arachni 1.1 → 1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +159 -0
- data/LICENSE.md +126 -196
- data/README.md +32 -24
- data/arachni.gemspec +7 -7
- data/components/checks/active/code_injection_timing.rb +3 -3
- data/components/checks/active/csrf.rb +2 -2
- data/components/checks/active/file_inclusion.rb +6 -7
- data/components/checks/active/os_cmd_injection.rb +3 -3
- data/components/checks/active/path_traversal.rb +7 -7
- data/components/checks/active/response_splitting.rb +9 -4
- data/components/checks/active/session_fixation.rb +7 -3
- data/components/checks/active/source_code_disclosure.rb +5 -5
- data/components/checks/active/unvalidated_redirect.rb +12 -3
- data/components/checks/active/unvalidated_redirect_dom.rb +3 -3
- data/components/checks/active/xss.rb +23 -10
- data/components/checks/active/xss_dom_inputs.rb +113 -11
- data/components/checks/active/xxe.rb +3 -3
- data/components/checks/passive/backdoors.rb +6 -5
- data/components/checks/passive/backup_directories.rb +6 -6
- data/components/checks/passive/backup_files.rb +6 -6
- data/components/checks/passive/common_admin_interfaces.rb +58 -0
- data/components/checks/passive/common_admin_interfaces/admin-panels.txt +49 -0
- data/components/checks/passive/common_directories/directories.txt +0 -16
- data/components/checks/passive/common_files.rb +6 -5
- data/components/checks/passive/common_files/filenames.txt +0 -2
- data/components/checks/passive/directory_listing.rb +6 -6
- data/components/checks/passive/grep/cookie_set_for_parent_domain.rb +3 -3
- data/components/checks/passive/grep/hsts.rb +6 -3
- data/components/checks/passive/grep/http_only_cookies.rb +3 -3
- data/components/checks/passive/grep/insecure_cookies.rb +2 -2
- data/components/checks/passive/grep/insecure_cors_policy.rb +6 -4
- data/components/checks/passive/grep/x_frame_options.rb +6 -4
- data/components/checks/passive/htaccess_limit.rb +6 -2
- data/components/checks/passive/http_put.rb +8 -4
- data/components/checks/passive/interesting_responses.rb +3 -2
- data/components/checks/passive/localstart_asp.rb +6 -2
- data/components/checks/passive/origin_spoof_access_restriction_bypass.rb +5 -1
- data/components/checks/passive/xst.rb +6 -2
- data/components/fingerprinters/frameworks/aspx_mvc.rb +43 -0
- data/components/fingerprinters/frameworks/cakephp.rb +28 -0
- data/components/fingerprinters/frameworks/cherrypy.rb +31 -0
- data/components/fingerprinters/frameworks/django.rb +33 -0
- data/components/fingerprinters/frameworks/jsf.rb +30 -0
- data/components/fingerprinters/frameworks/rack.rb +5 -7
- data/components/fingerprinters/frameworks/rails.rb +43 -0
- data/components/fingerprinters/languages/aspx.rb +11 -11
- data/components/fingerprinters/languages/{jsp.rb → java.rb} +11 -7
- data/components/fingerprinters/languages/php.rb +6 -6
- data/components/fingerprinters/languages/python.rb +14 -6
- data/components/fingerprinters/languages/ruby.rb +3 -5
- data/components/fingerprinters/servers/apache.rb +5 -4
- data/components/fingerprinters/servers/gunicorn.rb +33 -0
- data/components/fingerprinters/servers/jetty.rb +1 -1
- data/components/fingerprinters/servers/tomcat.rb +11 -4
- data/components/path_extractors/anchors.rb +5 -12
- data/components/path_extractors/areas.rb +5 -13
- data/components/path_extractors/comments.rb +5 -3
- data/components/path_extractors/data_url.rb +21 -0
- data/components/path_extractors/forms.rb +5 -13
- data/components/path_extractors/frames.rb +6 -13
- data/components/path_extractors/generic.rb +3 -12
- data/components/path_extractors/links.rb +5 -13
- data/components/path_extractors/meta_refresh.rb +5 -13
- data/components/path_extractors/scripts.rb +8 -14
- data/components/plugins/autologin.rb +17 -5
- data/components/plugins/defaults/meta/remedies/discovery.rb +11 -29
- data/components/plugins/login_script.rb +40 -10
- data/components/plugins/metrics.rb +235 -0
- data/components/plugins/proxy.rb +21 -4
- data/components/plugins/proxy/panel/page_accordion.html.erb +34 -2
- data/components/plugins/restrict_to_dom_state.rb +70 -0
- data/components/plugins/vector_feed.rb +38 -9
- data/components/reporters/plugin_formatters/html/metrics.rb +290 -0
- data/components/reporters/plugin_formatters/stdout/metrics.rb +80 -0
- data/components/reporters/plugin_formatters/xml/metrics.rb +29 -0
- data/components/reporters/stdout.rb +4 -2
- data/components/reporters/xml.rb +4 -4
- data/components/reporters/xml/schema.xsd +95 -0
- data/lib/arachni.rb +2 -0
- data/lib/arachni/browser.rb +132 -77
- data/lib/arachni/browser/javascript.rb +173 -45
- data/lib/arachni/browser/javascript/scripts/dom_monitor.js +81 -6
- data/lib/arachni/browser/javascript/scripts/taint_tracer.js +31 -3
- data/lib/arachni/browser_cluster.rb +41 -15
- data/lib/arachni/browser_cluster/job.rb +4 -0
- data/lib/arachni/browser_cluster/jobs/resource_exploration.rb +0 -9
- data/lib/arachni/browser_cluster/worker.rb +8 -5
- data/lib/arachni/check/auditor.rb +20 -8
- data/lib/arachni/check/base.rb +38 -6
- data/lib/arachni/element/base.rb +18 -1
- data/lib/arachni/element/capabilities/analyzable/differential.rb +0 -1
- data/lib/arachni/element/capabilities/analyzable/taint.rb +40 -10
- data/lib/arachni/element/capabilities/analyzable/timeout.rb +27 -23
- data/lib/arachni/element/capabilities/auditable/dom.rb +22 -0
- data/lib/arachni/element/capabilities/inputtable.rb +6 -2
- data/lib/arachni/element/capabilities/submittable.rb +1 -1
- data/lib/arachni/element/cookie.rb +37 -23
- data/lib/arachni/element/cookie/capabilities/mutable.rb +6 -6
- data/lib/arachni/element/cookie/dom.rb +0 -8
- data/lib/arachni/element/form.rb +28 -14
- data/lib/arachni/element/form/capabilities/auditable.rb +2 -2
- data/lib/arachni/element/form/capabilities/mutable.rb +5 -5
- data/lib/arachni/element/form/dom.rb +0 -8
- data/lib/arachni/element/generic_dom.rb +1 -1
- data/lib/arachni/element/json.rb +2 -1
- data/lib/arachni/element/json/capabilities/inputtable.rb +6 -6
- data/lib/arachni/element/json/capabilities/mutable.rb +1 -1
- data/lib/arachni/element/link.rb +13 -16
- data/lib/arachni/element/link/dom.rb +1 -14
- data/lib/arachni/element/link_template.rb +3 -2
- data/lib/arachni/element/link_template/dom.rb +0 -16
- data/lib/arachni/element/server.rb +51 -9
- data/lib/arachni/element/xml.rb +1 -0
- data/lib/arachni/ethon/easy.rb +4 -1
- data/lib/arachni/framework/parts/audit.rb +26 -77
- data/lib/arachni/framework/parts/browser.rb +50 -55
- data/lib/arachni/framework/parts/check.rb +4 -3
- data/lib/arachni/framework/parts/data.rb +41 -6
- data/lib/arachni/framework/parts/state.rb +16 -7
- data/lib/arachni/http/client.rb +66 -38
- data/lib/arachni/http/client/dynamic_404_handler.rb +46 -14
- data/lib/arachni/http/headers.rb +22 -10
- data/lib/arachni/http/proxy_server.rb +67 -22
- data/lib/arachni/http/proxy_server/ssl-interceptor-cacert.pem +34 -0
- data/lib/arachni/http/proxy_server/ssl-interceptor-cakey.pem +51 -0
- data/lib/arachni/http/request.rb +71 -18
- data/lib/arachni/issue.rb +17 -3
- data/lib/arachni/option_groups/browser_cluster.rb +34 -1
- data/lib/arachni/option_groups/http.rb +1 -1
- data/lib/arachni/page.rb +26 -13
- data/lib/arachni/page/dom/transition.rb +2 -2
- data/lib/arachni/parser.rb +28 -11
- data/lib/arachni/platform/fingerprinter.rb +5 -0
- data/lib/arachni/platform/manager.rb +65 -32
- data/lib/arachni/plugin/base.rb +8 -0
- data/lib/arachni/processes/instances.rb +25 -11
- data/lib/arachni/reporter/manager.rb +2 -2
- data/lib/arachni/rpc/client/instance.rb +4 -0
- data/lib/arachni/rpc/server/framework/master.rb +3 -3
- data/lib/arachni/rpc/server/framework/multi_instance.rb +0 -8
- data/lib/arachni/rpc/server/instance.rb +2 -1
- data/lib/arachni/ruby/array.rb +5 -0
- data/lib/arachni/ruby/hash.rb +5 -0
- data/lib/arachni/ruby/string.rb +2 -3
- data/lib/arachni/session.rb +32 -6
- data/lib/arachni/state/framework.rb +6 -2
- data/lib/arachni/support/cache.rb +1 -0
- data/lib/arachni/support/cache/base.rb +12 -8
- data/lib/arachni/support/cache/least_recently_pushed.rb +29 -0
- data/lib/arachni/support/cache/least_recently_used.rb +5 -8
- data/lib/arachni/support/cache/preference.rb +1 -1
- data/lib/arachni/support/cache/random_replacement.rb +1 -25
- data/lib/arachni/support/database/queue.rb +21 -8
- data/lib/arachni/support/lookup/base.rb +7 -1
- data/lib/arachni/support/mixins/observable.rb +3 -1
- data/lib/arachni/support/profiler.rb +51 -10
- data/lib/arachni/support/signature.rb +11 -2
- data/lib/arachni/trainer.rb +8 -2
- data/lib/arachni/uri.rb +28 -25
- data/lib/arachni/uri/scope.rb +1 -1
- data/lib/arachni/utilities.rb +8 -0
- data/lib/arachni/watir/element.rb +1 -1
- data/lib/version +1 -1
- data/spec/arachni/browser/javascript/dom_monitor_spec.rb +388 -53
- data/spec/arachni/browser/javascript/taint_tracer_spec.rb +41 -0
- data/spec/arachni/browser/javascript_spec.rb +235 -61
- data/spec/arachni/browser_cluster/jobs/resource_exploration_spec.rb +0 -9
- data/spec/arachni/browser_cluster_spec.rb +58 -10
- data/spec/arachni/browser_spec.rb +170 -26
- data/spec/arachni/check/auditor_spec.rb +22 -3
- data/spec/arachni/check/base_spec.rb +84 -0
- data/spec/arachni/element/body_spec.rb +1 -1
- data/spec/arachni/element/capabilities/analyzable/taint_spec.rb +3 -3
- data/spec/arachni/element/capabilities/analyzable/timeout_spec.rb +1 -1
- data/spec/arachni/element/cookie/dom_spec.rb +0 -9
- data/spec/arachni/element/cookie_spec.rb +85 -0
- data/spec/arachni/element/form/dom_spec.rb +0 -9
- data/spec/arachni/element/form_spec.rb +46 -3
- data/spec/arachni/element/json_spec.rb +20 -0
- data/spec/arachni/element/link/dom_spec.rb +0 -9
- data/spec/arachni/element/link_spec.rb +40 -15
- data/spec/arachni/element/link_template/dom_spec.rb +0 -8
- data/spec/arachni/element/link_template_spec.rb +2 -6
- data/spec/arachni/element/server_spec.rb +94 -8
- data/spec/arachni/element/xml_spec.rb +20 -0
- data/spec/arachni/framework/parts/audit_spec.rb +12 -14
- data/spec/arachni/framework/parts/browser_spec.rb +0 -171
- data/spec/arachni/framework/parts/platform_spec.rb +14 -8
- data/spec/arachni/framework/parts/report_spec.rb +1 -1
- data/spec/arachni/framework/parts/state_spec.rb +0 -9
- data/spec/arachni/http/client/dynamic_404_handlers_spec.rb +19 -0
- data/spec/arachni/http/client_spec.rb +169 -42
- data/spec/arachni/http/headers_spec.rb +18 -0
- data/spec/arachni/http/request_spec.rb +23 -0
- data/spec/arachni/issue_spec.rb +17 -6
- data/spec/arachni/page_spec.rb +22 -2
- data/spec/arachni/parser_spec.rb +5 -0
- data/spec/arachni/platform/manager_spec.rb +57 -25
- data/spec/arachni/reporter/manager_spec.rb +26 -0
- data/spec/arachni/rpc/server/active_options_spec.rb +9 -4
- data/spec/arachni/state/framework_spec.rb +2 -8
- data/spec/arachni/support/cache/least_recently_pushed_spec.rb +90 -0
- data/spec/arachni/support/cache/least_recently_used_spec.rb +5 -13
- data/spec/arachni/support/database/queue_spec.rb +7 -0
- data/spec/arachni/support/mixins/observable_spec.rb +15 -1
- data/spec/arachni/trainer_spec.rb +2 -2
- data/spec/components/checks/active/code_injection_timing_spec.rb +1 -1
- data/spec/components/checks/active/file_inclusion_spec.rb +6 -6
- data/spec/components/checks/active/path_traversal_spec.rb +2 -2
- data/spec/components/checks/active/source_code_disclosure_spec.rb +2 -2
- data/spec/components/checks/active/unvalidated_redirect_spec.rb +6 -6
- data/spec/components/checks/active/xss_dom_inputs_spec.rb +3 -5
- data/spec/components/checks/active/xss_dom_script_context_spec.rb +1 -1
- data/spec/components/checks/active/xss_spec.rb +5 -5
- data/spec/components/checks/passive/common_admin_interfaces_spec.rb +15 -0
- data/spec/components/checks/passive/interesting_responses_spec.rb +14 -1
- data/spec/components/fingerprinters/frameworks/aspx_mvc_spec.rb +31 -0
- data/spec/components/fingerprinters/frameworks/cakephp_spec.rb +22 -0
- data/spec/components/fingerprinters/frameworks/cherrypy_spec.rb +28 -0
- data/spec/components/fingerprinters/frameworks/django_spec.rb +37 -0
- data/spec/components/fingerprinters/frameworks/jsf_spec.rb +27 -0
- data/spec/components/fingerprinters/frameworks/rack_spec.rb +11 -14
- data/spec/components/fingerprinters/frameworks/rails_spec.rb +53 -0
- data/spec/components/fingerprinters/languages/asp_spec.rb +7 -9
- data/spec/components/fingerprinters/languages/aspx_spec.rb +10 -24
- data/spec/components/fingerprinters/languages/java_spec.rb +88 -0
- data/spec/components/fingerprinters/languages/php_spec.rb +19 -12
- data/spec/components/fingerprinters/languages/python_spec.rb +22 -9
- data/spec/components/fingerprinters/languages/ruby.rb +6 -4
- data/spec/components/fingerprinters/os/bsd_spec.rb +6 -4
- data/spec/components/fingerprinters/os/linux_spec.rb +6 -4
- data/spec/components/fingerprinters/os/solaris_spec.rb +6 -4
- data/spec/components/fingerprinters/os/unix_spec.rb +6 -4
- data/spec/components/fingerprinters/os/windows_spec.rb +6 -4
- data/spec/components/fingerprinters/servers/apache_spec.rb +15 -4
- data/spec/components/fingerprinters/servers/gunicorn_spec.rb +28 -0
- data/spec/components/fingerprinters/servers/iis_spec.rb +6 -6
- data/spec/components/fingerprinters/servers/jetty_spec.rb +6 -6
- data/spec/components/fingerprinters/servers/nginx_spec.rb +6 -4
- data/spec/components/fingerprinters/servers/tomcat_spec.rb +15 -6
- data/spec/components/path_extractors/data_url_spec.rb +19 -0
- data/spec/components/plugins/autologin_spec.rb +23 -0
- data/spec/components/plugins/login_script_spec.rb +112 -24
- data/spec/components/plugins/restrict_to_dom_state_spec.rb +16 -0
- data/spec/components/plugins/vector_feed_spec.rb +39 -1
- data/spec/support/factories/page/dom.rb +9 -4
- data/spec/support/factories/page/dom/transition.rb +31 -9
- data/spec/support/factories/scan_report.rb +8 -6
- data/spec/support/fixtures/empty/placeholder +0 -0
- data/spec/support/fixtures/report.afr +0 -0
- data/spec/support/fixtures/reporters/manager_spec/error.rb +18 -0
- data/spec/support/servers/arachni/browser.rb +117 -11
- data/spec/support/servers/arachni/browser/javascript/dom_monitor.rb +148 -4
- data/spec/support/servers/arachni/check/auditor.rb +4 -0
- data/spec/support/servers/arachni/element/cookie/cookie_dom.rb +1 -1
- data/spec/support/servers/arachni/http/client.rb +5 -0
- data/spec/support/servers/arachni/http/client/dynamic_404_handler.rb +13 -0
- data/spec/support/servers/checks/active/code_injection_timing.rb +1 -1
- data/spec/support/servers/checks/active/file_inclusion.rb +2 -2
- data/spec/support/servers/checks/active/path_traversal.rb +2 -2
- data/spec/support/servers/checks/active/source_code_disclosure.rb +40 -33
- data/spec/support/servers/checks/active/trainer_check.rb +9 -10
- data/spec/support/servers/checks/active/unvalidated_redirect_dom.rb +7 -4
- data/spec/support/servers/checks/active/xss.rb +35 -0
- data/spec/support/servers/checks/active/xss_dom.rb +1 -1
- data/spec/support/servers/checks/active/xss_dom_inputs.rb +24 -0
- data/spec/support/servers/checks/active/xss_dom_script_context.rb +1 -1
- data/spec/support/servers/checks/passive/common_admin_interfaces.rb +6 -0
- data/spec/support/servers/plugins/autologin.rb +9 -0
- data/spec/support/servers/plugins/restrict_to_dom_state.rb +4 -0
- data/spec/support/shared/element/base.rb +42 -0
- data/spec/support/shared/element/capabilities/auditable.rb +4 -4
- data/spec/support/shared/element/capabilities/auditable/dom.rb +26 -0
- data/spec/support/shared/element/capabilities/inputtable.rb +16 -11
- data/spec/support/shared/element/capabilities/submitable.rb +7 -2
- data/spec/support/shared/fingerprinter.rb +8 -0
- data/spec/support/shared/path_extractor.rb +1 -1
- data/ui/cli/framework.rb +3 -3
- data/ui/cli/framework/option_parser.rb +9 -0
- data/ui/cli/output.rb +9 -0
- data/ui/cli/reporter.rb +5 -2
- data/ui/cli/utilities.rb +4 -2
- metadata +76 -17
- data/lib/arachni/http/proxy_server/ssl-interceptor-cert.pem +0 -34
- data/lib/arachni/http/proxy_server/ssl-interceptor-pkey.pem +0 -51
- data/spec/components/fingerprinters/languages/jsp_spec.rb +0 -56
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b7b04bebb490a564d756ded63b03da429d3f96cb
|
4
|
+
data.tar.gz: d8b634d80fb6db78621fb574b6c52954da0cb201
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 84acf5244c5bb7e1c3dd05e1fe85f27087bbfa447c45dea559a4496fa7947bac87c75dd3c7e5550be5f1c87ed42ca69ffb825b62d3e59a1c789ac55148d8985b
|
7
|
+
data.tar.gz: c2c0d02d9194befc03fc37d1b38a036f4ef448336f3c6b3e8ff5ac23140f4fc035e09b698a347a5c47738ec5c6aa25b42692e4979b951756920175fa6e587db9
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,162 @@
|
|
1
1
|
# ChangeLog
|
2
2
|
|
3
|
+
## 1.2 _(July 16, 2015)_
|
4
|
+
|
5
|
+
- Switched to Arachni Public Source License v1.0.
|
6
|
+
- `UI`
|
7
|
+
- `CLI::Framework`
|
8
|
+
- Fixed timeout enforcement.
|
9
|
+
- `OptionParser`
|
10
|
+
- Added `--browser-cluster-wait-for-element`.
|
11
|
+
- `Output`
|
12
|
+
- `#error_log_fd` -- Catch `Errno` system errors (like `Too many open files`)
|
13
|
+
to avoid crashing.
|
14
|
+
- `OptionGroups`
|
15
|
+
- `HTTP`
|
16
|
+
- `#request_queue_size` -- Lowered from `500` to `100`.
|
17
|
+
- `BrowserCluster`
|
18
|
+
- `#wait_for_elements` -- Wait for element matching `CSS` to appear when
|
19
|
+
visiting a page whose URL matches the `PATTERN`.
|
20
|
+
- `#job_timeout` -- Increased from 15 to 25 seconds.
|
21
|
+
- `Framework`
|
22
|
+
- `#pause` -- Pause is now near instant.
|
23
|
+
- `#audit` -- Substantially simplified and optimized the consumption of URL
|
24
|
+
and page queues.
|
25
|
+
- `#audit_page` -- Application of DOM metadata now happens asynchronously
|
26
|
+
and uses the `BrowserCluster` instead of an independent `Browser`.
|
27
|
+
- `HTTP`
|
28
|
+
- `Client`
|
29
|
+
- Updated cookie setting from `OptionGroups::HTTP#cookies` `Hash`.
|
30
|
+
- Trigger garbage collections before and after performing the queued
|
31
|
+
requests to prevent large RAM spikes.
|
32
|
+
- `Dynamic404Handler`
|
33
|
+
- Account for cases where the server returns intermittent errors
|
34
|
+
that can lead to signature corruption and possibly false positives.
|
35
|
+
- Updated training scenarios for cases where `~` are ignored.
|
36
|
+
- Disable platform fingerprinting during the gathering of signatures.
|
37
|
+
- `Request`
|
38
|
+
- Ignore proxy-related traffic (`CONNECT`) when capturing raw traffic data.
|
39
|
+
- Added `#fingerprint` option to enable/disable platform fingerprinting
|
40
|
+
on a per request basis.
|
41
|
+
- `#response_max_size` -- In addition to setting the `maxfilesize` for
|
42
|
+
the `Typhoeus::Request`, stream bodies and manually abort if the
|
43
|
+
buffer exceeds the limit -- covers cases where no `Content-Type`
|
44
|
+
is set.
|
45
|
+
- `Headers`
|
46
|
+
- Merge values of headers with identical normalized names (i.e.
|
47
|
+
`set-cookie` and `Set-Cookie` in the same response).
|
48
|
+
- Cache header name canonicalization.
|
49
|
+
- `ProxyServer`
|
50
|
+
- Cache header name canonicalization.
|
51
|
+
- SSL interceptor now automatically generates certificate/key pairs
|
52
|
+
based on Arachni CA.
|
53
|
+
- `Page`
|
54
|
+
- `#has_script?` -- Detect using the body instead of the parsed document.
|
55
|
+
- `Parser`
|
56
|
+
- Optimized to avoid HTML parsing if it contains no indication of elements.
|
57
|
+
- `#headers` -- Updated to include headers from the HTTP request in addition
|
58
|
+
to common ones.
|
59
|
+
- `Extractors` -- Optimized to avoid HTML parsing if it contains no
|
60
|
+
indication of elements.
|
61
|
+
- `Element`
|
62
|
+
- Cleaned up per-element input value encoding.
|
63
|
+
- Enforce a `MAX_SIZE` on acceptable values during parsing.
|
64
|
+
- Optimized to avoid HTML parsing if it contains no indication of elements.
|
65
|
+
- `Server`
|
66
|
+
- `#log_remote_file_if_exists?` -- Flag issues as untrusted at that point
|
67
|
+
if possible, instead of at the end of the scan.
|
68
|
+
- `#remote_file_exist?` -- Disable platform fingerprinting when dealing
|
69
|
+
with a dynamic handler.
|
70
|
+
- `Capabilities`
|
71
|
+
- `Inputtable` -- Added cache for `#inputtable_id` calculation.
|
72
|
+
- `Analyzable`
|
73
|
+
- `Taint` -- Added match cache based on signatures and haystacks.
|
74
|
+
- `Timeout` -- Override user audit options that don't play nice with this technique.
|
75
|
+
- `Check::Auditor`
|
76
|
+
- `#log_remote_file` -- Assign `HTTP::Response#status_line` as proof.
|
77
|
+
- `Issue`
|
78
|
+
- `#signature` -- Store `Regexp` source instead of converting it to String.
|
79
|
+
- `Browser`
|
80
|
+
- Updated to extract and whitelist CDNs from response bodies.
|
81
|
+
- `#cookies` -- Normalize cookies with quoted values since Watir doesn't take
|
82
|
+
care of that bit.
|
83
|
+
- `Javascript`
|
84
|
+
- `#inject` -- Inject `TaintTracer` and `DOMMonitor` update calls in
|
85
|
+
requested JS assets.
|
86
|
+
- `TaintTracer`
|
87
|
+
- Limited data and execution flow sinks to a max size of 50 entries.
|
88
|
+
- Don't trace functions known to cause issues:
|
89
|
+
- Anonymous functions.
|
90
|
+
- `lodash()`
|
91
|
+
- `DOMMonitor`
|
92
|
+
- Keep track of `jQuery` delegated events.
|
93
|
+
- `Support`
|
94
|
+
- `Cache`
|
95
|
+
- `RandomReplacement` -- Removed extra key `Array`.
|
96
|
+
- `Signature` -- Cache token generation.
|
97
|
+
- Checks -- Added `Issue#proof` to as many issues as possible.
|
98
|
+
- Active
|
99
|
+
- `xss`
|
100
|
+
- When the case involves payloads landing in `textarea`s, break out of
|
101
|
+
them to prevent possible FPs.
|
102
|
+
- Added double-encoded payloads.
|
103
|
+
- `xss_dom_inputs`
|
104
|
+
- Don't perform redundant audits.
|
105
|
+
- Don't process custom events.
|
106
|
+
- Updated to handle cases where a button needs to be clicked after
|
107
|
+
filling in the inputs.
|
108
|
+
- Added progress messages.
|
109
|
+
- `unvalidated_redirect`
|
110
|
+
- Escalated severity to 'High'.
|
111
|
+
- Only perform straight payload injections.
|
112
|
+
- `unvalidated_redirect_dom`
|
113
|
+
- Escalated severity to 'High'.
|
114
|
+
- `path_traversal`, `file_inclusion`, `os_cmd_injection`, `xxe`
|
115
|
+
- Updated `/etc/passwd` content matching pattern.
|
116
|
+
- Passive
|
117
|
+
- Added
|
118
|
+
- `common_admin_intefaces` -- By Brendan Coles.
|
119
|
+
- `backdoors`, `backup_directories`, `backup_files`, `common_files`,
|
120
|
+
`directory_listing`
|
121
|
+
- Added MVC frameworks as exempt platforms since they do their own routing.
|
122
|
+
- Plugins
|
123
|
+
- Added
|
124
|
+
- `restrict_to_dom_state` -- Restricts the audit to a single page's DOM
|
125
|
+
state, based on a URL fragment.
|
126
|
+
- `metrics` -- Captures metrics about multiple aspects of the scan and
|
127
|
+
the web application.
|
128
|
+
- `autologin` -- Updated to fail gracefully in cases of an invisible form DOM elements.
|
129
|
+
- `login_script` -- Added support for Javascript login scripts.
|
130
|
+
- `proxy`
|
131
|
+
- Updated to show JSON and XML inputs in the inspection page.
|
132
|
+
- Added output message with instructions for server that use SSL.
|
133
|
+
- `vector_feed` -- Updated to support XML and JSON elements.
|
134
|
+
- Reporters
|
135
|
+
- `xml`
|
136
|
+
- Fixed bug causing vector `affected_input_name` to be blank.
|
137
|
+
- Fingerprinters -- Optimized across the board to prefer less resource intensive checks.
|
138
|
+
- Frameworks
|
139
|
+
- Rack -- Expanded signatures.
|
140
|
+
- Languages
|
141
|
+
- JSP renamed to Java and expanded signatures.
|
142
|
+
- PHP -- Expanded signatures.
|
143
|
+
- Python -- Expanded signatures.
|
144
|
+
- Servers
|
145
|
+
- Tomcat -- Expanded signatures.
|
146
|
+
- Added
|
147
|
+
- Frameworks
|
148
|
+
- Django
|
149
|
+
- Rails
|
150
|
+
- ASP.NET MVC
|
151
|
+
- CakePHP
|
152
|
+
- JSF
|
153
|
+
- CherryPy
|
154
|
+
- Servers
|
155
|
+
- Gunicorn
|
156
|
+
- Path extractors
|
157
|
+
- Added
|
158
|
+
- `data_url` -- Extracts paths from `data-url` attributes of `a` tags.
|
159
|
+
|
3
160
|
## 1.1 _(May 1, 2015)_
|
4
161
|
|
5
162
|
- `gemspec` -- Require Ruby >= 2.0.0.
|
@@ -96,6 +253,8 @@
|
|
96
253
|
- Added `.full_and_absolute_url?`.
|
97
254
|
- `Browser`
|
98
255
|
- Updated to extract JSON and XML input vectors from HTTP requests.
|
256
|
+
- `#cookies` -- Normalize cookies with quoted values since Watir doesn't take
|
257
|
+
care of that bit.
|
99
258
|
- `#shutdown` -- Fixed Selenium exceptions on dead browser process.
|
100
259
|
- `#to_page` -- Apply DOM metadata to page elements.
|
101
260
|
- `#spawn_phantomjs` -- Enabled `--disk-cache` option for `phantomjs`.
|
data/LICENSE.md
CHANGED
@@ -2,210 +2,140 @@
|
|
2
2
|
|
3
3
|
Copyright 2010-2015 [Tasos Laskos](mailto:tasos.laskos@arachni-scanner.com).
|
4
4
|
|
5
|
-
|
5
|
+
```
|
6
|
+
Arachni Public Source License
|
7
|
+
Version 1.0, June 2015
|
6
8
|
|
7
|
-
|
8
|
-
non-free license. Otherwise, the system can be used under the terms of
|
9
|
-
Apache License v2.0, found at the bottom of this document.
|
9
|
+
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
10
10
|
|
11
|
-
|
11
|
+
1. Definitions
|
12
12
|
|
13
|
-
|
14
|
-
|
13
|
+
"License" shall mean the terms and conditions for use, reproduction,
|
14
|
+
and distribution as defined by Sections 1 through 9 of this document.
|
15
15
|
|
16
|
-
|
17
|
-
the
|
16
|
+
"Licensor" shall mean the copyright owner or entity authorized by
|
17
|
+
the copyright owner that is granting the License.
|
18
18
|
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
19
|
+
"Legal Entity" shall mean the union of the acting entity and all
|
20
|
+
other entities that control, are controlled by, or are under common
|
21
|
+
control with that entity. For the purposes of this definition,
|
22
|
+
"control" means (i) the power, direct or indirect, to cause the
|
23
|
+
direction or management of such entity, whether by contract or
|
24
|
+
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
25
|
+
outstanding shares, or (iii) beneficial ownership of such entity.
|
24
26
|
|
25
|
-
|
26
|
-
|
27
|
-
clarify things for you and work with you to accommodate your requirements.
|
27
|
+
"You" (or "Your") shall mean an individual or Legal Entity
|
28
|
+
exercising permissions granted by this License.
|
28
29
|
|
29
|
-
|
30
|
-
to
|
30
|
+
"Source" form shall mean the preferred form for making modifications,
|
31
|
+
including but not limited to software source code, documentation
|
32
|
+
source, and configuration files.
|
31
33
|
|
32
|
-
|
34
|
+
"Object" form shall mean any form resulting from mechanical
|
35
|
+
transformation or translation of a Source form, including but
|
36
|
+
not limited to compiled object code, generated documentation,
|
37
|
+
and conversions to other media types.
|
33
38
|
|
34
|
-
|
39
|
+
"Work" shall mean the work of authorship, whether in Source or
|
40
|
+
Object form, made available under the License, as indicated by a
|
41
|
+
copyright notice that is included in or attached to the work.
|
35
42
|
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
stating that You changed the files; and
|
135
|
-
|
136
|
-
(c) You must retain, in the Source form of any Derivative Works
|
137
|
-
that You distribute, all copyright, patent, trademark, and
|
138
|
-
attribution notices from the Source form of the Work,
|
139
|
-
excluding those notices that do not pertain to any part of
|
140
|
-
the Derivative Works; and
|
141
|
-
|
142
|
-
(d) If the Work includes a "NOTICE" text file as part of its
|
143
|
-
distribution, then any Derivative Works that You distribute must
|
144
|
-
include a readable copy of the attribution notices contained
|
145
|
-
within such NOTICE file, excluding those notices that do not
|
146
|
-
pertain to any part of the Derivative Works, in at least one
|
147
|
-
of the following places: within a NOTICE text file distributed
|
148
|
-
as part of the Derivative Works; within the Source form or
|
149
|
-
documentation, if provided along with the Derivative Works; or,
|
150
|
-
within a display generated by the Derivative Works, if and
|
151
|
-
wherever such third-party notices normally appear. The contents
|
152
|
-
of the NOTICE file are for informational purposes only and
|
153
|
-
do not modify the License. You may add Your own attribution
|
154
|
-
notices within Derivative Works that You distribute, alongside
|
155
|
-
or as an addendum to the NOTICE text from the Work, provided
|
156
|
-
that such additional attribution notices cannot be construed
|
157
|
-
as modifying the License.
|
158
|
-
|
159
|
-
You may add Your own copyright statement to Your modifications and
|
160
|
-
may provide additional or different license terms and conditions
|
161
|
-
for use, reproduction, or distribution of Your modifications, or
|
162
|
-
for any such Derivative Works as a whole, provided Your use,
|
163
|
-
reproduction, and distribution of the Work otherwise complies with
|
164
|
-
the conditions stated in this License.
|
165
|
-
|
166
|
-
5. Submission of Contributions. Unless You explicitly state otherwise,
|
167
|
-
any Contribution intentionally submitted for inclusion in the Work
|
168
|
-
by You to the Licensor shall be under the terms and conditions of
|
169
|
-
this License, without any additional terms or conditions.
|
170
|
-
Notwithstanding the above, nothing herein shall supersede or modify
|
171
|
-
the terms of any separate license agreement you may have executed
|
172
|
-
with Licensor regarding such Contributions.
|
173
|
-
|
174
|
-
6. Trademarks. This License does not grant permission to use the trade
|
175
|
-
names, trademarks, service marks, or product names of the Licensor,
|
176
|
-
except as required for reasonable and customary use in describing the
|
177
|
-
origin of the Work and reproducing the content of the NOTICE file.
|
178
|
-
|
179
|
-
7. Disclaimer of Warranty. Unless required by applicable law or
|
180
|
-
agreed to in writing, Licensor provides the Work (and each
|
181
|
-
Contributor provides its Contributions) on an "AS IS" BASIS,
|
182
|
-
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
183
|
-
implied, including, without limitation, any warranties or conditions
|
184
|
-
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
185
|
-
PARTICULAR PURPOSE. You are solely responsible for determining the
|
186
|
-
appropriateness of using or redistributing the Work and assume any
|
187
|
-
risks associated with Your exercise of permissions under this License.
|
188
|
-
|
189
|
-
8. Limitation of Liability. In no event and under no legal theory,
|
190
|
-
whether in tort (including negligence), contract, or otherwise,
|
191
|
-
unless required by applicable law (such as deliberate and grossly
|
192
|
-
negligent acts) or agreed to in writing, shall any Contributor be
|
193
|
-
liable to You for damages, including any direct, indirect, special,
|
194
|
-
incidental, or consequential damages of any character arising as a
|
195
|
-
result of this License or out of the use or inability to use the
|
196
|
-
Work (including but not limited to damages for loss of goodwill,
|
197
|
-
work stoppage, computer failure or malfunction, or any and all
|
198
|
-
other commercial damages or losses), even if such Contributor
|
199
|
-
has been advised of the possibility of such damages.
|
200
|
-
|
201
|
-
9. Accepting Warranty or Additional Liability. While redistributing
|
202
|
-
the Work or Derivative Works thereof, You may choose to offer,
|
203
|
-
and charge a fee for, acceptance of support, warranty, indemnity,
|
204
|
-
or other liability obligations and/or rights consistent with this
|
205
|
-
License. However, in accepting such obligations, You may act only
|
206
|
-
on Your own behalf and on Your sole responsibility, not on behalf
|
207
|
-
of any other Contributor, and only if You agree to indemnify,
|
208
|
-
defend, and hold each Contributor harmless for any liability
|
209
|
-
incurred by, or claims asserted against, such Contributor by reason
|
210
|
-
of your accepting any such warranty or additional liability.
|
43
|
+
"Contribution" shall mean any work of authorship, including
|
44
|
+
the original version of the Work and any modifications or additions
|
45
|
+
to that Work, that is intentionally submitted to Licensor for inclusion in
|
46
|
+
the Work by the copyright owner or by an individual or Legal Entity
|
47
|
+
authorized to submit on behalf of the copyright owner. For the purposes of
|
48
|
+
this definition, "submitted" means any form of electronic, verbal, or
|
49
|
+
written communication sent to the Licensor or its representatives, including
|
50
|
+
but not limited to communication on electronic mailing lists, source code
|
51
|
+
control systems, and issue tracking systems that are managed by, or on
|
52
|
+
behalf of, the Licensor for the purpose of discussing and improving the Work,
|
53
|
+
but excluding communication that is conspicuously marked or otherwise
|
54
|
+
designated in writing by the copyright owner as "Not a Contribution."
|
55
|
+
|
56
|
+
"Contributor" shall mean Licensor and any individual or Legal Entity
|
57
|
+
on behalf of whom a Contribution has been received by Licensor and
|
58
|
+
subsequently incorporated within the Work.
|
59
|
+
|
60
|
+
"Commercialization" shall mean intention to use this software for commercial
|
61
|
+
advantage or monetary compensation.
|
62
|
+
|
63
|
+
Cases of commercialization include but are not limited to:
|
64
|
+
|
65
|
+
1. Use of the Work to provide commercial managed/Software-as-a-Service services.
|
66
|
+
2. Distribution of the Work as a commercial product or as part of one.
|
67
|
+
3. Use or distribution of the Work as a value added service/product.
|
68
|
+
|
69
|
+
Exempt cases:
|
70
|
+
|
71
|
+
1. Penetration testers (or penetration testing organizations) using
|
72
|
+
this Work as part of their manual assessment toolkit.
|
73
|
+
2. Using this Work to assess the security of Your own systems.
|
74
|
+
|
75
|
+
2. Basic Permissions
|
76
|
+
|
77
|
+
Use of the Work is permitted free of charge, provided that said use does not
|
78
|
+
involve Commercialization.
|
79
|
+
|
80
|
+
Any use of the Work, in whole or in part, involving Commercialization, is
|
81
|
+
strictly prohibited without the prior written consent of Licensor.
|
82
|
+
|
83
|
+
Should You require a license that allows for Commercialization, please contact
|
84
|
+
Licensor at:
|
85
|
+
license@arachni-scanner.com
|
86
|
+
|
87
|
+
In cases of uncertainty, clarifications can be provided by Licensor on a
|
88
|
+
case-by-case basis, please contact:
|
89
|
+
license@arachni-scanner.com
|
90
|
+
|
91
|
+
3. Redistribution
|
92
|
+
|
93
|
+
Redistribution is permitted under the following conditions:
|
94
|
+
|
95
|
+
1. Unmodified License is provided with the Work.
|
96
|
+
2. Unmodified Copyright notices are provided with the Work.
|
97
|
+
3. Does not conflict with Section 2.
|
98
|
+
|
99
|
+
4. Copying
|
100
|
+
|
101
|
+
Copying is permitted so long as it does not conflict with Section 3.
|
102
|
+
|
103
|
+
5. Modification
|
104
|
+
|
105
|
+
Modification is permitted so long as it does not conflict with Section 3.
|
106
|
+
|
107
|
+
6. Submission of Contributions
|
108
|
+
|
109
|
+
Upon submission, Contributor grants to Licensor a perpetual, worldwide,
|
110
|
+
non-exclusive, no-charge, royalty-free, irrevocable copyright and patent license
|
111
|
+
to reproduce, publicly display, publicly perform, sublicense, distribute, use,
|
112
|
+
offer to sell, sell, import, and otherwise transfer the Contribution in Source
|
113
|
+
or Object form.
|
114
|
+
|
115
|
+
7. Trademarks
|
116
|
+
|
117
|
+
This License does not grant permission to use the trade names, trademarks, service
|
118
|
+
marks, or product names of the Licensor.
|
119
|
+
|
120
|
+
8. Disclaimer of Warranty
|
121
|
+
|
122
|
+
Unless required by applicable law or agreed to in writing, Licensor provides the
|
123
|
+
Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT
|
124
|
+
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without
|
125
|
+
limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY,
|
126
|
+
or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the
|
127
|
+
appropriateness of using or redistributing the Work and assume any risks associated
|
128
|
+
with Your exercise of permissions under this License.
|
129
|
+
|
130
|
+
9. Limitation of Liability
|
131
|
+
|
132
|
+
In no event and under no legal theory, whether in tort (including negligence),
|
133
|
+
contract, or otherwise, unless required by applicable law (such as deliberate
|
134
|
+
and grossly negligent acts) or agreed to in writing, shall any Contributor be
|
135
|
+
liable to You for damages, including any direct, indirect, special, incidental,
|
136
|
+
or consequential damages of any character arising as a result of this License or
|
137
|
+
out of the use or inability to use the Work (including but not limited to damages
|
138
|
+
for loss of goodwill, work stoppage, computer failure or malfunction, or any and
|
139
|
+
all other commercial damages or losses), even if such Contributor has been advised
|
140
|
+
of the possibility of such damages.
|
211
141
|
```
|