Class: Arachni::Module::Base Abstract

Inherits:
Object
  • Object
show all
Includes:
Auditor, Trainer
Defined in:
lib/module/base.rb

Overview

This class is abstract.

Arachni’s base module class
To be extended by Arachni::Modules.

Defines basic structure and provides utilities to modules.

@author: Anastasios “Zapotek” Laskos 

                                     <tasos.laskos@gmail.com>
                                     <zapotek@segfault.gr>

@version: 0.1-pre

Direct Known Subclasses

s::Audit::AuditObjects, s::Audit::Eval, s::Audit::ResponseSplitting, s::Audit::SQLInjection, s::Audit::SimpleCmdExec, s::Audit::SimpleRFI, s::Audit::XSS, s::Recon::BackupFiles, s::Recon::ExtractObjects

Instance Attribute Summary (collapse)

Class Method Summary (collapse)

Instance Method Summary (collapse)

Methods included from Auditor

#audit_cookies, #audit_forms, #audit_headers, #audit_links, #get_matches, #inject_each_var

Methods included from Trainer

#train

Methods included from ElementDB

#init_cookies, #init_forms, #init_links, #update_cookies, #update_forms, #update_links, #work_on_cookies, #work_on_forms, #work_on_links

Constructor Details

- (Base) initialize(page)

Initializes the module attributes, HTTP client and Arachni::Module::Trainer

Parameters:

See Also:



59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
# File 'lib/module/base.rb', line 59

def initialize( page )
    
    @page  = page
    @http  = Arachni::Module::HTTP.new( @page.url )
    
    if( @page.cookiejar )
        @http.set_cookies( @page.cookiejar )
    end
    
    @@last_url ||= ''
    if( @@last_url != @page.url )
        init_forms( get_forms )
        init_links( get_links )
        init_cookies( get_cookies )
        
        @@last_url = @page.url
    end
    
    #
    # This is a callback.
    # The block will be called for every HTTP response
    # we get during the audit.
    #
    # It's used to train Arachni.
    #
    @http.add_trainer{ |res, url| train( res, url ) }
    
end

Instance Attribute Details

- (Arachni::HTTP) http (readonly)

Arachni::HTTP instance for the modules

Returns:

  • (Arachni::HTTP) 


42
43
44
 
# File 'lib/module/base.rb', line 42

def http
  @http
end

- (Page) page (readonly)

Arachni::Page instance

Returns:



49
50
51
 
# File 'lib/module/base.rb', line 49

def page
  @page
end

Class Method Details

+ (Object) deps

ABSTRACT - OPTIONAL

In case you depend on other modules you can return an array of their names (not their class names, the module names as they appear by the “-l” CLI argument) and they will be loaded for you.

This is also great for creating audit/discovery/whatever profiles. 



171
172
173
174
175
 
# File 'lib/module/base.rb', line 171

def self.deps
    # example:
    # ['eval', 'sqli']
    []
end

+ (Object) info

ABSTRACT - REQUIRED

Provides information about the module. Don’t take this lightly and don’t ommit any of the info. 



118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
 
# File 'lib/module/base.rb', line 118

def self.info
    {
        'Name'           => 'Base module abstract class',
        'Description'    => %q{Provides an abstract the modules should implement.},
        #
        # Arachni needs to know what elements the module plans to audit
        # before invoking it.
        # If a page doesn't have any of those elements
        # there's no point in instantiating the module.
        #
        # If you want the module to run no-matter what leave the array
        # empty.
        #
        # 'Elements'       => [
        #     Vulnerability::Element::FORM,
        #     Vulnerability::Element::LINK,
        #     Vulnerability::Element::COOKIE,
        #     Vulnerability::Element::HEADER
        # ],
        'Elements'       => [],
        'Author'         => 'zapotek',
        'Version'        => '$Rev: 377 $',
        'References'     => {
        },
        'Targets'        => { 'Generic' => 'all' },
        'Vulnerability'   => {
            'Description' => %q{},
            'CWE'         => '',
            #
            # Severity can be:
            #
            # Vulnerability::Severity::HIGH
            # Vulnerability::Severity::MEDIUM
            # Vulnerability::Severity::LOW
            # Vulnerability::Severity::INFORMATIONAL
            #
            'Severity'    => '',
            'CVSSV2'       => '',
            'Remedy_Guidance'    => '',
            'Remedy_Code' => '',
        }
    }
end

Instance Method Details

- (Object) clean_up

ABSTRACT - OPTIONAL

This is called after run() has finished executing, 



109
110
 
# File 'lib/module/base.rb', line 109

def clean_up( )
end

- (Hash) get_cookie_simple(cookie)

Returns a cookie from #get_cookies as a name=>value hash

Parameters:

  • (Hash) cookie

Returns:

  • (Hash)

    simple cookie 



297
298
299
 
# File 'lib/module/base.rb', line 297

def get_cookie_simple( cookie )
    return { cookie['name'] => cookie['value'] }
end

- (Array) get_cookies

Returns extended cookie information from Arachni::Page#elements

Returns:

  • (Array)

    the cookie attributes, values, etc

See Also:



267
268
269
 
# File 'lib/module/base.rb', line 267

def get_cookies
    @page.get_cookies( )
end

- (Hash) get_cookies_simple(incookies = nil)

Returns cookies from #get_cookies as a name=>value hash

Returns:

  • (Hash)

    the cookie attributes, values, etc 



276
277
278
279
280
281
282
283
284
285
286
287
288
 
# File 'lib/module/base.rb', line 276

def get_cookies_simple( incookies = nil )
    cookies = Hash.new( )
    
    incookies = get_cookies( ) if !incookies
    
    incookies.each {
        |cookie|
        cookies[cookie['name']] = cookie['value']
    }
    
    return cookies if !@page.cookiejar
    @page.cookiejar.merge( cookies )
end

- (Object) get_data_file(filename, &block)

Gets module data files from ‘modules/[modtype]/[modname]/[filename]’

Parameters:

  • (String) filename

    filename, without the path

  • (Block) the

    block to be passed each line as it’s read 



353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
 
# File 'lib/module/base.rb', line 353

def get_data_file( filename, &block )
    
    # the path of the module that called us
    mod_path = block.source_location[0]
    
    # the name of the module that called us
    mod_name = File.basename( mod_path, ".rb")
    
    # the path to the module's data file directory
    path    = File.expand_path( File.dirname( mod_path ) ) +
        '/' + mod_name + '/'
            
    file = File.open( path + '/' + filename ).each {
        |line|
        yield line.strip
    }
    
    file.close
         
end

- (Array) get_form_simple(form)

Returns the form with its attributes and auditable inputs as a name=>value hash

Returns:

  • (Array) 


220
221
222
223
224
225
226
227
228
229
230
231
232
233
 
# File 'lib/module/base.rb', line 220

def get_form_simple( form )
    
    return if !form['auditable']
    
    new_form = Hash.new
    new_form['attrs'] = form['attrs']
    new_form['auditable'] = {}
    form['auditable'].each {
        |item|
        if( !item['name'] ) then next end
        new_form['auditable'][item['name']] = item['value']
    }
    return new_form
end

- (Aray) get_forms

Returns extended form information from Arachni::Page#elements

Returns:

  • (Aray)

    forms with attributes, values, etc

See Also:



184
185
186
 
# File 'lib/module/base.rb', line 184

def get_forms
    @page.get_forms( )
end

- (Array) get_forms_simple

Returns an array of forms from #get_forms with its attributes and
its auditable inputs as a name=>value hash

Returns:

  • (Array) 


206
207
208
209
210
211
212
213
 
# File 'lib/module/base.rb', line 206

def get_forms_simple( )
    forms = []
    get_forms( ).each_with_index {
        |form|
        forms << get_form_simple( form )
    }
    forms
end

- (Aray) get_links

Returns extended link information from Arachni::Page#elements

Returns:

  • (Aray)

    link with attributes, variables, etc

See Also:



196
197
198
 
# File 'lib/module/base.rb', line 196

def get_links
    @page.get_links( )
end

- (Hash) get_links_simple

Returns links from #get_links as a name=>value hash with href as key

Returns:

  • (Hash) 


240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
 
# File 'lib/module/base.rb', line 240

def get_links_simple
    links = Hash.new
    get_links( ).each_with_index {
        |link, i|
        
        if( !link['vars'] || link['vars'].size == 0 ) then next end
            
        links[link['href']] = Hash.new
        link['vars'].each_pair {
            |name, value|
            
            if( !name || !link['href'] ) then next end
                
            links[link['href']][name] = value
        }
        
    }
    links
end

- (Hash) get_request_headers(merge = false)

Returns a hash of request headers.

If ‘merge’ is set to ‘true’ cookies will be skipped.
If you need to audit cookies use #get_cookies or Arachni::Module::Auditor#audit_cookies.

Parameters:

Returns:

  • (Hash)

See Also:



314
315
316
317
318
319
320
321
322
323
324
325
326
327
 
# File 'lib/module/base.rb', line 314

def get_request_headers( merge = false )
    
    if( merge == true && @page.request_headers )
        begin
        ( headers = ( @http.init_headers ).
            merge( @page.request_headers ) ).delete( 'cookie' )
        rescue
            headers = {}
        end
        return headers 
    end
    
   return @http.init_headers
end

- (Hash) get_response_headers(res)

Returns the headers from a Net::HTTP response as a hash

Parameters:

  • (Net::HTTPResponse) res

Returns:

  • (Hash) 


336
337
338
339
340
341
342
343
344
345
 
# File 'lib/module/base.rb', line 336

def get_response_headers( res )
    
    header = Hash.new
    res.each_capitalized {
        |key|
        header[key] = res.get_fields( key ).join( "\n" )
    }
    
    header
end

- (Object) prepare

ABSTRACT - OPTIONAL

It provides you with a way to setup your module’s data and methods. 



93
94
 
# File 'lib/module/base.rb', line 93

def prepare( )
end

- (Object) run

ABSTRACT - REQUIRED

This is used to deliver the module’s payload whatever it may be. 



101
102
 
# File 'lib/module/base.rb', line 101

def run( )
end