arachni 1.2 → 1.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (15) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +16 -0
  3. data/README.md +3 -1
  4. data/components/checks/passive/backdoors.rb +2 -2
  5. data/components/fingerprinters/frameworks/nette.rb +29 -0
  6. data/components/fingerprinters/frameworks/symfony.rb +28 -0
  7. data/components/plugins/proxy.rb +8 -4
  8. data/lib/arachni/http/proxy_server.rb +19 -8
  9. data/lib/arachni/platform/manager.rb +4 -0
  10. data/lib/version +1 -1
  11. data/spec/arachni/framework/parts/platform_spec.rb +3 -1
  12. data/spec/arachni/platform/manager_spec.rb +1 -1
  13. data/spec/components/fingerprinters/frameworks/nette_spec.rb +40 -0
  14. data/spec/components/fingerprinters/frameworks/symphony_spec.rb +22 -0
  15. metadata +8 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b7b04bebb490a564d756ded63b03da429d3f96cb
4
- data.tar.gz: d8b634d80fb6db78621fb574b6c52954da0cb201
3
+ metadata.gz: d17c2d7494c0ec0cbaf825b7f55ce71a90fb48ba
4
+ data.tar.gz: 3343cc7e23ed519a1b5e7e059aa3e88cf777ba32
5
5
  SHA512:
6
- metadata.gz: 84acf5244c5bb7e1c3dd05e1fe85f27087bbfa447c45dea559a4496fa7947bac87c75dd3c7e5550be5f1c87ed42ca69ffb825b62d3e59a1c789ac55148d8985b
7
- data.tar.gz: c2c0d02d9194befc03fc37d1b38a036f4ef448336f3c6b3e8ff5ac23140f4fc035e09b698a347a5c47738ec5c6aa25b42692e4979b951756920175fa6e587db9
6
+ metadata.gz: 697804e1e14595b202beada64a5b2b0296d33fb4b61714091084c4d2ef813af467470a31bb04f571aed438c18b4f1cef8c91ea1bf299f46580556372108ae1bc
7
+ data.tar.gz: 245fd98a16d683a668eddf41deb0783de006679352308b2c4e268a48a5f2bcfdd159431624a80d3d82f46633bcc4cf0d4ad2971afaff42a942a35d4939f608a4
data/CHANGELOG.md CHANGED
@@ -1,5 +1,21 @@
1
1
  # ChangeLog
2
2
 
3
+ ## 1.2.1 _(July 25, 2015)_
4
+
5
+ - HTTP
6
+ - `ProxyServer`
7
+ - Updated SSL interception to use different interceptors for each host.
8
+ - Shutdown on framework abort, instead of waiting for the user to shutdown
9
+ the proxy manually.
10
+ - Checks
11
+ - Passive
12
+ - `backdoors` -- Updated exempt platforms to all Framework platforms.
13
+ - Fingerprinters
14
+ - Added
15
+ - Frameworks
16
+ - Nette
17
+ - Symphony
18
+
3
19
  ## 1.2 _(July 16, 2015)_
4
20
 
5
21
  - Switched to Arachni Public Source License v1.0.
data/README.md CHANGED
@@ -3,7 +3,7 @@
3
3
  <table>
4
4
  <tr>
5
5
  <th>Version</th>
6
- <td>1.2</td>
6
+ <td>1.2.1</td>
7
7
  </tr>
8
8
  <tr>
9
9
  <th>Homepage</th>
@@ -340,6 +340,8 @@ Currently, the following platforms can be identified:
340
340
  - ASP.NET MVC
341
341
  - JSF
342
342
  - CherryPy
343
+ - Nette
344
+ - Symfony
343
345
 
344
346
  The user also has the option of specifying extra platforms (like a DB server)
345
347
  in order to help the system be as efficient as possible. Alternatively, fingerprinting
data/components/checks/passive/backdoors.rb CHANGED
@@ -29,8 +29,8 @@ class Arachni::Checks::Backdoors < Arachni::Check::Base
29
29
  description: %q{Tries to find common backdoors on the server.},
30
30
  elements: [Element::Server],
31
31
  author: 'Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com> ',
32
- version: '0.2.4',
33
- exempt_platforms: [ :ruby, :aspx_mvc, :django, :cakephp ],
32
+ version: '0.2.5',
33
+ exempt_platforms: Arachni::Platform::Manager::FRAMEWORKS,
34
34
 
35
35
  issue: {
36
36
  name: %q{A backdoor file exists on the server},
data/components/fingerprinters/frameworks/nette.rb ADDED
@@ -0,0 +1,29 @@
1
+ =begin
2
+ Copyright 2010-2015 Tasos Laskos <tasos.laskos@arachni-scanner.com>
3
+
4
+ This file is part of the Arachni Framework project and is subject to
5
+ redistribution and commercial restrictions. Please see the Arachni Framework
6
+ web site for more information on licensing and terms of use.
7
+ =end
8
+
9
+ module Arachni
10
+ module Platform::Fingerprinters
11
+
12
+ # Identifies Nette Framework cookies.
13
+ #
14
+ # @author Tomas Dobrotka <tomas@dobrotka.sk>
15
+ # @author Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>
16
+ # @version 0.1
17
+ class Nette < Platform::Fingerprinter
18
+
19
+ def run
20
+ return if !server_or_powered_by_include?( 'Nette' ) &&
21
+ !cookies.include?( 'nette-browser' )
22
+
23
+ platforms << :php << :nette
24
+ end
25
+
26
+ end
27
+
28
+ end
29
+ end
data/components/fingerprinters/frameworks/symfony.rb ADDED
@@ -0,0 +1,28 @@
1
+ =begin
2
+ Copyright 2010-2015 Tasos Laskos <tasos.laskos@arachni-scanner.com>
3
+
4
+ This file is part of the Arachni Framework project and is subject to
5
+ redistribution and commercial restrictions. Please see the Arachni Framework
6
+ web site for more information on licensing and terms of use.
7
+ =end
8
+
9
+ module Arachni
10
+ module Platform::Fingerprinters
11
+
12
+ # Identifies Default Symfony Framework cookie.
13
+ #
14
+ # @author Tomas Dobrotka <tomas@dobrotka.sk>
15
+ # @author Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>
16
+ # @version 0.1
17
+ class Symfony < Platform::Fingerprinter
18
+
19
+ def run
20
+ return if !cookies.include?( 'symfony' )
21
+
22
+ platforms << :php << :symfony
23
+ end
24
+
25
+ end
26
+
27
+ end
28
+ end
data/components/plugins/proxy.rb CHANGED
@@ -15,8 +15,6 @@ require 'ostruct'
15
15
  # data to {Arachni::Framework#push_to_page_queue} to be audited.
16
16
  #
17
17
  # @author Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>
18
- #
19
- # @version 0.3.2
20
18
  class Arachni::Plugins::Proxy < Arachni::Plugin::Base
21
19
 
22
20
  BASEDIR = "#{File.dirname( __FILE__ )}/proxy/"
@@ -74,7 +72,13 @@ class Arachni::Plugins::Proxy < Arachni::Plugin::Base
74
72
  print_info
75
73
 
76
74
  TemplateScope.get.set :params, {}
77
- @server.start
75
+
76
+ Thread.new do
77
+ @server.start
78
+ end
79
+
80
+ wait_while_framework_running
81
+ @server.shutdown
78
82
  end
79
83
 
80
84
  def clean_up
@@ -493,7 +497,7 @@ a way to restrict usage enough to avoid users unwittingly interfering with each
493
497
  others' sessions.
494
498
  },
495
499
  author: 'Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>',
496
- version: '0.3.3',
500
+ version: '0.3.4',
497
501
  options: [
498
502
  Options::Port.new( :port,
499
503
  description: 'Port to bind to.',
data/lib/arachni/http/proxy_server.rb CHANGED
@@ -63,6 +63,9 @@ class ProxyServer < WEBrick::HTTPProxyServer
63
63
  # Will force the proxy to stfu.
64
64
  @logger.close
65
65
 
66
+ @interceptor_ports = {}
67
+ @interceptors = {}
68
+
66
69
  super(
67
70
  BindAddress: @options[:address],
68
71
  Port: @options[:port],
@@ -111,6 +114,14 @@ class ProxyServer < WEBrick::HTTPProxyServer
111
114
  @tokens.max - @tokens.size
112
115
  end
113
116
 
117
+ def shutdown
118
+ @interceptors.each do |_, interceptor|
119
+ interceptor.shutdown
120
+ end
121
+
122
+ super
123
+ end
124
+
114
125
  private
115
126
 
116
127
  # Performs a GET request.
@@ -176,7 +187,7 @@ class ProxyServer < WEBrick::HTTPProxyServer
176
187
  def do_CONNECT( req, res )
177
188
  host = req.unparsed_uri.split(':').first
178
189
 
179
- req.instance_variable_set( :@unparsed_uri, "127.0.0.1:#{interceptor_port}" )
190
+ req.instance_variable_set( :@unparsed_uri, "127.0.0.1:#{interceptor_port( host )}" )
180
191
 
181
192
  start_ssl_interceptor( host )
182
193
 
@@ -211,7 +222,7 @@ class ProxyServer < WEBrick::HTTPProxyServer
211
222
  #
212
223
  # The interceptor will listen on {#interceptor_port}.
213
224
  def start_ssl_interceptor( host )
214
- return @interceptor if @interceptor
225
+ return @interceptors[host] if @interceptors[host]
215
226
 
216
227
  ca = OpenSSL::X509::Certificate.new( File.read( INTERCEPTOR_CA_CERTIFICATE ) )
217
228
  ca_key = OpenSSL::PKey::RSA.new( File.read( INTERCEPTOR_CA_KEY ) )
@@ -253,25 +264,25 @@ class ProxyServer < WEBrick::HTTPProxyServer
253
264
 
254
265
  # The interceptor is only used for SSL decryption/encryption, the actual
255
266
  # proxy functionality is forwarded to the plain proxy server.
256
- @interceptor = self.class.new(
267
+ @interceptors[host] = interceptor = self.class.new(
257
268
  address: '127.0.0.1',
258
- port: interceptor_port,
269
+ port: interceptor_port( host ),
259
270
  ssl_certificate: cert,
260
271
  ssl_private_key: keypair,
261
272
  service_handler: method( :proxy_service )
262
273
  )
263
274
 
264
- def @interceptor.service( request, response )
275
+ def interceptor.service( request, response )
265
276
  @options[:service_handler].call( request, response )
266
277
  end
267
278
 
268
- @interceptor.start_async
279
+ interceptor.start_async
269
280
  end
270
281
 
271
282
  # @return [Integer]
272
283
  # Picks and stores an available port number for the interceptor.
273
- def interceptor_port
274
- @interceptor_port ||= Utilities.available_port
284
+ def interceptor_port( host )
285
+ @interceptor_ports[host] ||= Utilities.available_port
275
286
  end
276
287
 
277
288
  # Communicates with the endpoint webapp and forwards its responses to the
data/lib/arachni/platform/manager.rb CHANGED
@@ -108,6 +108,8 @@ class Manager
108
108
  :rack,
109
109
  :rails,
110
110
  :cakephp,
111
+ :symfony,
112
+ :nette,
111
113
  :django,
112
114
  :aspx_mvc,
113
115
  :jsf,
@@ -165,6 +167,8 @@ class Manager
165
167
  rack: 'Rack',
166
168
  django: 'Django',
167
169
  cakephp: 'CakePHP',
170
+ nette: 'Nette Framework',
171
+ symfony: 'Symfony',
168
172
  rails: 'Ruby on Rails',
169
173
  aspx_mvc: 'ASP.NET MVC',
170
174
  jsf: 'JavaServer Faces',
data/lib/version CHANGED
@@ -1 +1 @@
1
- 1.2
1
+ 1.2.1
data/spec/arachni/framework/parts/platform_spec.rb CHANGED
@@ -59,7 +59,9 @@ describe Arachni::Framework::Parts::Platform do
59
59
  aspx_mvc: 'ASP.NET MVC',
60
60
  jsf: 'JavaServer Faces',
61
61
  cherrypy: 'CherryPy',
62
- cakephp: 'CakePHP'
62
+ cakephp: 'CakePHP',
63
+ symfony: 'Symfony',
64
+ nette: 'Nette Framework'
63
65
  }
64
66
  }
65
67
  end
data/spec/arachni/platform/manager_spec.rb CHANGED
@@ -420,7 +420,7 @@ describe Arachni::Platform::Manager do
420
420
  :tomcat, :asp, :aspx, :java, :perl, :php, :python, :ruby, :rack,
421
421
  :sybase, :frontbase, :ingres, :hsqldb, :access, :jetty, :mongodb,
422
422
  :aix, :sql, :nosql, :aspx_mvc, :rails, :django, :gunicorn, :cakephp,
423
- :cherrypy, :jsf].sort
423
+ :cherrypy, :jsf, :symfony, :nette].sort
424
424
  end
425
425
  end
426
426
 
data/spec/components/fingerprinters/frameworks/nette_spec.rb ADDED
@@ -0,0 +1,40 @@
1
+ require 'spec_helper'
2
+
3
+ describe Arachni::Platform::Fingerprinters::Nette do
4
+ include_examples 'fingerprinter'
5
+
6
+ def platforms
7
+ [:php, :nette]
8
+ end
9
+
10
+ context 'when there is a Server header' do
11
+ it 'identifies it as Nette' do
12
+ check_platforms Arachni::Page.from_data(
13
+ url: 'http://stuff.com/blah',
14
+ response: { headers: { 'Server' => 'Nette/0.1' } }
15
+ )
16
+ end
17
+ end
18
+
19
+ context 'when there is an X-Powered-By header' do
20
+ it 'identifies it as Nette' do
21
+ check_platforms Arachni::Page.from_data(
22
+ url: 'http://stuff.com/blah',
23
+ response: { headers: { 'X-Powered-By' => 'Nette/0.1' } }
24
+ )
25
+ end
26
+ end
27
+
28
+ context 'when there is a nette-browser cookie' do
29
+ it 'identifies it as Nette' do
30
+ check_platforms Arachni::Page.from_data(
31
+ url: 'http://stuff.com/blah',
32
+ cookies: [Arachni::Cookie.new(
33
+ url: 'http://stuff.com/blah',
34
+ inputs: { 'nette-browser' => 'stuff' } )]
35
+
36
+ )
37
+ end
38
+ end
39
+
40
+ end
data/spec/components/fingerprinters/frameworks/symphony_spec.rb ADDED
@@ -0,0 +1,22 @@
1
+ require 'spec_helper'
2
+
3
+ describe Arachni::Platform::Fingerprinters::Symfony do
4
+ include_examples 'fingerprinter'
5
+
6
+ def platforms
7
+ [:php, :symfony]
8
+ end
9
+
10
+ context 'when there is a symfony cookie' do
11
+ it 'identifies it as Symfony' do
12
+ check_platforms Arachni::Page.from_data(
13
+ url: 'http://stuff.com/blah',
14
+ cookies: [Arachni::Cookie.new(
15
+ url: 'http://stuff.com/blah',
16
+ inputs: { 'symfony' => 'stuff' } )]
17
+
18
+ )
19
+ end
20
+ end
21
+
22
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: arachni
3
3
  version: !ruby/object:Gem::Version
4
- version: '1.2'
4
+ version: 1.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tasos Laskos
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-07-16 00:00:00.000000000 Z
11
+ date: 2015-07-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack
@@ -438,8 +438,10 @@ files:
438
438
  - components/fingerprinters/frameworks/cherrypy.rb
439
439
  - components/fingerprinters/frameworks/django.rb
440
440
  - components/fingerprinters/frameworks/jsf.rb
441
+ - components/fingerprinters/frameworks/nette.rb
441
442
  - components/fingerprinters/frameworks/rack.rb
442
443
  - components/fingerprinters/frameworks/rails.rb
444
+ - components/fingerprinters/frameworks/symfony.rb
443
445
  - components/fingerprinters/languages/asp.rb
444
446
  - components/fingerprinters/languages/aspx.rb
445
447
  - components/fingerprinters/languages/java.rb
@@ -1111,8 +1113,10 @@ files:
1111
1113
  - spec/components/fingerprinters/frameworks/cherrypy_spec.rb
1112
1114
  - spec/components/fingerprinters/frameworks/django_spec.rb
1113
1115
  - spec/components/fingerprinters/frameworks/jsf_spec.rb
1116
+ - spec/components/fingerprinters/frameworks/nette_spec.rb
1114
1117
  - spec/components/fingerprinters/frameworks/rack_spec.rb
1115
1118
  - spec/components/fingerprinters/frameworks/rails_spec.rb
1119
+ - spec/components/fingerprinters/frameworks/symphony_spec.rb
1116
1120
  - spec/components/fingerprinters/languages/asp_spec.rb
1117
1121
  - spec/components/fingerprinters/languages/aspx_spec.rb
1118
1122
  - spec/components/fingerprinters/languages/java_spec.rb
@@ -1910,9 +1914,11 @@ test_files:
1910
1914
  - spec/components/fingerprinters/languages/asp_spec.rb
1911
1915
  - spec/components/fingerprinters/frameworks/rails_spec.rb
1912
1916
  - spec/components/fingerprinters/frameworks/django_spec.rb
1917
+ - spec/components/fingerprinters/frameworks/symphony_spec.rb
1913
1918
  - spec/components/fingerprinters/frameworks/rack_spec.rb
1914
1919
  - spec/components/fingerprinters/frameworks/aspx_mvc_spec.rb
1915
1920
  - spec/components/fingerprinters/frameworks/cakephp_spec.rb
1921
+ - spec/components/fingerprinters/frameworks/nette_spec.rb
1916
1922
  - spec/components/fingerprinters/frameworks/jsf_spec.rb
1917
1923
  - spec/components/fingerprinters/frameworks/cherrypy_spec.rb
1918
1924
  - spec/spec_helper.rb