Class: Arachni::Vulnerability
- Inherits:
-
Object
- Object
- Arachni::Vulnerability
- Defined in:
- lib/vulnerability.rb
Defined Under Namespace
Instance Attribute Summary (collapse)
-
- (String) cvssv2
The CVSS v2 score.
-
- (String) cwe
The CWE ID number of the vulnerability.
-
- (String) cwe_url
The CWE URL of the vulnerability.
-
- (String) description
The description of the vulnerability.
-
- (String) elem
The vulnerable element, link, form or cookie.
-
- (Hash<String, Hash>) headers
The headers exchanhed during the attack.
-
- (String) id
The string that identified the vulnerability.
-
- (String) injected
The injected data that revealed the vulnerability.
-
- (String) mod_name
The module that detected the vulnerability.
-
- (String) name
The name of the vulnerability.
-
- (Hash) references
References related to the vulnerability.
-
- (String) regexp
The regexp that identified the vulnerability.
-
- (String) regexp_match
The data that was matched by the regexp.
-
- (String) remedy_code
A code snipet showing the user how to remedy the situation.
-
- (String) remedy_guidance
A brief text informing the user how to remedy the situation.
-
- (String) response
The HTML response of the attack.
-
- (String) severity
To be assigned a constant form Vulnerability::Severity.
-
- (String) url
The vulnerable URL.
-
- (String) var
The vulnerable HTTP variable.
-
- (Object) variations
Placeholder variable to be populated by AuditStore#prepare_variations.
Instance Method Summary (collapse)
- - (Object) each
- - (Object) each_pair
-
- (Vulnerability) initialize(opts = {})
constructor
Sets up the instanse attributes.
- - (Object) remove_instance_var(var)
Constructor Details
- (Vulnerability) initialize(opts = {})
Sets up the instanse attributes
202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 |
# File 'lib/vulnerability.rb', line 202 def initialize( opts = {} ) opts.each { |k, v| begin send( "#{k.downcase}=", v ) rescue Exception => e end } opts['Vulnerability'].each { |k, v| begin send( "#{k.downcase}=", v ) rescue Exception => e end } if( @cwe ) @cwe_url = "http://cwe.mitre.org/data/definitions/" + @cwe + ".html" end @mod_name = opts['Name'] @references = opts['References'] end |
Instance Attribute Details
- (String) cvssv2
The CVSS v2 score
170 171 172 |
# File 'lib/vulnerability.rb', line 170 def cvssv2 @cvssv2 end |
- (String) cwe
The CWE ID number of the vulnerability
147 148 149 |
# File 'lib/vulnerability.rb', line 147 def cwe @cwe end |
- (String) cwe_url
The CWE URL of the vulnerability
154 155 156 |
# File 'lib/vulnerability.rb', line 154 def cwe_url @cwe_url end |
- (String) description
The description of the vulnerability
133 134 135 |
# File 'lib/vulnerability.rb', line 133 def description @description end |
- (String) elem
The vulnerable element, link, form or cookie
126 127 128 |
# File 'lib/vulnerability.rb', line 126 def elem @elem end |
- (Hash<String, Hash>) headers
The headers exchanhed during the attack
84 85 86 |
# File 'lib/vulnerability.rb', line 84 def headers @headers end |
- (String) id
The string that identified the vulnerability
105 106 107 |
# File 'lib/vulnerability.rb', line 105 def id @id end |
- (String) injected
The injected data that revealed the vulnerability
98 99 100 |
# File 'lib/vulnerability.rb', line 98 def injected @injected end |
- (String) mod_name
The module that detected the vulnerability
63 64 65 |
# File 'lib/vulnerability.rb', line 63 def mod_name @mod_name end |
- (String) name
The name of the vulnerability
56 57 58 |
# File 'lib/vulnerability.rb', line 56 def name @name end |
- (Hash) references
References related to the vulnerability
140 141 142 |
# File 'lib/vulnerability.rb', line 140 def references @references end |
- (String) regexp
The regexp that identified the vulnerability
112 113 114 |
# File 'lib/vulnerability.rb', line 112 def regexp @regexp end |
- (String) regexp_match
The data that was matched by the regexp
119 120 121 |
# File 'lib/vulnerability.rb', line 119 def regexp_match @regexp_match end |
- (String) remedy_code
A code snipet showing the user how to remedy the situation
184 185 186 |
# File 'lib/vulnerability.rb', line 184 def remedy_code @remedy_code end |
- (String) remedy_guidance
A brief text informing the user how to remedy the situation
177 178 179 |
# File 'lib/vulnerability.rb', line 177 def remedy_guidance @remedy_guidance end |
- (String) response
The HTML response of the attack
91 92 93 |
# File 'lib/vulnerability.rb', line 91 def response @response end |
- (String) severity
To be assigned a constant form Severity
163 164 165 |
# File 'lib/vulnerability.rb', line 163 def severity @severity end |
- (String) url
The vulnerable URL
77 78 79 |
# File 'lib/vulnerability.rb', line 77 def url @url end |
- (String) var
The vulnerable HTTP variable
70 71 72 |
# File 'lib/vulnerability.rb', line 70 def var @var end |
- (Object) variations
Placeholder variable to be populated by Arachni::AuditStore#prepare_variations
191 192 193 |
# File 'lib/vulnerability.rb', line 191 def variations @variations end |
Instance Method Details
- (Object) each
229 230 231 232 233 234 |
# File 'lib/vulnerability.rb', line 229 def each self.instance_variables.each { |var| yield( { normalize_name( var ) => instance_variable_get( var ) } ) } end |
- (Object) each_pair
236 237 238 239 240 241 |
# File 'lib/vulnerability.rb', line 236 def each_pair self.instance_variables.each { |var| yield normalize_name( var ), instance_variable_get( var ) } end |
- (Object) remove_instance_var(var)
243 244 245 |
# File 'lib/vulnerability.rb', line 243 def remove_instance_var( var ) remove_instance_variable( var ) end |