob/master/LICENSE.md)
|
113
116
|
Author - Tasos "Zapotek" Laskos (http://twitter.com/Zap0tek)
|
114
117
|
Twitter - http://twitter.com/ArachniScanner
|
115
|
-
Copyright - 2010-
|
118
|
+
Copyright - 2010-2015 Tasos Laskos
|
116
119
|
|
117
120
|
Please do not hesitate to ask for assistance (via the support portal)
|
118
121
|
or report a bug (via GitHub Issues) if you come across any problem.
|
data/bin/arachni
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
2
|
=begin
|
3
|
-
Copyright 2010-
|
3
|
+
Copyright 2010-2015 Tasos Laskos <tasos.laskos@arachni-scanner.com>
|
4
4
|
|
5
5
|
This file is part of the Arachni Framework project and is subject to
|
6
6
|
redistribution and commercial restrictions. Please see the Arachni Framework
|