Class: Arachni::Page

Inherits:

Object

• Object
• Arachni::Page

Includes:

Utilities

Defined in:

lib/arachni/page.rb,
lib/arachni/page/dom.rb,
lib/arachni/page/scope.rb,
lib/arachni/page/dom/transition.rb

Overview

It holds page data like elements, cookies, headers, etc…

Author:

• Tasos “Zapotek” Laskos <tasos.laskos@arachni-scanner.com>

Defined Under Namespace

Classes: DOM, Error, Scope

Constant Summary

ELEMENTS =

[
    :links, :forms, :cookies, :headers, :link_templates, :jsons, :xmls
]

METADATA =

[ :nonce_name, :skip_dom ]

Instance Attribute Summary

• #cache ⇒ Hash readonly
• #dom ⇒ DOM

  DOM snapshot.

• #element_audit_whitelist ⇒ Set<Integer> readonly

  Audit whitelist based on Element::Capabilities::Auditable#coverage_hash.

• #metadata ⇒ Hash readonly

  Holds page data that will need to persist between #clear_cache calls and other utility data.

• #response ⇒ HTTP::Response readonly

  HTTP response.

Class Method Summary

• ._load(data) ⇒ Object
• .from_data(data) ⇒ Object
• .from_response(response) ⇒ Page
• .from_rpc_data(data) ⇒ Page
• .from_url(url, opts = {}, &block) ⇒ Page

Instance Method Summary

• #==(other) ⇒ Object
• #_dump(_) ⇒ Object
• #audit_element?(element) ⇒ Bool

  ‘true` if the element should be audited, `false` otherwise.

• #body ⇒ String

  HTTP response body.

• #body=(string) ⇒ Object
• #clear_cache ⇒ Page

  ‘self` with caches cleared.

• #code ⇒ String

  URL of the page.

• #cookie_jar ⇒ Array<Element::Cookie>

  Cookies extracted from the supplied cookie-jar.

• #do_not_audit_elements ⇒ Object

  It forces #audit_element? to always returns false.

• #document ⇒ Nokogiri::HTML

  Parsed HTML document.

• #dup ⇒ Object
• #elements ⇒ Array<Element::Base>

  All page elements.

• #elements_within_scope ⇒ Array<Element::Base>

  All page elements that are within the scope of the scan.

• #eql?(other) ⇒ Boolean
• #has_script? ⇒ Boolean

  ‘true` if the page contains client-side code, `false` otherwise.

• #hash ⇒ Object
• #import_metadata(other, metas = METADATA) ⇒ Object
• #initialize(options) ⇒ Page constructor

  Needs either a ‘:parser` or a `:response` or user provided data.

• #method(*args) ⇒ String

  The request method that returned the page.

• #parsed_url ⇒ Arachni::URI
• #parser ⇒ Parser
• #paths ⇒ Array<String>

  Paths contained in this page.

• #performer ⇒ Object

  Object which performed the #request which lead to this page.

• #persistent_hash ⇒ Object
• #platforms ⇒ Platform

  Applicable platforms for the page.

• #prepare_for_report ⇒ Object
• #query_vars ⇒ Hash

  URL query parameters.

• #reload_metadata ⇒ Object
• #request ⇒ HTTP::Request

  HTTP request.

• #scope ⇒ Scope
• #text? ⇒ Boolean

  ‘true` if the body of the page is text-base, `false` otherwise.

• #title ⇒ String

  Title of the page.

• #to_h ⇒ Hash (also: #to_hash)

  Converts the page data to a hash.

• #to_initialization_options ⇒ Object
• #to_rpc_data ⇒ Hash

  Data representing this instance that are suitable the RPC transmission.

• #to_s ⇒ Object (also: #inspect)
• #update_element_audit_whitelist(list) ⇒ Set

  #element_audit_whitelist.

• #update_metadata ⇒ Object
• #url ⇒ String

  URL of the page.

Methods included from Utilities

#available_port, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_document, #cookies_from_file, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_document, #forms_from_response, #full_and_absolute_url?, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_document, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #regexp_array_match, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite

Constructor Details

#initialize(options) ⇒ Page

Needs either a ‘:parser` or a `:response` or user provided data.

Parameters:

• options (Hash) —

  Hash from which to set instance attributes.

Options Hash (options):

• :response (Array<HTTP::Response>, HTTP::Response) —

  HTTP response of the page – or array of responses for the page for content refinement.

• :parser (Parser) —

  An instantiated Arachni::Parser.

# File 'lib/arachni/page.rb', line 144

def initialize( options )
    fail ArgumentError, 'Options cannot be empty.' if options.empty?
    options = options.dup

    @cache = {}

    @do_not_audit_elements = options.delete(:do_not_audit_elements)

    @cache[:parser] = options.delete(:parser)
    @response = @cache[:parser].response if @cache[:parser]

    # We need to know whether or not the page has been dynamically updated
    # with elements, in order to optimize #dup and #hash operations.
    @has_custom_elements = Set.new

    @metadata ||= {}

    options.each do |k, v|
        send( "#{k}=", try_dup( v ) )
    end

    @dom = DOM.new( (options[:dom] || {}).merge( page: self ) )

    fail ArgumentError, 'No URL given!' if !url

    Platform::Manager.fingerprint( self )

    @element_audit_whitelist ||= []
    @element_audit_whitelist   = Set.new( @element_audit_whitelist )
end

Instance Attribute Details

#cache ⇒ Hash (readonly)

Returns:

• (Hash)

# File 'lib/arachni/page.rb', line 120

def cache
  @cache
end

#dom ⇒ DOM

Returns DOM snapshot.

Returns:

• (DOM) —

  DOM snapshot.

# File 'lib/arachni/page.rb', line 111

def dom
  @dom
end

#element_audit_whitelist ⇒ Set<Integer> (readonly)

Returns Audit whitelist based on Element::Capabilities::Auditable#coverage_hash.

Returns:

• (Set<Integer>) —

  Audit whitelist based on Element::Capabilities::Auditable#coverage_hash.

See Also:

• #update_element_audit_whitelist
• #audit_element?
• Check::Auditor#skip?

# File 'lib/arachni/page.rb', line 133

def element_audit_whitelist
  @element_audit_whitelist
end

#metadata ⇒ Hash (readonly)

Returns Holds page data that will need to persist between #clear_cache calls and other utility data.

Returns:

• (Hash) —

  Holds page data that will need to persist between #clear_cache calls and other utility data.

# File 'lib/arachni/page.rb', line 125

def metadata
  @metadata
end

#response ⇒ HTTP::Response (readonly)

Returns HTTP response.

Returns:

• (HTTP::Response) —

  HTTP response.

# File 'lib/arachni/page.rb', line 115

def response
  @response
end

Class Method Details

._load(data) ⇒ Object

# File 'lib/arachni/page.rb', line 575

def self._load( data )
    new( Marshal.load( data ) )
end

.from_data(data) ⇒ Object

Parameters:

• options (Hash) —

  a customizable set of options

# File 'lib/arachni/page.rb', line 82

def self.from_data( data )
    data = data.dup

    data[:response]        ||= {}
    data[:response][:code] ||= 200
    data[:response][:url]  ||= data.delete( :url )
    data[:response][:body] ||= data.delete( :body ) || ''

    data[:response][:request]       ||= {}
    data[:response][:request][:url] ||= data[:response][:url]

    ELEMENTS.each { |e| data[e] ||= [] }

    data[:cookie_jar] ||= []

    data[:response][:request] = Arachni::HTTP::Request.new( data[:response][:request] )
    data[:response]           = Arachni::HTTP::Response.new( data[:response] )

    new data
end

.from_response(response) ⇒ Page

Parameters:

• response (HTTP::Response) —

  HTTP response to parse.

Returns:

• (Page)

# File 'lib/arachni/page.rb', line 59

def self.from_response( response )
    Parser.new( response ).page
end

.from_rpc_data(data) ⇒ Page

Parameters:

• data (Hash) —

  #to_rpc_data

Returns:

• (Page)

# File 'lib/arachni/page.rb', line 543

def self.from_rpc_data( data )
    dom = data.delete('dom')
    normalized_data = {}
    data.each do |name, value|

        value = case name
                    when 'response'
                        HTTP::Response.from_rpc_data( value )

                    when *ELEMENTS.map(&:to_s)
                        value.map do |e|
                            Element.const_get(name[0...-1].capitalize.to_sym).from_rpc_data( e )
                        end.to_a

                    else
                        value
                end

        normalized_data[name.to_sym] = value
    end

    instance = new( normalized_data )
    instance.instance_variable_set(
        '@dom', DOM.from_rpc_data( dom.merge( page: instance ) )
    )
    instance
end

.from_url(url, opts = {}, &block) ⇒ Page

Parameters:

• url (String) —

  URL to fetch.

• opts (Hash) (defaults to: {})
• block (Block) —

  Block to which to pass the page object. If given, the request will be performed asynchronously. If no block is given, the page will be fetched synchronously and be returned by this method.

Options Hash (opts):

• :precision (Integer) — default: 2 —

  How many times to request the page and examine changes between requests. Used tp identify nonce tokens etc.

• :http (Hash) —

  HTTP request options.

Returns:

• (Page)

# File 'lib/arachni/page.rb', line 37

def self.from_url( url, opts = {}, &block )
    responses = []

    opts[:precision] ||= 2
    opts[:precision].times do
        HTTP::Client.get( url, opts[:http] || {} ) do |res|
            responses << res
            next if responses.size != opts[:precision]
            block.call( from_response( responses ) ) if block_given?
        end
    end

    if !block_given?
        HTTP::Client.run
        from_response( responses )
    end
end

Instance Method Details

#==(other) ⇒ Object

# File 'lib/arachni/page.rb', line 449

def ==( other )
    hash == other.hash
end

#_dump(_) ⇒ Object

# File 'lib/arachni/page.rb', line 571

def _dump( _ )
    Marshal.dump( to_initialization_options )
end

#audit_element?(element) ⇒ Bool

Returns ‘true` if the element should be audited, `false` otherwise.

Parameters:

• element (Element::Capabilities::Auditable, Integer) —

  Element or Element::Capabilities::Auditable#coverage_hash.

Returns:

• (Bool) —

  ‘true` if the element should be audited, `false` otherwise.

See Also:

• #element_audit_whitelist
• Check::Auditor#skip?

# File 'lib/arachni/page.rb', line 226

def audit_element?( element )
    return if @do_not_audit_elements
    return true if @element_audit_whitelist.empty?
    @element_audit_whitelist.include?(
        element.is_a?( Integer ) ? element : element.coverage_hash
    )
end

#body ⇒ String

Returns HTTP response body.

Returns:

• (String) —

  HTTP response body.

# File 'lib/arachni/page.rb', line 266

def body
    return '' if !@body && !@response
    @body ||= response.body
end

#body=(string) ⇒ Object

Parameters:

• string (String) —

  Page body.

# File 'lib/arachni/page.rb', line 273

def body=( string )
    @has_javascript = nil
    clear_cache

    @body = string.to_s.dup.freeze
end

#clear_cache ⇒ Page

Note:

Will preserve caches for elements which have been externally modified.

Returns ‘self` with caches cleared.

Returns:

• (Page) —

  ‘self` with caches cleared.

# File 'lib/arachni/page.rb', line 347

def clear_cache
    ELEMENTS.each do |type|
        next if @has_custom_elements.include? type
        # Remove the association to this page before clearing the elements
        # from cache to make it easier on the GC.
        (@cache[type] || []).each { |e| e.page = nil }
    end

    @cache.delete_if { |k, _| !@has_custom_elements.include? k }
    self
end

#code ⇒ String

Returns URL of the page.

Returns:

• (String) —

  URL of the page.

# File 'lib/arachni/page.rb', line 253

def code
    return 0 if !@code && !response
    @code ||= response.code
end

#cookie_jar ⇒ Array<Element::Cookie>

Returns Cookies extracted from the supplied cookie-jar.

Returns:

• (Array<Element::Cookie>) —

  Cookies extracted from the supplied cookie-jar.

# File 'lib/arachni/page.rb', line 297

def cookie_jar
    @cookie_jar ||= (parser ? parser.cookie_jar : [])
end

#do_not_audit_elements ⇒ Object

It forces #audit_element? to always returns false.

# File 'lib/arachni/page.rb', line 235

def do_not_audit_elements
    @do_not_audit_elements = true
end

#document ⇒ Nokogiri::HTML

Returns Parsed HTML document.

Returns:

• (Nokogiri::HTML) —

  Parsed HTML document.

# File 'lib/arachni/page.rb', line 339

def document
    @cache[:document] ||= (parser.nil? ? Nokogiri::HTML( body ) : parser.document)
end

#dup ⇒ Object

# File 'lib/arachni/page.rb', line 457

def dup
    self.class.new to_initialization_options
end

#elements ⇒ Array<Element::Base>

Returns All page elements.

Returns:

• (Array<Element::Base>) —

  All page elements.

# File 'lib/arachni/page.rb', line 317

def elements
    ELEMENTS.map { |type| send( type ) }.flatten
end

#elements_within_scope ⇒ Array<Element::Base>

Returns All page elements that are within the scope of the scan.

Returns:

• (Array<Element::Base>) —

  All page elements that are within the scope of the scan.

# File 'lib/arachni/page.rb', line 323

def elements_within_scope
    ELEMENTS.map do |type|
        next if !Options.audit.element? type
        send( type ).select { |e| e.scope.in? }
    end.flatten.compact
end

#eql?(other) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/arachni/page.rb', line 453

def eql?( other )
    self == other
end

#has_script? ⇒ Boolean

Returns ‘true` if the page contains client-side code, `false` otherwise.

Returns:

• (Boolean) —

  ‘true` if the page contains client-side code, `false` otherwise.

# File 'lib/arachni/page.rb', line 379

def has_script?
    return @has_javascript if !@has_javascript.nil?

    if !response.headers.content_type.to_s.start_with?( 'text/html' ) ||
        !text? || !document
        return @has_javascript = false
    end

    # First check, quick and simple.
    return @has_javascript = true if document.css( 'script' ).any?

    # Check for event attributes, if there are any then there's JS to be
    # executed.
    Browser::Javascript.events.flatten.each do |event|
        return @has_javascript = true if document.xpath( "//*[@#{event}]" ).any?
    end

    # If there's 'javascript:' in 'href' and 'action' attributes then
    # there's JS to be executed.
    [:action, :href].each do |candidate|
        document.xpath( "//*[@#{candidate}]" ).each do |attribute|
            if attribute.attributes[candidate.to_s].to_s.start_with?( 'javascript:' )
                return @has_javascript = true
            end
        end
    end

    @has_javascript = false
end

#hash ⇒ Object

# File 'lib/arachni/page.rb', line 445

def hash
    digest.hash
end

#import_metadata(other, metas = METADATA) ⇒ Object

# File 'lib/arachni/page.rb', line 477

def import_metadata( other, metas = METADATA )
    [metas].flatten.each do |meta|
        other.metadata.each do |element_type, data|
            @metadata[element_type] ||= {}
            @metadata[element_type][meta.to_s] ||= {}
            @metadata[element_type][meta.to_s].merge!( data[meta.to_s] )
        end
    end

    reload_metadata

    self
end

#method(*args) ⇒ String

Returns The request method that returned the page.

Returns:

• (String) —

  The request method that returned the page

# File 'lib/arachni/page.rb', line 332

def method( *args )
    return super( *args ) if args.any?
    response.request.method
end

#parsed_url ⇒ Arachni::URI

Returns:

• (Arachni::URI)

# File 'lib/arachni/page.rb', line 187

def parsed_url
    Arachni::URI( url )
end

#parser ⇒ Parser

Returns:

• (Parser)

# File 'lib/arachni/page.rb', line 192

def parser
    return if !@response
    return @cache[:parser] if @cache[:parser]

    @cache[:parser] = Parser.new( @response )

    # The page may have a browser-assigned body, set it as the one to parse.
    @cache[:parser].body = body
    @cache[:parser]
end

#paths ⇒ Array<String>

Returns Paths contained in this page.

Returns:

• (Array<String>) —

  Paths contained in this page.

See Also:

• Arachni::Parser#paths

# File 'lib/arachni/page.rb', line 305

def paths
    @cache[:paths] ||= parser ? parser.paths : []
end

#performer ⇒ Object

Returns Object which performed the #request which lead to this page.

Returns:

• (Object) —

  Object which performed the #request which lead to this page.

# File 'lib/arachni/page.rb', line 182

def performer
    request.performer
end

#persistent_hash ⇒ Object

# File 'lib/arachni/page.rb', line 441

def persistent_hash
    digest.persistent_hash
end

#platforms ⇒ Platform

Returns Applicable platforms for the page.

Returns:

• (Platform) —

  Applicable platforms for the page.

# File 'lib/arachni/page.rb', line 311

def platforms
    Platform::Manager[url]
end

#prepare_for_report ⇒ Object

# File 'lib/arachni/page.rb', line 359

def prepare_for_report
    # We want a hard clear, that's why we don't call #clear_cache.
    @cache.clear

    # If we're dealing with binary data remove it before storing.
    if !text?
        response.body = nil
        self.body     = nil
    end

    @cookie_jar.clear if @cookie_jar

    @dom.digest      = nil
    @dom.skip_states = nil

    self
end

#query_vars ⇒ Hash

Returns URL query parameters.

Returns:

• (Hash) —

  URL query parameters.

# File 'lib/arachni/page.rb', line 260

def query_vars
    @cache[:query_vars] ||= uri_parse_query( url )
end

#reload_metadata ⇒ Object

# File 'lib/arachni/page.rb', line 469

def reload_metadata
    ELEMENTS.each do |type|
        next if !@cache[type]

        @cache[type].each { |e| restore_from_metadata e }
    end
end

#request ⇒ HTTP::Request

Returns HTTP request.

Returns:

• (HTTP::Request) —

  HTTP request.

# File 'lib/arachni/page.rb', line 241

def request
    response.request
end

#scope ⇒ Scope

Returns:

• (Scope)

# File 'lib/arachni/page.rb', line 176

def scope
    @scope = Scope.new( self )
end

#text? ⇒ Boolean

Returns ‘true` if the body of the page is text-base, `false` otherwise.

Returns:

• (Boolean) —

  ‘true` if the body of the page is text-base, `false` otherwise.

# File 'lib/arachni/page.rb', line 411

def text?
    return false if !response
    response.text?
end

#title ⇒ String

Returns Title of the page.

Returns:

• (String) —

  Title of the page.

# File 'lib/arachni/page.rb', line 418

def title
    document.css( 'title' ).first.text rescue nil
end

#to_h ⇒ Hash Also known as: to_hash

Returns Converts the page data to a hash.

Returns:

• (Hash) —

  Converts the page data to a hash.

# File 'lib/arachni/page.rb', line 424

def to_h
    skip = [:@document, :@do_not_audit_elements, :@has_custom_elements, :@scope]

    instance_variables.inject({}) do |h, iv|
        next h if skip.include? iv

        h[iv.to_s.gsub( '@', '').to_sym] = try_dup( instance_variable_get( iv ) )
        h
    end.merge(@cache).tap { |h| h.delete :parser }
end

#to_initialization_options ⇒ Object

# File 'lib/arachni/page.rb', line 491

def to_initialization_options
    h = {}
    [:body, :cookie_jar, :element_audit_whitelist, :metadata].each do |m|
        h[m] = try_dup( instance_variable_get( "@#{m}".to_sym ) )
        h.delete( m ) if !h[m]
    end

    ELEMENTS.each do |type|
        next if !@has_custom_elements.include?( type )
        h[type] = @cache[type]

        if !h[type] || h[type].empty?
            h.delete( type )
            next
        end

        h[type] = h[type].map { |e| c = e.dup; c.page = nil; c }
    end

    h[:response] = response
    h[:do_not_audit_elements] = @do_not_audit_elements

    h[:dom] = dom.to_h.keys.inject({}) do |dh, k|
        dh[k] = try_dup( dom.send( k ) )
        dh
    end

    h
end

#to_rpc_data ⇒ Hash

Returns Data representing this instance that are suitable the RPC transmission.

Returns:

• (Hash) —

  Data representing this instance that are suitable the RPC transmission.

# File 'lib/arachni/page.rb', line 523

def to_rpc_data
    data        = to_initialization_options.my_stringify_keys(false)
    data['dom'] = dom.to_rpc_data
    data['element_audit_whitelist'] = element_audit_whitelist.to_a
    data['response'] = data['response'].to_rpc_data

    (ELEMENTS - [:headers]).map(&:to_s).each do |e|
        next if !data[e]
        data[e] = send(e).map(&:to_rpc_data)
    end

    data.delete 'cookie_jar'

    data
end

#to_s ⇒ Object Also known as: inspect

# File 'lib/arachni/page.rb', line 436

def to_s
    "#<#{self.class}:#{object_id} @url=#{@url.inspect} @dom=#{@dom}>"
end

#update_element_audit_whitelist(list) ⇒ Set

Returns #element_audit_whitelist.

Parameters:

• list (Array<Element::Capabilities::Auditable, Integer>) —

  Audit whitelist based on elements or Element::Capabilities::Auditable#coverage_hashs.

Returns:

• (Set) —

  #element_audit_whitelist

See Also:

• #element_audit_whitelist
• Check::Auditor#skip?

# File 'lib/arachni/page.rb', line 211

def update_element_audit_whitelist( list )
    [list].flatten.each do |e|
        @element_audit_whitelist <<
            (e.is_a?( Integer ) ? e : e.coverage_hash )
    end
end

#update_metadata ⇒ Object

# File 'lib/arachni/page.rb', line 461

def update_metadata
    ELEMENTS.each do |type|
        next if !@cache[type]

        @cache[type].each { |e| store_to_metadata e }
    end
end

#url ⇒ String

Returns URL of the page.

Returns:

• (String) —

  URL of the page.

# File 'lib/arachni/page.rb', line 247

def url
    @url ||= @response.url
end